Analysis Overview
Threat Level: Likely malicious
The file http://google.com was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Downloads MZ/PE file
Blocklisted process makes network request
Sets file execution options in registry
Loads dropped DLL
Executes dropped EXE
Registers COM server for autorun
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
Checks whether UAC is enabled
Adds Run key to start application
Installs/modifies Browser Helper Object
Checks installed software on the system
Checks system information in the registry
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies system certificate store
Checks SCSI registry key(s)
Checks processor information in registry
Uses Task Scheduler COM API
System policy modification
Suspicious behavior: AddClipboardFormatListener
Modifies registry class
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-21 18:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-21 18:37
Reported
2024-03-21 18:51
Platform
win11-20240221-en
Max time kernel
851s
Max time network
853s
Command Line
Signatures
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_click_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=B96F632387F0406F93CD974168D29D80" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80F442DB-6D77-4388-B14A-0DC10537EF80}\BGAUpdate.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in Program Files directory
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\nl\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-notification\fr\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\zh-Hant\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-hu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-ga.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\buynow_driver.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\driver-signature.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-en-gb.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_794304763\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_1573402465\edge_driver.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_1573402465\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-notification-shared\de\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-es.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_188437578\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1590391752\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\wallet_donation_driver.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-hub\de\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-ec\fr\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\ar\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Notification\notification.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\metadata | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-notification\ko\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-shared-components\ru\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Notification\_manifest\spdx_2.2\manifest.spdx.json.sha256 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_1573402465\auto_open_controller.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-notification-shared\fr-CA\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_87188570\deny_full_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\wallet.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1590391752\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-notification\en-GB\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-shared-components\es\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\bnpl\bnpl.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\wallet\wallet-checkout\checkoutdata.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Notification\notification_fast.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_1573402465\product_page.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_321267081\Part-ES | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_321267081\Part-NL | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-da.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_321267081\adblock_snippet.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-notification\id\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1435087633\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_654775141\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_1573402465\edge_confirmation_page_validator.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_434285837\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_371643626\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\es\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-hub\el\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-ec\pt-PT\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\wallet\wallet-stable.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Wallet-BuyNow\spdx_2.2\manifest.spdx.json.sha256 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\fr\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\id\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-mobile-hub\zh-Hant\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-hub\pt-BR\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-shared-components\en-GB\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Mini-Wallet\miniwallet.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-de-1901.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\SystemSettingsAdminFlows.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\ProtocolExecute\zoommtg | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A}\AppName = "Zoom.exe" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\ProtocolExecute\zoomus\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\ProtocolExecute\zoomus | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A} | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\ProtocolExecute\zoommtg\WarnOnOpen = "0" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Low Rights | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Zoom.exe = "11000" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A}\AppPath = "C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFDA28A5-1B5F-4635-9877-73DF0D710C9A}\Policy = "3" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Sequence = "1" | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000 | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Sequence = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Owner = b4220000fabeec42c07bda01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\Owner = c0090000aec28f43c07bda01 | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\RegFiles0000 = 43003a005c00500072006f006700720061006d002000460069006c00650073002000280078003800360029005c004d006900630072006f0073006f00660074005c00450064006700650057006500620056006900650077005c004100700070006c00690063006100740069006f006e005c00390030002e0030002e003800310038002e00360036005c00690063007500640074006c002e0064006100740000000000 | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\SessionHash = be7aa064232d7a907a8d2372bfdb6f0a0d3e91661d3bbde5ceb2462ba9c4834b | C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\RestartManager\Session0000\RegFiles0000 = 43003a005c00500072006f006700720061006d002000460069006c00650073002000280078003800360029005c004d006900630072006f0073006f00660074005c00450064006700650057006500620056006900650077005c004100700070006c00690063006100740069006f006e005c00390030002e0030002e003800310038002e00360036005c00690063007500640074006c002e0064006100740000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\DefaultIcon\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe,13" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\ZoomPhoneCall | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{31575964-95F7-414B-85E4-0E9A93699E13}\ = "ie_to_edge_bho" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\zoommtg\shell | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService.1.0\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.pdf\OpenWithProgids | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\ZoomRecording\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\zTscoder.exe\" \"%1\"" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ProgID\ = "ie_to_edge_bho.IEToEdgeBHO.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\shell\open\command | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.shtml | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\ZoomLauncher\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\Zoom\\bin\\Zoom.exe\" \"--url=%1\"" | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\LocalService = "edgeupdatem" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\zoommtg\URL Protocol | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CurVer\ = "MicrosoftEdgeUpdate.ProcessLauncher.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO\ = "IEToEdgeBHO Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\.zoommtg | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\VersionIndependentProgID\ = "ie_to_edge_bho.IEToEdgeBHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431 | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 040000000100000010000000ee2931bc327e9ae6e8b5f751b43471900f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b060105050703076200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1770b000000010000001e00000045006e00740072007500730074002000280032003000340038002900000014000000010000001400000055e481d11180bed889b908a331f9a1240916b9701d0000000100000010000000e871723e266f38af5d49cda2a502669c7e000000010000000800000000c001b39667d601030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d343119000000010000001000000091fad483f14848a8a69b18b805cdbb3a20000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551 | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 5c00000001000000040000000008000019000000010000001000000091fad483f14848a8a69b18b805cdbb3a030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d34317e000000010000000800000000c001b39667d6011d0000000100000010000000e871723e266f38af5d49cda2a502669c14000000010000001400000055e481d11180bed889b908a331f9a1240916b9700b000000010000001e00000045006e0074007200750073007400200028003200300034003800290000006200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1777f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8040000000100000010000000ee2931bc327e9ae6e8b5f751b434719020000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551 | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254832000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 0f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d8090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b06010505070308530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c07f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b060105050703076200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1770b000000010000001e00000045006e00740072007500730074002000280032003000340038002900000014000000010000001400000055e481d11180bed889b908a331f9a1240916b9701d0000000100000010000000e871723e266f38af5d49cda2a502669c7e000000010000000800000000c001b39667d601030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d343120000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551 | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\503006091D97D4F5AE39F7CBE7927D7D652D3431\Blob = 19000000010000001000000091fad483f14848a8a69b18b805cdbb3a030000000100000014000000503006091d97d4f5ae39f7cbe7927d7d652d34317e000000010000000800000000c001b39667d6011d0000000100000010000000e871723e266f38af5d49cda2a502669c14000000010000001400000055e481d11180bed889b908a331f9a1240916b9700b000000010000001e00000045006e0074007200750073007400200028003200300034003800290000006200000001000000200000006dc47172e01cbcb0bf62580d895fe2b8ac9ad4f873801e0c10b9c837d21eb1777f000000010000002c000000302a060a2b0601040182370a030406082b0601050507030506082b0601050507030606082b06010505070307530000000100000041000000303f3020060a6086480186fa6c0a010230123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f0000000100000014000000327fc447408de9bf596f83d4b2fa4b8e3e7097d820000000010000002e0400003082042a30820312a00302010202043863def8300d06092a864886f70d01010505003081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f7269747920283230343829301e170d3939313232343137353035315a170d3239303732343134313531325a3081b431143012060355040a130b456e74727573742e6e65743140303e060355040b14377777772e656e74727573742e6e65742f4350535f3230343820696e636f72702e206279207265662e20286c696d697473206c6961622e2931253023060355040b131c286329203139393920456e74727573742e6e6574204c696d69746564313330310603550403132a456e74727573742e6e65742043657274696669636174696f6e20417574686f726974792028323034382930820122300d06092a864886f70d01010105000382010f003082010a0282010100ad4d4ba91286b2eaa320071516642a2b4bd1bf0b4a4d8eed8076a567b77840c07342c868c0db532bdd5eb8769835938b1a9d7c133a0e1f5bb71ecfe524141eb181a98d7db8cc6b4b03f1020cdcaba54024007f7494a19d0829b3880bf587779d55cde4c37ed76a64ab851486955b9732506f3dc8ba660ce3fcbdb849c176894919fdc0a8bd89a3672fc69fbc711960b82de92cc99076667b94e2af78d665535d3cd69cb2cf2903f92fa450b2d448ce0532558afdb2644c0ee4980775db7fdfb9085560853029f97b48a46986e3353f1e865d7a7a15bdef008e1522541700902693bc0e496891bff847d39d9542c10e4ddf6f26cfc3182162664370d6d5c007e10203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041455e481d11180bed889b908a331f9a1240916b970300d06092a864886f70d010105050003820101003b9b8f569b30e753997c7a79a74d97d7199590fb061fca337c46638f966624fa401b2127cae67273f24ffe3199fdc80c4c6853c680821398fab6adda5d3df1ce6ef6151194820cee3f95af11ab0fd72fde1f038f572c1ec9bb9a1a4495eb184fa61fcd7d57102f9b04095a84b56ed81d3ae1d69ed16c795e791c14c5e3d04c933b653ceddf3dbea6e5951ac3b519c3bd5e5bbbff23ef6819cb1293275c032d6f30d01eb61aacde5af7d1aaa827a6fe7981c479993357ba12b0a9e0426c93ca56defe6d840b088b7e8dead79821c6f3e73c792f5e9cd14c158de1ec2237cc9a430b97dc80908db3679b6f48081556cfbff12b7c5e9a76e95990c57c8335116551 | C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 608571.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdateSetup.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdateSetup.exe\:Zone.Identifier:$DATA | C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 839664.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\ZoomInstallerFull.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff918263cb8,0x7ff918263cc8,0x7ff918263cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4584 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,7275787646720349096,15369739671716290792,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" "C:\Users\Public\Desktop\Google Chrome.lnk"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" "C:\Users\Public\Desktop\Google Chrome.lnk"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.0.19106168\235626955" -parentBuildID 20221007134813 -prefsHandle 1812 -prefMapHandle 1804 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {2013ebff-39c2-452d-8569-3a808197eb2d} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 1904 286b58f5458 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.1.1896690966\1449491693" -parentBuildID 20221007134813 -prefsHandle 2300 -prefMapHandle 2296 -prefsLen 21563 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3dff9382-80dc-4745-94c7-eec36e729d43} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 2312 286a85e5958 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.2.349293594\239797344" -childID 1 -isForBrowser -prefsHandle 3168 -prefMapHandle 2980 -prefsLen 21640 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {09536b9c-9159-48bc-ab5e-cf4f1f14113a} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 3024 286bb1dca58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.3.2004994042\485132489" -childID 2 -isForBrowser -prefsHandle 3560 -prefMapHandle 3556 -prefsLen 26103 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d1f91e3-692b-4a89-b812-a342d01848be} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 3576 286a8561c58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.4.669068774\310265207" -childID 3 -isForBrowser -prefsHandle 5424 -prefMapHandle 4360 -prefsLen 26337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6667c5df-b03f-48a2-90f3-66cd47c75668} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 5416 286bd6ef258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.5.1963250867\1629969849" -childID 4 -isForBrowser -prefsHandle 5608 -prefMapHandle 5612 -prefsLen 26337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9646e8c8-f8be-4dd5-adb0-a73d8886e88e} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 5600 286bdf99258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3024.6.1231183048\541270171" -childID 5 -isForBrowser -prefsHandle 5796 -prefMapHandle 5800 -prefsLen 26337 -prefMapSize 233444 -jsInitHandle 1132 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d9dc940-e49c-44db-860f-016b9a4bb6d2} 3024 "\\.\pipe\gecko-crash-server-pipe.3024" 5788 286bdf98c58 tab
C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff918263cb8,0x7ff918263cc8,0x7ff918263cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5440 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6112 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6968 /prefetch:2
C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe
"C:\Users\Admin\Downloads\MicrosoftEdgeSetup.exe"
C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUCD6E.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjE3OTg3NzQtQjM5Qy00RDc1LUE3NTUtRDVDNjc5N0Y0NjI2fSIgdXNlcmlkPSJ7QkExQzNDNjQtNUU0RS00RTNDLTg4NDgtNEM2REU0NjE4QUEwfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezcwMEE2RjAxLUJCNjItNDg3Qi1CQkJFLTU5MEYxNTg2MDBENn0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMjIwMDAuNDkzIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xODUuMjEiIGxhbmc9ImVuIiBicmFuZD0iTTEwMCIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0OTQ3NjMxNzkiIGluc3RhbGxfdGltZV9tcz0iNDU1Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100" /installsource taggedmi /sessionid "{B1798774-B39C-4D75-A755-D5C6797F4626}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjE3OTg3NzQtQjM5Qy00RDc1LUE3NTUtRDVDNjc5N0Y0NjI2fSIgdXNlcmlkPSJ7QkExQzNDNjQtNUU0RS00RTNDLTg4NDgtNEM2REU0NjE4QUEwfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7ODQyN0EzNzYtQjkwNC00NzNDLTlBRjUtNDMzNEQ0NzMwMEE2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjkiIGluc3RhbGxkYXRldGltZT0iMTcwODUyMTUwNyIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzUzMDIzMDkwMTAzNDcyNCIgZmlyc3RfZnJlX3NlZW5fdGltZT0iMTMzNTU1MjAwNDE1NjMxNjcxIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjEzNTIzIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NDk5NTk2ODQxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\MicrosoftEdge_X64_122.0.2365.92.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff72dbd79a8,0x7ff72dbd79b4,0x7ff72dbd79c0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7636 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=3 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4035ECC1-3FC2-49A2-B49C-3B57379BB048}\EDGEMITMP_DD509.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff72dbd79a8,0x7ff72dbd79b4,0x7ff72dbd79c0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1868,12595901794266314932,8532564158235791188,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --rename-msedge-exe --system-level --verbose-logging --msedge --channel=stable
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff77b9179a8,0x7ff77b9179b4,0x7ff77b9179c0
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --msedge --channel=stable --delete-old-versions --system-level --verbose-logging
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff77b9179a8,0x7ff77b9179b4,0x7ff77b9179c0
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff77b9179a8,0x7ff77b9179b4,0x7ff77b9179c0
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjE3OTg3NzQtQjM5Qy00RDc1LUE3NTUtRDVDNjc5N0Y0NjI2fSIgdXNlcmlkPSJ7QkExQzNDNjQtNUU0RS00RTNDLTg4NDgtNEM2REU0NjE4QUEwfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezA2MzdERkEzLTk3MTUtNDA2RC04MEM0LTJBOTI0MUU4RjYxM30iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMjIwMDAuNDkzIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjIuMC4yMzY1LjkyIiBsYW5nPSJlbiIgYnJhbmQ9Ik0xMDAiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU1NTIwMDA4NzczMjAyMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NTExNjg1ODM4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzUxMTczNzIyNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4NDU3MTE1MjkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzc0YzE1OGFkLWRhOGYtNGU4Ni05YWMxLTBmZGI0NzNhODVhZD9QMT0xNzExNjUxMzM3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWNKeWNqSktCME95UXlBZnJ6OVRKOEJsYlMyUHd6M2VGYmdsOWJGS2s2NG50UGRackZVNUdPdHpGZW9hSTBMajRMJTJiZ2dvdEVsOTBEV3hqMXBWRmxjJTJiUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MTg0NjA4OCIgdG90YWw9IjE3MTg0NjA4OCIgZG93bmxvYWRfdGltZV9tcz0iMjYxOTciLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3ODQ1ODY3OTY0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzg2MDU1NDEyNyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iODMzMDEwMzY5NyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjY1NiIgZG93bmxvYWRfdGltZV9tcz0iMzMzOTYiIGRvd25sb2FkZWQ9IjE3MTg0NjA4OCIgdG90YWw9IjE3MTg0NjA4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDY5NTUiLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\ZoomInstallerFull.exe
"C:\Users\Admin\Downloads\ZoomInstallerFull.exe"
C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe
.\Installer.exe
C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe
"C:\Users\Admin\AppData\Local\Temp\7zS4DF06F0D\Installer.exe" /addfwexception --bin_home="C:\Users\Admin\AppData\Roaming\Zoom\bin"
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe Zoom.exe --promptupdateaction=installed
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004E8
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" --action=preload --runaszvideo=TRUE
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x2e0,0x2e4,0x2e8,0x2dc,0x2f0,0x7ff8f6a05fd8,0x7ff8f6a05fe4,0x7ff8f6a05ff0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2084 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2936 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3040 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3524 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3560 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --renderer-sub-type=extension --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4396 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --renderer-sub-type=extension --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3412 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5140 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4912 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5288 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=4912 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5908 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5920 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5908 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\cookie_exporter.exe
cookie_exporter.exe --cookie-json=1124
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6248 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6184 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6508 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6420 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6628 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6764 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6752 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6740 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4416 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4680 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4680 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=6796 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.zoom.us/client_google_signin?code_challenge=tZGi3U4kWRIUhLNRTN0YSZbypiSneFqA388EnYaMQq8%3D&ver=5.17.11.34827&mode=token2&entry=signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4392 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5456 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3672 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5416 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=3700 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5988 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5904 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --mojo-platform-channel-handle=6676 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4448 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5080 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4496 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5380 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6480 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" "--url=zoommtg://google.zoom.us/google?token=4bQP9HsEpfAoAcBjYGkFF5Z6f9kH07O4SO4V9SFs28aEdDLjlOImVfvMhXAcW9szHbMP33p1WpwTjCaU5Dkfj2vt5LgP5PBzg7GWkIZOOSGwIc-u9Nh-7SFPHqLIWXyx65TH_mBu6WR8AHyjuFYAZwOtTINr_Tbu5o_vxKXUJ8dtK_8yC7QHTGJ78vrdjov1JVn7N0ZP4f2pAkiUGWw6s6R5Ikx1jbYSqXsgPTDZYBUdOeU_oxCtn5cr-nwQv7m_YCtL-Xdus_AJK7e-LIZyyf6OkwMIV9FmfOwN3NjOe11Rnfc5kukWP7L67Gf_uP-QzuYiI0cCsB8WM0x-JiFoFwxAMB3eqFUyBqI43wacr2FTs1ees0dfZnXxoEsqn2yf_wkkE1DAoZrbb7zyAF0q8Z9X9talAQyZCLLS1EQkjFQ4dSZy7a76IxbcgN7G31FjB7DD4lfQYIV9_3RSm62j0rkgVFxq2gPvSM_d7j70KbXe45pArf8-9MQMVlVr-2sOqdPrcHn4oX_oAjDVa0il7yzV0IgnnJ8o3ydLqqQHxq6z9leD.MtalMPPoTxhs3Xkd&errorno=0&errormsg=&code_challenge=tZGi3U4kWRIUhLNRTN0YSZbypiSneFqA388EnYaMQq8=&back="
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=5428 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5484 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
Zoom.exe --action=installDesktopShortcut
C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Zoom.exe" --action=preload --runasps=TRUE
C:\Users\Admin\AppData\Roaming\Zoom\bin\Installer.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Installer.exe" /regim
C:\Users\Admin\AppData\Roaming\Zoom\bin\zWebview2Agent.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\zWebview2Agent.exe" --data="data" --cachepath="C:\Users\Admin\AppData\Roaming\Zoom\data\WebviewCacheX64" --channelport="4876" --useragent="Mozilla/5.0 ZoomWebKit/537.36 (KHTML, like Gecko) ZoomApps/1.0"
C:\Users\Admin\AppData\Roaming\Zoom\bin\Installer.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\Installer.exe" /regsipuri
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6032 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4876 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80F442DB-6D77-4388-B14A-0DC10537EF80}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80F442DB-6D77-4388-B14A-0DC10537EF80}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0I0ODhDRDgtNjc0RC00ODJCLUJBMjctMEU1RTcxMkFCNUNGfSIgdXNlcmlkPSJ7QkExQzNDNjQtNUU0RS00RTNDLTg4NDgtNEM2REU0NjE4QUEwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszOUE2ODRCQy0yQzMwLTQyNzQtOUY4NS00N0VGODIxRjI3ODV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7RFYwakkvS0RseGhIdWUxTDlLUkdHY3FPaGYzSDNoM2FjU3JFYW5RS2ZnUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzIiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDUyMDUwMTUyNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTIwNjU3ODcyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTY5ODEwMTA4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZjA0MmMwZTktMjYzZC00YzFhLWIzM2UtYTFmZTkwNmE5YmVmP1AxPTE3MTE2NTE2MzgmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VXJ2d3RqWWE5M1FwMFU3b0pPV1Q2cUxnMmtPTGtYJTJiVXc5cUJxMk9GSkwlMmZvOVpkVWZoUktvSDNGa2JZS2lIdmJpZm1ITWtZNnhqamdSVU9QSEhEdENBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU2OTk5MTE4MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZjA0MmMwZTktMjYzZC00YzFhLWIzM2UtYTFmZTkwNmE5YmVmP1AxPTE3MTE2NTE2MzgmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VXJ2d3RqWWE5M1FwMFU3b0pPV1Q2cUxnMmtPTGtYJTJiVXc5cUJxMk9GSkwlMmZvOVpkVWZoUktvSDNGa2JZS2lIdmJpZm1ITWtZNnhqamdSVU9QSEhEdENBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTgwNDgwMzIiIHRvdGFsPSIxODA0ODAzMiIgZG93bmxvYWRfdGltZV9tcz0iNDY2OSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTcwMzEwMDg5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1NzY0OTA3NjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU3ODg0NzcyNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijg1MyIgZG93bmxvYWRfdGltZV9tcz0iNDk1MCIgZG93bmxvYWRlZD0iMTgwNDgwMzIiIHRvdGFsPSIxODA0ODAzMiIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMjIwIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6628 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=7132 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=3316 --field-trial-handle=2092,i,12338326156677193925,7583324636010100293,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x240,0x244,0x248,0x23c,0x2ac,0x7ff8f6a05fd8,0x7ff8f6a05fe4,0x7ff8f6a05ff0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2236 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2272 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2484 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4224 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=4224 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4584 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=4924 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5060 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5236 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5544 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\MicrosoftEdge_X64_122.0.2365.92.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x250,0x254,0x258,0x24c,0x25c,0x7ff6d7ec79a8,0x7ff6d7ec79b4,0x7ff6d7ec79c0
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe" --msedgewebview --delete-old-versions --system-level --verbose-logging
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff77b9179a8,0x7ff77b9179b4,0x7ff77b9179c0
C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\YourPhone.exe
"C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5592 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5764 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2880 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" TroubleshootActivation
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REY4QkM1QzctQkI0Qy00QUE5LUFCRDgtQzE0RUFGRURCNjRDfSIgdXNlcmlkPSJ7QkExQzNDNjQtNUU0RS00RTNDLTg4NDgtNEM2REU0NjE4QUEwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDQzRCQjU2OS1CQTQ4LTQwOEUtOUI4Mi02NjhGODg2NTMzRjR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7RFYwakkvS0RseGhIdWUxTDlLUkdHY3FPaGYzSDNoM2FjU3JFYW5RS2ZnUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yMSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjM4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iMTIyLjAuMjM2NS45MiIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGNvaG9ydD0icnJmQDAuMzkiIG9vYmVfaW5zdGFsbF90aW1lPSIxODQ0Njc0NDA3MzcwOTU1MTYwNiIgdXBkYXRlX2NvdW50PSIxIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTU1MjAzMjU1NDA0ODUwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins3MDNBQjBFMS0yODJBLTQ4NzMtQjcxNS02RTEyOUMwM0I0NTh9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iMTIyLjAuMjM2NS45MiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzM3NjQ1NzY3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzM3ODAyMjAwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzY4NTgzMzIzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzgyOTU4MzIzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTE0MTU1MjA2NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjE4NTkiIGRvd25sb2FkZWQ9IjE3MTg0NjA4OCIgdG90YWw9IjE3MTg0NjA4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iMzU4NTkiLz48cGluZyByPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Users\Admin\AppData\Local\Temp\37BFC97E-7B62-4C1F-B810-53670C7A9231\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\37BFC97E-7B62-4C1F-B810-53670C7A9231\dismhost.exe {3956937C-E488-4E03-BA40-986D0D9578B9}
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" EnterProductKey
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5572 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4932 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5872 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5896 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5824 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5664 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5808 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5780 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5884 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files\WindowsApps\Microsoft.WindowsMaps_1.0.22.0_x64__8wekyb3d8bbwe\Maps.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsMaps_1.0.22.0_x64__8wekyb3d8bbwe\Maps.exe" -ServerName:App.AppXxtd7jxvwd91t5nxqtpfcmn779q80qwza.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6072 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=6056 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6064 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3680 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5960 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6112 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe"
C:\Windows\system32\wsl.exe
C:\Windows\system32\wsl.exe --list
C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\OpenConsole.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\OpenConsole.exe" --headless --win32input --resizeQuirk --width 120 --height 27 --signal 0x978 --server 0xa1c
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3748 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3856 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3992 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=6064 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5908 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2212 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2868 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\OpenConsole.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe\OpenConsole.exe" --headless --win32input --resizeQuirk --width 120 --height 27 --signal 0xb40 --server 0xb3c
C:\Windows\system32\cmd.exe
cmd.exe
C:\Windows\system32\curl.exe
curl parrot.live
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4328 --field-trial-handle=2240,i,1026799021153396510,4973098774518826850,262144 --variations-seed-version /prefetch:8
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3826055 /state1:0x41c64e6d
C:\Users\Admin\AppData\Roaming\Zoom\bin\zWebview2Agent.exe
"C:\Users\Admin\AppData\Roaming\Zoom\bin\zWebview2Agent.exe" --data="data" --cachepath="C:\Users\Admin\AppData\Roaming\Zoom\data\WebviewCacheX64" --channelport="4876" --useragent="Mozilla/5.0 ZoomWebKit/537.36 (KHTML, like Gecko) ZoomApps/1.0"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 172.217.23.206:80 | google.com | tcp |
| NL | 172.217.23.206:80 | google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 184.28.198.65:443 | tcp | |
| US | 52.168.117.171:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 2.20.37.224:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.167:443 | www.bing.com | tcp |
| GB | 92.123.128.184:443 | th.bing.com | tcp |
| GB | 92.123.128.184:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| N/A | 127.0.0.1:50012 | tcp | |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 44.230.91.85:443 | shavar.prod.mozaws.net | tcp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| N/A | 127.0.0.1:50019 | tcp | |
| GB | 92.123.128.147:443 | www.bing.com | tcp |
| GB | 92.123.128.147:443 | www.bing.com | tcp |
| GB | 92.123.128.147:443 | www.bing.com | tcp |
| GB | 92.123.128.184:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.184:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 204.79.197.200:443 | www2.bing.com | tcp |
| GB | 104.78.177.227:443 | www.microsoft.com | tcp |
| GB | 104.78.177.227:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 227.177.78.104.in-addr.arpa | udp |
| GB | 96.16.109.52:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| GB | 96.16.109.52:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| GB | 96.16.109.52:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | 15.221.105.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.109.16.96.in-addr.arpa | udp |
| GB | 13.105.221.15:443 | edgestatic.azureedge.net | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| GB | 13.105.221.15:443 | wcpstatic.microsoft.com | tcp |
| IE | 52.111.236.68:443 | c2rsetup.officeapps.live.com | tcp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| GB | 88.221.134.67:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.179:443 | th.bing.com | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 8.8.8.8:53 | st3.zoom.us | udp |
| US | 52.84.151.43:443 | st3.zoom.us | tcp |
| US | 52.84.151.43:443 | st3.zoom.us | tcp |
| US | 52.84.151.43:443 | st3.zoom.us | tcp |
| US | 52.84.151.43:443 | st3.zoom.us | tcp |
| US | 52.84.151.43:443 | st3.zoom.us | tcp |
| US | 52.84.151.43:443 | st3.zoom.us | tcp |
| US | 52.84.151.63:443 | st3.zoom.us | tcp |
| US | 52.84.151.63:443 | st3.zoom.us | tcp |
| US | 52.84.151.63:443 | st3.zoom.us | tcp |
| US | 8.8.8.8:53 | 63.151.84.52.in-addr.arpa | udp |
| US | 52.84.151.63:443 | st2.zoom.us | tcp |
| US | 34.98.108.207:443 | cdn.solvvy.com | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.36.251.142.in-addr.arpa | udp |
| US | 151.101.2.132:443 | config.datas3ntinel.com | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| FR | 18.161.108.2:443 | cdn.amplitude.com | tcp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 184.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.97.161.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 151.101.2.132:443 | collect.datas3ntinel.com | tcp |
| FR | 18.161.108.2:443 | cdn.amplitude.com | tcp |
| FR | 18.161.108.2:443 | cdn.amplitude.com | tcp |
| US | 54.71.229.171:443 | api2.amplitude.com | tcp |
| US | 54.71.229.171:443 | api2.amplitude.com | tcp |
| US | 172.64.155.119:443 | zoom-privacy.my.onetrust.com | tcp |
| US | 172.64.155.119:443 | zoom-privacy.my.onetrust.com | tcp |
| NL | 216.58.214.14:443 | www.youtube.com | tcp |
| US | 35.186.249.72:443 | utt.impactcdn.com | tcp |
| US | 172.64.150.90:443 | a.usea01.idio.episerver.net | tcp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 35.227.211.136:443 | zoom.sjv.io | tcp |
| US | 8.8.8.8:53 | 136.211.227.35.in-addr.arpa | udp |
| US | 52.84.151.42:443 | cdn.zoom.us | tcp |
| US | 170.114.65.137:443 | tcp | |
| US | 170.114.65.137:443 | tcp | |
| US | 170.114.52.2:443 | zoom.us | tcp |
| US | 144.195.22.213:3478 | udp | |
| US | 144.195.7.213:3478 | udp | |
| US | 144.195.7.213:3479 | udp | |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| NL | 142.251.39.110:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| GB | 51.11.108.188:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| NL | 172.217.168.193:443 | clients2.googleusercontent.com | tcp |
| GB | 88.221.134.17:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.21.175:443 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 152.199.21.175:443 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| GB | 13.105.221.15:443 | edgeassetservice.azureedge.net | tcp |
| GB | 13.105.221.15:443 | edgeassetservice.azureedge.net | tcp |
| GB | 95.101.143.250:443 | assets.msn.com | tcp |
| GB | 13.105.221.15:443 | edgeassetservice.azureedge.net | tcp |
| GB | 95.101.143.250:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| IE | 68.219.88.97:443 | c.msn.com | tcp |
| GB | 92.123.128.133:443 | www.bing.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 92.123.128.157:443 | www.bing.com | tcp |
| GB | 92.123.128.144:443 | th.bing.com | tcp |
| FR | 3.160.188.50:443 | sb.scorecardresearch.com | tcp |
| GB | 88.221.134.90:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | 144.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 20.189.173.6:443 | browser.events.data.msn.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 20.189.173.6:443 | browser.events.data.msn.com | tcp |
| US | 20.189.173.6:443 | browser.events.data.msn.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| GB | 184.28.198.65:443 | tcp | |
| US | 172.202.64.254:443 | arc-ring.msedge.net | tcp |
| US | 52.123.128.254:443 | dual-s-ring.msedge.net | tcp |
| US | 13.107.3.254:443 | s-ring.msedge.net | tcp |
| JP | 40.99.36.178:443 | aff48769687eff8abe073f39c4e8d5d9.nrb.footprintdns.com | tcp |
| US | 13.107.136.254:443 | spo-ring.msedge.net | tcp |
| US | 8.8.8.8:53 | 254.3.107.13.in-addr.arpa | udp |
| SE | 192.229.221.95:80 | tcp | |
| US | 8.8.8.8:53 | 254.136.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| GB | 92.123.128.133:443 | www.bing.com | tcp |
| GB | 2.20.37.224:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| GB | 13.105.221.16:443 | edge-consumer-static.azureedge.net | tcp |
| GB | 13.105.221.16:443 | edge-consumer-static.azureedge.net | tcp |
| GB | 88.221.134.90:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 88.221.134.73:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 88.221.134.8:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | google.zoom.us | udp |
| US | 8.8.8.8:53 | google.zoom.us | udp |
| US | 8.8.8.8:53 | google.zoom.us | udp |
| US | 170.114.52.2:443 | google.zoom.us | tcp |
| US | 170.114.52.2:443 | google.zoom.us | tcp |
| US | 8.8.8.8:53 | 8.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.134.221.88.in-addr.arpa | udp |
| GB | 88.221.134.8:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| GB | 92.123.128.157:443 | www.bing.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| NL | 172.217.168.193:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.39.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 168.212.234.8:443 | arms.everett.k12.wa.us | tcp |
| US | 168.212.234.8:443 | arms.everett.k12.wa.us | tcp |
| US | 168.212.234.8:443 | arms.everett.k12.wa.us | tcp |
| US | 168.212.234.8:443 | arms.everett.k12.wa.us | tcp |
| US | 168.212.234.8:443 | arms.everett.k12.wa.us | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | arms.everett.k12.wa.us | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 172.217.168.193:443 | lh3.googleusercontent.com | udp |
| NL | 142.251.39.110:443 | play.google.com | udp |
| NL | 142.251.39.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | zoom.us | udp |
| US | 8.8.8.8:53 | zoom.us | udp |
| US | 8.8.8.8:53 | zoom.us | udp |
| US | 170.114.52.2:443 | zoom.us | udp |
| US | 8.8.8.8:53 | zoom.us | udp |
| US | 8.8.8.8:53 | google.zoom.us | udp |
| US | 8.8.8.8:53 | google.zoom.us | udp |
| US | 8.8.8.8:53 | us05st1.zoom.us | udp |
| US | 8.8.8.8:53 | us05st1.zoom.us | udp |
| US | 8.8.8.8:53 | us05st3.zoom.us | udp |
| US | 8.8.8.8:53 | us05st3.zoom.us | udp |
| US | 8.8.8.8:53 | us05st2.zoom.us | udp |
| US | 8.8.8.8:53 | us05st2.zoom.us | udp |
| US | 8.8.8.8:53 | us05st1.zoom.us | udp |
| US | 8.8.8.8:53 | us05st1.zoom.us | udp |
| US | 8.8.8.8:53 | us05st3.zoom.us | udp |
| US | 8.8.8.8:53 | us05st3.zoom.us | udp |
| US | 8.8.8.8:53 | us05st2.zoom.us | udp |
| US | 8.8.8.8:53 | us05st2.zoom.us | udp |
| US | 8.8.8.8:53 | us05st2.zoom.us | udp |
| US | 8.8.8.8:53 | us05st1.zoom.us | udp |
| US | 52.84.151.43:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.43:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.43:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.41:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.41:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.47:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.47:443 | us05st1.zoom.us | tcp |
| US | 52.84.151.41:443 | us05st1.zoom.us | udp |
| US | 52.84.151.43:443 | us05st1.zoom.us | udp |
| US | 8.8.8.8:53 | 47.151.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.solvvy.com | udp |
| US | 8.8.8.8:53 | cdn.solvvy.com | udp |
| US | 34.98.108.207:443 | cdn.solvvy.com | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 34.98.108.207:443 | cdn.solvvy.com | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | google.zoom.us | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 170.114.52.2:443 | google.zoom.us | tcp |
| GB | 88.221.134.8:443 | deff.nelreports.net | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 88.221.134.8:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| GB | 88.221.134.8:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| GB | 92.123.128.176:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | us04xmpp1.zoom.us | udp |
| US | 8.8.8.8:53 | us05web.zoom.us | udp |
| US | 8.8.8.8:53 | contactservice.zoom.us | udp |
| US | 8.8.8.8:53 | us04images.zoom.us | udp |
| US | 8.8.8.8:53 | st1.zoom.us | udp |
| US | 8.8.8.8:53 | us04zpns.zoom.us | udp |
| US | 8.8.8.8:53 | us05nws.zoom.us | udp |
| US | 8.8.8.8:53 | source.zoom.us | udp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.15.211:443 | us04images.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.34:443 | us05nws.zoom.us | tcp |
| US | 170.114.14.65:443 | us04zpns.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.34:443 | us05nws.zoom.us | tcp |
| US | 170.114.52.34:443 | us05nws.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 52.84.151.61:443 | source.zoom.us | tcp |
| US | 3.235.96.61:443 | contactservice.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| N/A | 127.0.0.1:54974 | tcp | |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 134.224.240.221:443 | us04xmpp1.zoom.us | tcp |
| US | 8.8.8.8:53 | us04logfiles.zoom.us | udp |
| US | 8.8.8.8:53 | us.telemetry.zoom.us | udp |
| US | 8.8.8.8:53 | 61.96.235.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.240.224.134.in-addr.arpa | udp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.52.5:443 | us05www3.zoom.us | tcp |
| US | 170.114.15.109:443 | us04logfiles.zoom.us | tcp |
| US | 170.114.52.83:443 | us.telemetry.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 170.114.52.38:443 | asyncim.zoom.us | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| NL | 142.251.39.106:443 | people.googleapis.com | tcp |
| US | 170.114.3.124:443 | us04xmppapi.zoom.us | tcp |
| US | 8.8.8.8:53 | 83.52.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.52.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.15.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.3.114.170.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.151.84.52.in-addr.arpa | udp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 170.114.14.94:443 | us05ark.zoom.us | tcp |
| US | 170.114.52.22:443 | mpapis.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.56:443 | st1.zoom.us | tcp |
| US | 52.84.151.39:443 | cdn.zoom.us | tcp |
| US | 52.84.151.58:443 | marketplacecontent.zoom.us | tcp |
| US | 52.84.151.58:443 | marketplacecontent.zoom.us | tcp |
| US | 52.84.151.58:443 | marketplacecontent.zoom.us | tcp |
| US | 52.84.151.58:443 | marketplacecontent.zoom.us | tcp |
| US | 170.114.52.22:443 | mpapis.zoom.us | tcp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | chromewebstore.googleapis.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | zoom-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | zoom-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 172.64.155.119:443 | zoom-privacy.my.onetrust.com | tcp |
| US | 172.64.155.119:443 | zoom-privacy.my.onetrust.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| GB | 92.123.128.154:443 | r.bing.com | tcp |
| GB | 92.123.128.154:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.158:443 | www.bing.com | tcp |
| US | 20.42.65.90:443 | browser.events.data.msn.com | tcp |
| GB | 95.101.143.147:443 | assets.msn.com | tcp |
| GB | 95.101.143.147:443 | assets.msn.com | tcp |
| GB | 88.221.134.122:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| GB | 92.123.128.133:443 | th.bing.com | tcp |
| US | 20.42.65.90:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| GB | 92.123.128.133:443 | th.bing.com | udp |
| GB | 92.123.128.158:443 | www.bing.com | tcp |
| IE | 68.219.88.97:443 | c.msn.com | tcp |
| GB | 92.123.128.158:443 | www.bing.com | udp |
| GB | 92.123.128.158:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | 89.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 88.221.134.122:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | prod-streaming-video-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | prod-streaming-video-msn-com.akamaized.net | udp |
| GB | 23.44.233.157:443 | ecn.dev.virtualearth.net | tcp |
| GB | 88.221.135.98:443 | prod-streaming-video-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 172.217.23.214:443 | i.ytimg.com | tcp |
| NL | 172.217.23.214:443 | i.ytimg.com | tcp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 98.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.23.217.172.in-addr.arpa | udp |
| GB | 88.221.134.74:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| GB | 13.105.221.16:443 | edgeassetservice.azureedge.net | tcp |
| US | 8.8.8.8:53 | odc.officeapps.live.com | udp |
| US | 8.8.8.8:53 | odc.officeapps.live.com | udp |
| GB | 52.109.28.48:443 | odc.officeapps.live.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| GB | 92.123.128.181:443 | www.bing.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 88.221.134.8:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| IE | 68.219.88.97:443 | c.msn.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| GB | 92.123.128.134:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 95.101.143.163:443 | assets.msn.com | tcp |
| GB | 95.101.143.163:443 | assets.msn.com | tcp |
| GB | 92.123.128.194:443 | www.bing.com | tcp |
| FR | 3.160.188.19:443 | sb.scorecardresearch.com | tcp |
| GB | 88.221.135.115:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | 194.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 50.31.142.31:443 | sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| GB | 23.44.232.24:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.232.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.mgid.com | udp |
| US | 8.8.8.8:53 | cm.mgid.com | udp |
| US | 104.19.133.76:443 | cm.mgid.com | udp |
| US | 8.8.8.8:53 | m.adnxs.com | udp |
| US | 8.8.8.8:53 | m.adnxs.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| NL | 185.89.210.46:443 | m.adnxs.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| IE | 52.18.76.209:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | code.yengo.com | udp |
| US | 8.8.8.8:53 | code.yengo.com | udp |
| SG | 172.241.51.69:443 | code.yengo.com | tcp |
| IE | 52.18.76.209:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.133.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| SG | 172.241.51.69:443 | code.yengo.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | trace.mediago.io | udp |
| US | 8.8.8.8:53 | trace.mediago.io | udp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 213.249.208.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trace.popin.cc | udp |
| US | 8.8.8.8:53 | trace.popin.cc | udp |
| JP | 35.213.89.133:443 | trace.popin.cc | tcp |
| US | 52.123.128.254:443 | dual-s-ring.msedge.net | tcp |
| GB | 184.28.198.65:443 | tcp | |
| JP | 35.213.89.133:443 | trace.popin.cc | tcp |
| JP | 40.99.36.178:443 | aff48769687eff8abe073f39c4e8d5d9.nrb.footprintdns.com | tcp |
| US | 152.199.19.161:443 | fp-vs-nocache.azureedge.net | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.18.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 20.127.253.7:443 | sync.inmobi.com | tcp |
| GB | 92.123.128.184:443 | www.bing.com | tcp |
| GB | 92.123.128.184:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 23.44.233.157:443 | ecn.dev.virtualearth.net | tcp |
| GB | 2.20.37.224:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 170.114.52.83:443 | us.telemetry.zoom.us | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| GB | 88.221.134.73:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 88.221.134.88:443 | aefd.nelreports.net | tcp |
| GB | 88.221.134.88:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 88.134.221.88.in-addr.arpa | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | teams-ring.msedge.net | udp |
| US | 52.113.196.254:443 | teams-ring.msedge.net | tcp |
| US | 8.8.8.8:53 | 379ec1686d177e9102aa30e023986aa7.azr.footprintdns.com | udp |
| IT | 4.232.89.175:443 | 379ec1686d177e9102aa30e023986aa7.azr.footprintdns.com | tcp |
| US | 52.168.117.171:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 8.8.8.8:53 | 254.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.196.113.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.89.232.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.19.161:443 | fp-vs.azureedge.net | tcp |
| US | 8.8.8.8:53 | 254.4.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| SG | 206.189.36.145:80 | parrot.live | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| DE | 140.82.121.4:443 | github.com | tcp |
| US | 8.8.8.8:53 | 145.36.189.206.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.121.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:58878 | tcp | |
| SG | 206.189.36.145:80 | parrot.live | tcp |
| GB | 184.28.198.65:443 | tcp | |
| US | 8.8.8.8:53 | fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net | udp |
| GB | 13.105.221.16:443 | fp-afdx-bpdee4gtg6frejfd.z01.azurefd.net | tcp |
| US | 52.123.128.254:443 | dual-s-ring.msedge.net | tcp |
| US | 8.8.8.8:53 | ow1.res.office365.com | udp |
| GB | 92.123.26.49:443 | ow1.res.office365.com | tcp |
| US | 8.8.8.8:53 | 49.26.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | us05web.zoom.us | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 19a8bcb40a17253313345edd2a0da1e7 |
| SHA1 | 86fac74b5bbc59e910248caebd1176a48a46d72e |
| SHA256 | b8024fbed11683ef4b53f5afac0ff691025b7eecca0f6a95737da1585558227e |
| SHA512 | 9f8780f49d30aad01b28189804329aeca6ad2b7ffb6be505d40bb1af7802bb62622f518cb1c43a5815bbbb46638f6c52aead3d68f14fa957d18157edb42e95c0 |
\??\pipe\LOCAL\crashpad_2900_RFLPKLOVPYJTNTDT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 96899614360333c9904499393c6e3d75 |
| SHA1 | bbfa17cf8df01c266323965735f00f0e9e04cd34 |
| SHA256 | 486e4b4bb11f664c91c675e73cfeabe53b5009ae719459813be17814cd97e43c |
| SHA512 | 974735b40a9f92b40a37a698f7f333590f32ff45633c6e619500e74ec274bc20bf7dbc830b1685777b714d37a3ca103d741ee056f4ff45ef08c07b38a7895df7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 62a4d34e07a335d36438041487027cf5 |
| SHA1 | a64ebd99f8e97ecd4a131c10c113e89cd86c386f |
| SHA256 | 1fdaeb54efcdb99914aaa5f3a3ac9515a1983e3e239495a430fb09d4800adfaf |
| SHA512 | 4744490fe31504fac235cb51a1c4c2066e7386ff78b7ca161b205bd974e1ba0d5a74439a4bac13d64984b2542980f2ed7dda6e8aa59da437cbf8de1f51ef8159 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 813c1b41e435242e7365a4bcd7adcf23 |
| SHA1 | 2d25e1564eaf93455640413b95646b3f88f9075b |
| SHA256 | 70cb2151ee4ef83195855d29819491a23c5eafee2e72b7ffd9041b35363d1542 |
| SHA512 | 268c4fa1797700a205e37e716c1472592ad6242344645c703ab1ab8d4d68452c3ccce7cdc4d56a0b42d4061bdc793f1c79dffc397f038133387b94b2a1f4051e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2a36a307ef575cd492af8a34aec5fabc |
| SHA1 | fc9ea916295f1e8ebb0906c921029f9a464ffe67 |
| SHA256 | 62c90c02b75e4d6b3a18882eb899b86d0c810d089747642671fa1b7f4cca1bdd |
| SHA512 | d5f1f578ca5a21061700fdff06eb6cfd5185c0698fe9676e3eab73bc9b5ef2251cf44dd7a780f2360acc05fe862f156e708cfc4d35446e38f7b51b423a26f1cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9bd1fbdb83246e8ea6fc2acbb3a70075 |
| SHA1 | 9a09c9690f79364da998ad786dd200ffc50162a4 |
| SHA256 | 9d32be3e281d5a8fa6e589fe5bc1e679758c787ee9f8e517759004f08e2937c2 |
| SHA512 | 8d5eb9af6930ae1780679caf9a9c00a91003539de83a917ff215a7b81aa6a81028ca1545bf3f1cc8dc683e605ddf41ea8c7639ad1ada3b554a58e55e4eaf0646 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b0c99c2540f9f69750bc71abf5127405 |
| SHA1 | 45a7c1150afcd6a7ffddf66d2dc54c5f275afad3 |
| SHA256 | 69d2e4f0f2d7a125002229c4534b18e7f01e455321717eb6ea004e35e7ec3d89 |
| SHA512 | bdbbd3b37a466202860042a53c26e95085c3eab18e304c64c758017cff1a5d3a950432b9ddfb20dbaf80291f16d33b2fc792e5e00644c4a0ba3cfbb6ccfa7239 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | ba02e03cb05a8476da516820c07c1860 |
| SHA1 | 82f75b2aabc7b90f9d7d074772aa6d7dbd52ba05 |
| SHA256 | c8401c60ce6df56251051ea3d425bbb2e585b11b57b682e4088d4dd0064cb845 |
| SHA512 | 8a3b35091fc44f811aa5dc27cad8dba388c1c9fafba0deeab2e08de8bf1adb3b6d6ee28c12188bfacb9c4325d216cb1c6743a1fe1cf0816b4e1515ea89777f7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c724905eace479626edd3fb4e793be1f |
| SHA1 | c8bf5fdfe839c6d3e9689a4077fa74385f646a4a |
| SHA256 | a7a43b003fd602888d2593e7509398e88a3af53e3143f2746184b72e7b76e067 |
| SHA512 | e5160bd1eb2262895b92b1007a0efe5be33c7cce44d2e7f3d3c799a643bbb6047ad270ab2a7fd1db37298a2ece9603e4c43d3e9dd1d2b1d918b4ff9c253fe3a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 30cbef1bf6e5912e607b17ad7d7b8cd2 |
| SHA1 | b4197f8b1b0dc5710ba3ccdade49fa674f0fcfda |
| SHA256 | 7e09924638d8400f134ad03238093dc32cb4a6b9f3fd071729a70c786d6a7d49 |
| SHA512 | ea5d77e2f09a641ffb3a066ac0ff73c99dd8c016f7765a46960bc354fe14b7af280a19c58fba57869d320ffdb65220c554dbdf81a969d7a8fab0d3767ae21446 |
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2024-3-21.1837.1772.1.odl
| MD5 | 0b06f7b61e2d751d84f11f65c121bb91 |
| SHA1 | c23a6e9c75d0e5a5004497cd32049f2321890465 |
| SHA256 | 619ccb05309ee8cf00f30d18055f5626ce8d53a2fb8caf0ad9fc9b152967e559 |
| SHA512 | 1af5845cae8f6d1e8dbcdd7ff9a979f483af58e7abcfea5976b88709886548c00b0c8f6d3f0e271e1cca64004038afea534cb13be43b268992483b312430a5bf |
C:\Users\Admin\Desktop\BlockImport.jpeg
| MD5 | cb270cc0aa6dd5594a21cc323e163b54 |
| SHA1 | dc451498b587de3d8097faffeeda90c47b82e7be |
| SHA256 | 8709dd360073dffa1db6993b7e4d2afb2d37305aa3d305dd85d349470e24a349 |
| SHA512 | 32ced1ce915a6486450e6bc80fce3dc878ba6b25eaac139e484801d362d02aebfd5000839751fcb5bf58843248c93419ef7ff92e30dfac60260b4d9347d7bc54 |
C:\Users\Admin\Desktop\DismountWait.vstm
| MD5 | 2ba9395f765701c8c0224ad94d11f486 |
| SHA1 | 9ca567a7fa3d1144c99e4e6beaf9883f71c2617d |
| SHA256 | 5007f7c374644a5501ebb6a45da26a364f4586a7cbe18c0a7b810ad598ce8da0 |
| SHA512 | 579f0e8662e67c71852fceb63d2b61777f619c7a396b1985c9be835e1ae39223b7ee4ca390288fb54938bb757d6953160b4dd4a0df9541eb5c43eea298d03821 |
C:\Users\Admin\Desktop\DisconnectProtect.xml
| MD5 | f74b221e1eed9570de98f0e1ab37c76f |
| SHA1 | fd5b48812b6f392d101a6b1e600c71fc8a36872e |
| SHA256 | 282f902810b1ed971a3362880b7090b24966187e14bbe9d1d591fcdd63de9b40 |
| SHA512 | 142149104e40621d451dd5b284be8fcef3f1ba36a83ef02e8e70ee18ef5911a83d13a887fcbe3dc39a81d3408f9f81592dda2f0763dc562a3560a52c31406784 |
C:\Users\Admin\Desktop\DisableFormat.mov
| MD5 | 3204e439b89d16902b78785cce1806d7 |
| SHA1 | a168c2c43353eb6878de73caf0f2663329b2445f |
| SHA256 | bcfa5afc9931851e03aece1977b701742e5a1da4ae82bbe8b07fd6fe91708874 |
| SHA512 | 60c5d10b0b229608fd5641830bcaa4c16778139ac08aa6542606c037e5c308020cb88e516666b9840d3b164db04bf0b6618f97f1aee53255e35570c41d5526d1 |
C:\Users\Admin\Desktop\ConvertFromComplete.wmv
| MD5 | 6cef1753512f31d96d3977ee36a7187a |
| SHA1 | 33418633c6c6452566daee9e2c46f2cccd5a1c20 |
| SHA256 | 654c263b65b77d36fb1030493b7e807cb65b33650b43ba7635c2a1e0ebff5b2a |
| SHA512 | d5e51c97737b4e743387817aaf78af6db99cfca4adee0904c51d3ca0bd3a106f8ca6d5b1df5400cca5aa8bef2969cf0af7f4deb816431602ddc863d89948e9b1 |
C:\Users\Admin\Desktop\ConnectWait.kix
| MD5 | 439e0125f6161343904b9b9537e9d8b4 |
| SHA1 | 97b33f79a4164546c7cde6751ffae8231519ff68 |
| SHA256 | 5ebe5ce0e1069964272f09ddd4e4db2ae0420560493d07d8ffd602f7245c0e0d |
| SHA512 | 4aa3d616fc8e31a6bf5a34243a2ed2cd811f8a77ebfc3bbe924149821e636beea9bb4027d591b7d214421b54c39332ac97ba11c70d5e10019d4cb17bf8473668 |
C:\Users\Admin\Desktop\ConnectSwitch.docx
| MD5 | d9ca39bdd207b88f41de042d661850fc |
| SHA1 | 43e65b38741bfec5bd5f760dafb2f6cf31a1a82b |
| SHA256 | b2189c6281b05401dcdb7059845a5d9ddd4e156692f7c577ce29715d0194b3f4 |
| SHA512 | 756db52b8d36f4456624f978f96f09d64c194a1dbbfaf4faead181f72d3bbb47462b83109ab3904a1b75a1a5a9321620d52daacb016ed8a9c1212e28ca471756 |
C:\Users\Admin\Desktop\CompleteHide.xltm
| MD5 | 1db70b3c92ca5840538dd45e3aa3f56f |
| SHA1 | 2426c5ae201f02270f5d2b8041a75b107b2bb8b0 |
| SHA256 | d058309ea8aa9615ec0fbfc213eedf8468c0a65cb0a0626348626e65e1676035 |
| SHA512 | 6b7c5fdcac5db08304c73f73651d77e54e69b0ad24f73b3a05813fb8217ae737eb614ab23f43e716b4bc48b51401e51a34111e423882fd8cd8a3b446df0a40bc |
C:\Users\Admin\Desktop\CloseRepair.xls
| MD5 | cf8c97cad4f7c32a277eaae2bd7e18eb |
| SHA1 | 5e0290bedb8d0d2cf30db45794450ab7232167f0 |
| SHA256 | 034336668a275ad5fd6d76e6c6182bcf43b90eb7cd2a7d23ae64e6f51dabd183 |
| SHA512 | 79ed4d430bee7035a2a88ca35d535d89e170588a71aa2659a36ca138bc4f415cc42f52cd99eb949beb6e3fefe3d74e5a0a446d5c86404af785a4f561691fc939 |
C:\Users\Admin\Desktop\HideInvoke.aiff
| MD5 | 870dc30756d1b86d339ded584e1fb3dd |
| SHA1 | 4d50392a9d17483a8d732757de9d00f25818793d |
| SHA256 | f6c5bba1e8282936fd748a0cb8d6a6c7db3216fc3a580604bbd0a88b3126f5d3 |
| SHA512 | 01c4fcecaeaefc34a35a1267adef418122d0d7a1a7bfdb1b1188299cba2c02a811576e621a927d8a22743e75bf034313e53e312b7c3e45b2f69d462b24793196 |
C:\Users\Admin\Desktop\InstallSubmit.m4v
| MD5 | 8a551969381a7916b5ac3905bd65a8c3 |
| SHA1 | 5dfb3395c39f75d56949c042be408e6aec38163b |
| SHA256 | be1c14c9f100652c87403989ef72e655d13d9ba63b88bdf3910def7b2e77e1f0 |
| SHA512 | f057c1fe3c00dcd3e57dd5516cbaadc5ea447bcac024fbce47218380f4abe4be7613128ff23e9e1f6d639eb7a056b4ff09fb737bf34556d237af89e0e6a63302 |
C:\Users\Admin\Desktop\JoinClose.ppsm
| MD5 | dce6845921e8c61cca703dfeea287121 |
| SHA1 | b0dfa956a34651957cc493452eaa904bff9bf5f3 |
| SHA256 | 36bf263ea531bf1a4e282ea292c6e947fa07badf7cd4021f97fb6335318a2761 |
| SHA512 | 9b0825a6a9096b0cfc546765f219fdf9d7ce520f1c05f1947fe3e49d61038850174b1d7b4135e72ad780dfff36d9d5f53d9118244af34329ce33d0d768b09e0b |
C:\Users\Admin\Desktop\UnblockStart.htm
| MD5 | 5857f4e9a31fe398c6d47f361b8bdffc |
| SHA1 | cef4b1f3bf2ddf79d082d756b4a78c1ad13c53ac |
| SHA256 | 443b8a56b2d1482eeacdc191e523a3ca29a492a1f96375dc76218cb341c54622 |
| SHA512 | 6eae0b4ab05ef2a41f2ea54f25f312cdbcd38cfa30c2d592a90440c88de99df487057c1ffbdecc82072c11dfe2ef3ae9c325dc370d6890cd416ca88c20817f41 |
C:\Users\Admin\Desktop\UnblockStart.rmi
| MD5 | 8d7dcc2c537a17095ab5508e29bd523c |
| SHA1 | c7a3a4043189adc22e822a9064c4ca1fb5b09287 |
| SHA256 | 7065178caa6f95d94ad76ef7dc14ef9e197490e661e10fadad4810cb7ac7002f |
| SHA512 | 14d3733442658f13f1234a07ce3b6b0f87354a844b7146f9ee77647a05afcb33bf9d8bc084f71120adc0bd2860983c591f9e0554655514d043e0eb18a428dbe0 |
C:\Users\Admin\Desktop\SendNew.m4v
| MD5 | 2b960670d8ecf45b65c8784eb2f49d24 |
| SHA1 | 3edf32cdac885007f1ce18fddfdba4d2492b0076 |
| SHA256 | babba811b08dd53d9f3e7828c6872919e8dfd776fff9756b3fd3ef7350c76147 |
| SHA512 | b8031d8b932237f481fa0e020eb6424ad329be3e6759280a1e4adada2a2cd19e19884598804577b89f30d9d09b78cbfc91359b4ea72c2a367043fe78354c1ed8 |
C:\Users\Admin\Desktop\ResumePublish.snd
| MD5 | c4a8589674801c44dac5ded9658a9404 |
| SHA1 | 5886401adcd94203100523d9f99648c33a0cada5 |
| SHA256 | 82f0f8ef5a3ded3c9e482a0d367762e13acfbe5163645d04e41bf09f833cf022 |
| SHA512 | 2f6636b51176344ab743043ec31cf3a96a333ddfafc07f413f2d3a83041f489bb1b4459b651d559a836358f441b5fab9d17c030396ff41fbecc7131853cbcf0a |
C:\Users\Admin\Desktop\RestartCopy.TTS
| MD5 | 7c0c88600419139160328b6f350f76e2 |
| SHA1 | 36c6b457c21917ab729731571d88c054c5d7934e |
| SHA256 | fec3dc5ea86f61b96c7c1d97acccced88e391731209de7029555aede2bcda1fb |
| SHA512 | dfcb0a41f624e27e9548d7e2fe0699ba6d8b59443dbb4aa2c2cdc248d23bf058db690362fdf75c2a9916613426f9599a77b8da8ea997c4c32fb77fdeb2cc620e |
C:\Users\Admin\Desktop\ResolveCheckpoint.vsw
| MD5 | ae2ad31b588aa1406a4e3f924bea2853 |
| SHA1 | 1eb9d7a44304a9668711b05b62ceb0fe38e99dad |
| SHA256 | df174de0fa854e41052d82d91667f1458910860b487d3025de7b8161524616e0 |
| SHA512 | 9bd0a819c3979e7f12082f265c3abd4ef024239f65a8b59d7a2194097148fbd2ba57d1fa11499c59c817bd626a244220b35f1739246d57ca6d0ac8df6c311115 |
C:\Users\Admin\Desktop\RemoveLock.exe
| MD5 | 3a02c8e2b2ea960b80c11af568a8b5d7 |
| SHA1 | baa02f3d4477089399ae3592a3204351968b3a23 |
| SHA256 | 8a70fec48a15b156aab07c0a1282bca1c0f4bfcf2441146a2e83075c074391c5 |
| SHA512 | 92c6119bdd566f9c3483ddacb5d2babad70673b2dc49ad1b11fbcc1716965b77ce563c47e6cdd4d5abdf9bb27585e6319142fe3a634f15c5047e5d0c83058393 |
C:\Users\Admin\Desktop\RemoveFind.mpa
| MD5 | decf1fe6a0aa68bfc79d56fe465721f4 |
| SHA1 | 448617e80b3c4dc18d2acac7869998b64f3476f6 |
| SHA256 | 26a9d7f024f935bc03f7710ec3b589670087e55554db6760235a54591c9f5c5b |
| SHA512 | acd7ec81d8a0dd9df0f456676f50eb173f06f18e8e10f03710d062544d8105f9b321a1ce5ec5923a8cecbd62fab7d79651d40f8dffe970588796861f6efa34ce |
C:\Users\Admin\Desktop\PushRemove.avi
| MD5 | 29a32ae7e044f9ac6615d9e8d2b44751 |
| SHA1 | f6b775cb18656fe83ce462ff3d04e7199889d4bd |
| SHA256 | e9ff54f07d64028dcdaa0dbf56d7cfb66521392ce30df7f2e358c9af4fa279b8 |
| SHA512 | 2cd2d204fd2795f33985d65e3ed3babd85bfb4152d9939d9063a78fcb7a5880a82cad704487a4a468d1d30e8370df06fe5c1cc4b4e78e7e9ab3a4e3d10b43fdc |
C:\Users\Admin\Desktop\RemoveAssert.jfif
| MD5 | 14e4df99604033223ec228fd09fa5443 |
| SHA1 | 9a8f9129b173529ad2e51e2dbd4e3f888b621664 |
| SHA256 | ecd030bd48a6b502b4bf6e399c03b60dc4aa575484dc4c5f905efa5f0631930a |
| SHA512 | 9654a1b09b335e0becb4bb3d9180d9c9b2bd594bde43cd348f0fdf13f220b1b026bbcad61f24f71601a769f7ce6c9fd0cd18800a81d40ec3677f21bf08d34bea |
C:\Users\Admin\Desktop\RedoResume.hta
| MD5 | e42bced683a04c10ff3994c9faf6c9b2 |
| SHA1 | a124c4f3971df3dd373cd8a4a61aab7443fe9d96 |
| SHA256 | 0a5020322030e41aacc86adefc7d3cc0fb34cd42d1beb6f91fbff5fe3f6badaa |
| SHA512 | 4117e2acf9245d21800f420d21a89972a5e202c2612b8a51fe28f0e7d7b30de927c492e99cd35d79a4727518bbef8b62f8dd1477b6d87d87adbf41b9f0b2f1b0 |
C:\Users\Admin\Desktop\PushExpand.ps1
| MD5 | f7a13694a7ae7d91d27fcd4c5f86b20b |
| SHA1 | 22a2b48d749f5ba6885de58ea1007578803633f2 |
| SHA256 | 4e7d153b77c0233e62fffd9b7a2fa0eded6e751d696f76b0e638651a5255d22f |
| SHA512 | adfdbc66e7189c298342ec1ca2982cd1a3d077ad25bbce2bc48467f15715dff196fdbcde0b85aa1778705cb5b37356ea509b143a0bcf697e5ea2dfcc03fb6506 |
C:\Users\Admin\Desktop\PopPush.vstx
| MD5 | ff2d2f0117a4208aee2c042f4ab2ce0f |
| SHA1 | a09a39a29f21b8b40996c9406ba58b4badef8c11 |
| SHA256 | 92a4718ce3aafb43e95ddfe9b6721a499165cb82777aa0dd16adbc2844c628a5 |
| SHA512 | 0970f0145e4805ff3070b6ec3d7f52b24dacdfcece14914d3e8d03cd1f296a7d86db9bdef2e962cfae87d8a32d54e2919697dc841bb18c3ca558055329d06d7d |
C:\Users\Admin\Desktop\OpenSubmit.ADTS
| MD5 | cf3841278188d0d6ea7f860b2b842377 |
| SHA1 | 199c4e9df9d9fe6369746818dae15f1a0042fec8 |
| SHA256 | d24168875943f751ffcca7bf637aa737daa46fd30b5b2101d53fa09c706ec05b |
| SHA512 | a0949d51950603abbc08bb40c38d49331fb107c0be084f096fd8a99812f736c49f95ad130bbbfbc1fa278d4086cc60933345151b584e70e290b6d9abe66fe77f |
C:\Users\Admin\Desktop\MoveEdit.ex_
| MD5 | 30d6b27093d0f2c25057c261d4afe1bf |
| SHA1 | d0fb02bd81a67011e077d15018562f8096a315a1 |
| SHA256 | c30df50284bc1f12d4150df1396859b36ba71a13ba9b348e8d049dd540451b16 |
| SHA512 | 417bccd2eb783ae96e6507c6734f6d446565e1c9677aa091d2c2837211c153a410ca017d7eeea4fb8749ccf947dec6c62976db7ad27ec9a9faf77cf12492da41 |
C:\Users\Admin\Desktop\LimitGroup.mpe
| MD5 | b9d83b56db2ebdbd1e442bcfb6619794 |
| SHA1 | 0a654843aa23565ff0e558c6a9196e9659200ebf |
| SHA256 | 965fe8455983a9b658b87b3ebccf2ec797fb34f357de9ce4c3423a144a7ed16b |
| SHA512 | 3adac61f6a4f647cd08d51f5410bee7bbd5ba315fdc3b5daf994c908b2e179fc2c0d4ec1da22677d92b9e0575e05cf56bad16c07f3a405c6333251352f58b781 |
C:\Users\Public\Desktop\VLC media player.lnk
| MD5 | a7e134aed6e8d69dce2f18228b00eb32 |
| SHA1 | 3d04f47a302f4f315cc0d85152e443446c927cf9 |
| SHA256 | a7196280673c0fb8c6ac759e1864e7e2a04825ff76cd413eecb0d4c3871106ff |
| SHA512 | 13cd69f7cd142a695af0f450cf5203dbb31fa52991233f7a373a2f11e9bf82fd856f46446cb5f7b52cb51420c027450408b152449c7b7575f6e35881ad713d78 |
C:\Users\Public\Desktop\Acrobat Reader DC.lnk
| MD5 | 7fdda83cf01ee93d1d92f4518d05aca1 |
| SHA1 | 658fa399c1e5c713c056e3c4ccb9a66b5a947215 |
| SHA256 | 11b994eb2572d93df0eb061e549015b14d7b52d75fcebfb9ea7d48fd7debc532 |
| SHA512 | abe2e8f437f08448bf27d9b4c681b2d3c31424e3bc14845c7f06c876ecc80b097cb7528076558a921f7e4ea23668b0b17eaf99ca846d0bc3b6752e48564becba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 2878e1afcd541e16fe564deb5e7690a1 |
| SHA1 | 48b9327beb2748c13aaca0bc7ba10a09aa6187d6 |
| SHA256 | 2109920558d4f7371dbd03e1319948f1937f7b8f98644bd360fb6df2ae2aacc0 |
| SHA512 | fb0c4c0aa5f42b4163c435788a490a2a7372f1bc5ba80a62f7ece4ad3a364d2a7b1d81eb1da264e96c841e9dfacec471955a1a39254bade7f1d56b0f433dd9ae |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\datareporting\glean\pending_pings\8e9dba25-f4ff-4f16-9d1c-50a47d47d9bc
| MD5 | d7528166ef7a9cd34eb9bcf98f5557b8 |
| SHA1 | e39ea9575cee663736793d4e24ece65fec463662 |
| SHA256 | 0aed6abcff347ff089de501ef6ca8de200556389d108a390a27ca3f039439a58 |
| SHA512 | bd3983785518095ba9c998724c2cfc2dd8158dd0fec03370b28cd822162de8fb5ad5becaef68c6fab2f18157d59fbf98cbdd33162e88c972665832fd3e640ece |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\datareporting\glean\pending_pings\4a7c99b5-655d-4ed3-a0ed-31635ac69893
| MD5 | 8fbca992b9c3a2e06ce0876bc58f2bc0 |
| SHA1 | 9cff0781023ffc01725fc65dddde5107eefb49c6 |
| SHA256 | 8d9f2f4bbc9397283c09d791c594af5aaed6a999e34fd3ca734edd84593ba28e |
| SHA512 | 7c0dc07209ce210a206a6988c9b6a6bbb629c452693627b067b6cb3dbe0c17543263454d9c26c7bfc1b604fe0ae40ba7b40fecf83ca4ceb6bb2d0bd3e27b6467 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\prefs-1.js
| MD5 | c4c75aa37cc3d4e331da8a1cd0388408 |
| SHA1 | 4fb8e74523c9b5b9a46b5759c23202921082cf2e |
| SHA256 | 1bfb84773dd2f0e561c6d77b22631dd87d489ee0cb29128884389e2c7f5c29a2 |
| SHA512 | 8270fb35ee081c29b14dd4d5529ec3a37f342e04a8d62ecd5fc74931b33d4a32e91d3c173371376e4b359950b64778a4507ad107155459a4a135b40f808816e2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | a6e2c0d6b59075fff94c66f804c74cbd |
| SHA1 | 56a81d3bc20afb57fcc4eb43f6862b4ee9a0ccaa |
| SHA256 | 4488d7e333fb1e3b4f981576f37b5fbd3fc32b88d465bf2356dbf5ee3d008641 |
| SHA512 | 54594421b00052ae2fb0b4adadcd9ec8a89be1c56ee623f21f7793e6c648084073b548e18b11f38d17fd15efd2ed291fa94ae5413a261ea056173d4b243a4fbf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\prefs-1.js
| MD5 | c2bb0294b1329feb845f3fdf4d7f4cfa |
| SHA1 | 294b95d8e1f399effcdcc6ad85ffc3bf6a866476 |
| SHA256 | 2b8cb8bd71ca0621b7e753bb5773607623b1648a772ec97da709ba9e6a7d0499 |
| SHA512 | 883908a0d7c6c603dff3c7e85f0e2ab2e0e73dcecc8dd9d0888635a78c07daa64a6ecf02ff1098b11b2b167a6c4a48c12f25ce84ddd6ed491a8a3ba06ae29a4d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d8xutbrp.default-release\sessionstore.jsonlz4
| MD5 | c14de7d7adea5387c9283a02b261363b |
| SHA1 | 13e990727f1a295a0465d04dd26c78b7ae8b1939 |
| SHA256 | 03886a5d406a7d07c5bf07835521220d36064835b65e1212f179da14e1c59d03 |
| SHA512 | b098b2b0c098b19f0e08f9b3435ea760fda904cd3cecd7efedc1788da2806b005f12c7f074c7e9a31da7464c809659dc7ad99406eb17d505386d555dc3c06adb |
C:\Users\Public\Desktop\Firefox.lnk
| MD5 | b88e568112ba70ba71e14f0a74746ef1 |
| SHA1 | 1ce75c63fb91178377633f4a0e4d13234049af07 |
| SHA256 | 0494d50db0617bf649d8fc42cbfe1e9ca925783d9f2646a80f28c74acc85d16c |
| SHA512 | db97ddfea8fc82479655310586fc3c08e8d9ecadefcc1e77a33a80a45380de6ae33f32d5aea1b9b154704d9300fb860e837cbd9c57e2267410038a875b897e64 |
C:\Users\Public\Desktop\Google Chrome.lnk
| MD5 | a61e130824723561d705b61be064afbf |
| SHA1 | c22faa4fbf041ca192b4a517f834d1661aa9d488 |
| SHA256 | 1def505cd797b45bb6c1eae60a3f4ff5b505bd63623653fc1b05fc7e1ba19663 |
| SHA512 | 65074fc23ff046454233cdedabedb355e5bf969520f1e2ebb0d889066b446da9ad51cb411d41524d4671a72c52967fba00f94c3fbb80e228a3589b6735602632 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | f310b7d8beb99cefcf03b5c302065a9c |
| SHA1 | 178fe0a3cdabb0c93db75c7f4c7816693c63028b |
| SHA256 | af32ba204cefcdec48dc3f875efb31499bd518c2cb44900a95b438bdc99aa200 |
| SHA512 | 7b608ec7d059c5897bab0baade6b56d26a2fc4049eed3e6e8e7b3f65b7e5d828d027925e1fec67d7560d2f1d621a93251a1fb57cef029d3018967612e1bd2b42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13355519840139668
| MD5 | 25f01eb6419164efbfee5a9b56b948d0 |
| SHA1 | 7e1866f305471c2ecc9e58f43c11713a001d0f2c |
| SHA256 | 01c5b5f6fff5f006c7ab8866fba770b9f0a1247a11d753071d9dbcdfe332af2f |
| SHA512 | 01ca83f277b3bdafb1f111e7af7edf9922102eb85898431806d3e039cb5e8296c56d5c4982a26e83dc798dfc17704c461df2825f30468c538f564a68fa8accd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6171e4b73906bd2ddf91b43691d86f36 |
| SHA1 | 6ef2dd4112e24a001bb4b964fcfa72980cd476ec |
| SHA256 | 7224f6bb434e9b2c04069b524dd355f0ca875213c164de48e226a002389ea09e |
| SHA512 | cf7a88c0fde016a838f64f278c0a666f6d0f7444ad64c6bcb68e6ff71f1c5242a1c84f77415c9db0293528674a6c5cf6e6f7c17fd417d3da6fada5c4059ff959 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 0407b455f23e3655661ba46a574cfca4 |
| SHA1 | 855cb7cc8eac30458b4207614d046cb09ee3a591 |
| SHA256 | ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7 |
| SHA512 | 3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | 718d3527655012e929944e30ed8b0e00 |
| SHA1 | 2bd65bd683df50d50998ad4253888e7a1e04f540 |
| SHA256 | df1161308f79c1599061ca5e333d759bcdcda8c196eb10badaf1b32ca41bfee3 |
| SHA512 | 8cb245e6a9b00a679a8b2f5d2e256b78d55b745e26df078319b8d650d61c14cf10cb8947c53a78c5d611d85880a851b29fe59a0b7676309217a3713236853c3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | b7b7d05dd5dcb3dfa8292b17bcec8f69 |
| SHA1 | e98464d3272e4bf1b4d680ea5a7ed41b09df7594 |
| SHA256 | d9c2a61077dcbfd626391c622c4c4ea4a7ebbb67bc782fe1f85d391276fcb857 |
| SHA512 | 8890f8d6a91f4043441540b333389f29cf3e0f00870414df91f700b8273b7bbc32d92a8923aefc955a99fc6b3f1f639f6fd5aec620b5cbc39933ee583bcc8311 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 845551af2d5ee8175ef4511337c37481 |
| SHA1 | 1cf06506b2a32ece9ba50490e2209b438e2d678e |
| SHA256 | 8c9180651934686be3109bfe687054da135b466063b5f3a01be9a61798c5429c |
| SHA512 | e0e70c4a3c6b4bb85c9442638194d81f7a4c7c4a0ef72c1ff18689affc8dc9d8440851b26d067b746cac4ba7e73a616eaf408e7ec44cbd8cd3a93cc2ea0b9985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c99479c70a2317c358ffa5d55d2cad90 |
| SHA1 | ed4f293b637eaeee781d7adf57c10bd9dea16f69 |
| SHA256 | 16a8066d8f730e42bf0f8eac018bfa79c7422c8870e5e5f9bbc5ddb1e1d1979f |
| SHA512 | 21c322ca3df96cbb186f361228915eaba709586806dad61643b4739dceb7d732587c966add57d22c2fcde7ffe3edc6cff348b1ae4282aa4fa6b317832b6d6467 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | a9851aa4c3c8af2d1bd8834201b2ba51 |
| SHA1 | fa95986f7ebfac4aab3b261d3ed0a21b142e91fc |
| SHA256 | e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191 |
| SHA512 | 41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 3cfb2d2fc3ecaab7b6027ee05de44188 |
| SHA1 | 905e95b4fcbb263f68ca928d7a7914198ebeb945 |
| SHA256 | a64db9abca33c1a3645ac62966e7147d951ec3c350f9e69f0736cdfd9c3443e6 |
| SHA512 | 469d489b29580b31a8e2adf9ac66c291ccf203d80afd894698f92341c7846418b881d85aee5a249c7640201d3b50941f8967915b84b25f20bcdce52cf9610b08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 76284e78a384d390feb29112838705f9 |
| SHA1 | 6b11d13672893944e904ec3ed669b769ca9e73bb |
| SHA256 | 32f1cf3c97b20240ede3418572985d5cd3b34c2acf29617b8ab976dad1174d52 |
| SHA512 | 4beec00c4541fac7b2f2dfb200d0e8b07c8d77bdf332e1dd7065a89b01816b6b15546ccbb0ee7b3c4724ab765c196d2d1b6271262c04223db1ff4fdb6305744a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | b6abfe7d8f75ab9fe64b30b3c5489fe7 |
| SHA1 | c5dfc0419dafbdefd1cd5abffbc0c8f8ce7509c9 |
| SHA256 | ed69a54bbdb92917829680eadf42ceee0ef3094144c0842edc01ce21c4ea8d0b |
| SHA512 | a7030c6f2938b6c22d1663ee6d0901f0fb73bf3e919eb8d9a23b18f70c16e33ec1ffccaf21050293a0e64f1634ac8b40341c2a3f817cb5fcbf01e3a467e3a33f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | ccbc5fb06407c466ec4ef6665d273037 |
| SHA1 | c943d3275142784bcf15e226f3db5109f184d31c |
| SHA256 | 29241f1881ddd9d293e64fe094f854085528c7fb16919c94542d30e771fae5a3 |
| SHA512 | c464afe809d6924a8e593defd8d9365b006b1a43b044ddddcec033e3765125e84fa948e811036c0d5800dc6d5714fb855292aae97d7b46ec883a4426323cd29f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | cc6cfd833c22f22fee39b20c883c73b2 |
| SHA1 | 6f7692d4702f7b1bcf66ba2a4b8e5e9f9214c151 |
| SHA256 | 635309572d9cb3fde9392922a40c2ff6571e24b90763548d41fa0d16d4a087fa |
| SHA512 | 9f101179b6749847a0a2ce50affe0e7b9fcf345b9681dcc90455748a9d048a95e4847eb6801c3547ef75e7a0ceb292a6e8ba67e86c1531f463488d2b4fe94981 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 2b977fb82feb9dd5f2d54bb4e17fb54f |
| SHA1 | 0bd94539ad94eff55118c6a4af6472023e430bdf |
| SHA256 | cdfaf4dc595ad87cd20ff3775b3bb0f09f1b6e7f3a0819eb8b88137b08fb1991 |
| SHA512 | 4df161aba3764961409216d22e89b1ffb9345474c9730ec4ef2e818b28b349295478b767b39d90bd10f8c297b872fbca20317daf860ef3036afb729a092d1272 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ed47b729980de06c350c25b9e20fe832 |
| SHA1 | aa6343ace53a2c141bfb76b2bb669045b9ff2d09 |
| SHA256 | 6a23ca1435ded79eb687140ddd914d537fa0b964b66a6aca6d7bf88430dd9c12 |
| SHA512 | 84e733d3c764b753056c399f3a5b6fecc18226e4cee91bfa5e9839ade007d4b9bc779371b3823e034b3235240164ae8e23224cc7c43cae195bd41da700149d54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b0168910cff3b0cd3c2e419d57194708 |
| SHA1 | f2abefd76d713b9ba639e02b6140cd3079e3ea57 |
| SHA256 | 493ad2decaa5e00dd04979ab756e2bb3d46067fe279cbf2296e816b01cbeb65f |
| SHA512 | 2c7295fc4088e2f6bd33dd0bc01397339ea6f5dafcd01878470f175baa3f37689048a7f77d09df126cbcae62754a6aeeee5a28479185894c2c216b90cca4a36d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2023a82fec67447719e27fc022e9de3c |
| SHA1 | 09b0b66eb08a4da2b85cad37cf64308bbb6e568d |
| SHA256 | 2a8dd6b9179a4f98b67d4979842ff88e02ee46e0ca5188112c0e12d692c6afef |
| SHA512 | 2f5e8a49ca571f9444ed61d7aee4e69a84e76e0dee1a4b88e3b2dcc91352cf9150c6f6c1b3fa8c79a3f1d63ae46f781460b561714c4e1fcc0e844781a4b2b406 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0e5328b35a90fd6712a315727fa9a69d |
| SHA1 | 874d9abd4d337ea6667bba4195ef3e05a11b36be |
| SHA256 | 68c3f242dc536acd35dac791c371ef2d05952e801d48240202bd5f0f43237546 |
| SHA512 | b6e579bd19f81c4ac094559f9957a23b5c58e204da7e9dc286cee8ce4f57f83a81db6f837e40f321642f19993d278d7d0fe9e2525356a6fd5ae0eb6e7bf6ef64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | da05e0598c0bd843171bf5b896945aa8 |
| SHA1 | 99edfb90891ac4e298f2f0f012a815318eda795e |
| SHA256 | 9c8e8b6c84e1da37fbd5aef5145d32c1b8ef311bb98c6c76dbcfc61edd44e01d |
| SHA512 | d45af62bfb30871503a6268807d8539597f735a8c80f0143d4d7d13270710de376b567ce05ae7c06f5154dcbba273d7a13aa155ba63a1a42f4a459f797393f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c4bc7c4a17a21b41e224c2b26bcb971a |
| SHA1 | 29d03cdaad47f9f08c866dacab08332d122a81b9 |
| SHA256 | a2605599a711d5e33bf3c8ddc3e0b788f8b70f128b391f663a910ccb3830b7a2 |
| SHA512 | 2cf2d054e3e449caf8664c6fdbac19b6643fc70767d80e6f440d5fe0b79004409203d9c0c94548d7472037c77b0390e5419ffd8ead523fa777a1b4e4730af290 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5aec84.TMP
| MD5 | 6495826d801487a1f49204c00f8e7113 |
| SHA1 | 226cbce587de605330938327af4fd1a4ba79c105 |
| SHA256 | 4592d3823838e7ba9339a6d21bf323808cc70962506ef1eb44f5078960640058 |
| SHA512 | c1e5123406f8382580900214da12cb77b61627df0f2a57ce51df5f930edea7ce7196ced4cf3201eef5aef3ca01dc9ef6cfd8b5ed1f56303148c17939a38116ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 89da844a3f4a92437c5b0d38c810a9b3 |
| SHA1 | f077b9473000ad55e8b10007ad25476cf3dcb3f7 |
| SHA256 | 84489056d0411d1668e303166ff35adfc60cce38bf7b7e5585252813bc299660 |
| SHA512 | 3b30c5a7364a99b0e58ce86ec0520f57183d80d36f821cc1303d50755f4f2662e90448d4920247a04f3a1ab43061c29a21f140b4c3f3849069d9742556ac1c78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dbaa427792c54a1bc1e60973997eb163 |
| SHA1 | 0f4b251d6f43d5d99127fe543c691b193181f865 |
| SHA256 | 62e01f82afea094a708f5ca0ba79156f4095f4a9239b398d17dc6248a58d3e56 |
| SHA512 | 0678c0ba71a481f462c86b9699b2a9ffb42f463bff0291e494f8fda6aeefaaca8eb2843b5bfd5ff576b21210f0f24e898bb982f6d3a2ee39f85fb1efce830497 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 29daa555fc02137be864e717432ad99b |
| SHA1 | f9cfaccc920e847abdf07a960f195d89dd400d4d |
| SHA256 | a42ec32017889e56d83b15c42a2288b574fef2886954830f3712f59fbe23f57a |
| SHA512 | f00fb27e188ebc0bcdc6ec8e07fc847f8a0a7b2f5a782a5f6c6572577b60601f23a0603446ae2cb7b8b8418fa23b55ed84adcae3301a9ff265fdd2bcd6806ad4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f6480eac8632a05b3c6122139f74f2ef |
| SHA1 | 5f6c0ecab51a1331db32fb0481324336c89fdcb1 |
| SHA256 | 87d37dc5f3cdf73025955875381865b3c3b85bacaac67fb73e32ad14a54370fe |
| SHA512 | 5dc709609dc44fc78dce5b5a0d7df594cfcf5d23815b5445bbbfa2262ce988fb18136d0784efa76afb6f404846077de5d03476fc762dbaf5a05cebaf18bc6bcd |
C:\Users\Admin\Downloads\Unconfirmed 608571.crdownload
| MD5 | 5d4255b19d95748dc10bf090482e9a71 |
| SHA1 | 99d02f6d7e2f5b9c371e43bfe86a9557d4ab8801 |
| SHA256 | 6a556c5882115277f01b79ac927d0bc95d2e29f62a655cd25cb71c2689be9223 |
| SHA512 | b128bd3fd822b67e962ce9af885af4cd29f7ad6aaec10b27d1564700bee441c020c255afd81c8a80b31a263b0298c433e95eeeb4aedc7129f103c992988fd5c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ff6701dd2c39302bfa11aaf5c6a6987a |
| SHA1 | db5955fc3af86384b4f4977061f43f853bb1ab77 |
| SHA256 | d1f8510b36ba584e139d9476dad958774b98dd5c9553c38ef1ba90024d21ecd5 |
| SHA512 | cd0fcec1ba340bfa0b3de398d806efcb43a922f265e831a8ced8659a44e06670540f07b9da349f37b7e2a6da4ea0e2d0c4a0a55166a47a4019f8dd280dabb75b |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 31f9e08922765ba2913632f758bc7423 |
| SHA1 | b36b4bf74d6d4b6c8c0e38d9c6b65ec7da2fa9e7 |
| SHA256 | c2988c13f66ce033fef65f3af20a00faf555047e710dc6c282c124c848c1eb88 |
| SHA512 | 13808d6b3cf8f8e645bd421eb3916b12cfcef46ab5f0ce1a0cbda91c4be374d03504ec09d1a5916ff2944cc24135cd46dc5be3e6c72fb599b30a58cf8aad7c57 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 2c317de0e9793f21aaa5c1752cbd0910 |
| SHA1 | 05df071341489f74ac1efd21cd0caf0617e19b27 |
| SHA256 | e7f5802ead2246ed2929198b20a4fc224412f23c8f02e428723ddc2a3a14750d |
| SHA512 | 4324d2c89a59ef1f6329e15f584507f9f8c60114b3c635d4924a28b6838e7760a693f9f436b27df1682aebf8db6568ce2f17eb7d6239fcf43b9cebc0726724e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 56fd63411e7b15fe15ba6402279e7661 |
| SHA1 | 2c7024a92078af6057029b96a1f77c307e93104b |
| SHA256 | d60970b2d3dee1a5857c49ef51721b4ea7c64521abd17f1dc9293d055d97ee34 |
| SHA512 | d9bd544dc57ff09969021da9a5696cbb04fb5f794d6eab9ca629bb2c8313c504340629e85a6dd353e106245aeec678cd94b5e9cdb34a8a496dfca0b8a730b7f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 88a552e6be1ac3978c49143983276b3a |
| SHA1 | dbf4f4dc62a3da564b1a87b5191dc9a72a9b9423 |
| SHA256 | 927121d8118a41fa3460b9ad84daeae59ea60dc9607e462b7e1341bea60da8d5 |
| SHA512 | 125b13be3d209ff5cc12d8f9f12d01d271cd50c2800059241ebb419167c21adfa9d979ff6b8d88052f5d302e98090b7c8ceff4894b397168d8ba6d8a6204fb9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | a357f18e62aa358c250581e887295ce0 |
| SHA1 | 99b449597d2b2bede38cb74f718765fa3d9b10c9 |
| SHA256 | 44001b102e9a2bd2be0023f1aba783e045eb34967658df9abad9a789b9f14d1c |
| SHA512 | 3f01fab264bc24c4de6d686b91de87ec1961ab1df6ec8ceb940a6e460705f1aea4efcb2e8600d954e5b2bba614c044a652bb4419a3eef1713123fed8896a1730 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | a485090392f401a81b2e2c04d1632cc4 |
| SHA1 | e35a6f823ed1f2f674e4eca83cd938309c27e99b |
| SHA256 | d4232119397b0952b0e822e2dd3094c70787c18a756ed66631a3e7359ff95d83 |
| SHA512 | 6903cde04dd292fdeb616d602d69c619e3e53a3f0d46250b0d3f20e8be71990e0df3fdeca4b57bffe5a52db1a4fa0ebe3bb361a833f176ffc1b7ba3321bc39af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e6f4c22b47f9f2c98fa2e6828d747a4 |
| SHA1 | 4c9a2b02506cf92543ada4228827ce07193a6193 |
| SHA256 | 9b682461c477aa31e68ff98118d2036009b75a70d63891b4783c168344dc9a6a |
| SHA512 | 8999060b797733fa6b285db6e23df05e7f4b3553350177ea07936ff466b2d2ca543c8b05b0a7c630a2c9c4e0f6cac0e8c77639ac31c65cc6fb864a34862cc35b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 526409c8d732de6af1a5eda2f5420996 |
| SHA1 | 4d2cd99b53cf71d6f1b04e7df680d134962605d9 |
| SHA256 | c9389c1cf6693991f0e1b181593ce61ade8128a3512f49672e8bf410dda97de5 |
| SHA512 | 9001cb17e1406753e715c627c9978c003f270dbef218441fe400e226145ea8bfc6409a2b4f78e27eb3042c0742a4a0d0f8f50842808eda3b691b6cc25a08d253 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\122.0.2365.92\MicrosoftEdge_X64_122.0.2365.92.exe
| MD5 | 3ed31cd2213e8414a740bcf86538876d |
| SHA1 | 68ee93ea74d14e231109037040f21c509c476385 |
| SHA256 | 3f733e99d2628dd2075fcc5d7f116201f9fe150cabade09fba4f4ccba68d1408 |
| SHA512 | c88f634ca118121b3941f8087cee24a02d607d4721734edecb8efc8e557aecd0d5f58b98f667479a60c885ab370b5a4c5555b928aaf56a4d6452cad128bf9ceb |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | 9ab0a2b0ae18656581b3b38e0f4e0b36 |
| SHA1 | e90c3cefaf5ee00350bdc68d35cc54a9ed808f1e |
| SHA256 | 8785f06e0bc62b979925ad522b05bdc82632296780d18d25e4f2eceea7acb132 |
| SHA512 | 7cb1a6afcdfc959188ccfd7facaf6379453a4085799ff3b8cd26374402262f6ab4db4136ad8ebe2f520493d49af36de47351544a0e3f6b1604d4f20d01f4b535 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d8e9c443f862638a6b6816a3b32a1347 |
| SHA1 | 4b9d016f5e7167f87d7a896f1eb0f6739cb9b595 |
| SHA256 | 4e4193f765a1592472ca41c5a61ddab4872640600d49e95600896656a6e93de6 |
| SHA512 | 01a2dfdd413e6d4ec7aee407b89819c67fa4440382055ef1b969c91e6d3faa6ccbdd1751326be9eaeb3cae6ce814313e9f468d0bcf6b6fe17fa75cd1c2430fdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ed2efb2a50bcc73c069b85c89a90da55 |
| SHA1 | 189f94da9de0ae71e7f6a86f3dabf2d7bbe0bd22 |
| SHA256 | 08807e756bbf66499d527a776bc1fbb4b8ec6e114ba7d365ec849f89d02c9f90 |
| SHA512 | aa6714697fe131c4a154c6d6477ee8d0fff19b28ac60148bbe01ad3154e8d02580dbdc8c63d9a4055f0e1a9d399140c1cda747af7ec3d7c65119b5c201f6050d |
C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.92\Installer\setup.exe
| MD5 | 6bcf9f5891e3fd62b47356c96c2ac5f4 |
| SHA1 | ed2a20383f4f780622cfd39372998eaaf155a657 |
| SHA256 | 0e40fbaf357a70f356b8bded16c55683a2f2a3d2bb151217e77163d18ec4553f |
| SHA512 | 35ccbe340918d2f8457b35773545d2d075dac2c917b2cc6d93eed0f5be4ea7a854a5702fe5ee7632fe080cca3b11404718b3510d4d3e0b7d4ea8afa3a69572e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 47f604f72f9eadf2697912685c8191b3 |
| SHA1 | 2949ced54c33925001f27b6060e1775201a0fc1c |
| SHA256 | 77a64f673fd3b8b99e0f20ef9b3c4bf29134d3b54fc8a82b531b1e2d0289df8d |
| SHA512 | a3cf0e90c1c737e0bad39cc3d2a1ec0acf14467631736e2b4253d386fd1981b4a0832bfd28c4bbbf9a407cc3acc4db748ba64b6628d9aa6b1634f87f34aa40b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b6bbb9c05eeedd1c4a2b5ef51ad2f511 |
| SHA1 | 64f6259e834c8618b958a0b43ae28db9f9bccdc0 |
| SHA256 | 34435db46e3e611e05166b209003b7910dee6800939f1f88445fb4b9d8f709a0 |
| SHA512 | e2bbb053bb5f6107895eacdbe3a4f411c69c6cf584b0b511b16577503db64d9f3ba4f4c7dff3b0afc2024ac8101ff8024a29486769d2612f82cb381c0bf2fbe4 |
C:\Users\Admin\Downloads\ZoomInstallerFull.exe
| MD5 | 9dfe5072e60fcf8e2c8ee016a4255002 |
| SHA1 | 949bd2af799e7a16bcca7718f6960d743e3b2395 |
| SHA256 | 7e7a8495a67caad160d2554fbd9061568e40e282b81b486c6914a695e29316f7 |
| SHA512 | 0ace2b0ba37dadb72537a11bc1b1aae6f6ce4482f5a4a3afbf34a17082ca4468a3f87db5bc6a867cc4cf78bd668cd984a0c2fddc8b05cca5d3e5b72f89ab4b5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f90765fb28604a9a07fbc345d2fabf81 |
| SHA1 | 0566b6baab93b561975dcd704298407f12bf3e3f |
| SHA256 | 29ae3a169903609b0d6f17c789b5df9f8b3f01b32387c193b9456c8a106f41db |
| SHA512 | 7c904aafc3e068951847723f4931dfe9a6655dba2d4a6bea6f04a8f34a786b394fe703a8d97b41c6c9addf8c280881ef723baa3df40b87a4b058982333e7e43a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7206349decf8212db585ccd99b7fed59 |
| SHA1 | 6cf9c163167e4a3bdec7f2025945c6c4f1a12262 |
| SHA256 | b7b576bcbdc30b203c80af6eaa0418ecdd5147733939f4bd13dcd1a1774b9559 |
| SHA512 | 0a5e035f89483dae9bfa3092661833da279b408315c030ca1ab9ae22ec394d16084f6b5728c2fc88241d2e617667fa787982806c222d277fd10076acd5b63019 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 4f5a6c7c967353a2e56b9dfa5f82cad3 |
| SHA1 | e513eb898de21252c3943915197ee050e3ea8ea3 |
| SHA256 | 115e39f2d4a392f13b989bda827d5a4577af7ac19270ca0152dc7fde96a08640 |
| SHA512 | 4dae2a61eff8f2849c9b1874d592abf4c342deb5a8d6d0975717a27369bd6b1eb77ec0a1c13355ee2d7b4ee02632475615ec20afd7b24c355a58df6c4a6b0036 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 587744540db63c3f8d3c7de3513f97f6 |
| SHA1 | 3ee81e5f7adc980946eb5b931138aac9936a2b5f |
| SHA256 | ac85ced74618ec7f062124653d493212c447164fd003758fe15c39c16a49f4f0 |
| SHA512 | 4dd891d2fdbbf738a5e8d59d28e5881944ed98a14cc135f415a88934cbd8dd982852301c1ce595074f997fe51f362a17a8ee1b6c57d2d17893db471bae8589c6 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\msaalib.dll
| MD5 | 0490770f1abbf33c93f50634a677f185 |
| SHA1 | 978449b36d67c9dd976c3895fe8addfc5e93dc50 |
| SHA256 | 98d70c59068c3aad14d0b6112c304e844cfe0a5b25cfb7a314dced335f7572af |
| SHA512 | 334381c8a62e0d9bf6831f1eede56a06de5cb06c1624600031a6fea9b970f33e682f04e1d5b511ff29ec161afc03cd09d8747fcc5cabb33a7e2fe5ab14158045 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CmmBrowserEngine.dll
| MD5 | 64fff6d2b2b0590d8d6f464f539d09f2 |
| SHA1 | 3695fffc1c3ec2132036b0872e46ccc02e837779 |
| SHA256 | 09104f926d8b4a59b7663281d1d58462e7cd96c7ef3d8ed1c3b4d12d989f0ff0 |
| SHA512 | 72d2e1fa8264818d50cd4261e826da43e3e95ca7a64769e5ce5df972798b39c9e9ed824ac0d295db9025a21d65433b8382d147061c0874cfc3f9d61db8a3b5d7 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\Cmmlib.dll
| MD5 | 177c868aa40743f785890e724161755f |
| SHA1 | a7345d559b0a776d2ce91105c60e11b190a0dab7 |
| SHA256 | 66546450f5257a85293d738056343b92fe58e4cb5609a96f0ef3dc7e0f0f7b8c |
| SHA512 | 33c1da459431c7d4ce52826adb4cb3cdfc3f485e228db67e07c89c2e87ee4952b80d30f521130282daeed3ed68ec794d96b23566a4a1dbe60ec2172a5b66fce1 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zUnifyWebView.dll
| MD5 | e37265b8e514e15c8156c3cfe250bbc9 |
| SHA1 | 007bf52f0128513f538231c42e93f1f2602dda94 |
| SHA256 | e1bc86468fcde54d84fe0aa6b9b93c216086e74924ea8af31700d5d860be016f |
| SHA512 | 3c284e000993b16f904a91ea44f70d2e5509a492b783ba2a42fbdd5cc37f50110d6a956f0a7bdbcf997a69c33bb9810d64721db6f4259b1b5f3fbec604f98770 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptShare.dll
| MD5 | 24e3e153c2c5630bdec57184b69618c3 |
| SHA1 | fc43532aa4e186bd663b88a855b6023badbf0970 |
| SHA256 | f97d32c399b9dd1583a9605c0549ea33f0c32eae10a3bcf41d97916d4cdff601 |
| SHA512 | ba45c581aa808c13cc593b7322c3d061c55d1e01f409a23d00ab24f9695999646c61463b86a7d02431c04647d7898e59dbe6fbcbb8e5436fb3dfb883c8055506 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptHost.exe
| MD5 | aaed43624e7a0654925eb355375f4167 |
| SHA1 | b6963b430eb52d618ff57cd93ffe1e1d940ce64f |
| SHA256 | 360f52161c4f1bcef6f5514d56e22ca35a1de2aca44bc0f290e27db6ba8bc5fd |
| SHA512 | c7f95fcfd0d0fb35fd342f7b478c3517e482099c17bb8fbf1c7c2627ce23de8ea3ec942fab1589c83301d02355673b21c4987348095b9d773555d2b2bf5a8041 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mcm.dll
| MD5 | 9b684c23a7e8b03186e8fc697ae8df8e |
| SHA1 | 5bbcd41418d56efa22ba14f0e1937e9407d7b176 |
| SHA256 | c872d29f9e5e26aeaaebfab2b2ed1c1c43f77bf85b25df57e67217c4aff0b797 |
| SHA512 | 7970fb54c9928d3135555dcffe054f74f8994a0e0bab30a66a1bf050508082c7805933235d0b0e23338c30cc96ad02ac060af1625cb42f1976af93eaa9e0c994 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libcrypto-3-zm.dll
| MD5 | 8beeb4c5aedd9e3dbe1fa51ee4fbd59a |
| SHA1 | 57c2a8ab69779d8c23bb889cc28608f6788932b1 |
| SHA256 | de147160bc747fa90f4da016b2a463a3ce926ba075fdf1df9052d90ae577cd82 |
| SHA512 | 5596b28a6a93fb53d1a25f33379b95b4d8ce16527ebc1cd44b4c620f8e3f7066da0093804e1e32f00e5e9515ef39b2162cf85ce8f24e0638c71bc3eda30bc8fa |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ring.pcm
| MD5 | 15f886cbaee088418b6ffcc29115c64d |
| SHA1 | 9147beae4e9138ba609f67e75f9cbea7651ca307 |
| SHA256 | 29792a0893ed2457c3872c4418bdd71f5e6c1b8e5894c2c921f8a8f8d797d4dc |
| SHA512 | e5228897cffb5e05a7a66471c52089ddb682d544ac3b4ac312804883a2d335b60edb6236286dbfb6934ed12715709f8ffa09dc7014844acb89bb1b0e205a2daa |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\nydus.dll
| MD5 | 177902fb266f622b90bde4a7032bbad9 |
| SHA1 | cb218888048180b6f84f4818419b15c6ccfca972 |
| SHA256 | 81827fcdf8551f78b07806440a33f0d6c4a5c71e39ab83f6feed653bb8fcd521 |
| SHA512 | 2e260ed089d7aef38a96580cae1716cfa8204063ce3caea8cd219a1affd4430fd85a01edcde132fdbf5108bb9108d373121913df6c614dc6d2051fbefee90dc1 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\crashrpt_lang.ini
| MD5 | fcf61aed8f093bfcf571cdd8f8162a05 |
| SHA1 | 8de8177798aae82d5bcc0870c1ca5365f5d9966d |
| SHA256 | 1f5b45a5411f7fc71b9da789d6d1ead8ad30551fbea7bbb40fc7ea576d581abb |
| SHA512 | 8a5d252d115f868a4e20fce10f9f9ec5f3948f0ad5680d656e0eba1fd167d36889e54c6e59bcde756945f93685401b825ba9dd7243d907d74b58a1d826609d72 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\wr_ding.pcm
| MD5 | c9318cc2306bf6b1ee74a5987a8d371a |
| SHA1 | f482d3de9e8dd7c04344fab37d067a08233b64dd |
| SHA256 | 58cbaef9b7177a4e4427ceb303b852463964a5ac4e979055021eed1901ff164c |
| SHA512 | 04ccca6ed6c13872e8d967a9eceb7b485c5f0f7442259395773a1ef168fcf317e60e22ad2840579e4d8b849d1606190cf5dca0e00c2f88cd1891b8206e9a5ec6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\record_stop.pcm
| MD5 | 0001fecb6b6e044d221fbc6a7e22e313 |
| SHA1 | c73a6506c92d9a1188aaa793afbfc1951cd5340a |
| SHA256 | 8cd8b4d3e8447d82dd045c7a3a8f175b97376c3db5895506cab0af6a0075226f |
| SHA512 | 1588169348727306e9c4ab444a7857924bcb88e4dca2be8e3526a2227cf117702c47431325df1c83f71da34bb35c28d1589eb3f59cffddbb3dbbe1d00d8d76de |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\record_start.pcm
| MD5 | ab8a5f2981e225d3edaacb520083835a |
| SHA1 | c60c383fdb6850cb5013065576de87610270fba7 |
| SHA256 | 193c4ffea3de04802e97e9e62fcd8533d8ca53e7306ba113a2234959b5262eb4 |
| SHA512 | 4381f709c5e9d0172027fd2fe65ce37b0444087d3e9d7864cd54651cdae6e8429653c02ebb7a55a5de194ccf0d674f376961b012b088e131a11b7352f1ba69dd |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\dingdong1.pcm
| MD5 | 8fe86d9e8aa5c709bb0563243172e580 |
| SHA1 | c22bb02d82516a66f8473dbb4209bf22bb60fa14 |
| SHA256 | 2fbbb9ae6a463b360e1459bee558dafa8d864db2423f0fe4d2c56d22c3f3a5a2 |
| SHA512 | 6c47e964421ebab2c0c6199b97fb9c61b0a228fc654abf2e4d2bbaeec9640be2a5acca92474dfdd0b43facc71c60a9c9ba727d300cadb6128ef1f3dcd9a6c10f |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\dingdong.pcm
| MD5 | 54511224e61e71d2915ff67e57dcb268 |
| SHA1 | ba45f16f12d2e29480952367c0c6bd34fcd16827 |
| SHA256 | 7aadf0e317831d287b51e41992b43f0f381ae48a312cb77a426eeb3b6129d6d7 |
| SHA512 | 46b4ea771328a25c6384d5cdff7643ced94dd446830b165f80fb69df2dd2754062dca0636604602a7ebad4ce29b3f8ef62a81f59cf5502bfc78468c8c67a41ff |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libssl-3-zm.dll
| MD5 | 848db1573dbfde1662ccf2bde50d1b26 |
| SHA1 | d7239b66af71c7c9c3cbcc3172538b8b7ac26f66 |
| SHA256 | c4482d9be22e09f6e746b87f09c908add4a20bd4fad8edb37a319cd60b01b76f |
| SHA512 | f9573751b02af824fead4c8663353a104d2e6a92ec8d38368fa6aba5782697df88dd0fc45bfa2048eb2b8be839cab3fe4770189b37cc322a613929ff4a6dfa4f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ssb_sdk.dll
| MD5 | 05e1538d9f9370a9c0dba1c5cd9624d3 |
| SHA1 | 8b59df8d4666d8f58a7863db11fa7b2d22fca372 |
| SHA256 | d92840b012114b88b747a2ab7d4531150496d3b772435d18094f2b54ee69130c |
| SHA512 | e4bc5547495df0fbc3a60a60580759a0cbfa451c31a19ea8ecf6ca21ff499f15415cb64a44f67e4f3beb140ed852be34c271854e06369819e1f9df47dd25ca7b |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\tp.dll
| MD5 | 515d8aa383c340880b8c268c52932450 |
| SHA1 | dad03157052445442bcd3e372a136e4dc33d47ca |
| SHA256 | bf3e3d3781110f5fba74b9742e9e6266063d06b4aefa3a87efc5f8faf5b69a22 |
| SHA512 | 0679118edd54b012e317dfa4223dffea28e9d4f2e21a8dfbfe443e3e8b5bab4fae0eb72b9ca7e6217386c5d5c225dd0468607dc64431ed9304b1924e1f082ad5 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\util.dll
| MD5 | 109710865dc96fba5c56e2a5b112530c |
| SHA1 | 6c066b160e73b124109c65ed69f8d4c5c5cfb52f |
| SHA256 | 93b9b74196bcd6ba9ecf68ebd6fcc1288c55d3e6fe63dd146469f3199c9322e0 |
| SHA512 | dd7e3e6f5557fb8f5b01b89c3dcf94d8cd561c5ca48faca07dd8abe5d0e00698ef4e4a3f518af09d88400b8df93387c7afcc4ed2388502596566cad3ecb23234 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\turbojpeg.dll
| MD5 | f4e7d81f896b3f3a646867467ae7d771 |
| SHA1 | db258f57371b79b38ac52a01ec34af34b16aa876 |
| SHA256 | 68dd8c407b895b55f0ba439091f97713c773e0d9cc05a95f7b95c8f011fa1e0f |
| SHA512 | 2e352962ee0cd86c76b2e230a9f28dfe9725ae4c27756f4364100720527246850f8810f3dffa3b1c550a8a163ba7e7ee34254c326881104e89e9b89ff525851a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\viper.dll
| MD5 | 40978bfed34846b8d732ff0b3f7f4255 |
| SHA1 | 57824dc1f818e62b21b5c34da6a506f723794baa |
| SHA256 | fa13a001ca89d85d8328c4cc57889ca47033c0b3ce307b77f6526a3590315341 |
| SHA512 | 2c86d770485c1befc069941f9e2a849a7a24d7a99bc43e772aef0527d6d412087e9870d01b4c7672ca3b346d98695e26e4637b7a5c35424ba7f61e60447f0f89 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zPTApp.dll
| MD5 | 8347dbf72c048618f7c9c23c77716400 |
| SHA1 | 0fae0dc6a3ab5fadb453dd890473f7724349a510 |
| SHA256 | 74d882b8ab86eb1eb07db8f830191620bb475d2e2ecc6bf4ed221cd9c533fb0f |
| SHA512 | 337e9e68053b2ce6374369f9fcdd8f98f61999660a606fa0e0386ff7f9acebdf411dcdc242f2dd500e8e42fba26b248183ba12cea06dd19f05da5a693dcff682 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zChatApp.dll
| MD5 | eaa55ae5e00df1674aead13f15556cbe |
| SHA1 | b255f2551c0305eeda700d25d619e41b3122b704 |
| SHA256 | e4af42d588b4e575f6c992c20622a3bd336d502c39923f6e3e9c48ef80078eab |
| SHA512 | 30dab63c5efbfa5fd689e10ae9510ca4f1c2197eb8615801a296b993576e9ef1fea85050408450028e1bf7067b1b41217abe99c65d277dbc9c882872964d5d29 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zAutoUpdate.dll
| MD5 | e1d93c01fc18e4622796fe23d2ad6d1c |
| SHA1 | 551f54313324a0ae48f14a7a7743220357213771 |
| SHA256 | c4818cc8ce472ccb285bd592f794e09fa49f6aa2dcd667755b36a18f759c4990 |
| SHA512 | a3b05a8d9d4fc6f20103e9a7d92fb6a34e649dde19f660db45c346ee3004d552d4758ca35482715c87a565bc3857a894735bfccc38443ea50a7b1c5a9349fd00 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCommonChat.dll
| MD5 | 081b52202ff8f1d422ced1732a0c53ac |
| SHA1 | 0c6d230d615728b5f297de59f9f34927bc389e5a |
| SHA256 | 05a532ebbdcd7b153798c4c3c34ce6eca21a3c3d4db777e1fca0d993c37712e0 |
| SHA512 | 367183b7d77d741833c8148b7e65d80a92ebf7592a7761df3d53520c4d54294551209dac223a5fde16b89acb88978655679188370b6b61dc52871eb5836bbf9f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMsgAppCommon.dll
| MD5 | 3f61ac600dd7c8bfa06fb9ddcaa108d0 |
| SHA1 | a0fa2489ce556b781f315808b6d1b71e948b91de |
| SHA256 | f6e90464a9117d2110d9aabfc1db032eaf892935c1d190e25ca86540d2f6d777 |
| SHA512 | 6662c5143222d93a0f4a570e6a340d27028b87a047f687ee369d64467cee31990a45f13ff88af55a050bb0315e9bcc339a216a16263121e3c85bbf7a4d0de6dc |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMsgApp.dll
| MD5 | f9b67f1ea7a268fb094e9a479b186d69 |
| SHA1 | ebeb7098ad1f4c14b07869ff5c9eb7901620874d |
| SHA256 | 6a15e781855ddd1e27a6d1a007bb24558b92dc0267f1cb476cdf71a0734e1f93 |
| SHA512 | f0fa0a6af4558810f28962790b0fa940c6982b174e41f65be6e134932f0a1e2793e24a014b697a13bed1336d3f663cc0200d4ef830cba9d4f7b28ae6a7bf440c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zChatUI.dll
| MD5 | c4649c717d4afe28937842fe34da8eaf |
| SHA1 | 132b9b1965523cd296b9d9637e294ce5675d0af2 |
| SHA256 | f556b09aa1d3aca05d799ce8c9973ad8cdd767e1d45fd1d97d3c122f52ed300e |
| SHA512 | ee59485701f8a2484c77c8134743a63d0155155c31375368fa5d4875107d65ee2c3870fb21dce8f39a810e436828e401576f004c89481dc818e6ed1c5299f67a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zChatHuddleViewRes.dll
| MD5 | 2289cdc61719783b7843693b43816f2f |
| SHA1 | 1d177ed3e44456c62e20ad61181d0ebbc4c18139 |
| SHA256 | 95098071480108163e1881a3be21744febb5ca57a99b5d79dc329d8f140e8121 |
| SHA512 | 4f61cea60aa00e653d99b25abf29a15176a1f1d1887fc1f5d294a2df6c6286feccdf83b136224862562df7a1bb600dc0feda738d8849fac77a703304b2fcf89f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\Lexilla.dll
| MD5 | 23ff5dec30f6b4cea75d4dd2af50137b |
| SHA1 | 9bc543f399af0e23ae68320ab98ef416013b4a71 |
| SHA256 | d40cc629c7a20b83ff9fcab0b48261477df8d50abf6f4c1bade3e6ff52edfc62 |
| SHA512 | 73fb2f58e318fd0773f4254f5ed6a20dfd3a00bf98369717ff176b2dc3a85c9768abe9013e44d793f652679059ba4c389456023de703379c09890615d250cbf9 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Embedded.properties
| MD5 | 37b8c96e4f6d88f5c8e6ced0bd3e4bf0 |
| SHA1 | 0af5ba0ac6d7c87549ee8e5376173bea95132915 |
| SHA256 | 225c60517dbaf5b173439dc448cdad63a2348c9bfb09398d86e38826214c135f |
| SHA512 | 6230227a64d233d1ab6c72d55deed2429a58fafabe8463c305a1942382384640a71dd6a065e508e393be98351e577da46813c9e7d9111980a78d9a91125f96a8 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCrashReport64.dll
| MD5 | 583dbbfffb3bfd7f530ba75c155807bb |
| SHA1 | a9ad5871dda1dbef8d23af22beb1ce346514c639 |
| SHA256 | 927737f0fc0f0d2d871aff58b2015c5a0f652c1d34cded7a6531b63363095822 |
| SHA512 | ceba667b3f072851e10fb9506e5c2ddf245fbabb02f24ec8e41fee06cb969e2f67e45c798ba57bd0a0b8ecb25062211ef7533307e56730fcd289bcaecc812828 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCrashReport.exe
| MD5 | 9985113db1093f26b3e732f274d41b0a |
| SHA1 | a4cb56f3030cdf0f0f3cd606fc07829d6146e16a |
| SHA256 | 58b3a0b90e1a705309e6e90c8bc1fdb6309e24700f19d76e0a8a8049189fa874 |
| SHA512 | 49ad414bb23f9da3e7cdb07d265c4041883f51a33fca957b7ee45991da0b2a12f3d5c0c5b4046daa350fe25dc4aa271af73272be7f50018daf58a4993f97060f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\scintilla.dll
| MD5 | 2ff4c654442004f6c3d3448fe12c92c0 |
| SHA1 | 98f9f2701831ff063578bcf0b8b21fc67b095cbb |
| SHA256 | a7e0f8d597eb608ebe871ced5e755a5054235dbf7febae0016b91ccd644c2bdd |
| SHA512 | aad5d838e741aae3d473d81c03f912a3e2bda7088762e65763b450eb0f54f31cf94a3bc15924d02d91cd24c336a70703a9bbdddea4b17d4c040ba92456213513 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCrashReport64.exe
| MD5 | 347b53c0fc00e54e5e91a2ca0febd65e |
| SHA1 | 7a27a858dc29e4850eaa5af8157f4e46b1f5175e |
| SHA256 | db626ab4c47e5b0a5d2cf88d8f323e31d11de4262ce904a7058d9b1454786629 |
| SHA512 | c150601e79479cf37a8dc0b4f1b24a13d0c4b1da6b3afc17b2db5758e15d7b88e99e8eda7d096a65acd9dfada36ac0a4959b4c4005dfa49c01e694e9fb076aeb |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zData.dll
| MD5 | 0be183d6ce23f1290b52476fa8f38f3e |
| SHA1 | c5ce5b772e910442e38e0e3f9bac6044c971593d |
| SHA256 | 6cc61067d91a777fa324a2755dbbca29b10abf8ced8060c450e4b9345fd57519 |
| SHA512 | 22382cf05061439e7038c2bedf83bed99757e8e0b908303bf1ae962aefa9a57da88147fa23dc1ba3bef34ac759f32f5798616d475135bbb5ed1ca7e585be0fdd |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWinRes.dll
| MD5 | 3eb559d6c4d4dc724772cd16ee51c3cd |
| SHA1 | 82b20e59e8c26d9278f4dfea385a76630f0fae39 |
| SHA256 | 1ae79e7e1a05520b4b944bb354667a625fbca009a4f76de75109bcf699b9d6c3 |
| SHA512 | 4ecbd37340f3525ff1ab7c7edb2d24e47b54e25f52040bda143bb7cd36c8c40f62016ff35b34da300278955d0b443043aae7469dd482fd59490f4da5363949c6 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zlt.dll
| MD5 | 96fdaf5e6d22f2eb904f02e8a580a2f0 |
| SHA1 | 61ad73af88ec9876c9d2af714fad3959aaa3dda7 |
| SHA256 | 3852e82313aafa674937ebe78a89c93327c814d5296fd04cfa3b494a03f34ec7 |
| SHA512 | 5c308f4e071282c68000aaaa9abbc7c63aa1df09d85bc1662eca69122059e9894f583ecfd485d3014438984af204a4371672737389ec8d0649f7a18f5f5ff59a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zmb.dll
| MD5 | 8352c746cc6e498419b3615a4c34180f |
| SHA1 | 3dcd6e7eea15fe19ef5a1fc66428c0bb101acc7a |
| SHA256 | 96b83c5ca6bd6973e58646dc652f1cfc1dd2ca88d2d6cca8b96c60c93acf3937 |
| SHA512 | e2a593a0a7dc704f259de05b43667ab89446699d8a9a21ffa236c6aa758e7952d77f43d0a92bd1f5dd44f76a18efad8f6fc97d5d2b8d423f55142553e73bfea6 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\Zoom.exe
| MD5 | 96fb95b78e6d809553d96ac38e0a2584 |
| SHA1 | 594e4b9db3e23525af5e4e31270aa79a9bc5e1ae |
| SHA256 | 6944945e8bef473c3501d41a7e66fa2bb07f67c50faa0c25782c6a95fed77a52 |
| SHA512 | 1f5bb526904dc47566ef5ba4611bffeb80953752f314ed23b432efc71a8ce89e1b9c5be9af7ee9f321777a2078de32f4ab2a8204a4611242ede0c8c86306adb2 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomInstall.xml
| MD5 | c2441be6cb80024554d38fafe85e2c6f |
| SHA1 | b0cb726375286fb2a2350b6ce8f375aed871c9fb |
| SHA256 | 433f642079fc949151b258672b3bbf3851d158639a996629b4e21cf367007570 |
| SHA512 | 5728cb00d02634b6577100c4f8b2bdf7b5fb0e88ee2c338489f0ce1776bd745e883f7eea05c34c496eb4ef7d1ced023b93e52551e3d1492329e6dcd200ffdccf |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zTscoder.exe
| MD5 | 4aa18af3eafa624314d75c0472c8ce7d |
| SHA1 | 1c89df0d8bb9ee150f4afd9743ce9d43d526dcc9 |
| SHA256 | 1f9bab7d19228399129314aec80140c945928ef79890ea051116791aba96d536 |
| SHA512 | 8f5393288b98682917326175da97a58c1fcd017d17d2156c5569f0ddea565a1a36dcfa7481deef0ec8e5a2d9f9fa643e4498f59c113ad0fedab54e6892009381 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\Zoom_launcher.exe
| MD5 | 0281c907d395862bd0bd7aa9085cb87b |
| SHA1 | c7e6ec90c436ab0a7aac0e9487c1e43d0c89c8eb |
| SHA256 | 81169d1b2c1d99614264e8a16e74c9fdb15c5cf16c0773cefca8a36e17ced39f |
| SHA512 | 69631f23871046ed5163f4ce2212a31a1c40e1dfc7faf87b500bc23be30cce01908056de24a10fb8a86c8385abe244439207d5572b63c0b24a8a7edbeed941c4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zVideoApp.dll
| MD5 | e5c434bb596738ea2a338db9ba4006d8 |
| SHA1 | c78f11f732ad690774baa62f04bcb5a9395c95e2 |
| SHA256 | 48898bda2ceaa4dc99478dcad7c7a3767575792d6da4e3a679de988f9805849f |
| SHA512 | 8ecf7395bd778a8dd8c1ba55b6eb1eedcb0bf7f267c137b35fd9f9aac597f5abfdedb45f25f23a23ca8993370944b6548813efed760b1c70140bab14dbaa4982 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zVideoUI.dll
| MD5 | 3d8cf7868b67cba36534cfe9937cb426 |
| SHA1 | 30c68486b72582cf2ab253ed0b10cc3533ad1323 |
| SHA256 | eae15a66f7a29feb3104c302805a9ae3531abdf57983501bdd6295a3eaed6886 |
| SHA512 | 1ba8a2b4ce548c60b70225a04c976423546caf625a5e99c2f58ac73906e7c714a10243ec92ffbbf9be794da92bc9e9b953a7e6c2e15a24563771fdf02f438a3e |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWebService.dll
| MD5 | 5fbc36705a9f87683b782f1d91b7bfb6 |
| SHA1 | bb01e8665890bb80ddde5ad754f23567e8ac3e51 |
| SHA256 | 156eb34c69ad39d283d6cba4c21ded495bc7976e573438c9597505c3e6908b05 |
| SHA512 | 5b7135db8f2dc371417b2d6246a4a17f8225b5c7ff15ccaf0da8997e3c50f96d31f7963dd6c4ce01f9f7073f91241a8235f3471affe3806482aa22779af16578 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\cares.dll
| MD5 | df2440b425e2959d3a82b2ca308640e5 |
| SHA1 | 8d84d7215ad40bdfff49a742ef3a9dc2775a989b |
| SHA256 | 83b8e187b4b538f7416238f4ba453721f8c75d9cc4a450461b86414f883b013f |
| SHA512 | 5536225e65f4e99e509dae94a64277cc76f21e8a63b1db3a51024f6c0b65c891b3d01436929579e8afcdabe62d419c342d28e3d905d587d45663ac93cee5023c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWBUI.dll
| MD5 | 49450b7896ff5498582d41c2696c14c8 |
| SHA1 | 9eb5999b3646be19013e515d6d037c63f55c4b26 |
| SHA256 | 81626bd9073ebb0dc970a36d138c9e50c82cd30388d276ec53b444da1397c8aa |
| SHA512 | d62b66dbdbd15ee12aedfa62fcc059fa94065e539e8b95eea6c8cabfc4ddcb75d5f38ce81d44d1069270be4ceb5a6fcdc6dfbbfe73a557e1d4ad04137e66cfe6 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWBUIRes.dll
| MD5 | e22336e8a5ae1d2af9b65a3c3232193e |
| SHA1 | ec1e34285e1ef1f79bc750ee59d9491daf8aa14d |
| SHA256 | 7c623c31ad3b27733e1a73b45ab85ce2e0707c814cf2df6e9e0af88ad609e9ea |
| SHA512 | 14838ef71a66492515eb637b995c179ca3a6a9daeaaf9017b267fe15ee0edc9ad95db61336c41ee598a306a6105e7e93b10b0148065981156b74f1948d44a13e |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\annoter.dll
| MD5 | 96bf6849f75704d864b146907739665d |
| SHA1 | f272792142f2ba5c16fb09c5e68040e4e9fb0ae1 |
| SHA256 | 387031a85ddcbb2747e93c9917f92d5ff2c58e2b56a0a5cb3c68457eeb128350 |
| SHA512 | d07ec439806bed150e0580d522e24d23497c4d1d4e9358a9dc7f7c06c124434f52a1cac0ec6a5d5285d17858efcfaa52450e87692a73e94233a0382d53a2feb4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zNetUtils.dll
| MD5 | b24526a3d888c4bb858abc329a5a0da5 |
| SHA1 | cb050b9962213d361aadf1bf79333955f99be929 |
| SHA256 | d9c2cd04ada98157926faebaf9cf610e26d7d641af99338a4a82278e6de936bd |
| SHA512 | e00647145bb85b05fc3525f53e835c150d971c6886ba901ca14b56e698758ba4a1253880b44bf786d6741737f28971d78397c416b3243f521253e4e883530936 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\reslib.dll
| MD5 | 124af727fe25819ce13365c3e665b637 |
| SHA1 | a8466588ffce5e52d4b8bae510f9924ed50b5754 |
| SHA256 | 7d6117557ac0b1857ebedb05794935434b301880d2a58aaa591990e5bf74c489 |
| SHA512 | 7663e34b4efdd0fe454dc98e9d2c6cdbbe1b4ad4dd33b4c2600d23f1c8ce3291792b5a012d3dc012cfc9d15b6923713e6232941e5f47b3941b05cb7a23e6fad5 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\clap-medium.pcm
| MD5 | aa93ab138ec89cf7cfb8b4b0ea8990a6 |
| SHA1 | d13b139d666c76cb12e1c0280c1343770adc8aac |
| SHA256 | d754fc9d9378772b7a17a53e6598c9cfe4a0f3ec492f0ed30241020562f58509 |
| SHA512 | f91c59cf1b1645b24997a1201bddb52953c0904f855b78add275d71401e4f9e6bcef59fe1d7205e222470689dacf2d55ae752cc2be66bbee5258db284b42e6c6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\clap-high.pcm
| MD5 | c32f95839557340b4b4197a68847ca1d |
| SHA1 | 0feed637c4766b9b30ab6732259670f8c12c5538 |
| SHA256 | 0a16435cb3f7b8b1787476575ad646361e6fb4c07587df874940413de004dd08 |
| SHA512 | f5f0dd4a313ff6686bed5090aaa64885d319b8fba51fb2722b764668b26f06ce95164444652661b027e35f3c6928d3919422e4816bbb81bbd0f7914869004700 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZRCSdk.dll
| MD5 | 42761e198fd9919b330513c90d739fce |
| SHA1 | 42ef99e39394563e4579521a144d430f40186c47 |
| SHA256 | f19108edc03fda8d35460560d13f937849d68b736d1af3f741a742e412b19950 |
| SHA512 | 89e6892e51c0d8b2337db44f53edf26ecb7a0b71eff87b18b635e6f1305edf97391815c0e7a5731834689a7146dea5de95a8a548f252df7b10f431ac19e52fc0 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\directui_license.txt
| MD5 | ab54b14548a4cc76dd7c27414d971111 |
| SHA1 | 68a3888b33ee1c5d5efb913846867c9a8788cadb |
| SHA256 | 6033476be3d1d41166b65984e2be94c87ac98dce55bfec887e932b696e859295 |
| SHA512 | cc8c4d90efedf4aeb3ba3b64ebd0e938576867618a334bccf3cb6790338c6a1da239393a618f6e6a1186cb363cb514ac9528ada51f0090fe2fc709e5c666d971 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\duilib_license.txt
| MD5 | 7faec2006bb231d14b794a9f31769448 |
| SHA1 | c2b5a34fe521502f6fca3031201b47074f30f258 |
| SHA256 | 7ed2acca31a243ba107d8c12fddecd52462fd326d3d2c73b04d4cf10c76765ff |
| SHA512 | 777e0ec5d6b599fb0eabb8180fb6f302012ff12245e3de6a3dc568798cb057858eff18b08dacd28a72250236c4767abc2583670d92a946f684b45cb5144bd7e2 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\DuiLib.dll
| MD5 | 1274710018fbaa016e2334d43d951f78 |
| SHA1 | 0770890d38728ec9e42f90fd5df7e6ec983240a4 |
| SHA256 | e654da045dac94a3aca1eb729857b86901e0f89599b86c11ba255c7a15533aad |
| SHA512 | 517028803f1c1d9a968afc50ae388581417fe7020d49264dc948b4cc6ee09998f145ea8eb6d4a7492747145b76ed96a5510ba37095863a424ee691fb84d81982 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\airhost.exe
| MD5 | 15745b0afce1de9923da258d82fd8709 |
| SHA1 | 77a52aa312e81960c875b567c44579c5825af8c4 |
| SHA256 | a1daffe0a8b6ac12976fefbe73abc6e6ee4e172f9081ab787da2aedc49b0719f |
| SHA512 | 4d11d38671c5c9881c014bff7174b049f7d05b76e79c4131a734a56a20dec5b2fae17d5ac3d29499a6501c9848c7ae2a3ed838c32c02c8f6a5f2170c2d3896a0 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\avcodec_zm-59.dll
| MD5 | 14dcb67e668d18509c335017841f21fa |
| SHA1 | d952cd3a0184a3e5c28d81f26650b05bbc55f567 |
| SHA256 | 1ba1a3d45a334ea5ad698f50700f00189404143a02b62160bef2996cb34af281 |
| SHA512 | 5b539331b753fd1b896e0a75a89f897374b2a6ae03916cc137c0c477777f73578dc9a7b2dc3745fd026741b1a0b2faa462c78c7b282326dc2ae9988f2ae1ba18 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\swresample_zm-4.dll
| MD5 | 68f74f1cb5a77a57c1568f137dc5833d |
| SHA1 | 8ce32df83d8e22646a1aa1a4b6df3de58f4bd8bb |
| SHA256 | a66712e8ce2f341bfccae9adb31276d1669b58cea5ef87f0b397688127419244 |
| SHA512 | 0e43c5d198616f109b87ef43d3fe11734b867a11277cafe65e806e1f8b20dd08c3db999c87c1d5f40caabc72bf9814cf54752ffc1a4fc4574373327ab058de42 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\XmppDll.dll
| MD5 | b51c46b71520b1accbb6302007a8a66c |
| SHA1 | 432b23521c9d7e60876f13260652a6355061a3ce |
| SHA256 | a118355ccccfcb5b895b577f3cf837523cdd60801df173ec307aa235b342ebd8 |
| SHA512 | 40aabcfcdb03089e1a77a99dd769ecd61292af30fecc87b0176cfa9d39e9f930190549ca2897993d19a1091f326368cf1df4e2218f69beea7a71e47973cc8646 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptInstall.exe
| MD5 | 203297d11ab112a7780be20898df3f2f |
| SHA1 | 78eb16adaa7289ee07d59b56f8a358f7f973c733 |
| SHA256 | 6d31e22495eca2b4c5567963e0195d674e7022c3cbf2e5beb9cc872c45dd2bd2 |
| SHA512 | eee04a62b874fd487414d08a54bc9f30a45802982b6e03598eba7c2660a92fc21a49e90d1273599997f53f273b135045d0c1fb9c9a6bd822901a33c654a0cccb |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\leave.pcm
| MD5 | 3fcc19f6a199e97646a0ab32423c9332 |
| SHA1 | 05613b14d6c7336b24e9779963d245098e73b40c |
| SHA256 | efbd514b0ea241a560f1333cdbb90a9885d5c70c01ed032d11b8a672b1096a04 |
| SHA512 | b370ad863badd0d86d982eada1fd98306b686ef1cca4cc522558cbde40257effa96afd7327141beb08d9927a6b190e0047ad7978e87a41bf299f030c1cee121c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptService.exe
| MD5 | 309b37fbad4fd49ebed6760e21040b81 |
| SHA1 | 7b57023263e355e31490ed5f1dcb7530780b9c5d |
| SHA256 | bc1581969977a5891e3b2a15aabca7115df73c33150d757b7c4dfa6ffb5fca2e |
| SHA512 | d1fc655a4fbae56d87569e4e4c832ae7fa6dfd119dd12498a49e3fc7050776c7fea170d65dc3c900ce0321ec2317f1beea83cdee74e0c1a2b8788de49f7f95ac |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\asproxy.dll
| MD5 | 5b164bdf80f110d433afc54d19704dc5 |
| SHA1 | 129f6d37d2a693ad2c1c1e804555091e39462134 |
| SHA256 | 6e4da1cec9ef0690b6665e12dc844b216c8f85229bcf42015d121d98f25f5a20 |
| SHA512 | 2aee1c5ce91b3c2967e8b97b9fec3bbecf07d7aee59242bb0714e1588475f9a5f8b37c5b91dcdbb0da12205775497344574743b7a9cb7622cb567e9f87d114c4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\CptControl.exe
| MD5 | 606cd4373eb8b155df8776bdb09de39f |
| SHA1 | 427c3a211940f0d51809eea4474d6ce8abe11586 |
| SHA256 | 20b9153d44b0a991a4b8b6d67cfe659270f47d416d9b49ed93219797563c65bb |
| SHA512 | e6e7e07b7d044fa54a58ffc8db8e4bfe0a8c4ab4c584643c557ba2e0ad079663185ee6f5faba0beb4b974cb36752b60c30de662c272b8145f4c679ec46cd6c08 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zSipCallApp.dll
| MD5 | 3621e3d3aade04aeb621aa876eee8ec4 |
| SHA1 | 42b67210cbd435348fbea8ebd4991f27f8088751 |
| SHA256 | 2393d78205afc86cc763839c31710cf0f1348b4d7ee71d79c539b6ced5f3a4c3 |
| SHA512 | cf57d884806f6f970f5ec08ee4a0d02b283d2e5504491a7d0f7a5786dcd1e67e13dddc4cb307f1e07a4232381fbecb1218d87bdf23bc23160f3aea75abe01299 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zzhost.dll
| MD5 | 6d28addc49a887a843753fc260ad7277 |
| SHA1 | 31ccf57e7c5e586de1217309b53b91411e969647 |
| SHA256 | 6a92a597a823cd84749e43849ff629f2f7c26b9d6e09053ddce6ec70c71ff206 |
| SHA512 | 6938d1686cf87014c499099f8dc5b1ec4ee1b6df0004666f67aef1fd59464d3613da4c75b6762322d6b0074963d8768fa48851e4a3b8d6300167a49b19d2fd64 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mDNSResponder.dll
| MD5 | 1af0e9f9b8cae21b7728c48f40137af3 |
| SHA1 | f61efb9098bdbaffeeda46176fc176f3ea2965e5 |
| SHA256 | 975f3bb62c988acae1ccf1c0ab2ce101b4d971b2ba64fb8a93785b379fee5ccb |
| SHA512 | 6a06eadf9acd18a81a8516247ba869657150f77f811a420114ea0eac4715c3eb4f2f9997198d69ebcf51e174e2c890f0ff1cf85bf9e5893abceaa035cc506f8c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zSipCallCommonBase.dll
| MD5 | 0a318044fcc1e4041b01b880edcc3825 |
| SHA1 | efd2b17de1c827713e977856255b9488644b8f90 |
| SHA256 | 2f1c7106c4dfc3e1014443047b81404894c254ad58f1a5a24feefd14afae905d |
| SHA512 | 4f1527fe8c7976b098e36239a4a0892c98119326842846045bce2e56b28e263b0730b1ac916ded7f512381fa109e867f4990236a349af2c362aa329ebb9232ca |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zSipCallCommon.dll
| MD5 | d24d67de5724be78b39ab882a940f71f |
| SHA1 | 674c85feec49d503f60511c39d8ffa6d46073dc0 |
| SHA256 | c56989a00fa2d42d039816dd96ff372021a7dd55089a3774bb9bfd401cefc9ab |
| SHA512 | dc01ff51742cc965c62d654e22bea8280e3ceec932b6d2d8df8e36a7ea9a5ad37374c127676e34998fa8211fdcdc6702e0512fa1d1b8747102b3dd07ba5603b7 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mdnsclient.dll
| MD5 | 27eb64151541385725f917f4949b0891 |
| SHA1 | 8e6b7e8110ffd9d2cc966143247b239f35b99ae4 |
| SHA256 | d8d5b5d5755ba941e22b15b817dd4a934de8c83537d78507c9e285833d5e6f4d |
| SHA512 | f7ef73e5fcd4982753340c9724f7fbdf4059279e3c577169720c326fcd0aa608c58e2ac29302eda9da893590a920188292b2ee1f6c05f3dcf7e95d6566f2800d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zAssistant.dll
| MD5 | 1bae00bb947b61ddac711b63ff9648cd |
| SHA1 | 15d592dfd343c7d241c912071fe9eb714fef4d5d |
| SHA256 | 5b1a4fe4120f0f0c16217e0a027c39f3c1984e7b8737680b32c6d51cc832ada1 |
| SHA512 | bbf13ca756d116dece883cf778ca60b5facaa76811edcfeb7ca785d844b25db7293b55759433c04095d9c20366ca654c5f7f79f785ff9c9d99e359ec9b14e626 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zSipSdk.dll
| MD5 | cde976504b46e0d999ddcfc271ef9a03 |
| SHA1 | 41fb78542e1234646da8b3c995a1b344196f30be |
| SHA256 | 9b8bada6a35e4e7c33ab25e2068a7317a0abaa01b7651c57b5494cbe312f4804 |
| SHA512 | dfc6e9ab40bae25c78633aaff91a8958c6f80685de4c4d053cc0eaa527c83d8538bdad9613f245e95282f8587819709cfd0130aaba3ef06dd6e19ad7306a9920 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\swscale_zm-6.dll
| MD5 | 2bedf9b127681714af88371aeb4bb7ce |
| SHA1 | a059d4152079f33e827178458c9b386ee9fa10c4 |
| SHA256 | cbe7b12741a54f2b356847f1baaa62a8aaa6752fbe91e45f9db025b824dfbe94 |
| SHA512 | 78d95d48a66d386d8359c58cce02d73da3f23c4425dc01adf33fde1b13d20d49aa9aef64512c5f24147dab1ea91e16307ed67058d5749034c1f210802967bbdd |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\avutil_zm-57.dll
| MD5 | 8027461032f153622783aaa9e1c0e975 |
| SHA1 | 2b3d82a405a2a418bee63d493c1fb1a5c93ab805 |
| SHA256 | f6d91719ced9fe63486cff366103be4143b7b5ff791281f9277e80924d8f4558 |
| SHA512 | 444f05667a90f2615e4f8a4635a03333cba359b6ea0718442fc454fe7c47481dd3843f214ffbfafae052f32924b190eaff0768e19b5630d54bb5817f66cef880 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\avformat_zm-59.dll
| MD5 | bd7808c993742ee94d9356f9d300f3a5 |
| SHA1 | 54de26627b6c98a1416e4b04be4412689dcef5f0 |
| SHA256 | 786a13c0b853c31c88080613fe95748091d2ee2f3b223994df6caf2f62a5aa0d |
| SHA512 | c36c9535c72db0e910db8275a51873d63cc7277d05c32cbde0d1a9c07181437ed8f18e59f2aa2e5d1086788f71cc6c6aecb847470844ce479c92b9d67183f56a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libmpg123.dll
| MD5 | ef3c8dd6fa0d3884654eb3fc7470f50b |
| SHA1 | 853b2c80b77f70cdaa82227f071b6dbbbe2b281e |
| SHA256 | 021012b36df81f3785c1e26379675b875a7649de487e8c9a2f8da364b378ea53 |
| SHA512 | ce7d67774d40d1d519aaa07dce705ca66d31bfa1096f05cef84169699fbb338ea3c14a2d5e20872aa1b40f1c54a98d69e3bd780252f74fa97957ea716956c969 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\aomagent.dll
| MD5 | bf5d68e8811e728faa44e5c1a8c7e840 |
| SHA1 | d04b41cdc559e6e25daebb5d04337bea6e2ce8d3 |
| SHA256 | 1469fee8ae08d8462d9741f6910805403a2eb1f124f7d6cfe9d61e631e3bf0ef |
| SHA512 | 0e384dd25d5b1a00b42b4c2670fb2e72850a310439d61dd52446c3b89d65903d5def5f0f14ddf6e0c925581e9b79b226825163ac252df05be52776cf2f37e4e2 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\aomhost64.exe
| MD5 | fe6848d2e07ca85093a82ad5a0c273da |
| SHA1 | 62ec3904f3f422e45c21c99935be95e85414039c |
| SHA256 | 3fdbc9bd90e61f862278848c07156f5809f4f509ef4f762beb803b92225cb4df |
| SHA512 | 75aad78e56b4694c22e58a9adefb41957b193f5b6b02c21b90a1d1eb2bd38c8a09e572c66a679d7fb7ff6bdddcb2ddf98092636305b864aae2ef0325519f6f92 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zSipcallRes.dll
| MD5 | 3f00b60f1136fa9bf7497e68d4472d96 |
| SHA1 | 42062e9be473d1dd8b0da00dc1aabdac939ec326 |
| SHA256 | 077762a16a57aa67d42a5b97ca59630014edd8a45e767bba4ec9429c454f060c |
| SHA512 | ba1999e5ba70c9158d8127e3013878c52db04d7f4aa6f60a0a6bef33e7ccf89943264bcda209fffcfb44e035ea47c846967cb427563e7be4734826c8d7519bae |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\nanosvg_LICENSE.txt
| MD5 | 078690812af4ba8567fcc2af2ca1d307 |
| SHA1 | f4f94babc436555d2f5992e29aacc47433fbadb4 |
| SHA256 | e82bc3dd03400aecabe12201219ba14750dbc4b36faab58663a7a6068548d372 |
| SHA512 | f4e1f1092ab90f380a63ed1954023722d265e32f7f3d9b86100fbfa7d6ecd8c584a7dc22b4e3cc4182957136e2d765d0d6a293694b739377c09b076e5fe448fb |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zSipcallUI.dll
| MD5 | 4a155bee6c24acc5407644aad3c2f97f |
| SHA1 | 8e39baba791bf69409552b25eb6028647baf1b97 |
| SHA256 | c105c8321e2a2e2f5b052b56666f780da2163e1b473ba053640ca501833a8a3f |
| SHA512 | 227cc1eef0fba3feaada416e67e717f5b4ae677f65144da767f3b567c213e1d92706fed0e794ddec1256d666d73d94d91834dcdce8ea69e0b883417ddcc84e79 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\libcml.dll
| MD5 | 19c1005bc26cf574e053cd5ad6ce1daf |
| SHA1 | a97b537b93e742b55cb9ccdf9613081bc66a2de8 |
| SHA256 | 7639af585c3ae6b45f778967babeaff114cf1a7857a2ab2917f56316c5eb881d |
| SHA512 | 8968e0cb83434cb9ef52562454345bdd51933481dc45276c9d64c77c3e481adac992730e18cba0be44c73f64f3e481f808389672db81a429e1b9ba5dff16c8d4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\clDNN64.dll
| MD5 | ccfabf379271db7babb6e9f06832af8d |
| SHA1 | eb6de3e9d7bf849697988835ae763f104ea443f6 |
| SHA256 | 6e3d27c91eb0fc992ccd56a4f0339a2756dd67b6802292cd0d5f98f1feb90ed7 |
| SHA512 | 59afe8d90970d32fcfa5b0217d2cdeaeb37258591d882f3896c3626333b2cad21207cacea6b9dd4ba037783690b329a36136d7d2f0c4272b904c4175f02a37d7 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zmp.dll
| MD5 | 658f52e0f8453e915f0e93079f7689fe |
| SHA1 | 63864395f553b53fe91e3cdea8904c6c991c72eb |
| SHA256 | b6c4b3c88d61cbbae9a2d9937998265e7f6ff82362d8713fdcc3735c24b9ffe3 |
| SHA512 | 9001b79ec35e477191f126ee21e2834ed4dd33bc09eed69904a6af17e443efa6a4dfe66f8dd199ccde0761a3ce00ed1de72776d48224e151bc8a1679b4ea465d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\dvf.dll
| MD5 | 454e9b2c497fac6a90e1fdcffe9ee15e |
| SHA1 | 71d0dcd6ff12450507cb9f78ace3bd0f0ca19326 |
| SHA256 | 3c698fea3a8f2030bb384c585491db8c237c08a47cfef3f1c6bbb8e413226407 |
| SHA512 | 06d7431576ee900648e737b4e2ddf00afbbb07be282841625586752d0bd844e2aeb24c0bcae50ad2d9f0bb7b577c052b286845927ccafc77a55ccc68db2557f9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mkldnn.dll
| MD5 | d60986076e055ca58322f04ae5a0d39b |
| SHA1 | bcc8e9d28fd5b5a64a37c326ee5621d4ad8bdf16 |
| SHA256 | 211f474d279b72d6beb0bb0a0efa275e3813db0d591533818147ab58a165f5b6 |
| SHA512 | 1fa04aa4fb18617395e21fa0f439d69dbb74efa350d687ba35503099880cd98382a4d6ece740fbbce63129b9f653bd126e1980201626f80241fe70d9e21c06d1 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\d3dcompiler_47.dll
| MD5 | 4706919bd5a3ba3f2b2bef0988b081ad |
| SHA1 | 8219cfd2b208952cc83f56bf0e3e0c8a1b9344ce |
| SHA256 | ba29a59b3ab25c4fd2f67a1cb74b6d13a5130f42abd65d38c8f9a4f77781862b |
| SHA512 | 5909795a31e5e877bdec7a499f3fc7a875031ab1852cabed9f84e2b9602408334b4cd18640d1e49d90e3d465078ff2e940cada28b508113cebcd1a7a5ca60db2 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\openvino.dll
| MD5 | 8079ac12c22365a97da5102f954ffe6e |
| SHA1 | 16ec87cbd48ab54369caa7a1d2bf5e8abeba2513 |
| SHA256 | 9fe84196b96fa0462af39eedc1ee9c0188e7cb13798a7060c019d0248dc4dd27 |
| SHA512 | 3a8ef52436b4d8165b3191096849df0ac7bdc8cdc9edc7ef89c5b85fcd9d66ed57334bfdd64a05f8951f5377053a06cb4d720a2965bafbc1c71a91fe27dda11c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\openvino_c.dll
| MD5 | e8e6e16219cf0be9352b33865f0ef7ed |
| SHA1 | e7bab1f203ddf41cdd468d86c1689df54f30bf13 |
| SHA256 | df1aff0c5274b116f5cef0805e0d6750f85a6b08f19781e20e441c3dc296a250 |
| SHA512 | fedd2b30dd6f34ce7f62988d4f1d791c32342e13c8d2e5f81247a10d86a2cae6af00605beee1c440696755e2b0f834301af3bfd1f5154ee038e4f4bf7c125d49 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\openvino_ir_frontend.dll
| MD5 | 55edaeeac32d13b5d469cafabacb52a9 |
| SHA1 | 2fa3163ec95a5c99409a169e60a9ad08db54592b |
| SHA256 | 14de9722e369584061193f815338b8562892d7064e9b90ef33741f7f5edc8583 |
| SHA512 | d18816ae807c1e80406585d14f5b0135ee32007472f6f90a71e588e0e1547563720c7a09d726e7d6123c187c092a79e5fd54f2c212f886045f908929d839404f |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\plugins.xml
| MD5 | 7d081fe6f9c94c19987c04d1e6a5c506 |
| SHA1 | 1485302a3eb6765bfeccc8f2c7d9eb98dd889975 |
| SHA256 | 0bb8de37ac6d5d12a1d802276df79d9f378d017f54f4a03041a375b7f8d3b584 |
| SHA512 | 3ee9c6c46a75c508cf3c38885dd7b05e0e9840df95e73b2fd9939a2c705b87ba9ceb45d764a878aac1bec2921cfd7a1f2c94f45ca6193dc4a4f639bccdfa8246 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\openvino_intel_gpu_plugin.dll
| MD5 | 747e2cebc512677d7a756d20b215bbcf |
| SHA1 | b3b96e43a375258829de64cf5375bf09206887bd |
| SHA256 | 13a061436b8158d1263c6850c9e3605a7dabe37bb5534261e06edf5736469794 |
| SHA512 | fa65bf64de9064565053d29ad877c7a58d76496b040bfd2898409e451b04c93664c983a44f1b42e8b3128d0141e504c3123ea17ac7b7b8f0a09c15918d95055d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\tbb.dll
| MD5 | 3f08f7f6774063e5a79a49044cba0a70 |
| SHA1 | 201005d7b03c59825c95f38855815078375f018e |
| SHA256 | b1ee048c8495d25cc2bf84e18c3319e06c788a4e033114e4ecb6958bc5bcbd8b |
| SHA512 | ee78ebd7938ce9f2aafeb09594005e2630f23a691dda2d7cdbd742a3a3ecf07f42abf7d6e0f53b6e997077172e57a9d79a3b7375720f2d7f08efbd1493bbc266 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zUpdater.exe
| MD5 | a63262911f8f175469d13508dd111eb1 |
| SHA1 | b5d07c159fa96d43672aed2a035626cc4795e3a5 |
| SHA256 | 523cb0ac00e668b1894bf73892f4630d0772ec2966fd225713aaf34600a1dd43 |
| SHA512 | 1946d8f15e205b9c41bd7a894e38c2318238ce0a7a67dad7313eb22f8ed0c8d44093f75565703a94b96883146ca4d78d838646e856d07e32afa948bf62634238 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Droplet.pcm
| MD5 | 923d4747324854f50ecf69324741c8ca |
| SHA1 | 4c19f847fa8fdf55e27b2847bfe09789adfb9e59 |
| SHA256 | 3568dba00a55d25b736737a48163c13c1348afc5d4022a29ca0d3724d29ffe9f |
| SHA512 | 4ae265a89f693304fbeeb661d46d0cd96304083af75b5c245db63a632f40e08ca280a68f20115c6c38f5202801b29084633ffed4da16304689c4379f77693a0d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomDocConverter.exe
| MD5 | 33d7396e5e6a855945de14ef89644ad2 |
| SHA1 | 8c4482252ac9d1ce0a5fdf8a2d417e206b7d6b7e |
| SHA256 | 96319f39420ad1a965e84488c1528b84dcc6da1e644a13c10def4f58946e712b |
| SHA512 | ffbb91ef113e8fca93aa92ba928bfb731ba098d4c639324040fd2e995ca78dac2583c03dd9bc08fab30c81b01a4950ade10f58cdc002bfe25af9157f0b118717 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\meeting_chat_chime.pcm
| MD5 | b30a997b4a9df68d8796eef6f457f4aa |
| SHA1 | 23890fbc1f66c1061c60b8287659566c69b297d1 |
| SHA256 | f2ff5d73ee2a89135094ecb5165b30e351bb24ee4eeee95508f311eecdc9811f |
| SHA512 | 8cfc3b13d7c2ffa0438ab12669aef756bac76063cbf317e449e5ba4127c0604bab6fba793866857f4a68806e9ed779c0c521fc46c5ae3aab42de7c72d98613f4 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\meeting_raisehand_chime.pcm
| MD5 | cd7d41d5204013ce176c99c225016d6d |
| SHA1 | 996ea48981e81ecb107cd77fd0d6e35edc4d4214 |
| SHA256 | cd9b81d47633fe9aa3f1020d895161de8c31797b365f93dfb22a60d920cc2eb3 |
| SHA512 | 44afe616a2596abc76cf9f862837b26c00e6214a08b61c6569e7ee07ab4331f4968d718889863cffc74ceed55ff377932432c7191dba4efdb638ea3b96badebc |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomOutlookIMPlugin.exe
| MD5 | 76e917db95df0386cae4fcafd7ddfd30 |
| SHA1 | c85a1d1332df3474c8430eb5c0caa57724f83ada |
| SHA256 | c75150a9f8ae13df630111926eddc68795030074922fd1832aa0d031478e8a5d |
| SHA512 | 680c36ffd6961dbcefb1e62d8c50ffca9ebca06a39f1a76eec8572f246487f1e59650fb3df424140866f157b29cd29ff2719d67e9fbe9efecdb778d3bef56895 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomOutlookMAPI.exe
| MD5 | 821bbab68f38e22d2065639122dc067b |
| SHA1 | 1ab29cd3ff8e015440a3a33e1134e51cd070beee |
| SHA256 | dc64a6bbc4389662680affbc998e08c72be2d4d83fa5cf0fec7a98386195c67f |
| SHA512 | aaf62fa94bee252b8bee8c0519f504f3ea5b88f253e266e98c07e30d39e2b7ade166f8e18950790fc77cf3950b2fc9a4620d52fbe445a013fb9cc17a5101ab4c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCCIVideo.dll
| MD5 | 0db83023e218a12ccb32d2d36528506e |
| SHA1 | b20ed18405789226a731ad3d6e1611ae8a4d395e |
| SHA256 | ca0ab34fb01e41aafc4b910dc0ea6257450b2f1476b63558e4225e1681ebdcaf |
| SHA512 | 3fe72619e892af9370283f5f5ccdaedbe8b69fab1a940880fcad0e886a14ea98db16884317b4b8aa102c03f6762ccd4367b2a8bbb4898f92a53e8336b9585859 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomOutlookMAPI64.exe
| MD5 | b88a7a3dab9a28489d775764fa497a7c |
| SHA1 | f1d25b776dde9ddd40ea2e833be83ebe5c802721 |
| SHA256 | 1d8ae72a1abb3a2d5636d946e392ed04143b9758a9a2899f468b02666392baf2 |
| SHA512 | d83e74979f9e6a4f86855f77e000f2ecebb3313d286d2409c01fb83cc4cbf7e7b580bb7b44580085bed5ddaee2f00e9a996829d40eb2ce53a7a9e6ef5b6f2a80 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCCIMeeting.dll
| MD5 | 7fd963d449f4f2628da5970d8a57325f |
| SHA1 | 51c30ceec22580c688425fd573af8670a6efff96 |
| SHA256 | 19b4d079a3c47a2eada6deb819095ec017142e78914f006de894ddea17d0b55b |
| SHA512 | e6ba9b79679a18b5a3bd3c2f7cf21e0c73edde710bfbea279096c433b04caed31ce2f7f9d88e2de2c93b3c02389ab3ea7c6f1aac54c30cef0491bdbdc0eec72f |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\viperex.dll
| MD5 | 72594c7250c56a130158d814745b07cf |
| SHA1 | 1414de05a1dc218d1f39254cfbbee2c6bbde668e |
| SHA256 | b42a70643bfc3b33ba9f7243e3255649bdfc3ee0efcf8717af9695b4849f9785 |
| SHA512 | e796bf798a820e0137ab5303b77a2336a7467dfa0197c6f5806ef8f9980d93bdcf105535b420f9514bb83275892a45ecd9a7b8bea6d8b911d7c13f35d6d27ccf |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\sipphone_util.dll
| MD5 | 491be045fd02c86d804240163a1efafd |
| SHA1 | 11e915ddac35cd8e74fdccae0ccd13e73857a3a2 |
| SHA256 | 48527a400304cc5650616edcd3d381e9fc85dc4c0e677d8fb994cda3eaff1642 |
| SHA512 | a2090deb246a6a28cceb77ebe69c871d8b14fe91baef98abe1357dbeff0c196d549f742fdecdc1cae43bfe7b08e69eb0cc7896a75bdf66ea7278b37d7ae8b17d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\LibphoneWrapper.dll
| MD5 | 2f8666c221f71ba87dd316bd40022e32 |
| SHA1 | 90274e905854c48690f67918477139104879f998 |
| SHA256 | 8027fd94cb7a444f28449306c112f80ac83569764c9ac6cb446f5992f3972faf |
| SHA512 | 9af6ac47bc7afbbf76feead1bb95608e805407efa6b44228b8bccad52cb442e5120affa14d1f6043f9dafc9111e43aa1d9a495fa294ad2c0a1044b6dd0cf7bfd |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\G Step.pcm
| MD5 | 41c9816899c367b3663c50f7d6c698c6 |
| SHA1 | c59007efcba1c379bf34cc875a07477648c002de |
| SHA256 | 26210fbac5a314609cfd04b77f91a91127695bc1eaa02074c57079cd8acc28e1 |
| SHA512 | ff1d7daecd31c5d38239bca5589e7a08f22eefd112f16e7a01278355532f45cb4e0cd983a5e5e72d7d3fe41895c6f813dd7254eee981f7073aa419c23146123b |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\G Arpeggio.pcm
| MD5 | 6771499ee6ba11e659d8ad19981fe97d |
| SHA1 | 0f4ba3f4017575737669adcceada47cddb1f92c1 |
| SHA256 | 7e24bd3ed8f03b5a0c09a6e6364915bddd4bf48bce64b9fa9ff3229e07f3e8a1 |
| SHA512 | 049861d52bd58e2b45d182358fc0db5986e27390a85cb74d6c7f7b28146bfe679577dca02b3680a10c9a92e56c2ce6d61e1e13987d8cddd00a2772e6de5cc9ab |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\ringtone.xml
| MD5 | 2a098d45a19527f62c29f3a90496240f |
| SHA1 | a2b8c01ff514d443dd5c5634c3591b2655932179 |
| SHA256 | 81ffa6db5798cc0114512a43c3111a8a73a57fa243d23c758c4c18f0c975a141 |
| SHA512 | bf18c491e57a3317192cdd0ba1a5680354a7eac146fe9b75bfbf6a97cb77c72e77db92b96843c9d5a4389931bd1bc891f404adb3a1914cb927719e828538e32a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\double_beep.pcm
| MD5 | 876e92eaa1e4ad2e72a6e602b4eaa7bc |
| SHA1 | 2b2008c1f1f9b18037e4c3a7931cc5315e779904 |
| SHA256 | 3899566d9a2d7bf12a2122fc59a4279d9018a40aa18c946ae85ca2132a28b61e |
| SHA512 | 116db9da873a1dabcc30f5ae938164301c39ff5cdb3a5f7dbe9f1c83ee04dd078df1640cf3f86cac0eef46f5bf917305405401ea55ee23409a1958b47ccfa1c4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zKBCrypto.dll
| MD5 | 85893b5eece62c80ad860431bda5608b |
| SHA1 | b7703592bb87972271370701b54366165fea9465 |
| SHA256 | 0d0c8fadbe41424113e3640dc1bd4d265b1d2091b99cc7be9ff2f4007c48adc2 |
| SHA512 | 9c4d2acc7ef95bc2ff44dff2ce34e5dd05ebb3cf5c8188f15854ea5b376860266428d35c8d071b6f8f4d24a1a3523c8c15bcb2ed8e03ede27909861970ac9b29 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zOutlookIMUtil.dll
| MD5 | 3aa86d25c1077a7f42cef38fc4d85c3c |
| SHA1 | 61f4c52a57cfac17dc95e7f20c7de61e14cc4dc0 |
| SHA256 | 237e135f8d86b6647f1d6415078f78587c355e50b46b34771440bb60baed6bee |
| SHA512 | 143c327a4b0ec25430c01e10c32953db358dc13a27a8f39465001720d2ef38628f69906329757597a00c0fb8f4aa33808082561a00851920071f682ae40fcd00 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Silent.pcm
| MD5 | de74ff821c5d7f33259db9e85009ff02 |
| SHA1 | f9cd04668030703b5304c47bdb5a2e6638b0df89 |
| SHA256 | b24b0ec151d68a40d7c89f7eb1d52abce1eb9112041f755f5e092474e5aa638a |
| SHA512 | 8d9d3a1106e96ba57cc5d9a5ba2fa7c21ca0a47fbd9e841e5d6e3f61a1029e321b8210098fc26280b62fa6fbacb0b42e23b36129a5b05bee0654128d4660b47b |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zoombase_crypto_shared.dll
| MD5 | 21345e0fa372314bc87cd7b57e494d6e |
| SHA1 | 8608f817686ee6b6d752a9424e84dfc9c161b1b9 |
| SHA256 | df86750174e13f8b2e38ba80042d41f71dcff4d923e064d75af7ad438145c045 |
| SHA512 | 92ebcce786d779ac7e76a215fc370f142f3c104f1c5520b07ac1aafd7b4c974165c5ec5b78dfeb3b121f271574771aefe00658b25556a31baf00ef0560393788 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\percussion.pcm
| MD5 | 388728657dd2d77d2257a90b9c935650 |
| SHA1 | 17c15f9be8b263c52dc165b3395d8d92e72ec313 |
| SHA256 | dafa23315ef2893d200a88b65b8f455e788acd616d0634c35385d460f07c6a61 |
| SHA512 | 5b4b298df61c4bafa4f2b4ffe2193ed331460ed922a17f2abedcd20f6f1b1af8719694299e367af0ba757ec3496d99fc67ff1963e27195ed30a95e5dbe97a2b5 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zAppUISdk.dll
| MD5 | 1875d769c437bab6590d02d22fe1e1fa |
| SHA1 | f908f5409b9e45a8e82a5d63196f0423ec624e2c |
| SHA256 | b86c84167b849b2b05840942de5084cef8545efa1180b406a3186b99ed6bd44a |
| SHA512 | d1c38446fa18266b3a5e707e3934a5816dee373b620838920e0c69f52cbf6777db3e059a3be522395f174ddf87629b5efdbd7a7496d7a73af84faa1d21c36ba0 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zAppUI.dll
| MD5 | 56dedb3bf6a2c18152a0bd4acacfa06b |
| SHA1 | 716644fc87080fa9ce033a527e5c4408340400b8 |
| SHA256 | e16367b856869ee765b08001b991a519b7b4eea8bf5deb2c229e249a999d76d1 |
| SHA512 | dd138cd7e2d54feee4af093c019afec559c8a64845f3934fe7d7000dc814d539fe6d84ba365316f104a0284797e4d59209472156580f4c1e201021c408bd235c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zAppRes.dll
| MD5 | 6a21b3cee0cd17059eaf42544b103dda |
| SHA1 | ac37744e3e8f89fc1e6285883a18dc0acdc4971f |
| SHA256 | 778e92bdb7975dfca98b30c0a1f599ce3443cab574602ceec9efbd462457d96f |
| SHA512 | 422fe842ffe3ca92c318a8b58de43175e063a2aba5d272c3d2b7272154413095306da8691e0ed614894e33d4b4ef4e4de54616ccd8cea60919fe3b5041db7fe2 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\viper_async_device.dll
| MD5 | 704695577215f6c0ab07181bd1d0a12f |
| SHA1 | 656aa597016a3ca6baf7ea621f5d96e8ebe6925e |
| SHA256 | 1cd23d6eeac2b71d12cadd44df3551109a2b5a56085461afa9e649e592113906 |
| SHA512 | 066c494c178e2070ffb81f9969d9bcec611433ebe8bd05d31cd0f71cbf0b5d2251c11ef5c7e40d6cee6122e90abfbf7d939864283d4eaea1decd8c5a5436b1cd |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zApp.dll
| MD5 | f1fbaa1bbbbc55ee53ae127e68d39146 |
| SHA1 | 4de506e22dce79e9b065c12e5185357e97621a87 |
| SHA256 | 0ab0de726c80e9d8125144dba5cc8da0c1ee231a36d8a35b103f26c143fdcedf |
| SHA512 | cd53fc24c69dd906e9ae3b55fa2431f209acc1d774e5e433746209c55e654674df84cff1f80af9bd80995ec2f90b6b48525fb9ef648b5db5026b37b46bc2fc5a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\archival.pcm
| MD5 | 2da32e501e9720b40d438ff7352a5573 |
| SHA1 | e59fdecd75b2c8cb4b26bb4a2b3c622dca8a2e3b |
| SHA256 | 5e7d1491e7d6969eb67646f87ab2dbf0ff1d1cb4f5cf631128a305e2b67d4a1b |
| SHA512 | 5da2c201bfd01fc1ef1724acb0f6fddd7be39f83b6fff5c80aef71c96f14d30c694da82b1c41183b2b9ab9ef99d45faa657c4f6a984f87a97aef08d9e824ccee |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\mfAdapter.dll
| MD5 | 02b9fc6ce896854cb0f3729891acd0fd |
| SHA1 | e6c523779be3d3e4d197d10e3d1d16b40fdc4f27 |
| SHA256 | e7113f276decc9b13c6ed30a1237b8bf36acc1a3fe31c9090f2e611749d8fdb9 |
| SHA512 | 51d41d7ae5afcb5559e5180c5cc457056071b3304d433645bfba6b79a7382bb656e37d85135e7274baede2629570700a5767c53d9e1d8f5740b9ef560cb14d0d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\sipphone_audioctrl.dll
| MD5 | ef63555206004d71a87efaa658bfca23 |
| SHA1 | 9a071dd9012f79c9b1775e53d28231e1d6b52c96 |
| SHA256 | 76dc3dc1df4afdd1b81650a3c51b97f10aae395385959fdcbc47ad8d747445e8 |
| SHA512 | 219d6e8c609579d76ce993ef89ff0b27b9326cff9e4101e3845c1b3e621b4521eb0dcf5ded2f64948e3c22ca12fb560a2f0f567d6b5cf6b99b47c411c3ada3ab |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZZHostIPCSDK.dll
| MD5 | ea8b7bde19387e7efee0716c0f3318d4 |
| SHA1 | 4775c1bcdca17075dc1a39061f0f4f3e1493dd7c |
| SHA256 | 5f0612c65cc3d3b66383a266a9ac55683e30b7637ecb0bb0523a376490a08584 |
| SHA512 | ffd3bd95fcbd7e46d69d003dc5f5b8cccb00628317a2234a4e4455b91e5d2817d180d6ed56aeb2216236768c32ce02136fe140e1ae10b7a452c52030b0069f28 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Vibraphone.pcm
| MD5 | e750b985789477ea310fc23485c38b3a |
| SHA1 | 34c1c7fe44d97ecaad0e3ca2225039d3025980ce |
| SHA256 | ef3fdbc6e2b647f9d061468672bdde08acff5a59df08f91e7dd3155ed6bb0ed1 |
| SHA512 | 9769393ce2880558c30164a979d6197908bcee99d6d0643b68e05847b078c2a1b02b29399b949d424d3dc40952b759cf95a7a523575f2d1218f081be02bfd0ca |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Ukulele.pcm
| MD5 | f72021d50014ab711c5048de10ef788c |
| SHA1 | fba07f7045add6d1f08e5e4086ef2838d2623f3b |
| SHA256 | 41e5e209294da6d146d531e569435e5c2965676a70acf7c5a0a25d902d4c64c0 |
| SHA512 | d2989c07dcffaf5d598b9fa037c99e5b4e72026f6f273f319ed6b3ac046c22b8fb14e39eb57e413cc3cae2cf063cc229b524198c1097bd45daf31c6fef8faee4 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Ukulele G.pcm
| MD5 | 545e0e3c3e15874ff10658fce9c62ecc |
| SHA1 | c74c1d56225e6d756608de57370d41b4b0c14263 |
| SHA256 | 740f457ee95b637c9588d8f09a6185a8a0acdc69f3214fda1ad7a397bb79f26c |
| SHA512 | 904f80176377c101147c76a0c295fe3a7649f5a9d6c3a35cb41e5661b1ccd32912fc6c5385dacb23d04850a5397e897ddc358714314e3519f1e0d7dbce42ea1a |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zHuddlesApp.dll
| MD5 | 5e1454b38e6d19bd64692194ce5f41a8 |
| SHA1 | 89250a10ff30c1b60906746d62cab3b9350cd4ff |
| SHA256 | 9e53bd0751a30628b971b33a1f15f078d960c58da64c68bb1ec8f56a71bd3e77 |
| SHA512 | de0c4c1d850f0db1a56fc17bdd23e7e281f3840fdf5ededbfff9acdfe65f99892500192b6f9c6d34b6b3c29ed3ac8988c58d4cbe15b3ac3a5498ed072d540535 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCCIUI.dll
| MD5 | c00d7020e944667914b4161997894916 |
| SHA1 | 480b8ba165d21092da079b4d1e9bac000831ad16 |
| SHA256 | 86caed0d31850cd26c5d4338239fb92e5b3d711184fa3c14633e6d998423c8d7 |
| SHA512 | f05e2f66c5c10a00db13cae363f1c84111fa04da00ae1d09680a755a829cf1cc62ec94bbd90c8cc82a3c9e4e1b1990ca3d0690ded4c26707c06a85eb6095e0d5 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCustomizeMeetingUI.dll
| MD5 | 18f7976b4462d3a16eb0fad873073c9a |
| SHA1 | 508538ad0e27836da8772e7e2de9553047e1930b |
| SHA256 | b6bdd30cf5620e4048d3b5ed09a87aaac4c653723b3c4f5799aa05ce73f859e6 |
| SHA512 | d8184d2c5a56e55dfe4e00bac8b9a305488629dbb673aded63325933702bcd0a26dfd6d03e2484a7e54c36fa0cca1dd332ea184c311cfa150da9c21076bdbf75 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zWebview2Agent.exe
| MD5 | c031083117863a322578c5599e0f6dec |
| SHA1 | 5f297d49a3122a060808084d325ecda594fc2342 |
| SHA256 | 0a0e454f960ad56e88fdfbc546b738abed2719331aeffabd18283ce23d27419e |
| SHA512 | d2c8c7dacd173dce7a28019fb01b5614aa0f8be2c2e7b880e210a6ea71ad948587cbeba0a562ab9dc6edbef7b96d1162638b917feaced44730bc6c6563302cba |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\WebView2Loader.dll
| MD5 | b7dfbfecc8abbd6eae8b109d38e70e60 |
| SHA1 | 3bcb1f74496e5eb65a421320c3011e29c83ac4a7 |
| SHA256 | cdd25193bb80a1128f9cd9867e901f9a9d746d8e49a82a326babd0abce07da05 |
| SHA512 | 6625ee98c6b97530e5ae62ddaed4b6d06d9fae53a25f60b11b4b18a1bd4070430c3a7484622710255d2db06c72f1c5bc99f6743353be1eafcc08763b70ba3e99 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zoom_meeting_bridge.dll
| MD5 | 076341a77119c5f90b18ed10b66accaf |
| SHA1 | 0468f555b6cbb7d8b60fd086239b20ea70bed2ef |
| SHA256 | c2f792b252e058e0c4c30005b7da808ab2ba27859973a74eeb85d679e05bd8f7 |
| SHA512 | bb4621569aac0f2d0d8860fced50091c3c9154d9a8d3641af6db13378b1a86183d653ed3819d4c1418886ed7ccdfae2744639fbbdb4652818bde8e7a699f0fe9 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Reed Organ.pcm
| MD5 | cbda54e1b4c3c746b7bf439bf3d1d6d2 |
| SHA1 | 8d555ad3110ba2c2257cc18562bfa5a453ac03d4 |
| SHA256 | c3279bfbdbf53f32876ca34a213b102c64b6e0380ce5897400bca6e178267c33 |
| SHA512 | 188d6700b93f21f776fdc4c2c6a2d41a82c52e5ec2525e7343d27aeb2badab3827c96889665766546b14d38ad3a6e575491c7f4d2e9d5c5c3a4c496e47b40f6a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Pizzicato Strings.pcm
| MD5 | 67611d47f3dbc795cf0caf909a0070e5 |
| SHA1 | 880a42bf2f926ad1a7e23b41610f5d0121409643 |
| SHA256 | c724b4ac93f02474f6b0b1849b875d4576846e7969d56c4519b0c8e77b8e14f0 |
| SHA512 | e385dbb975bca126b6fdd388e94dd12ed1cc95e860f68c1d1dfd073ee0d065cd8ea7671b7ce9e15779d329fd70a4d4278b5615abfb63cd4f9813d674cca6c754 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\Gamelan.pcm
| MD5 | e06c92d35ca7fd525fc7ea6e59929ec5 |
| SHA1 | ff19d13920cace68b559901911472a2ede6de2d1 |
| SHA256 | 419db5735387e7876b1ae925f0ae8bc470f1ce3ecb2cff56788d0aeed07ab292 |
| SHA512 | f89283246852086e8b172a5b2f5cb617f2ba90526c729377ed62a21b15a6a5c0e31c5fb9b9dac12c0c04bd807eca1f3670d571c547dec71728460b844e201f98 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCalendarRes.dll
| MD5 | fd639a7d3f2242d57bc52a091da3e2cf |
| SHA1 | d0b5b16166e9a7de3ec2650c4be9b5f13436f0a7 |
| SHA256 | ef48cc1f8373b6b4af2c48fcb37ce6b02bce3bd4647c91abc806e2d5cfa0fcfc |
| SHA512 | 459509947131ee21ec9e6002a88ec53116e0ce60d43bda1d9fde4ca9c2fdc5afde406dfed6638f2aed829e336dcff667a2ac759caff1ecd4015f69c35a241fbc |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMailRes.dll
| MD5 | d52267623397d3ce1ecda07d19314e66 |
| SHA1 | 9b092c121488b6c6cb570261905809dac15dedcf |
| SHA256 | 0ecb8c01645e28a9dcdc05e34db1352937f31c4f8eeeb44ed94a1ea6a4e9a68d |
| SHA512 | 2c9dc1e85593014d36c016797af08f6191b12a989ec508d04fea1c78c8da6543829eebe209dfd954187e356c5f7131ee498c07ccc961716f9ff3bd7c9ffac8aa |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zmScheduler.dll
| MD5 | 889059bc0c2ae51fcb67f6dbcd22e078 |
| SHA1 | 7bf4e6479cca8238448b2d5f9162f8b60865872c |
| SHA256 | d5afc20e3631a084287aa75f400ec26296c70eaa8dccd2bf6217288d0315d31f |
| SHA512 | 46721cb57de431f4913d1e1a1b8fb1229f2900d2346b39b73057d5eb2c56d3614dad62f8bfc781751026c6f92258ac953f25235c99b83f522a17c222ef3e57d9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\dav1d.dll
| MD5 | 387661e68aa70f7c9a5b2933bcee47ea |
| SHA1 | 0689e311d7a26ebffac90cfd7b455bc54ee23f11 |
| SHA256 | ee39866d5cdfcf36698b2be278caf77cb52ce4813361058eb8fbf0939e41fe44 |
| SHA512 | 69dc0a141778ffee5cdf853d2dea47acb982c3daadbf63f6f3aff0902dc33885acb8ee7b16c336435145d18bfbe9515c62a9fccf6cb3e62ec2f9ad1bb6d57603 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zbt.dll
| MD5 | 20a7a0bc3794f7f6ec61e64fea389ba1 |
| SHA1 | e9e93c8e39a0424704e494dc305c1b3a990dd10b |
| SHA256 | c1fc58bda02149fb91333a855621ca7a27b50dcd727e5b5e5d3132da60559f0f |
| SHA512 | 76a0da426493b36016034ab8611882aca9a5acbedbab8d9a857e5e32e6b3330468136889ec15944c4902788c30c69337e9cddd899dda92a5c758f210d994ec1d |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomPluginAutoUpdateService32.dll
| MD5 | ed0bf60dcf6793d163af6c7c2f8a6f30 |
| SHA1 | f30e941a584c6f9f7edd6d4e023ede4ea7217c2a |
| SHA256 | 6f94fc8b30b589bcac020f8eeea69a20225832b8544874631e842e64cce4596a |
| SHA512 | 20f17e8854ce820ca27aaf292b327933e68666eb32aa3dfd4061821f37fca19095816e7bf683c1eea41307dc6113ec1005fb5c6060ca4f7172e70c620c9941a6 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\ZoomPluginAutoUpdateService64.dll
| MD5 | 8d7ed73d9798529af25329b7f0ba17d3 |
| SHA1 | 5e1debe2a10d20424e191095f46f0140212c30d6 |
| SHA256 | 0a9b9179a65a6c9bf5228c8c9a28281d9aabfcf0cc0d42e13c9e8cae821ca3c8 |
| SHA512 | 86dff7713804c065cd3157a66b2d1134b4f6b29ba2582b29610da9e8d39235594de78ae97106385830a9689332fd8cea81cb44104423f706a08cab2b83a4375b |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\2764.json
| MD5 | 6d4f746216997d4492b7991da7f7a0b0 |
| SHA1 | 47a2bbce3a24f0f74dca91f371f19be15ff197a2 |
| SHA256 | 92e20725a8ca1cd2609471e43bf7fec74bff1d5497941bd7960f2e958baa7f68 |
| SHA512 | 9abe6b5afaac1d7efb3bad635262365dac8999efbf12f9226bcd2815ab187d2e25abb1d74d23ecb08728229652d4b179eea791e595e8b55c9664a148f05a68fd |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f602.json
| MD5 | 1d37cead9e0951770d9b44a700a1d199 |
| SHA1 | 8c0266d363205aedd8ce2cd79bce23b6ed23029a |
| SHA256 | 030ca2feb055de27a68fba42e3e16cac5ab0cc6143831069be7182a693a56485 |
| SHA512 | 6fbd4b5844df5942fcfc51ab260fad9e30fbdca1d42e6c923306674cad844ea9c7a8daf53f6ab3c557009d31d86b397c57bb5e832ca07b4d184e3de056b4a3ae |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f389.json
| MD5 | f67d4e717a5c78dc8cc24a9f8fda0c8e |
| SHA1 | 8106d5b328939142bef9c16a068c900ca2b63405 |
| SHA256 | 61f1aee6f45612a6e5f7477e38898f56df5abefc58ba17316eb45d68a7bd2aea |
| SHA512 | c6e9f43fda4220758741170501b4557ef245dc02f8d18fa13d40e62c7bc002c495c560421ca807a0b8fec75d8fa6af1e772d6f0f9321561042a358d66c0566ba |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zDiagnostic.dll
| MD5 | 36e5e1acd50cb3465ac9df512867ec7c |
| SHA1 | 74afbac65ba54a4ab1184a2af5c1586c3fba57de |
| SHA256 | cd98df8b6899b3704896a2e16653407289c03735e02cf2b47b9b9c845986879d |
| SHA512 | eb7633e101fb6b1cbe5b9ffd71cd947d9eb05c2748f448a7a0d879203a22d4d2826ffb72cd305fbc7ffb5a217e743a65a4b1865eb7fd5bbf55f5c0ba5b7a2cee |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_5.pcm
| MD5 | 532231d1e36ea53a168830033cc0aec5 |
| SHA1 | 4407c14ffe5b12b7100db43fb011564269f702a0 |
| SHA256 | 83ef758561576bbaa981e976510b74eeeacc181834064ba7412eaf876cc25290 |
| SHA512 | 05bb2d8ae7cf3ead9dfbf05fef4983ebfd4f5a8991ba43a92191a1a97b485dcf17e315b9a8d39300c71be7114f15f0113a75c6648fcdfc46b46e6cfd2b3ca0fe |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_4.pcm
| MD5 | 065ce5dc0d49c48589a3eb19603510fc |
| SHA1 | d0852569e60486c2d9206c35be826ac4d23f79be |
| SHA256 | c50e689f830fea83f82c6cb2e5472b3827c5635490f0d2b0e56c346bad616a64 |
| SHA512 | c4661a30868376a7ed681d4d984efcbb8af4a7449059f31225c63ce1cc88a3b4a7fba3e3047f2b29a0e0e437e8b4832e888f65ef86ea40c2063aa0f736c61307 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_3.pcm
| MD5 | 3913cdfca0b0dfad1c11ab3cdb81dcbb |
| SHA1 | 92e17b1f78788d5b98bb539aaed018fd72244411 |
| SHA256 | f8902a24f7dd5f4355e684ac1cb0029992581c610ad011ed2c900f8957c104ad |
| SHA512 | 43d22a611b65e10b9bb4b8405a993a77618c24d8866032672d43911707ac9f6497826cb6c975ae422c7d61412d6bb2d2df0412fc7fadc0e5e5f84ea09c7475ff |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_2.pcm
| MD5 | d30328c7ec556e0fc8537d1a2316c418 |
| SHA1 | bbd09bfd865686297bc06ff35fbd5f56374e3dc3 |
| SHA256 | 37db0a7b3ab878fcdc1da65dc21c006daba8791c87ae37d000d516cdea9d4804 |
| SHA512 | 913c7f778f1a954c43c275e544689a528fc4a59d30f1d315359191de60f9bc9544bd322fc6842b63e8931e8f0ee8579f63a3e810f165d92a2f702ad3d8e5b6e2 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_1.pcm
| MD5 | 842932d135c62a4866c698cf415a13d1 |
| SHA1 | 7977e8280576cdfe14449e0522a824342899e21b |
| SHA256 | 1a5eb409a8dd747b37e24b3a7a0c3c8aa7c55778a9bf4a71f4bdf3b5ad298c5d |
| SHA512 | a34ae285e13cf25beb93153f1de77c6bb61941fd4d8f91b9689cb84d37204072ed4ddcf17a7f2319393db6383a949d4d0a8722245116f6aee8ef62524a403e29 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_0.pcm
| MD5 | 285974390c5114e6a8e91a2d63266a38 |
| SHA1 | f5b5b5ce959380d0358c463e2dcb9cafbe709843 |
| SHA256 | 394c441e19f6d34b46baeb7820726f279bc71d21e6911070dbb58e67568ecb9c |
| SHA512 | de85e1fc198fa235bc233cfd45747c30a8247af71b83e8ca30800cd754e6c45ae2d9754e4de0d51e3f2aed26ff8cc829d29374960f3b434e48acbbdf530ebe43 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zPSUI.dll
| MD5 | 1603a1a7794f289c1db54233ffe799bb |
| SHA1 | 5a0e70778b87129659c2651a3c882fde5af73a65 |
| SHA256 | a2e8202d396e8a6b0337de9ae65b86323f23abe7c503e7df1b01b7b19e724193 |
| SHA512 | 000487e924830a3132b98489c5676ae4b379cc2b5afbfa73539a280282a091d7833f30eb86ec72445e4f73fa1c9eb8c2ac1787d23ae5378139583f65d86e819d |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\ring_pstn.pcm
| MD5 | f199df8ed884c5af8fd07aa0e046d19b |
| SHA1 | 507ca087de97053c4e65f4576f78157813e6c174 |
| SHA256 | 0a23d9800db639dd5f40ff0e1ca3df5729df7ab81affd1a02db445b4b0ab235b |
| SHA512 | 176a88eb7df30c78442c435f102f865e1f8c8a6d0fa03f1af823cf6b7a3c290e50df229b8775c9234f09a0ab5643410f5e00bb4eae550c13cb59ee3d4147d5f9 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\double_beep.pcm
| MD5 | a2243b1ddd8cca6c40030020b57c606e |
| SHA1 | 9d0084832970caaf750335d5b27a3104623e2275 |
| SHA256 | e00dbb2ed88cd107bf384102e1353bb8d3a777dd9624a680579e4267080888d7 |
| SHA512 | 04ba003ef55787f3d19006e8a3489b861ab86834acec445ec463172f5530fe72472c0bb39f62ff8d0222f388b63a6b2e28f5919fbbccea416654d7cc13f68b49 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zBusinessUIComponent.dll
| MD5 | 825952f627c06e797e1e10f0121ea246 |
| SHA1 | 51e2b4457332186f5628c3948b8a28220efdbac3 |
| SHA256 | 62a3076dfb6f4f5bc548208625f9bc5a31c673cff779b2ecf7f23bad32b4659f |
| SHA512 | ff2f3a0007641ae3f3bc6df2e3bd8543392e793be46b8750e09080c9591a81254d67cb6b937ec14114c3094268db009719b03c4f629774c24edc0eddea5d731b |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\beep_intercom.pcm
| MD5 | 618a307ef3efad70399a6107cb1ce9e3 |
| SHA1 | 8b42e7fc116a27a3fa868db49b3d0204f42cd913 |
| SHA256 | 32567197286cbb2dffc282f7cae8d46d13af9d5e83bc98773a836904d244326f |
| SHA512 | 3181f538cf34e09de3ced6b702eb55654888b3b533a339eaff97f6f6da9014900f076c76ddd407c0c3736156a896fd23a07952c04c06664103cc74f317b8ea74 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_uninstall\Installer.exe
| MD5 | eef8f42ee9c09b08cd6be431e9780380 |
| SHA1 | a1fd89406fd7f60c3bc2c587caf8b8ca118d010c |
| SHA256 | 2a8ca4f712e391aaad9f84c8a9188d7d15e7c53d76481c98399310df0205fec9 |
| SHA512 | b78370b80ab46afd2dc0da29144368f18fc5dad0666a468799ffcda90ed1723597801df10a436500cf6229d464cb43b281e907d3e473924d11df69e0e22090d8 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_hash.pcm
| MD5 | 569480b0dfe8b64b44f72e5740a58230 |
| SHA1 | 6f4ed602780fdb7c3eda983bcb29007bcd8fbf77 |
| SHA256 | 1a256021a62abb1386eabe58974db5bac91c622f9fecddc9f87216c102c23628 |
| SHA512 | 89f6452afa3aee5265de3eac9ce0a5830163187abe6c5415141133a0b9c7ea091dfc198cad0b4662588b8f3785c93e310feccca3200b13af0c15caff7ab45d1a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_star.pcm
| MD5 | 814b4f610592e7d68725f87b04dd5691 |
| SHA1 | 9e3f0489d1889b3201753730211fb14ea1fc1e21 |
| SHA256 | 719f8aa3842eef2b413eb8dff026c2b442acf051af040b295af595ef207dc32c |
| SHA512 | 929f10fc51e71759d375d82681f6b9106932b27e0cd39fcd0fbacc2359d1907631a912d34958628c651c37617bd4d5d9db93d321f0592c30d0294428890abbd0 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_a.pcm
| MD5 | 6a95093e7fe3117bb1e614fa9727bfdf |
| SHA1 | 1df81e069ed43aeaedd8dce9d1c8bf56fa6b96a7 |
| SHA256 | d705d27155e39da52d84034389fbc3953d98f2e7a6007c44cf0ea1bdda4b3bb5 |
| SHA512 | 925d6b17cec73d8ea98ddc3b55d17c6e014a5d4504251563c5d5d55a9b7f8caa43dcc6d7989bbce72a62e1708a54ab7b09bdd84f79da9010bfebf6cff7534c99 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_9.pcm
| MD5 | cedbfc417b6ea8e076c99471e4d746ad |
| SHA1 | 11d95a6490613c3d7f350f5525ae47ddf244a5f0 |
| SHA256 | c5e274011991477635400e5a2c81d3b6cc12c50a61267b0ecc70077cb92a9aa7 |
| SHA512 | 358120f75fb51a89979cbec3c1dd0227e286019025be9308e81f5e2f4c02cd9bb0022bed4db357d42990c5f0503aadb88963d7062382d9cd832440e12a338cd7 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_8.pcm
| MD5 | a9293ed20c46e09ebb87caf37e92f3be |
| SHA1 | dd6e3ca3ef79d26f71fe432a2d928e9177f13205 |
| SHA256 | 4c682a59d37c32715d7e82c1592fcfd51ceaaca7fc4464817f74d0c005a02372 |
| SHA512 | ae2572da5274f686ab5b2ca05c273e103e037f1b2d21775f86e780a6a4e97f61059387a063e86f276253011bdaf188b2ca20cb29ffca5803fce5cdd9a69f38a6 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_7.pcm
| MD5 | 4f9cb5dbacddb4099469ff30fb61490f |
| SHA1 | 0a338b3aaa04309584af7ee0f14f1767afbe1da7 |
| SHA256 | 79f7a132b33c6525ee483231a53b8298620700ab21343cfa70d716e96fd12b8f |
| SHA512 | 488fba0f24d2382dddd25c05531a5f61683f774dd86d41b652ce9473224607de9744a5a4463907930eb3b010e6f97f7b7d1ac5a9daba8453525735d338399a5a |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\pcm\dtmf_6.pcm
| MD5 | a8e1e6ab27026fcc27307250e40dc64a |
| SHA1 | a3d1bcd57edd4aa3f52c259a5b72c120f040d583 |
| SHA256 | ffc6da3e558a9b25cc03249f675aff3bd3ac21d54435fa8b23f37cbaf54dded8 |
| SHA512 | c82fb729e9aa1fb56efae9b76f42567b871b2626c29945d0e6b51e4f876f43b97b8bc5f0bbaefa56cd8b881def405c6b8a44f331500f169de80aba120c98f766 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zPSApp.dll
| MD5 | 700a1224225a09309474defa7344fc4f |
| SHA1 | 2f7e2fb7d485ec45e0bee3e4a8b13aa62a13ed01 |
| SHA256 | 0e543b7fe79a1a535d0a04e2d251265fcc3fdb99438e9118cc92e94bfaa819ef |
| SHA512 | 331990335af00f0e2b705aa770410f1671dc1cec4907fe006b2bd689d0980745de2f5bc64688697511737ad41ee387ed423a551ee330021f70c421b77228173c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMeshNetAgent.dll
| MD5 | 53d113c0601b608dc59bceaddb7587ec |
| SHA1 | a2cb5af180865928939559c352e0cc779a22b4c9 |
| SHA256 | 0d48ef13541279996a9b0adf986dda63d29c8a9a4ec190fe3083ecb69c9e539b |
| SHA512 | 38794647e4c79242dc26173593cf4c24a063719e0834022f9acc7442d0451c469e8a6ff967f108b410bce82846a2c25f090b9decac1f4778e70ffe1ce7611861 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f62e.json
| MD5 | 7cefb2263f614827ab6e0336b64fce2f |
| SHA1 | 1a2f4e128ba63b5e9b6c1b6205f7d7de9143907b |
| SHA256 | c20267a718250c2d164a2f3e06df0c710cb6bf881dce3995d35bcb69bdf38089 |
| SHA512 | 47c2b892b654a8c06b88842b04897cfdb46a990ab70aa0dc92d0df90dcc924493ca1ef0097141bd2fc55389f7b46462fb9239e9a3324e91cfe5cefefb8876107 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44f-1f3ff.json
| MD5 | fb40a5f93d8289078a45accd64e8b465 |
| SHA1 | 2d65348b9bcf99ed6beadcfaadd1e4ba3060992f |
| SHA256 | a138ef5319e9e21fa35890d6ca4b88f25bf2b0e1e323cedb64ebf4b9caf9d72f |
| SHA512 | 508a34b167ce76b09f578aa0b0470e4dff749e1bb2bb4a18033bf96774028ce46fe3a1c41102a16b32342af3d3e4aecbc49946f6677b43ba4f5fd94f3abc6365 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44f-1f3fe.json
| MD5 | 7f9d9cdab026d95fd3284adf532e2315 |
| SHA1 | 5403f9c7a8ca5fbfea80212456248c4fef800474 |
| SHA256 | bd77b000abbb946e77fe3f0850cc3ebc37b04fe0d326cc0ade00d01d6a3c6964 |
| SHA512 | c733a6cfea5f1b96ccefe7f4955d6f347099cfc965703a1e338377ddf973b1c75c7ce67a05966b1dcbb8148ad0de98d3d5b4c688ba0a8ba8444cdbff0f4f8083 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44f-1f3fd.json
| MD5 | 6c248de1c9a3a4f80db699b2e0334baf |
| SHA1 | 8492fd0113557e1d106915e6f341e6361ae81fe5 |
| SHA256 | 9dea6b7d295efb8fc7b6cadca1300dec66b767902a1cecc09c0bf2061d583236 |
| SHA512 | 8ab713951327f5d046ef8a301e8c015e264d1da53932938dce7acf4be2476b7c05cb0fa007376f9760d155527af3fb9e5cb7fefa208824a6ffbb4cb7c6ddae72 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44f-1f3fc.json
| MD5 | d106b53a5ecb2e2c948b649d30b7abc8 |
| SHA1 | b8da4b38b28194034f65c1e0b1e598ea19cc9757 |
| SHA256 | 59feff722f006a29234c2d60232f8c658332678c58f47a46c328f5e6c1e5b8f4 |
| SHA512 | 20f15b6e90e64f6514324e9c796ff8622cdeb1881bcc1d85ffda0ccdb80813999be1f7c15886f1f0b818c9f1163a944bd0a7d837913501e871a5b97180af2a30 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44f-1f3fb.json
| MD5 | 2fc95360eac87dce1a1e45683dff62c3 |
| SHA1 | 314b47046abe7edd6a5cec405eefd14f1375f950 |
| SHA256 | f863e406ba35766c348026ebf8cc31b3d196eb34f82f2b46dd8f95ec29c3d9d1 |
| SHA512 | e7513f97c0acf5fa0683ebcdf64d0c4f09b84f9a693468d3ea58d7b22ab6218eca5372e50c618efe54e5637777da8a3929a8219846517f0ede418e17dffb6cd8 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44f.json
| MD5 | 80b427679e74a5a18e18c1add9d7b03e |
| SHA1 | e63b222fae4dc53072b9080b6ee487155077fd76 |
| SHA256 | 84f4390c03c46fd324ee2961caa437b72e231c40ee2bf9e8a55a33d8a69e36f1 |
| SHA512 | d8fcc78cbca0ba8d34143fc8fc5fa191f4b37cf9604c8c5dbc4214128778833edffcc8e704fe94223705020fb71bd08354c2dc98ea908b87bafbdd5a52d199f0 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44d-1f3ff.json
| MD5 | e923b83a1b6583c7a6d8e0c3ddbd18f5 |
| SHA1 | 77c8b568a14266dbfee28ebebf7a813926d94ae9 |
| SHA256 | a149f67ecaaa42766499f122a4d9dee813f4c7ffd2a72a76706b3e1d6017c8fd |
| SHA512 | da813bb3bfe223fdc8177493af12004aa432e6d76a8c8f9c09c80aa8c4ccf48d5e2f6504601a1864c1cf32b2f5a35727ff6b745ea71bcdf90d05951d5b867ffb |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44d-1f3fe.json
| MD5 | d4cc4a0572eda6dd046ea1477bccbab8 |
| SHA1 | d40bef057a1afcd0d95ed3d3e70850a45c337de1 |
| SHA256 | b0fe802982c912b18a7bfe0ed8bd7813b0f7c95a1cddad3dc193fdc6123deadf |
| SHA512 | 0c279bc010f98e9e82fda9c5d4725295d5a413d1e1fe0d3daf9580856213d32f438a1b247d169d712f9348e41d86b014c33a683d3a6fc40f32d0c2f20b1324c8 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44d-1f3fd.json
| MD5 | 8a1539d919866a4cb249e7e72649fea9 |
| SHA1 | 22ffd22a1c2021d87efbb3522765ae0517eee75f |
| SHA256 | e098424aa4c8683122906445b8ee8fcbc9b052dc6302c243472667cb52e99c2a |
| SHA512 | 2a60eba32f91cf87da6908974b950f076c6ccf98785da72ec091a53afabfd769a5cbd4e8c8ef43bffef2291328f4ff766b7e83a3cadf5b242a3abd9c1e3ae318 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44d-1f3fc.json
| MD5 | 48bf4da3d37e30ec5a1d97d856d7e05a |
| SHA1 | 4cd99bde6ac053849d928ddf3b7aa81965b80a8b |
| SHA256 | 62832db00d7a0e37f65ec3d487d3c3a28f72bff588bb3bbb3b99f89e0fa4017a |
| SHA512 | 6d5457b1af1ddabff895f601c152be1725fc70eccec9baf95fa4970a661b5699b3a85e31270a137dadf2378aa5b61c6f82caf1b3f7f8b5174080d328532f816b |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44d-1f3fb.json
| MD5 | a326b81f55e448ced69b4976b70d8956 |
| SHA1 | 80d44363c42c7ee47ba8b9a50aa33fa8b9099b3f |
| SHA256 | 6c646b347476c9ef767ad094d3a8970056acaef87b18b6012f59d33ba850c401 |
| SHA512 | 0c9ecaba03f2597a9bda7adc7458e53236924ad43f8f786918d5c60bebf18c3113b35a353cf030e0efa6491182ba5f0e892b7e90215100f93947f0b77ecc906c |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Animojis\1f44d.json
| MD5 | 2e94b3973a2da18283ff24cd370e5893 |
| SHA1 | 65c5a5caf66f94489b61d8e092e61888184efa81 |
| SHA256 | bfd1e8c6015f0a369fa5b3cd9a1ce59cfaec94942c81c81d9783c45478cb70af |
| SHA512 | c845954a0d937f756cc76646dde14d718a3dcdf9d678a91cd7b4ecfa9052512a20b6c18fd67b7621f3f4ecb1f85fdee5a6bd0e8091f43b569594c9acb38aa04c |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zMailUI.dll
| MD5 | a649dd6791d684cf77f3413a26b31832 |
| SHA1 | aa2c3e0783a1c07628ec17ff55ebdb5870e8b079 |
| SHA256 | df90a82519b098bf3a2477fbffa0cd2b702baa6cea2d3773c371bcc413f3db35 |
| SHA512 | 61885ce264c76585f4d0df43fb46305ebbcaabb29d40477aa48b7527e641f379c826b748933d0a68cbd70c198720bc121e37b7c785c429c562c74aa97548f775 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\MailClient.dll
| MD5 | 77c2253a107af0d98819f5e14b4cddab |
| SHA1 | 068d23298b3d9038b9eb5bc945f812156d281012 |
| SHA256 | 84cebabfdf66b588e7d7e6017b3bb35f482a873f80d0948a3b1f2598710f525d |
| SHA512 | 39ac1b17937763aba56f55d6eeb37b8727cba59dd04585b3c3356d40d10eba47d59a1ae7e3f3e38f455bb0ac857b977772e723f67c786dc403f9594e52eef921 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zCalendarUI.dll
| MD5 | e24043d7435e0cd24918dda2b406c542 |
| SHA1 | b3df2d905a82dd813b7fae360f79cba2ad8549d4 |
| SHA256 | 8204a6e3081551c33d39b73bdd1b2b1bc608c40c6396a3aba5bfaee725dbe893 |
| SHA512 | a66a0eb821bc14d9e23785647bab3dbcc1b25d28908bb12d04093345c5dc6a2a4f9c374388db2ab9cf4942161066a21451c73e3ffc771e740bf16010e5024a69 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\win10rt.7z
| MD5 | 0872acc303153d1bd8085f92e3c4bc7b |
| SHA1 | 9c38b1348238f8c3b8528f43203fe0cf0b9af183 |
| SHA256 | d66a72c3698f819ef306f08276aaeb7be0f9bcd3caa02040a2dc448f703368fa |
| SHA512 | da7c46e165bf77e962fc72896a9613c7f0c5a6cad0a96a7f97a4844e448cd93cad0476b970948abe88a22163f91a5d2cdc7d1a6bcdfde8bd80ed70f79e31fed4 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\zPreMeetingApp.dll
| MD5 | 0d19431f5545fcf3962e3ed14485ab89 |
| SHA1 | 201ed13a82c16942656a56d405556a104a559206 |
| SHA256 | 9f35593efec0b204099a70e4b516d564d472cbf8aa75feaee4bde28111d0c2cd |
| SHA512 | 237b45c52996d1ea1424d367641c636c3eac815c8fc326a262340cd5c33bf8d04b1a9169b1eb99dec0819300d2c840adb94cb6ccc7e770a51748f9c7cf59dcb3 |
C:\Users\Admin\AppData\Roaming\Zoom\tmp_bin\Ringtone\localization.xml
| MD5 | 906d15d9bb44a0047a604798bf9129c5 |
| SHA1 | 0f328b45419e20f067b4e11ad8eee4797abfc2c0 |
| SHA256 | cb6fb1c7b3d5bf61c174e2c472255336e1e0fecc4428aa4cc0bb32bf49c20b61 |
| SHA512 | 3d00e8f9d365a673875f02295996ae973fb5400089100daef93b531832be56684a761f56be32102750e88e66a12d4cc79d0ca299284a9e66f8f12d183ad085d9 |
C:\Users\Admin\AppData\Roaming\Zoom\zoom_install_src\UIBase.dll
| MD5 | f9850d4e5aeeffb0dd281a2a4dfdf4a9 |
| SHA1 | 9ec3a418e2ef3a1e27551642c3a1cbf0e93b5b27 |
| SHA256 | 5aa6985aa46142b11ce54fadd815a557968d14cda2b3346aa469823ced5dca63 |
| SHA512 | 669299dde239028d046170b4a62bef22750ca403be787c470d818b49331933063bed4f4735d89177b7924361fc53336a975403d4678416165724436da33094dc |
C:\Users\Admin\AppData\Roaming\Zoom\bin\vcruntime140.dll
| MD5 | 7942be5474a095f673582997ae3054f1 |
| SHA1 | e982f6ebc74d31153ba9738741a7eec03a9fa5e8 |
| SHA256 | 8ee6b49830436ff3bec9ba89213395427b5535813930489f118721fd3d2d942c |
| SHA512 | 49fbc9d441362b65a8d78b73d4fdcf988f22d38a35a36a233fcd54e99e95e29b804be7eabe2b174188c7860ebb34f701e13ed216f954886a285bed7127619039 |
memory/4876-3228-0x00007FF900540000-0x00007FF900A1A000-memory.dmp
memory/4876-3229-0x00007FF8FB520000-0x00007FF8FBF74000-memory.dmp
memory/4876-3230-0x00007FF8FBF80000-0x00007FF8FC8C6000-memory.dmp
C:\Users\Admin\AppData\Roaming\Zoom\data\Zoom.us.ini
| MD5 | 38d9f6fb1df4d57e752dd5b174c53d77 |
| SHA1 | beb680c5bf242e1fba51ed75477e033e7ff9c084 |
| SHA256 | fa33a8120b2dc389a2d0a22c8f4e27096989be8cabc18285ecb55805d1b25f76 |
| SHA512 | f70d0824a20c550caf40477dcf87feaf2a7280fb0f5f8ac7cb79bcbe63d7f7fec03324e28edfe5dc2cfbcde5f03dd6a809f8d4b3c526258a5c7e6729f916f2ea |
C:\Users\Admin\AppData\Roaming\Zoom\data\Zoom.us.ini
| MD5 | 43cbcbbaede94fa8aef70b9d8eae1cf9 |
| SHA1 | 2da7f4af80c014c5e060f1fb1d2b5d7f9f8c5666 |
| SHA256 | 7192db17c1f468e9623e87720cf0578824e4f553cacd8381d3f2e77d1ddda54a |
| SHA512 | 4ee2cd1f12d7c9548dfdfa16521ed583ccc1bb64f09b7e77b85b9d58f1a672d45c025c3a1bbb40e44bdff2d6ed85fdc904880bffca5628edf51a7e1baf0ba171 |
memory/3696-3490-0x00007FF8F7D90000-0x00007FF8F88B2000-memory.dmp
memory/3696-3489-0x00007FF8FB520000-0x00007FF8FBF74000-memory.dmp
memory/4876-3521-0x0000024A72350000-0x0000024A723BA000-memory.dmp
memory/3696-3522-0x000001EFFEE60000-0x000001EFFEECA000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 337ad4eb357d593d5960a121694ce4a2 |
| SHA1 | f09a3b70489f449ea15d0118f9d0cc6494d7368b |
| SHA256 | 2d2c05dfdc7a2a3886fa2920c12ae8859132cc3dd58f9719c2bbe4a9961bf879 |
| SHA512 | 9f6aedbb952aba8c18a4274f4eab5d8c087fd4835920c4f4dc976496a18ad0bd887f9eeae32e09c9d6301839c7c01541ebf86b8e7922cca5efb536be4834c14c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bd386d9c2b7375fdf6930736ceb148bd |
| SHA1 | 5f686ae4ef2a0c5c2d1dfe7da7fbc9255ceb1b1a |
| SHA256 | 9d8783935ae9b6b2a36ba86281b48331ecd4557440531fd6d9461cc830c7549d |
| SHA512 | 23b38fb106edaba09c9beb150da975163be87ea59ca6d8ff9558881a1df68b1b91e4b2ac17814adc0acb9ecd0a56c0ee908ce04f81295a381fb2a9646aca590f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4a19c7c2cdc4a9d221785b6b9de7ee09 |
| SHA1 | 60fa1c92aca19032006f3bb363bc92fef30d8ec6 |
| SHA256 | 9bfe7f4808a5c32c440d3e1f4e574348f30dc5746f69c99ebb7e56e15425cc25 |
| SHA512 | aa9d47d916def6da0026959f59b8af99b75adc8a4a3029f8de2db7580bf4a7e91739a2fb943235aaf26a1f4b8592eb246edd1ab59e1378b7d1ea9102f833e5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8a83522e280eadc757d947bebf487205 |
| SHA1 | 31a8bea48f7272abafcdf1637ba04f5a0222e16a |
| SHA256 | 0f835d5404c1022e3fe2fff7fd1c356587cbbcde892d7d930560eddb86ee09e0 |
| SHA512 | 4c0c1de548ae868fd507c3fb36d56e51af1bad33492eac872ae3e055870ea5edcd91dbd7fa1b733419c6b829cb61c3c9b401255b57ba69aa4a523e9d22631968 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61bc165a-7117-4f91-8421-96a72ad17123.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8fc8851615cb79ae786cb9573699e1d6 |
| SHA1 | caa420899ea450422388fa8f5ae3558696708093 |
| SHA256 | d1d54971b4c5d39ed43d37b1f848c73314d52a2f7315d8e769f0429b9ea67ea3 |
| SHA512 | e5a234499aaa21f9ccb694c28cf305d6a1d1dcac394e0071456d8696252561ead57575bae6e44a10c8306ca9cb2e5b2d73d63f8f91e410ba81b6b74cdda60ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache_
| MD5 | 47d41a980668e9bfae197488d6d56feb |
| SHA1 | 8acd8919b112d637a18e4c2f79f61fd62d2a1e6d |
| SHA256 | 87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43 |
| SHA512 | 165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Temp\6039294f-f7f0-498a-84e4-280b53e30062.tmp
| MD5 | 78e47dda17341bed7be45dccfd89ac87 |
| SHA1 | 1afde30e46997452d11e4a2adbbf35cce7a1404f |
| SHA256 | 67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550 |
| SHA512 | 9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5 |
C:\Users\Admin\AppData\Local\Temp\681e83bf-3b6f-4e25-91d9-6cc95cf1e13a.tmp
| MD5 | fc21c3084ece86a867515f4112126d22 |
| SHA1 | 7ad412386eeda21136ab332edced98af075cccd2 |
| SHA256 | 378723490592c0627ac18a287f9a9cb74970c3c6e10a177c322282bfc1d01e01 |
| SHA512 | 37777d2f86d5586b5db02fe8df853814ff0b1fcf0141adb8cf0a42ce3c15c5da8f65de89e2deb8c13040302f95c6b0ff523a4288c5d38ff7977212aa011b1309 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js
| MD5 | 3d20584f7f6c8eac79e17cca4207fb79 |
| SHA1 | 3c16dcc27ae52431c8cdd92fbaab0341524d3092 |
| SHA256 | 0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643 |
| SHA512 | 315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 49f7d4cdf49944667861140a376c1fd5 |
| SHA1 | d4a85ec3c09bbe3579fce1967bc1f197367517e9 |
| SHA256 | 22b3d2b4fb44f47e928097932e9c7f56da40dc3346857cb7ee9673dd4742758c |
| SHA512 | 2ca319b109fb135bdcd69d423aaf380dcfc092b1290f251adc95217e344e87b168b3732e998e4ab260351f3b04334fbf7f474d1f0069fe107614cd74ff7c573a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fa416b5a80a2481090118f5edc39e6b2 |
| SHA1 | 7654c4061b0f85a4e8e509aa8d259a9368f99731 |
| SHA256 | ccc4601f08cdc8c6fe559324be8d7e180dfbb5d0675d60de88aaa5b754ec47a9 |
| SHA512 | 33a40f1216270ac7920808944b0712ffae550aeede4058007f3ea573452208933c46faf90a47545fe1abe955e7dcbd43e8ac77cb57dffb8bc81dba1aedba27a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7752cd905528d9f328ae3f700bc5abb0 |
| SHA1 | 2f908fc35e64632a492d8c52ab5a195bdb6bfc98 |
| SHA256 | f7f6b4d1d985a00d7b30f7857e86c0ce4d5ad35ebcf4f1258c612d0d2ace7065 |
| SHA512 | bf9cade50fa94ace60feb0583118af21ebfc24a7c1b2159fd630c1754eb7f756ea514fd66fcda6f008c6692742baa6608dc43acb65c21bac5b02cbc50b6da10a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 09cc34815ec9618b185bf753a16c05b4 |
| SHA1 | fb27e80b20ed230e237459d177d3462f4f8b7bd0 |
| SHA256 | 9e258e4934f6c763296ce0af7a49972f79e1f710eb4bfdffe258d3f649fb3d07 |
| SHA512 | ba630d43547ad27fcb8560013822689dad188ca6de022ba2e4dc7818c9f3688b11786027959614dbd8812bc88c7d313c6b80290d9b0231eec5edca6a55c2569e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 316d2ac3c244e809dc5a0455dadccdc0 |
| SHA1 | f5efe288c8a44dc80c658d9663ac5d20e3bbfce9 |
| SHA256 | 97e4d518f0b0f85cc603d01db80728d66988d17f6d511b78102249fe1963039f |
| SHA512 | d4031294c45db1fcb8a681584bb22de01c53db91ef4557de4ca1469a3b2d9f512b2378c5f61c7e254e2c7ec7c779eafd5c07cf302e7ac387d844de12779ef626 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 279ea1797a8c234c5619e1bc4da307bd |
| SHA1 | bf1be671605758a0dd50960db76229edaef8e91a |
| SHA256 | 52ea54b1a31038190d3e897fca9737f51251c57b71f609879baadab7030829d6 |
| SHA512 | 5ff898f60db9e9eb5c1b4a19d766b04a31a44c69f9e65564557464f93c21d4dcd7b937fb181de8ef8982e0ff27ff496394cc2725e4de4a27f7616722da643ef4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | a7fbd314fdf465e07bd53eca8be40e49 |
| SHA1 | 256257f143ef0accf9a1dd616ae75cc411c942ab |
| SHA256 | e18fd67491a82fe0c730fb0ed93f1660c689186dbb4a36e4368f36683b5ec444 |
| SHA512 | 3b0ad7a22b06f6049b7b6ffa263965e8c7108acf0ee9a59563b75e454c508feaf7ed53930c24509131aec43526f8d831dabfb5b26a6e61213e27fe48526c8c94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RFe5e6fcf.TMP
| MD5 | 015c9f3c2fdbc1133f49a4e0782f304f |
| SHA1 | 4f17b3fdc00043a530ecb42653972063c8b23e0e |
| SHA256 | 17b007ca9b088c264a52a2d47d924518cc181e0b729b62c0527541d86be1060a |
| SHA512 | fe5600c9592b24ec6710eef5881f75429e75d369c57237c72b419ba86cd5edae60e421e204af23d906e8e82e07b4af1bb005a1f0ae7011c4dc1215ac5ed9ed01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | e6565e97682a7405507277ce13f9fb04 |
| SHA1 | 2954e665e2f0922a1a8db0a1f5e0f3ea69ee965b |
| SHA256 | 403a82ea0d6e526d3d227c4794b9f5d9e0de55b7abf33213da14ecd2702c2e28 |
| SHA512 | 5a110d374b4f7c842b6c3ff6ba83f2b5c82db2d771cb74e482aa470165196fe0e88bfba8e56515ec4946ee902d733b294b9105009ded70a8584d7f3e62fbc178 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\012bdd21-a7b8-4b04-b45a-e893cfafd77f\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 04b0d4e018ee75672ea37dc2bde07ef1 |
| SHA1 | 8bcf5fd837c077d53b65915ce9f52431d012dd23 |
| SHA256 | 22e9a8161cefd31abb1a81ed71ae23056c95dfcaef8baf8d28b6d9de1d77917a |
| SHA512 | 11c0ec536b6693c3750ac64e147e9dc7963887a20d3661f52f2ef8fea8e18103815d19d946c3f3bd2711b80e58090b22d46df25ba8944cfc3586b3517c04ba7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa2ecddcbfd3f462576e691888ea43b3 |
| SHA1 | 5521473bce360c017d12c67c586070198f55e56f |
| SHA256 | 35e934417c6b521b9cee15e97b5cdd32a55b934c66d739da536d52a847ed7dc6 |
| SHA512 | 9d6315a42cf352cf498f10d1d7540e6f2a0c87cbc51d3c2a58d47b3f9655aa8a08f263bef40fdbd55390aba5ae367180a28895656f7b5ee60a3fee2ae7fa141b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4fd714eab835c59934708651edc7e997 |
| SHA1 | 2f1044aaa7e125671af85e4e6ae7364757571d57 |
| SHA256 | f00454bf713d5db8cba62e24fd775b0d6c7653d0be25348402eb88a0f7ea6cfb |
| SHA512 | 717ca4edd5ce0603befc3447fb57bbdf48b60a30e447423bd052d7375a6088f5c24f9241bba47a4072cc3c6133fa39990877c5e1ff52e6b6d69ce80f89e38240 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 387ddf8f01b59ca66564b4b450894770 |
| SHA1 | 146819ee9b54cfd3cde94873af84bb339963719d |
| SHA256 | f8979c786b44ac0b990b77eae61bc93e87f8f432aebda86f0b970227e3311c8b |
| SHA512 | 63e81de55b26ee6be8e24bbe9022254ce9dcdb2a52ba0fa569466b2dd758c5b32d06e1aaa17e957e56b3bc3f431b1f07d0015161c1a8990f78a8e38c5703f999 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\ba87a653-91b6-4b7d-8144-75ee4024d2ab\index-dir\the-real-index~RFe5ec36d.TMP
| MD5 | 8b0e282223d4085bcf355c7afc480d69 |
| SHA1 | 7c4fd93b86dec222e18a2684d85ca02194dd3601 |
| SHA256 | 19ec0ba11b20c49d35bcd97803c61f30862bdd41a18810980fbb5a5b9aa6faa9 |
| SHA512 | 369601b181b90d3a4cac67f55a656fe7013ae7161821dcfba97bdc93292274ba81059612ab3213904479c77ded3cc3001dad8a58d30cdde0a1be2a1f1c5f90f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\ba87a653-91b6-4b7d-8144-75ee4024d2ab\index-dir\the-real-index
| MD5 | 38b8f0f75f78f8e2b1216a85df797ff7 |
| SHA1 | 1396f4c2266741454e313f4b9a7fb3112c683a81 |
| SHA256 | 44809bd307a3ed7b2912e80a652e632ad2e1421d97ca4b501d05118f0acf6c41 |
| SHA512 | b8976498eb0d6580e795f9dc32879c3e3987966e32fef8b41e5f6cfaa195953d6a0d802c3af9e616975ff98a9f323fe2df3158ff3a6f8640f7e96a63abd74621 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | afa79b63c69b87f692f475fb5c39f0dd |
| SHA1 | f7671da0acf95ba0f888d60480a5745c73435bfa |
| SHA256 | 0bda67b2c7c578381c80cf6e41608570811ea098a1f87b9e05920d6b87d9535e |
| SHA512 | 4924de771171d8baf63a847b3d7262ec604b4f33d056a1dbed7517a448df349215d7c9d49719747899ab314df101546c0d90f454135f6de7a49cab6893bf652b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2bcee496328bfad80399403f9dd77c7 |
| SHA1 | 36630b16310e0fd1bcf770c378af5ca237b94921 |
| SHA256 | 72e7c0704e9bcb986fa4ad5e279f0b6950bec52160c1d9147ae8492d88bb3710 |
| SHA512 | 15e3dfbf0b78882bffddd59a41bcfc39d0789948c87d7142942a1c4df0918390c0ed1978a7778fa49ec40a58df88298ef7239ce9a94f24ee9bf3ca23023f9022 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 0dcf9f809c93fe7088493516081c9d48 |
| SHA1 | 1a55b1321f041ff9a9ab20d41eea4e50b1d32089 |
| SHA256 | 413ef5e9759e922b7a4e2acb553d8b56d192684698385628b1af82dc9e78799e |
| SHA512 | 1989ad79835211129cd8af8de51c815f8aec4fab7864ad4d60f4f22e8e32b7059bf7dbb167dc8ea488dd0346408f0fee63cd8694ac1b1d9b6b03edcdbfa00d03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\012bdd21-a7b8-4b04-b45a-e893cfafd77f\index-dir\the-real-index~RFe5ee9b2.TMP
| MD5 | 2dab556dc9b5a04541f39978f8065dfe |
| SHA1 | 782f41ddb6048535ca5e53266a91d4b036a05e15 |
| SHA256 | a987bf255596b5cc7f8e7149f435544c95fbcf3c311cfb44fe767b90b0b79cb6 |
| SHA512 | 60cca0088f5e75d723969167d158bbc07deee12950dff4c1b66dc5fbc3c846ffe0d50997fe4b852e597f32571335928b07abeb1a661581bb4a93c039e7875145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\012bdd21-a7b8-4b04-b45a-e893cfafd77f\index-dir\the-real-index
| MD5 | 25abe3e3abcd22711e75499efa9629f1 |
| SHA1 | 6854b153cac29f0186d10edfcb23d1ef91a242cb |
| SHA256 | b1f88982d79d1665e0b30f09f28945df28bc7031f08b12dc2de6acbbfbdd5fae |
| SHA512 | 7d511b0eaca95ecb572a81003e92bb51d373da51443d614ace56769b818a389df2bf92236ab8e296564e5e79a8d440847b2c089adb98492633a97ea03e6e022f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 718f297d15de2e195939e2f2c98c3167 |
| SHA1 | 5d1b5ba750d56381e0d601b6a8384a0821cc67d6 |
| SHA256 | 109055bb7b474dab777a5ba164e2c6315293fbb91be496ee4fc89d23dc2784e6 |
| SHA512 | d01ff160103c40ca4800e39fb690018b945de158288ee536d2fa4c4f3c40127a38e68f3120dc9b0b048d9b2df45b2eb68284d9bf5e24626f443cef05d36da5e6 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_213017235\manifest.json
| MD5 | ba25fcf816a017558d3434583e9746b8 |
| SHA1 | be05c87f7adf6b21273a4e94b3592618b6a4a624 |
| SHA256 | 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11 |
| SHA512 | 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
| MD5 | b6f7a6b03164d4bf8e3531a5cf721d30 |
| SHA1 | a2134120d4712c7c629cdceef9de6d6e48ca13fa |
| SHA256 | 3d6f3f8f1456d7ce78dd9dfa8187318b38e731a658e513f561ee178766e74d39 |
| SHA512 | 4b473f45a5d45d420483ea1d9e93047794884f26781bbfe5370a554d260e80ad462e7eeb74d16025774935c3a80cbb2fd1293941ee3d7b64045b791b365f2b63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1106fd7363255487aff34d67f1f29f13 |
| SHA1 | d370ebbe1086e5c9e9d8963bb2b772f26e06a945 |
| SHA256 | fe0161ec4b50411fc3ceb15426e1e64a353cb8d58f92365c8fa5d905d89d2e6e |
| SHA512 | 2633bfa4883bfcf8f212fcc3fbe5c1a17368e1d6ab7281fec0560c8a614d9cdc4e7a08674c768fcd12ebab86937d43e16cb322687b3019ea79dba710bc418271 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | ef13bdc58e9093653485cfd72d3bb702 |
| SHA1 | 840086effade6f7b81920a6e5a3d8a4f0be55e92 |
| SHA256 | 0ade35af02b7462cb45002a9ea4f1b91f4a924dd49e0b02382eed544b4a81ac8 |
| SHA512 | 910d1cf47a793ac2e1f3b3daf7d4fefbd12abb281e3244d6618d374166227f19e23e9485c23432064223b8505e84ac1a23703c537fe232c574efb573e5039ee4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 54d791fd74e979313aa79ca426bd491c |
| SHA1 | 3bcd0bfc9f292bef716fe5ccf1c97c2c9715a1a5 |
| SHA256 | 941dea886818bd60e79255d2d322ce21364712fb3a75d6565756aa6e8673742f |
| SHA512 | 37e7ee4ca5ea3358ad9a17c137b1b62031a047b746c7eb97c41f018b187a7a58ee5693a5ec66f11da58d4221a33954125d3bcb7b7768bf7df9bf6d57cba05d4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | fd0366a70a954706c3181788b3c2e198 |
| SHA1 | 4eb6cc4f019b6e34081f22c41393f0344e79e026 |
| SHA256 | 8c86d1a0d17a8554c56d302ef88a6be9065325567756ae7b8144ab49b392906a |
| SHA512 | 5c720d6c3cf653142e43758d90dc2aa02711a67c6156c59e330d917fc14d8bda36faa055c6f5a63aed5cd5bad607400e142979ce3c9eb16da576c9479b9beb2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 9474d3e1ab7eedda1467877e8ea84f62 |
| SHA1 | acb6d2e47ccbf3fc744b5de12d01cc943879327c |
| SHA256 | 4f98bc323ad9f184829ca5815d7da65da0ba63f891a04f3e129d80bf3f64dc97 |
| SHA512 | 81d4a48d78dbb87ea42f2a06f9f24e52cffa153c75317b7625e28cd09569fc43aef40690818be894c10634509a0c59820a9e5e6d7f9783b85636a24cd1b61986 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 0b84c4b1274a5087261838deefd889fb |
| SHA1 | d367a2f33fc0a63b57d4a1fff11c4e48f1676399 |
| SHA256 | 781f1af18f8ad1f9c7bd6858eefe222e12143d66a90016fdd06ab48b90d67ffb |
| SHA512 | 8003fc43de2f2ad2ec292dcf1caa844591c406cbb5e2b00c8c939d626c21d1903cc2260830d8e52d9d6ff7ad10ac20e895c6a91bea6e6d5828d5046cdaab6f9b |
memory/3428-4974-0x00007FF900540000-0x00007FF900A1A000-memory.dmp
C:\Users\Admin\AppData\Roaming\Zoom\data\PSWallpaper\{D15EF600-42DA-4D00-A97D-6E39DE8F6C93}.zmdownload
| MD5 | 582f61b1524fb8a8214a06c6af591044 |
| SHA1 | 4269a1cd3dd1ba5ebfb14ecf16c0a05d1a6c3170 |
| SHA256 | 9d05a5e2aaa644b91a2ebf28abc02a5667e2d7ceaeca4ae8c0a5e8bc8cd48796 |
| SHA512 | 6eeefca9e5ca5c9f0efc28a763b1e699ed7b0cfc038b6f0afa791f86ac944d2450c8dc68d62d1c22291e966ad029791cf6d6acc3e07e40d322cf9246e555a9b8 |
memory/3428-4984-0x00007FF8FB520000-0x00007FF8FBF74000-memory.dmp
memory/3428-4985-0x00007FF8FBF80000-0x00007FF8FC8C6000-memory.dmp
C:\Users\Admin\AppData\Roaming\Zoom\data\avatar_1f55fa71fa046486f0145d3e9db00ba1_2
| MD5 | 39af0b69b760d842532e2f21826c3455 |
| SHA1 | bae95c40686b9199e188cf5a57a5967d69ffa12a |
| SHA256 | 31ae5a36d0cea4cac9a13175f1b866a3c10fd1e010d6becbf0ce710f7b86e391 |
| SHA512 | 765b5026b6de8476b696f67e899125e20843997570db934001a26d4cfdb5134f20dd281537f9e2f963bfdbce0ae8199d231a62533572bb29f87731f835d5883d |
C:\Users\Admin\AppData\Roaming\Zoom\data\[email protected]\7b20f20016e11824817c161d39072d1a47ab91df6b7334aa2b64ba824da0c156_small
| MD5 | 93b5b09442601a44b589820c037f5bab |
| SHA1 | 8f66b5658ae46a7c5834439641362177dc019814 |
| SHA256 | cd8d974320412c5f7d3a1ece8f41d91de86f1c49a6b293e4f656a12f07cc7587 |
| SHA512 | ace48e48ce37d2e55978c69c559e10caae441de32dec6a9f20335eb2f4214639299987fd1744d040ffb031eafc179db11f7eb6b7336ae2b2350aa71c21d706ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0b158485c285889a0fc4942526dd4661 |
| SHA1 | e660c9346d9542d3f271b7a518393633521864ac |
| SHA256 | e87a7b75ef286cebbebae6d51e42837f9f1531356dd828e83e2ddef07742d400 |
| SHA512 | ae4970245977537f1a056a57c257eb6561153c5779d92675fd4e819574752e6d2c1183f824af0d94015680f7cd89c15ccf486fd89475f22518f6af0cc193f3fc |
C:\Users\Admin\AppData\Roaming\Zoom\data\VirtualBkgnd_Default\{F005A9B5-D257-49D2-8068-0F76163D126A}.zmdownload
| MD5 | b979107a43aebb6e8cffa0cd9b3b90cb |
| SHA1 | e37885908b13791690093838759f7efa54145261 |
| SHA256 | 3db8715cad9185a68a1b52ebb8e65798ff16f234ed8c4fff842a3afb369a94f2 |
| SHA512 | fee2c0c85d224d63ec7c3d65e32ebe47923ac835aed999a0395e7ff7ba625349840f2afad1271d6cc722f5882f5f17bda29926c6990a4ccaa8ca1049967338ef |
C:\Users\Admin\AppData\Roaming\Zoom\data\VirtualBkgnd_Default\{99C2D774-32D5-4B78-8753-05236C763966}.zmdownload
| MD5 | 6941fbe7f35b2034d31486134ad244ce |
| SHA1 | b2c776bbac94ab67a1f257bb3eb8c17262836b81 |
| SHA256 | c1b530d01410197a9a2974b8a8b068dd814320a42ef451211677448492385278 |
| SHA512 | b9fef8f56938e82de5ee52d685fc134bf0b042981eff3f02fa839a81c6957eb6b9e1cbe4a7ebfbc2cd15b78c39c35988642464517485c7f45aa4dd57f8202c27 |
memory/4876-5596-0x0000024A72350000-0x0000024A723BA000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | ff60daedf363769d94fbbdb328745009 |
| SHA1 | c1e2052aef1825961e7375b53db8f12537906bc3 |
| SHA256 | 05187f6b6a9c9875722ff79601ef4ef0d8432012f21252f0d10ef2834535aa6e |
| SHA512 | 6111170189070244ef919d85727ae7495016a44879b4fbde2a0480e212181ca753a1e4698ac271d5e75df4ba634f6a877ab58b3977af40790a48ae8c0dd8bcbe |
C:\Users\Admin\AppData\Roaming\Zoom\data\VirtualBkgnd_Default\{A8280EF0-B554-4B64-9D5D-77973E5C2010}.zmdownload
| MD5 | 85723a871c857103aa69d108d14ac334 |
| SHA1 | f69133638d29e798418c7a9f8be2ffd6c696dbbe |
| SHA256 | 63947ecbc37e49f1646db09f01b223b95c0d9c3a1a83ee87004a4012630aa27f |
| SHA512 | af0e8507f42ff0a5624f21ec26ad0acf697e00ec1aacb8b79153bac93e92a596d60b5ccba33cb8a4aba8c5499c7ea77d78026a975e2533f186ab56ced2ee2733 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f1f2-1f1eb.svg
| MD5 | f8d3c0bef471e7640b5849b87ba7d56f |
| SHA1 | eacf345d95892bae61555e6c5bc81bcea26028ac |
| SHA256 | 5b27690c0d0ff60589cd44639e0ccadc35c8c0a77353034b5090d46bab89f23a |
| SHA512 | 472ccfa74c68d29ddd92bad21212468cd916d4655c2cc45d9738453f5fe3b3a160d5c0a6662c85e1b5ec7f63ed8fa73806cd62c3a996e8d9b9ba4490e58c3237 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f1f2-1f1eb.png
| MD5 | e24a5922490ea09bced2c44613107ed6 |
| SHA1 | 33b14dd8c226a1826161801a71d537042ce1e402 |
| SHA256 | 9e74533f8c5afa2bbdc06a3972b41bc0181c4c503674156d96f940c2388de7c9 |
| SHA512 | 33430271daed2578fec0a6774a98457a709de2a599b5aeb35110cb73a57753ef4ee8a2683fdd4128b4d58599fb5616b592ff6ca3c4e72976e72182d29e4cad12 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f1f8-1f1ef.svg
| MD5 | f7fe36fc9582b6f1aec06c3c73db814a |
| SHA1 | a6e0588f908d6c90dc3e1139e84f10e82614378e |
| SHA256 | 60b79284599504b50170ba506dc0198a4b058711058050ecdb1c0c2c617e463e |
| SHA512 | 759bd57e7aec253f22e45bbb78ace2666b256e1b0593231ee5a124ab1bfadac1e29fc080e0f83c28c3dc3b449ef2a432c7ab3ae2e567f3763497c1a3f0372475 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f1f8-1f1ef.png
| MD5 | 7c500d8f8a6b86b737ffaffce72d0e75 |
| SHA1 | dec92c55ac76eeb3a156c937bcaadce2908b73a2 |
| SHA256 | eea25ccd8b456a7d28f8736e7eb48bec9cf58a6168233ad0ed2949be10ae52a5 |
| SHA512 | 94c1950ded281097f35f8d8b164f8f4712eb9b51056680bf3e09a7df804e73b6914e6c7ec16dc320d3354bd5400b3c01ba87b5b362fc83573e0346c35f8350f7 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f3c2-1f3fd.svg
| MD5 | 78a1987b430e7ed93a0b5e24d775bfbf |
| SHA1 | 25713b0457877a92d59a0163c3b49b26a31e8aa3 |
| SHA256 | 48d68ebb5e24b6a03f8d3de6f219178c78ea5c7075bb00f7cb2909623d38a735 |
| SHA512 | cbd0eece4f6522288f3670c203f5112dde50aae0fce683867a47e8c3d3544c9408b206f84bb123a71a28e15ea3bc936551943baf3742f311eeb3f4887ca4e6d1 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f3c2-1f3fd.png
| MD5 | 1f7c872d3697d3839067abba356349c6 |
| SHA1 | 0a3710417cc88078bc2f6b943a662127cf8e4d08 |
| SHA256 | 644c6ef33b0f10df4480b63d0516c3adc2f6facd92e474a92b36e3545b48e9cd |
| SHA512 | 0d5c2800b68b177c271bae96c6e290cda0b1095fa76e397c8983b2e5caf2598c238849fddcbf04cdd17dc92cbfd998ab0e1a5ee6d08c4cf321f27e404f3c72b0 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f3c7-1f3fd.svg
| MD5 | 2f2d75ad4844b043de6a9466b2243049 |
| SHA1 | 7d3c79667a3bbf8a1dc6716bebc54a4d1ad8e584 |
| SHA256 | f2a20336a2ff3706b8ad123e0c2d053d4c6cc77a8c9879d9ead1cc1aadc563b6 |
| SHA512 | 1397d5750a7845df9a3e0bc385d518db16beec705684a5905dfcb282ed6a7515ff8dcfc278bb13553f469fa7ad2428aad572974fbfbedf06e2011ce8132d4601 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Custom3DAvatarElement\thumb_unzip\thumb\2001_13_thumb.png
| MD5 | 6411b9d0870c360f76f66955127f7dd7 |
| SHA1 | 94b44cee1aa1b7e260b685791ca72c434cc62093 |
| SHA256 | 0c0b943d742975682c1502b2f11e69cebb6f10ff0a1f48e9f87211aeb27b75a3 |
| SHA512 | 709acb7c4b59c5b6e1ec7b7b5421cd8324abf6b1716de706eb4788401b4dcbc441268cc6d30df6a26cf93135525c2227e4bddaea28cd223d332c58e15e302f87 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Custom3DAvatarElement\{277C0988-71B2-410B-838C-53F0B5763089}
| MD5 | 25f795d6819bb9ee749a84a9cd77a59c |
| SHA1 | 2f88367b9aa5a7649e7bc5632cd9f4c765650a70 |
| SHA256 | 788d746f24c902b9d4b7446b5dbc8e79c4d8445b2ab715b8ded7bdafb8070ec5 |
| SHA512 | 4b51c6aeadaed3d09832d4a29f417cd3b21c946d9388519178392e5f5ae9c5e93fc06a562f05f62821eee7085e10edcf2b8408085832f84bb0e0582790d94ea4 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fd-1f692.svg
| MD5 | 6ab9ba64e70c4531b2bf14a0f4a9b9ee |
| SHA1 | b03115c46dfdda9e3e3e2df99e010e0445e114f0 |
| SHA256 | b83e0855f895f68b6526d6a5d4625dd58541c7ce45362fef749c076342c8ee23 |
| SHA512 | fb6bb47fdcb13f493b73cb228179af72ad414231532e7c53206710d10a66bb417500acadf6211cbebf604df04bb88877c8808b2c06730db63ad01e2107784c4d |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fd-1f680.svg
| MD5 | 7e3467e8140070dbb54f3c730f8c3b5e |
| SHA1 | 1d1cb357a9fc85335504cdc1c2629a18fa6113e2 |
| SHA256 | d6a92323fa70b50cb0c0afd30fa9fe5ad6c6a6d698b0dc4350bcbc5ab2c7c031 |
| SHA512 | 29c2a1f28821d97391293f01453f5d96e4c2fd41748b01aaabe56f18a1434aa20aa40ead38d39ad1c09ff7c6d708fad9f773b8f43f3c11b7ba5dec050dbda80b |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fd-1f52c.svg
| MD5 | a60e9a7b24ce9ab6d0c0957d7d6a65d9 |
| SHA1 | 9b871da8744c9a798ea4253c51c94a18a77d8aa3 |
| SHA256 | f0ed131631098d4105d7876796827037da16b711688b6fe488451e8dd4013d20 |
| SHA512 | 8ae4d41e5073fdb0fd4104706225b7e734de9d354cf21ee51fb47618bc4215c5ddf0d51c28d5a8279e8c83fd3276cac9ffba6e14950b245e153cad287d256e0b |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fd-1f9bd.svg
| MD5 | fc7781dbb545d1ed0e0cf7e0fea1e792 |
| SHA1 | 6659d41a8053f815157715a71e5ee866272c3e4f |
| SHA256 | 7c3b276d2abca816fd4e1b9b8d95fc34996fda262a75622ba0d8ff6f7de0e0f9 |
| SHA512 | 3d96d7596d3b856a0069eb47254bd6ee8bbf8689052cb74290a79b622b69988fd4471ac7cd29a335172697be95cdb67114268ca0240a00661c1de300793df107 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fd-1f91d-1f468-1f3ff.svg
| MD5 | 735c34515def34f27a7154fed455ea2e |
| SHA1 | 7b01c41ad4f90adcb16aa88f5a14d78b8c1f83e3 |
| SHA256 | 59fae5454e5926bbce5b7c4124021a57b3a02872e2f701bbea9120195fd92e83 |
| SHA512 | a5c4986f9d13c3eca29f1bc336767c7f71d675d08170e20871652290d69740810de0200a5fb1b2b2df448eb3e33b88b5e4be033b23de814c80208d1d0cf3fc1a |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fe-1f91d-1f468-1f3fc.svg
| MD5 | 9b40204af1b6a28bb88fc7ffd2ea57f7 |
| SHA1 | 824ee4ba5ef1bd86373f3cf52d5d6bc89ffe6ba1 |
| SHA256 | c144c5d554397a26731f32a9e549cdf334fbc41de2596e084bc65f849beaa4e0 |
| SHA512 | ca5f8ac7bbaa90680cc1522a3fd4f0ef633cb020c5cdc212f5128a2ca09f2bff43d32c36c1fc6452aac81d0363f2d51180a16488b7b094662d7e757524e5e292 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3fe-1f91d-1f468-1f3fb.svg
| MD5 | 73b97ad95a8461f3f26fd08e18696aa4 |
| SHA1 | a2e4a2f24028cf64e44603a4812d498550d3781a |
| SHA256 | d3b32453dd78d825ff4b5d87a120513a7b9bc5c81c4a35d5179aa3c06fe26b5b |
| SHA512 | c539292ac33bed2769090aba2139f6cc809c1be752dc63590f4061698faf23a13928eda3aa1885e21897e9e5042ba09dba51d29d43884495c44af0eab56ff47f |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3ff-1f91d-1f468-1f3fe.svg
| MD5 | ef29f154a48c86d08cbdbab7572b3880 |
| SHA1 | 979867f22c49ff27a7aa104b3d96fe4f2dcb1a06 |
| SHA256 | a95e0f316041c2dd52c554ab832b0f1103c720fb19512ec28e8a8347626137eb |
| SHA512 | 5d4b51221019317b30657474b684723fb4562b8b63fa886f4b88bae07fe97e7b8391c54658badb019ac7c630eee606988cfdae6d100d5a5cb20ac47eac0f1d20 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f468-1f3ff-1f91d-1f468-1f3fd.svg
| MD5 | 0efa0e226b7360feca7568589b016d91 |
| SHA1 | 674b86f0672f480ed7475d13589502a0baf2ecd0 |
| SHA256 | 4b8f977152adb5b7d55df1942ee6c7964413e51dd6a3d66ad25b6e661f05d02e |
| SHA512 | 148aec3dc5c273aa7dbd92f1310024621d39bcd39f72020f300bfd857f6652e292ab12219af2201ef23d0f025633944014b79666ff8f72a505e003dd6c05f741 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fb-2764-1f469-1f3fd.svg
| MD5 | d606bb69825d52fa232142bbdb7f985b |
| SHA1 | 1ded24b62be062b9f1c8a5cfa9c848d32339d7cf |
| SHA256 | 8668216cc468d471d6e8b094bf1e9cac324d16adc16813529f7fc3b94b84fab7 |
| SHA512 | 487428414fc0e809660aefdb351da080884fe5061dfb26c692716daabb56e9dd4274ec4ac239094ff847d0393334aad93769eaaa39b66435376b2178667b5bd8 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fc-2764-1f469-1f3fd.svg
| MD5 | 11c10dff05c7f85872f5271ec9736b83 |
| SHA1 | ab621f1e66514bb91674b94b643d0ba020428178 |
| SHA256 | 5f65cf830f17a777ef12a3389030b8b9681165e46e9e3b78917427297839fad5 |
| SHA512 | 9bba1235cc734c40cb34f3014b28b9b2ebd38e6000d4d624b4220d5358b12f69028217de7db06eeb320a33abcea09bdf9a63bff228c603b2f24df0fa54b9bafa |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fd-1f680.svg
| MD5 | 8ee07bcac94dcf71e0279de998389346 |
| SHA1 | 817c77b801ca926485663bf7ae600ba162a9eb4d |
| SHA256 | a978d221a399f35ce822a17831140bd52f99b4927b9f10937f4326454a5dd931 |
| SHA512 | 685908420f4e154a10baac33d1515f8baa6d4fdb22d815369e9fcd30b892a961db0fa21c3eb0e138ace0ca61b519f1771c8aca323b565a2668a988f84cb0003d |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fd-2764-1f469-1f3fd.svg
| MD5 | 2272ac79c299d048406d97dff71d8d36 |
| SHA1 | 5d49db7362686cd9d04fa8a86b19674832121302 |
| SHA256 | 9527f0b04ccf0c6633b1644e6d0c0fe24d730f58cbff1d4f8f51e71611341454 |
| SHA512 | 03ab7e85946062d3a7e6f36fc80836f67a13acfc691fe31e801adf5ef903b296e78456bf03df18861be1254f2265ee283509920748e520d587e142226e19e4f0 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f468-1f3fd.svg
| MD5 | 6c51ff1981a4ace8c74a90c23b04dbb9 |
| SHA1 | 7a363f1e8d3e2bd18ebf13aa39e2474569b38a80 |
| SHA256 | 1f4ce13a13158a72aeae70a39582f45370b3c1386ebe69af95a9e1ed3aff9db7 |
| SHA512 | 86f7ecb883a4d23f7592b44f26a1d584ab6635c5d6dac16de166cad1d20f3d5c7837bcd9c573d57f2fec64f4bf130b3a2ff51cc5e1942faa55fc5318ad693afb |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f468-1f3ff.svg
| MD5 | 1d6feb3d1dab84ff411803ddc017d242 |
| SHA1 | 9e0dd2de762aaa367a809ce0561d1f7f6dd8f56f |
| SHA256 | ed280f6d103dbc28bfac0b0cab9ebe4e942fed35afeb2da72760aaf49e3dc5d0 |
| SHA512 | 5a2c45bde99b07393702270e6329bba5958c9199895c6c6d6039941058e1f05fb494bd49f3d318282d7b1116364c2a1dc103a5d69b1949ea06c5478dc59e4159 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3fc.svg
| MD5 | a3f59b88beb651c150e7de7768709d9f |
| SHA1 | 2d0cff322641da70d78183a82422fac199a67797 |
| SHA256 | 890bfb6808ebbe175580456aecb93e32c9420802b2f5621cdd17fc48acf6c343 |
| SHA512 | c447f6b989f4288c2542d76357daeae726cd218af17487482bccc24f532a4f8378d85881fd429165728d7f352bb4042d31090e5b2f93d5174c23cea6e0dc41a1 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3ff.svg
| MD5 | 6afb2712780f4552488392ac6ca95d1b |
| SHA1 | 67923ba2ceb5f4621c34e2f460bfa95daf1f6109 |
| SHA256 | cd59ba9c3aaf161a12fa5e863a638f4afe59df3def11eebb7838c1339de3e7b3 |
| SHA512 | 60f40df51776dacfffea813c4e64797944e49f3f1a46caec3ce39bf07b222d3feb1fd903901b86be130c54fedf028f876eb17d7990acc1a4967a86de0d0f5930 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fe.svg
| MD5 | d2fdf8b5cb9c5971ac4065cb15654ff9 |
| SHA1 | 755f6d74cd650f3b5e7f5c409780fd251d9f16e7 |
| SHA256 | ff727128f23fdb8307a4752a3176068902efdf4842f06dc5ea1f7991da0ff0b1 |
| SHA512 | 4c0c2a5491b8836ee872afda22034ab0a116fdef5d410057288c0f1c9513b1ad094cb3f81d180e9e6534dc8785eb55cb1b9cf4e957a223151fbeb87f6f5a5554 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fd.svg
| MD5 | 6110897ee9a8172c6759a335a7c731cb |
| SHA1 | 664d134854e2559a575436db21bf2d43b916f686 |
| SHA256 | 2b1d3918282eb77ebfdbc7253a0c71cdbdbe2a3cfdd4b4f3da42ca10b6d2f30c |
| SHA512 | 1304265e21e5eac4aad87c83cda67dac345b8bd0d1146c240b686a3524b6e0ae1c35ba360ed318d38f9af474f9e087471b2be38afb5cf9349e847362d3770ac6 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3fe.svg
| MD5 | 404086eba8b7cc4b8b5b44ec9df3e07b |
| SHA1 | 481668caf334af1c4a470cb286047d9d062c3eaf |
| SHA256 | 1cfa0c95515f597fe85227dbfc88694acc32bbb14f95149afd8f4f164e6deae6 |
| SHA512 | 09620638e04eadd7271584acce100b833df9bad0f6cd0cdff256516a314e79ee96f1c4738a98a3b418b391eac70c0337e9b3d471183a2a4c9f2802d25aa3f8bb |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3fd.svg
| MD5 | 522586e57b24029cf40f2510c81f2189 |
| SHA1 | f379229ed47ce65912c915171bfd0ddcd4ba1b86 |
| SHA256 | c4609758c8ceffd10011777b56634e63899ebfd6fb67030d57520ef46c2b057c |
| SHA512 | dc359b1ff7e28b491766782edfca51c8e7282d328788ba3c437a88881996dfa7ef084a08c958b4d2f38745ac4f334e850645ff7e42d0c131a4c75a1ebc8ea639 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fc.svg
| MD5 | 5cbade4f5bb1bc7ef2e86602870b7416 |
| SHA1 | 13747f011855f3b13233afabaafe95e3d98b0a15 |
| SHA256 | 80db7ba93c507ad2706a2abc88cea4aa6d3cc2b95a3c28084c66761a36923ff5 |
| SHA512 | d944ef268a0ec5886979193694ab39ae90c6891809960e594d8ec65ba949247d0e9d211464d2e5eba37124531fcae8438352813675b04934da33a4ef4884f85f |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f468-1f3fb.svg
| MD5 | 568f422c37971b93d0ddc7bae6700654 |
| SHA1 | a7817d0cbab87c58052b69e4f98916efa0ef76c5 |
| SHA256 | ef9fe06c736ba437ad56e3ee0237192fc49aa33df6b740c1e73f0a385d8deace |
| SHA512 | 436b3179dace2232471f18a740e205bf4eefa16d51e17bb38e61e890573c2fbaed39ac79762e5c1960c9a6e21a5d632d79351a4cf79bef87a89edb98d85b4659 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f469-1f3fd.svg
| MD5 | a7da7cef7a6fd12281b1e4449432d0d6 |
| SHA1 | 4830693cc4a35d84e0372c81b99cf2cf3c84bbda |
| SHA256 | 1a9b5d7e925726c1efea278064a3680e7db975e02ae94571ef49244f9965ea40 |
| SHA512 | a4c67899f65ab7241351606747d453c61811e70861cd91fedd9b8dfc1232ba4395dc61f8ce59b4800b7d4596a017af6a8f4a845f7247023e3135a4f37e78b781 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f48b-1f469-1f3ff.svg
| MD5 | 50f60f979f5b8918df58d0501b4d7487 |
| SHA1 | 42a84fec6a296f3b413b7a744ed3e6992f7fa2e3 |
| SHA256 | b23f3ccb4901679eecd5bf5e9ea5e029b0321a514bba5551aa1afc483f5cf00c |
| SHA512 | f1733430b43924ea1e5ae5646d79c5bd79eb3602f10e45a44168024e65d6c5f7b28eb195799a8f26a8d495025bc73e3cf277109165e3800577cf8c72a8f6ec74 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3fe-2764-1f468-1f3fb.svg
| MD5 | 20a407b1a3f9f733c2481bc07a720e02 |
| SHA1 | 776f21c31de2320e76d92512320e179ca2ead555 |
| SHA256 | db667fcf69cfd628d5c2132b84e1baf54df55296bf074903f94c41dcc3b669e5 |
| SHA512 | 01dea1eeb77e91a80a59ba68d1c260ad4f324121fd6207626b0fcb25b4027082a64e83fd0890bdec25e4256efc29357439f47d8383389216c0360eb181634597 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3ff-2764-1f469-1f3fd.svg
| MD5 | 8f868a263f6b4a796f00e95f9d15fbd7 |
| SHA1 | 7d083471defacb2bbdf156f251f75755bb188de7 |
| SHA256 | df1592e5d8be506a05c38df852ce0fd3b09208939920e0ddbb7d5d108f33b30e |
| SHA512 | c3dc960ae8210ca9d9694d0332d8520397030f685d45e745dc3598b9473f557e0d1c96ed7a9e7e9ec7ab1def29c9128e65277c7d830bfac03b9a79449b2b0a6c |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f469-1f3ff-2764-1f468-1f3fe.svg
| MD5 | 0f4f1eef680448dc3265335226c70da2 |
| SHA1 | 5c71dded562a410791f65ce456610a7145f0d038 |
| SHA256 | 7c881e18ff73044a0e05d838cb14331c591e874aef47a50828d6d392a0db5f31 |
| SHA512 | 10e2303e0c11cfb5e44002666b9a5bb85edadff592a479792a6c580defbdc56bf6fba4283f21d6e0af1059693f8679f3d2966a2b40b56f6ab0fc52c073b3e1c2 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f47c-1f3fd.svg
| MD5 | 31907a7b5abbf66956cce5ad22f4af36 |
| SHA1 | 51d28c4fb0becb6ad4ce8339974f569c9f129d3b |
| SHA256 | 756a3b424199212f63753a1f2672245a7241c9877a9d65dd263c596c9e9e52e4 |
| SHA512 | 6c676ee42bd2cd0cd4f7f0703d1fa16ea937ea6efa595456836f43650bba4dfca52bd85c5d7d48db65efd67cf00fc1c4cbd0928739a8a0d49c3f9fc66bceee7d |
memory/3696-12488-0x000001EFFEE60000-0x000001EFFEECA000-memory.dmp
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f482-1f3fc-2640.svg
| MD5 | aa8b34acf3940fb01ad81a331966d9d1 |
| SHA1 | 09f4e91e539fccd1a161337a0e2c1aea35e9d33e |
| SHA256 | b382cec8be2da96902d0b13040614767f5068e669a42ebf9b633d210c7c75f52 |
| SHA512 | 17c80f0b1728d7b990988d25ca960cd40adea3be218f8317d7b956501beda4be2014063d6362ff5f2f332d519dbe1b951f6c3eb8e5edaa04375153316e8732a3 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f482-1f3fd.svg
| MD5 | 38fb06613dec33a6351b424cdcf9e798 |
| SHA1 | 84258f41e485bbf36fa16a0f7691aa345c30543f |
| SHA256 | bae702a8a27664f5d7378b7bda228564e8eb87979756800fd8233c7fff7f774a |
| SHA512 | d688ad6e7c87ddf4a5bdec4c21c5be06110c918b6c1a45c88f8781a024ccffb8f17a3ad32224a841879362bd3813d7485fe809e5fe427722b1df93daa6599f7a |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f934-1f3fd.svg
| MD5 | 2c3304dbf27e8b6205b1b315982cad8f |
| SHA1 | a61bb150f6ac5f91ee6003a7f09bbd9c4dd719a2 |
| SHA256 | 1687f8f975770db3bcd7ff60181a0d9350592dea6d247fac0ca050488bb416a8 |
| SHA512 | ad58a0af50afb3833782702a794a23b9257ea71433d7abd79baba186def45a529780614074545c5088c48f3f8a5f9d214df05f07e05224014acfb31487bb6a5e |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9d1-1f3fc-1f3ed.svg
| MD5 | cda158ec90486e293a00101388fb056e |
| SHA1 | 0896e006d0a755dee3491dc3411fa97d574ad940 |
| SHA256 | 7859e07bb93735b5532862e95b1f4928bc1e7ef186ecf6d8ff7fe354e93cb103 |
| SHA512 | 411b7c52371031271e4bb2f42a6b49233acd8706cab3240a34fe2cc126d4379deae34697f89adca1df4c8752dc85351292f41af1120f854cebe1264978b78dac |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9d1-1f3fd-1f52c.svg
| MD5 | 1ee874650b8f60d065c04c24dda98b36 |
| SHA1 | a9f7e11278178260b22459d9592dcc74e0dd0f68 |
| SHA256 | c208c8c9c35327edcc490a569b768660ad8d363e1a6df57f9ec2d23cf7b3cfa5 |
| SHA512 | 1404ee708959f84f435ec6b933bd8bb8e5f8112759aa5c5e3e36f24947bc29c54130a59b365fc6ba029af3df2af28c94beeaac66aa22cb400e5601ec1827edd9 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9d1-1f3fd-1f91d-1f9d1-1f3ff.svg
| MD5 | c4fc238c34048e2343d2f1d333f442a7 |
| SHA1 | d28a3374456d986883a13db2cd6cadf837ad9721 |
| SHA256 | 27a51afdfb403eb26dceb8e93a6cb81f4b27b10feea67b80deee3b7615ea054f |
| SHA512 | 429bae9b278b36fc645839a2edbd8b2cc9ae88ef1403825f8a539b997bc5828b447980ceef5552e4e98f8b12fb3641ec6796b70a7977201e426b57cd6683623e |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9d1-1f3fe-1f91d-1f9d1-1f3fd.svg
| MD5 | e62b4de2a7185945388326c56cb2b684 |
| SHA1 | f1af67ed15c5409bd21550a641f8ee505e02cadd |
| SHA256 | 5f864eb3b33162d211cf6f22c4fa31be34a09bd655a23db510a968b3bf6cbb59 |
| SHA512 | 7ebc4d82fe969be4b4440157f125d130adaf95cfecdf4aa808fa71b0ffc43f3570ffc2ae5b453a4e4211128de80ff08ca5cdc6dfa810ccca2eb9365d6b4559e8 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9d1-1f3fe-1f91d-1f9d1-1f3fb.svg
| MD5 | 0be420408cb2e02a9b44994f5531bd54 |
| SHA1 | a06b83bfdc3a7148032a74ce0ec1dfae35e04192 |
| SHA256 | 4c3213d121cd3088cf8011f35febf1da55b0fd12463526c123467c9f66ea0128 |
| SHA512 | 1e584942195bf05e145d1dd418680bd08d669573edb8c4c2e11a57739e0c8167efcad307e6ed7f937affc082399d54d43b25f3ab26f3feeecec7680d0e6e3700 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9da-1f3fd.svg
| MD5 | b1a6c8f815b476d05e0b208319d946d5 |
| SHA1 | fd604b0eb467422a2c2033112358a8d6da60a7b2 |
| SHA256 | bdb723ab23ac185b0fb42c9979cb72b93d6c3167ed666c4f39d32228492ead23 |
| SHA512 | fbe911dcf98380240b6d52b55b5cddcf714b4df978d94c87dc6c28159ae477a282a5b07b63f9b246e4b1000e79fe5a116684792ba1c9f50fee3eb5065ed186d9 |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9dc-1f3fd.svg
| MD5 | ae020a92111b11fb3de388bc4b244b1f |
| SHA1 | 8eeb8aa46c23464932e9f952751391a20a1037e7 |
| SHA256 | ac9ef9a5952889dcb438f0eac84fae7c0c8ebf3acceb7b85eb602e14e4e77a60 |
| SHA512 | d5d522e808f6b74ef82918103a2a05d6896f9a550c4a7d89f452f65c647e99fe4a6c5faa46ef7a6bf6951cf5d391c2db0ebca2b14bc9d151cf8a2bc88a13e28f |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9dc-1f3fd-2642.svg
| MD5 | 1766a43198f64bd18de2e07c2a5e3293 |
| SHA1 | 80f361eaa5d358e62a682955ef01e276b0547ac5 |
| SHA256 | 5d9d857ae1f8f5bf207fc53ae02aced36d3956e4935920ccceb86cc7fdee1dfd |
| SHA512 | 50fbc7333b587c2ddb8b72fcec371d77651d9a52c961592e22387d7e6fbf93ad9eac7debb87f4f8be55259e2687db7a5d840e2774de96a3baf7b9b6808032e5a |
C:\Users\Admin\AppData\Roaming\Zoom\data\Emojis\1f9dc-1f3fd-2640.svg
| MD5 | 38be49d9c762eebbecb9159b93493180 |
| SHA1 | f0034f4ecea3228d316dcd5b2c1aa288529901ff |
| SHA256 | bdfb39589b195ad4e36414bfb8ad249558c55dce74533e9ad8ba87e63371d75c |
| SHA512 | 56da800b3e1e4e321528ae37ff5402c4ac89966e25b9fd5452253bda8e21c3913d989869b824c339ee6df54e348685f65ab692e96b2bf72e0b986eb8844c9c9d |
C:\Users\Admin\AppData\Roaming\Zoom\data\emojione_low_20240219.zip
| MD5 | 8c594752ac59f8734c47a2a1e8578f66 |
| SHA1 | d2954455da494c95237fefd7adcc0db9e858e2cb |
| SHA256 | 432c05650eb40852045acfe901197beb28362cb6dbe637d124dee13cce1c3885 |
| SHA512 | 48074ee91771eec97470ba844586d43ce20f53191961c8553eb4930f5b8054e691e435ed752f47215484ac87c36640d9c32856ea03c2774d4e22e0726db43373 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ec737d8655dff8c52e44cb247da53113 |
| SHA1 | 56345861b1ceb9d35ff4e8d03fd09f11cf17b94a |
| SHA256 | c7ad0b2face603e3bf8bb09d91b81c5dc0187d5694e4c93c37bb92385de51ae7 |
| SHA512 | 6a0ae9b14af6fe8249c44959f93c7a1dace83f2eb9a33dd8a65dca4b6bb96f3f8b45c8d88dca1809e32da1b9208ca99bf7defc03d9eb133efcd782b803f85c0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3023\typosquatting_list.pb
| MD5 | 17c10dbe88d84b9309e6d151923ce116 |
| SHA1 | 9ad2553c061ddcc07e6f66ce4f9e30290c056bdf |
| SHA256 | 3ad368c74c9bb5da4d4750866f16d361b0675a6b6dc4e06e2edd72488663450e |
| SHA512 | ad8ed3797941c9cad21ae2af03b77ce06a23931d9c059fe880935e2b07c08f85fc628e39873fb352c07714b4e44328799b264f4adb3513975add4e6b67e4a63c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SafetyTips\3023\safety_tips.pb
| MD5 | 9a8fa91522d8e4bfdb1615b02f62a9ea |
| SHA1 | f576e094b119cf309d4b823a702c4547270dd38a |
| SHA256 | e62d26b7e7cf2224bcb9c9ea1ff221d85a5243d99510c1cf314502a4c012c497 |
| SHA512 | 45477d2561aa91f1b85f09a0e81787b209aa3aa65c5646acbe73a666fbf2f419f2c0eeb9a16ba003977137faf1e205760538b57a3ff37ecbbde18d8c3e997c56 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_654775141\manifest.json
| MD5 | b2ea3109c37557d09709eb218f45ae4c |
| SHA1 | f954ec0745ab9f1cbb9bdb31ad3bc9e4583b5a4c |
| SHA256 | 708b857e6aea522fb31abd93858e2104ffb225e76b942576063123bff675e5f5 |
| SHA512 | 9280a15618c82af926c8c4725fbac20cdd8d7f187e4446c13b747ce94977689fff0db7b7b219e89556d7ef7c60cc9de3e48e7a8462fdf35771e912e4a7d14f22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ae9e27ed102cb64333b8b134d2e1a9ab |
| SHA1 | 57b8d46dcc9c09442e22d251005edb1979ae975e |
| SHA256 | 5f6d89e74359e02250827a514c9668c37524efa6ef252d316909a782710be24d |
| SHA512 | 3837d9f51529309b1d4a6e6fe4fb9beb466bb463402d1bb3fee71334052ad0061d3570cafc2a76e0638e4cc4261d38a4b0c986cbce148116f7d8483ae7c4be87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | e84001989d6775cf437a1294e7a9b08e |
| SHA1 | 466db40c4b121a6538f0a5b9560d2de33b65736b |
| SHA256 | ab046c2244cbef5d158085601e78ac84891489d4736373fa3513e28ab624eefe |
| SHA512 | 96181221cbd6691cba34c2aed7de6975f70e2f142533abe24e14d7db8713473c7b8164a059d156585dee131353fb43b893a1c6ded15a48ca43286f2d7d313425 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.32\BGAUpdate.exe
| MD5 | 13eff92ece4abda4c76236b1668a9d0c |
| SHA1 | 1e908ed6cf873c77790c7ee03ce1673bf2850b92 |
| SHA256 | 7c5c9afa4f6a6ee3a854b915a3486c148d8566411e4362baf049b444bc3e4f5c |
| SHA512 | b875d9768be15ec6f33744339d0ff26e88d0b9a54b4486c5f0957035ff833828a3c509ade063cd18332ff4efc3c936aa38e314d67579d78bf9610b4c21c5a5f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Shopping\2.0.6486.0\edge_checkout_page_validator.js
| MD5 | 91083af96044fab17e1784cca5e1df91 |
| SHA1 | c2102a292fb995a4c07362478efef67a37db9c22 |
| SHA256 | 0edffc23d47c195a1f09757f0055df728c9aba5c1407e292319181427f7c4007 |
| SHA512 | 2a29ba8cc25600cb00859ee3705f6e66b286ea2589ae55764351440e6c68851815fb0d5f07a05addc0e8576b802362531574d101fb99c161ff230ee278dc8871 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping2512_1573402465\manifest.json
| MD5 | 981ad03c44b4a765c432787f0fbb4d26 |
| SHA1 | 154203bd5aca20f38bc242a12c9aba3605935544 |
| SHA256 | 235586240379bffd0bb025939952fb180175fe60219a9618977cf6e85ad73fa1 |
| SHA512 | fda919bb9aafde22b4eb7934932110849e4fd660c9f63c818ae3b3ad9cfc1dda4360ba3b5eaab5500f2203279c5e91845737a1897bbc1a6fe6c702cffb4360ba |
C:\Users\Admin\AppData\Roaming\Zoom\data\[email protected]\client.config
| MD5 | 7cdc4103951edd810c7f32c57ae27da2 |
| SHA1 | 2a642e8999fe7c3e9f082839640b71fb8cc96980 |
| SHA256 | 4bcd47cfd172f4b1635a294ef643356c894892127706c50c49febb58d914a0d1 |
| SHA512 | f4b75eb802354bf2e7dd0b7ee43216940f2e464ee535d5c7d7d2bb0f0d5be6a824dcaa799451c08769d7616df1ac2313a857ae9733833576a15defeddffad531 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6b7a48e3135526548e518cc1b5923b50 |
| SHA1 | 484be65cff8bbc7df66c1cad8b2558e69ffb26f6 |
| SHA256 | aec6fbc279461ff0ac2a510b3a29aa3b8146f0c515e49c1f119736f431129c54 |
| SHA512 | 8bbbdfceb85e851997b1fb6e01d62236284a1aa25bd8971a70c22c8379e324f96be08fb21b5f404d006e61378f3673be08464efca8de199235e61c69d0f9af64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | d16ab285e82e05b82401f4d07c91bc78 |
| SHA1 | 07ef0ce1b38ccc13853eb9e959947c874f0ee075 |
| SHA256 | ef1765616139ed80fbbd9cdf6ffbdf09af7f968bc040cb0c0490e9d1a8b70c43 |
| SHA512 | b682fc2876466b0c096bd824b4c61e4b6423e407b8309fa1528e60ab6120c3b9a1a192e4d10c1c9fcb721d7094fcb829a5ccfaa1c27592a7aaac7dd26082be55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9804818bf19508454883fbb9ab2c0e6e |
| SHA1 | 39f1cc4251f961e2287b1860ea14c7a4711243b0 |
| SHA256 | 60ac4b92791dfcad6335c21beb5e08c1f06d684594e62d8ae9cdfb64129fab10 |
| SHA512 | 3a964ed7f5156bd238855994fa9e434db10a66f1ec697725d02f634ce51f2951d23961941b7b6993874d83ef5c526923f603c8e71912677cb4bce9f13b755591 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a8c1cf6448a361e4cacaf8beaa0911e0 |
| SHA1 | f319e9f414f470a19a0bb00ca2f1d411da08ef0b |
| SHA256 | 56b2665ab9355f0e6a167ed6406643056334e08ed1b7884a0d8353a65586bfd7 |
| SHA512 | 8b80df45d09801d8f4ed9e331fb25e60e3548eeb536682f157b918142ff7ace1a8974f00d4af2e1bc94eb381ebd2366a66cf38e953b5cc65b5159e6221be5e6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.52\Ruleset Data
| MD5 | 16176aa639f8d0bf6c1a823f9d973d8c |
| SHA1 | f1f365a4705a3fcab04bc4aa8f080ed7ae2f372c |
| SHA256 | 75da3c6add63a83efb735ae0f1f4e6578607ea33187753b0f65f750a1ab0ab34 |
| SHA512 | d8711e8a2d417f1f9b81a13d04951420460d1be2dd0459916a3226f364b65cd77fc0feb4be22412df3da0a2433cd924df7d0684fab04a2c6cf3a6e9715ea9f84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | e8bd5634e7e7984d6a5a718beeaeb522 |
| SHA1 | e68039c724d06197f2212cc0faa766bc1ee1f0e1 |
| SHA256 | f1ba30c1bf5293f5d1f7ab774b57cb865f49dba4c81b41aaad1cc190cff081c9 |
| SHA512 | 18c34aedc5d402594dd17bbdc5c069c258e8ee1dbeb6ce5c0869a550c97d937864ff2c2e57b4d11cad071770515475b3c0f88f82c8b5509e319d03e4f4c3dea3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\1759a1e1-cf15-41a1-90fc-239dc25cfcef.tmp
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 862815b75098745d2d419fb15f2fce80 |
| SHA1 | d56f881c08d535a517f0bd35b8bbf8f95e65afb2 |
| SHA256 | 291a9de31f3c2be765762c9fd5f19d36e87153028324b710d9861cd2bfb90f71 |
| SHA512 | 7646a0df8677ffde62b84774f9efa68747ba1d9a8d80a72a669c53d5430c80ea51c12dd116e4e13ac47d8df0f50be7188e7aa245c913e78f00e62698e4bc1e5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | cc02f69a0d6fbacb3b66b0243d5dd1ac |
| SHA1 | 9f6550176b4c8b83c782bb75215c785eab19bca2 |
| SHA256 | 75d32b627b4420aa5ed85260c2b47ce85cf23d2b88c786d9f9618ca77c08feb6 |
| SHA512 | e5434b3507c62b28f0689431674f142ec2838b370700c61904c00f353dca1a1321e6a9eb33aa23d1e5c7dacbd14bbacf608c0dfba84142e92808245ab042605e |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7DE13E7C-75B8-475B-A063-B5809EA524B6}\EDGEMITMP_7BB73.tmp\SETUP.EX_
| MD5 | ac32fab2c3001f20f9c57a99c2557220 |
| SHA1 | 3132e9e81c4d5208470ccea941565aeeee99f446 |
| SHA256 | 817463502712e46e7638d0f681f14cdb0081570b04e0200a027270c1336700c1 |
| SHA512 | 36c3f9cc04e75c7d83eceb09f44fe3a5b243c543d73df00e3527d0f0fff873769e9d3264e71a1b521c74f87135aa7cfc9fb4d3f59d8c5c0cc19cafb1fa015366 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\52c069c1-3c31-471f-a019-1e2d4da00617.tmp
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | b48ef223e69273ac15d04b70e263c5e1 |
| SHA1 | 9c16ee88b91bc313fa37e85cc5486382e64d3177 |
| SHA256 | f1f78c3dde08624f95076a565a22987bb27e503e113bfa21276f10e0aeda5fff |
| SHA512 | db678edfb9ec3013b1485110345391a725e27ff2c6a4c5e2dfc17911354f0ea640b6f1e46c366da9514c70afa148d668df6e39cd6ec42ca7fc6f4caeac0cf0cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\7db127a6-dcb7-466a-bc6f-335981167e6d\index-dir\the-real-index
| MD5 | 207a3a7fc3df1127db8511d6d99a05f4 |
| SHA1 | acd138e860c91529421649381c1f5e0129d07e19 |
| SHA256 | d6ed2065c3c210f888f5e3bba0998f07e6b3e5874a87440be01211a2f1b0ab55 |
| SHA512 | 7d0d25ba309c19986d2d8d249129e841dc9e7dab72d2d26cc866bf1bdc359de5a081e8850296af823d5cb35eeb516b15817d9f60c26ec5924c9ca0ba4f759fb5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | dabeb06d29bbc8b1ea28246e2579cb29 |
| SHA1 | bea894867b6b6b9f7619574dff3fad3e45b5b5cd |
| SHA256 | 006b67bf706ec8fc4a9f08a1a5f6c25ebc28c8c2b49f7727aeb5480aff334a40 |
| SHA512 | 1c6114b587a6232e8b0000debc959192aded45cd409dbf8a2f29f8e59b3f19456b714a6d9eb87f0bb0c6c35311e4aff1b443316e37a31087c2c39d5955043e70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f766e914-1dee-421b-90c4-7cd3551588c9\index-dir\the-real-index~RFe612598.TMP
| MD5 | 9d34032f586cd68b88db620c77587fe6 |
| SHA1 | 9a8c5d2425ba4af5dc41b075e8f5eac500eaf9d9 |
| SHA256 | 5810236203ff3fb300036d0caffa64f41729ecea4081ebad55ea91d162c0b4c9 |
| SHA512 | b68a48e83e6864d37d24a76a3c403db1d98fc2aa6da34470b596b95fe80d1e40d94755a67c1dcdbb0ee0ea757d3a8282ff6aecb7fdbdfd9c80791966f36bada0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f766e914-1dee-421b-90c4-7cd3551588c9\index-dir\the-real-index
| MD5 | 5b97c91f0bf09d5a7f69481b84298227 |
| SHA1 | 4f3e4ead50070d8afbef0ede2288aedb27274b7d |
| SHA256 | 5ea890ec3fa3f21f2fabd0be3ee676ccd26cc69d99a67ec5322fb4f577cc8111 |
| SHA512 | fa5c38ee8657a04e590d82185facb1fa0c0cb0e71f64ecd260d771b47482e5a10c10a2dc4abe69b72efc217e3eb65cdadae45a11d124be8443cdbe69a1388027 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 945a845e079247fbedc9a60a578e6863 |
| SHA1 | 3a998adf811b29a01d916ecda2e54571bd5ef17b |
| SHA256 | 33ab725427ee370ebc03aa32a86799b75de15df037af16dbb577aa2b59069a33 |
| SHA512 | fc398bb7e786b5df1e2471154156c2817388250fdfb772c7d3b4885542cf5b137c306437e89a3d4189c6913f791aabec13b144d6a029eb83deed9d25514e0659 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | a3a5ff573fede06eaa75a9a8de99db3b |
| SHA1 | fa78a4bdb9a1a59aa1c600f2dcae22da3721d180 |
| SHA256 | b88f0f2fe0feb925adcf2b4b047923284d0fb3732fe1fcd912c9c8045f209ab6 |
| SHA512 | f77a86a40b8b4121a41f91f6fddfeb6f3631c60fa0dbf52efcc8bec9966c7cca8788fea4194cb31ce87f94be83375be1a2688247b30b7c8f17ec41d554f05e67 |
memory/6920-22782-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22781-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22783-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22784-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22785-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22786-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22787-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22788-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22789-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Windows Anytime Upgrade\Upgrade_dism.log
| MD5 | 3c101604cf2921f09224df9d1b52f2ad |
| SHA1 | f3e2052e6f9b7de61344ac616fb667b7b5ee0c07 |
| SHA256 | cb58bafb1c2db7190e4eb2e1b0696e74f1b6fce426fdd0619fbafddc5cfb4e9a |
| SHA512 | 71a5efce2d642d3fb847431c64dbe31848aea4e1cc8e827a82020f66f77837b3dd27453280a5845ff15a5c7ddeadaadd3900a97aa3b853e846ad60fce86e1dac |
memory/6920-22877-0x0000019CE3A30000-0x0000019CE3A40000-memory.dmp
memory/6920-22879-0x0000019CE3A30000-0x0000019CE3A33000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\app-setup.js
| MD5 | 7c7a7af879b79f3c25fea71c4b399481 |
| SHA1 | 9a153d97946836fb64e9400a90a328b182b75732 |
| SHA256 | 3e7e0c7761c710639adbd1306e7ec6d8638039831cb79281c3c85ee8ddc01e6e |
| SHA512 | 803601ad850f30a4b72d924f3cc2bc7804dbdeff996ce159d20703e73e8b263f986be5403a1521aaba041aeacb529c5c73a67b11c1833514811da685652dc730 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\manifest.json
| MD5 | e8f8f3173596a9352d2eb8554f328146 |
| SHA1 | 17e1723c0ccf902cf2554d6e3ce4801f42444466 |
| SHA256 | 3428d05f82e2137eecddce8ed87eff8ac22f389ac69298e8cba92ff3c2e16545 |
| SHA512 | 7d28854aac16adfd4dba9c701a21fe178c75fe4c421333254e505f9b7bd2a856731bfec906872a92c866c5bbf3d517624624144621e7be8dda16b02d9a663314 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Tokenized-Card\tokenized-card.bundle.js.LICENSE.txt
| MD5 | 8595bdd96ab7d24cc60eb749ce1b8b82 |
| SHA1 | 3b612cc3d05e372c5ac91124f3756bbf099b378d |
| SHA256 | 363f376ab7893c808866a830fafbcd96ae6be93ec7a85fabf52246273cf56831 |
| SHA512 | 555c0c384b6fcfc2311b47c0b07f8e34243de528cf1891e74546b6f4cda338d75c2e2392827372dc39e668ed4c2fd1a02112d8136d2364f9cab9ee4fa1bd87f5 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Notification\notification_fast.bundle.js.LICENSE.txt
| MD5 | 7bf61e84e614585030a26b0b148f4d79 |
| SHA1 | c4ffbc5c6aa599e578d3f5524a59a99228eea400 |
| SHA256 | 38ed54eb53300fdb6e997c39c9fc83a224a1fd9fa06a0b6d200aa12ea278c179 |
| SHA512 | ca5f2d3a4f200371927c265b9fb91b8bcd0fbad711559f796f77b695b9038638f763a040024ed185e67be3a7b58fab22a6f8114e73fdbd1cccdda6ef94ff88f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\Notification\_manifest\spdx_2.2\bsi.json
| MD5 | 3ab320b66df885245ebccc3c315699e9 |
| SHA1 | 93391947a3f3bbf82347058f94d0817c4b1bc55c |
| SHA256 | aec8d082e402c027d98d4cb7c39a059553184cbb0f55c34f86cc83cd85cc1c90 |
| SHA512 | 6ff9e4c41d37ee2a3bafad1ab76ff046aa54befc86cc5d40e2607fc9b3a229c9df88ae5bc751d3d0bf3702ac9fb7fe87657ceff7554b9f4dea51fc4a07024f6d |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\wallet\wallet-pre-stable.json
| MD5 | 5d709377067d4ee95948aecc16146aca |
| SHA1 | 36df31fac098f3ab55ff33d3286089c7fa093d72 |
| SHA256 | 2ba0187ba374cd8cbea56259836c2a0341355c54912e589ae869135b7faea724 |
| SHA512 | 44c8f3de30c88d3ee7742712d974a9d8326159a839436410b6073aa353b9f0f6234ffd234dc0625ffd6d509b5db0bc552f1dd9ee2c55eac475cf5764b53c2cad |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_679981784\json\i18n-tokenized-card\fr-CA\strings.json
| MD5 | cd247582beb274ca64f720aa588ffbc0 |
| SHA1 | 4aaeef0905e67b490d4a9508ed5d4a406263ed9c |
| SHA256 | c67b555372582b07df86a6ce3329a854e349ba9525d7be0672517bab0ac14db5 |
| SHA512 | bf8fa4bd7c84038fae9eddb483ae4a31d847d5d47b408b3ea84d46d564f15dfc2bae6256eac4a852dd1c4ad8e58bc542e3df30396be05f30ed07e489ebe52895 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\122.17389.17321.1\json\wallet\wallet-tokenization-config.json
| MD5 | 58d328e05878048df57b277bc2adf4eb |
| SHA1 | 619192a332d9ec2239412e9fef6e2259e627f4ff |
| SHA256 | 5858378fd44eedd4eb1615f7e48072f5d4374848c0b3a5eacffa7cd9f3b9333c |
| SHA512 | 79a7efb226cece8334d5c1c76e41ffa18f9b10fd12379a62749bba8d8254afa0062b9af4e6b534bfa2ef30b45452807fb07c2508e9e341397186ead51130d8ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Wallet\122.17389.17321.1\json\wallet\wallet-notification-config.json
| MD5 | 4cdefd9eb040c2755db20aa8ea5ee8f7 |
| SHA1 | f649fcd1c12c26fb90906c4c2ec0a9127af275f4 |
| SHA256 | bb26ce6fe9416918e9f92fcc4a6fe8a641eceea54985356637991cf6d768f9fd |
| SHA512 | 7e23b91eab88c472eec664f7254c5513fc5de78e2e0151b0bcc86c3cd0bf2cb5d8bb0345d27afdd9f8fcb10be96feaa753f09e301fa92b8d76f4300600577209 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 7780d2f11f92e61fc9421a84b95b0c36 |
| SHA1 | d9890064c4b3550186a3150042d6cee5e4b91308 |
| SHA256 | 9cf9ae8342949274f001aa7eda750f803583873a7850ec129b6d908384cb0a7d |
| SHA512 | 5de79724bd014ba681a388f24faa6675cdf3c570cb7a2d560d82679f9a1837c73be017907a358c09a0f18db04c9a541fd1aff0f9f539d682c866fad86d5044df |
memory/8228-23929-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23930-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23932-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23934-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23939-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23937-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23940-0x000001DA10B20000-0x000001DA10B30000-memory.dmp
memory/8228-23941-0x000001DA10B20000-0x000001DA10B23000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_639114825\manifest.json
| MD5 | 58d3ca1189df439d0538a75912496bcf |
| SHA1 | 99af5b6a006a6929cc08744d1b54e3623fec2f36 |
| SHA256 | a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437 |
| SHA512 | afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.8\protocols.json
| MD5 | 6bbb18bb210b0af189f5d76a65f7ad80 |
| SHA1 | 87b804075e78af64293611a637504273fadfe718 |
| SHA256 | 01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c |
| SHA512 | 4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_434285837\manifest.json
| MD5 | 27bbd8844209af39a35b42f2eb92ec50 |
| SHA1 | b1aab874a6aad1f9fc72ec9419980ce9d1db45a4 |
| SHA256 | 4b7b671546c98b7452dbe62bc705b00005359b1580da91faaa5e02d811364a7f |
| SHA512 | c0e5cb9a19cee8e24fa9bea6180b26b17b8bba5a8ea35f6b60950fc3f707375147cf0c68acec93d9cb41bcb6b64ab66743a1c1e5de77bc40adb665fd24609e1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.0\data.txt
| MD5 | 4a96cf711a5aefdc27bf11b9ddb22dfd |
| SHA1 | 811210300f79743c5ac78b28e73c46af2a8c662d |
| SHA256 | feafc9d646607ce5bb679ba030b9f243fb7ee8d9198fe75e4baead0c928d9f1c |
| SHA512 | 87a57eb6017fe9598f261f5b7e94ac92e18e6b939dfd0381877f49ab85b193fb430d6dc71164c0bef1214f46cfef4bb985a8d9fcb16a19154634217ea5f113bf |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1815740224\manifest.json
| MD5 | 1c539c68a00bd842136703d2cdc94235 |
| SHA1 | b39f04946e7da8380fa340ddf1baa757afb37df5 |
| SHA256 | bdd48d0d2e047e4816e1aa4dc248c095998cbda255b50db66b94bd7a42206aed |
| SHA512 | eaf0cc24ecfbf8adc1b216a098fa72b95aebe6fbea9206860622c54f684e08447050cc9734fcf83f3eb2e15cb263dfed636539b24c5e4ba94b2ce309d651325b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\11.0.0.0\ct_config.pb
| MD5 | f86abfc2651f24867cf9aee405d95a07 |
| SHA1 | 51531932b533a36a6ab41700f625f33ae7296825 |
| SHA256 | 70c4568dcbf75e36879c75b068e67a2de7653cb5eff6c12697c3bbfead81d85a |
| SHA512 | 351a0a4e5b2b4800ef535d4ca1a9ebd65027543608df883a303a32ce37e110206da2555cd37853711bdf049e6a9df17005e6520ea0daadbe6d0fb08bd51b7020 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\PKIMetadata\11.0.0.0\crs.pb
| MD5 | 5418f0d0f7d15ca9fbe5da74453722f5 |
| SHA1 | 3ca9d7ae11a35a6c47d590b301602583add40e10 |
| SHA256 | 251ad4f7aedd823ee97077e9764592188657aa831cd0948990fb549fd3e593e3 |
| SHA512 | 4206c7c04eda629a2af109e35e48986e80fc16a2285ae3afc2e92f6a29651d7a06d1dc3d49f618fd33965f91e6cccc8b0dcbc34b4613eedabc7fbafc18783b7a |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1176201949\manifest.json
| MD5 | 55cf847309615667a4165f3796268958 |
| SHA1 | 097d7d123cb0658c6de187e42c653ad7d5bbf527 |
| SHA256 | 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877 |
| SHA512 | 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-as.hyb
| MD5 | 8961fdd3db036dd43002659a4e4a7365 |
| SHA1 | 7b2fa321d50d5417e6c8d48145e86d15b7ff8321 |
| SHA256 | c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe |
| SHA512 | 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-hi.hyb
| MD5 | 0807cf29fc4c5d7d87c1689eb2e0baaa |
| SHA1 | d0914fb069469d47a36d339ca70164253fccf022 |
| SHA256 | f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42 |
| SHA512 | 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\hyph-nb.hyb
| MD5 | 677edd1a17d50f0bd11783f58725d0e7 |
| SHA1 | 98fedc5862c78f3b03daed1ff9efbe5e31c205ee |
| SHA256 | c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0 |
| SHA512 | c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_578037231\manifest.json
| MD5 | 273755bb7d5cc315c91f47cab6d88db9 |
| SHA1 | c933c95cc07b91294c65016d76b5fa0fa25b323b |
| SHA256 | 0e22719a850c49b3fba3f23f69c8ff785ce3dee233030ed1ad6e6563c75a9902 |
| SHA512 | 0e375846a5b10cc29b7846b20a5a9193ea55ff802f668336519ff275fb3d179d8d6654fe1d410764992b85a309a3e001cede2f4acdec697957eb71bdeb234bd8 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_124883807\manifest.json
| MD5 | 25f7c066eba213487d7271bf63180765 |
| SHA1 | 441d0bcb8da11dc1e3d9621b3fb9f27258828d76 |
| SHA256 | 4f714a821e6026f2cb9bbe9eda4e58d9710a4a0b110f1fa534f4f827302ff069 |
| SHA512 | d8b75daa4d21302180100517132cfb1bfab671bdd724fce2e92ba91277bbe4eae79bd679c6f41119464ab772bb4ae14e1a4dcb79719ae1daa4d066f1f63924ba |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | e4bad2817be39d0c1dafb8bb5acef0bf |
| SHA1 | eb47d46764f8bfed0886c1f60530d24fae05b0f7 |
| SHA256 | f2cdff301a19af3f67d7a4e6f05404daab500d5f295e43a053a59a24d9661653 |
| SHA512 | 4ad1dc52490e0c107da006c91f2fe4f2d6b4c0a823176bb21dfe7925dce6507cd57e62d35aaedc7306752c22b511f2327762cadfbfc49fae8c805f0c3c738216 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | c455795eb39f47f409dba83fa1bb4c29 |
| SHA1 | abf2abe2952c22cd1bac55c3001eba9770665f8f |
| SHA256 | 1761e74149bbc0d0a1ec4ca2d1b486bfbff30c3d6b668bf3fcdc6f6a71100acc |
| SHA512 | d9de6551d4c92f18ae66098066591eff773ecc6ad268d8c19239946f164d7afefc04355ff544e7ec5aabdb2f90cee4455f3637d234f98fe976d847f2f72089ec |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1435087633\manifest.json
| MD5 | 5a6ec1311e0595cabc087867b3974ef0 |
| SHA1 | 0a01317eb4d7b7b92f94a434f8914c2c64371978 |
| SHA256 | dd8d46e0af72599ae64b911eeae346a8932979b6ca1d891e4b597ed8b4ea67e6 |
| SHA512 | 4b2fece51cc467149b4fa2209602532d881c7ac6ae30e41174583d218ee9d965100201e4ba8eb8e9f036c2f3d048d8978fa15c29bac7ce03d787a94741a2a0f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TpcdMetadata\2024.1.12.2\metadata.pb
| MD5 | 41d04d8371715e478903a88c1dce5b95 |
| SHA1 | 067052cc0c61940ee9f956a7be7db1f4938fcd1b |
| SHA256 | caf8fe15704f3d8d562956723a5729cd12f870b1a5e817740f314ee4fc2d6470 |
| SHA512 | b6a239c73473593002c6be71521e63fdb8e0510bd63bf647b9b85329334409177318e316c862dae7cf2873cff6fa5301e26b3b24b56779fb51179f23f8a00a92 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_87188570\manifest.json
| MD5 | 9afa8c4f2f110eb1dcb4eea557d70b14 |
| SHA1 | 53e3459baeac038fc97c8d0301af4a677f469995 |
| SHA256 | d8ee094fab5587036dd1bba6e45503c7099e6eb8686acc776fce1fd60e06e29e |
| SHA512 | af586f904079c60263ae284888d403685a8d62da158ab12a1429b0811bd2997c11fe91ee7faca46a1657b26764d857228e3df0e648f4be95ac496dc5fa193c7f |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_1590391752\manifest.json
| MD5 | 4e1b2d5730032b1c13793c389697c627 |
| SHA1 | 567c6126d784e372129c4bc7df89b7f340e7e404 |
| SHA256 | d8e4ffe4f04eff1ad463d4edb68834fec19af48812df01617442cee05e095727 |
| SHA512 | e54bc1b05304eb88482741adc470784467d3610d8dafa3f345da8f87d4c7e1053965f54a94d575d2dd422006b45e08a9c5984410efcf54c786e32adbd2674f56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2024.1.2.1\keys.json
| MD5 | 5468d2923653b99d9f9e8817e1f728e2 |
| SHA1 | f0146243181abd43f4ee52159417f713e3497934 |
| SHA256 | 31a639ea1cbc77828b6b9adf9a17bf16d4074981f10019c8ea1b2f9bd6c1ccb7 |
| SHA512 | 4dc42dac0ff2c6ee2f928a85a8624b623ba3b432c17543a26629f0382abe9ec43f726a3b49679ea6df11360e8a8a77f1b5d84bb09463d567e4dc16d693fd3289 |
memory/9212-24440-0x00007FF8E2D50000-0x00007FF8E3812000-memory.dmp
memory/9212-24441-0x0000018E6E6F0000-0x0000018E6E700000-memory.dmp
memory/9212-24443-0x0000018E6E6F0000-0x0000018E6E700000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_cmuo1hie.oyv.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/9212-24442-0x0000018E6EDC0000-0x0000018E6EDE2000-memory.dmp
memory/9212-24452-0x0000018E6EE60000-0x0000018E6EEA6000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_661592200\manifest.json
| MD5 | faae08d055ed123742bc415108373af6 |
| SHA1 | 26f07cc260dce6c856c55c9da82c46795672c04e |
| SHA256 | 7bc64209a8d58605fcb372c5c9a486a08102dce7a711f1c03368727c37448751 |
| SHA512 | 8c4ad38651a2bbc03427f6bab02a1fb4f4c18303457763c4d676ab7e5f767c11e03c92fd22ef6ed393a49164b7e73ca3eb2215d67a1e6b868b93ab6d65091880 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.19\edge_autofill_field_data.json
| MD5 | 4a19a53cbbabb95d377b2e3f3468460f |
| SHA1 | 5b7b30aebac31abd636a890c2d5bb23522438fee |
| SHA256 | 5f3a7426de195d7c991aeabad4886e7dad32ff30bcfb4058745a1accc96a64d3 |
| SHA512 | 713280e28d42431f05fee1a37f019bd84c768dfcf293ca4f80644e2a0f6c1fedbe55d155083f0c980143360025469325d41bc216ac8b7c4354a120fe1df242b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.0.19\v1FieldTypes.json
| MD5 | 81c2a0dc6e05acb011a7eec37658c814 |
| SHA1 | 5930d946399adf03ea725130acc6432d449bceff |
| SHA256 | edd877377e627e84fe55b404b24e0bfeede2e2991d775a493dffa251f11e30f1 |
| SHA512 | 20d02ae0feae878e957e5c61f3914c55ee3bb00ba08b35b2299c40184fb27b0946d300519d4ef6d5042b5a58f637b7525fb7bf2514d9d05750398bcf68df96d8 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_136463884\manifest.json
| MD5 | 4055ba4ebd5546fb6306d6a3151a236a |
| SHA1 | 609a989f14f8ee9ed9bffbd6ddba3214fd0d0109 |
| SHA256 | cb929ae2d466e597ecc4f588ba22faf68f7cfc204b3986819c85ac608d6f82b5 |
| SHA512 | 58d39f7ae0dafd067c6dba34c686506c1718112ad5af8a255eb9a7d6ec0edca318b557565f5914c5140eb9d1b6e2ffbb08c9d596f43e7a79fdb4ef95457bf29a |
memory/9212-24557-0x00007FF8E2D50000-0x00007FF8E3812000-memory.dmp
memory/9212-24559-0x0000018E6E6F0000-0x0000018E6E700000-memory.dmp
memory/9212-24561-0x0000018E6FB60000-0x0000018E70306000-memory.dmp
memory/9212-24563-0x0000018E6E6F0000-0x0000018E6E700000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_371643626\manifest.json
| MD5 | ba4567388c38cd975fe4288633763434 |
| SHA1 | 0cfdb35b199cac669fd61d4231657ed095b1e9bf |
| SHA256 | dd4f941794a9bf67fbdaba16e50b061fda3e08bf3128e9eda9c36fba7f1d7bef |
| SHA512 | d5bd2d0bdcf1f9225f4ae4047d97dbe29860bb432af61d907c8a60875bfe1735564d2df41a9101c80bc0b329f3b18f208756a3d86b8e35eb9b09548cfe7536fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Tipping\113.0.0.526\EdgeTippingBloomFilter.json
| MD5 | 7d88043189e75d62238183c53e0fb1fe |
| SHA1 | 41d99b830b67b722920e5b0e1bca1cab652954dc |
| SHA256 | 03c680852691ac0ef2995702d5bcaa17453c455ab1458084bb3b28db9f73a6c3 |
| SHA512 | 34eafa55c72f902105a52824a3756a3cd33819d91b3c088b1779187c82add318f0234f3fbc74b8ec0563b1a9c80e115abeb1ca79d2b3c03691f3580aac78d7fa |
memory/9212-24837-0x00007FF8E2D50000-0x00007FF8E3812000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_794304763\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9076_794304763\manifest.json
| MD5 | 76fd885795dd209811659a8047b21a73 |
| SHA1 | 6326e501c3092d4910ec2b8db236b094887c4d36 |
| SHA256 | dd6198365a06fdc8226df1ceca27739dfcb6e0c48e8282a88dd74c70e04ef511 |
| SHA512 | 28383d6da2ffd2d87a1a12cd8bc93d2e38b059e37b19dd57159167fa4406c782a1b4429836f3e81cca37a26998fa21f78f546cb7be6a74993fbf37e7813b7fed |
C:\Users\Admin\AppData\Roaming\Zoom\data\Zoom.us.ini
| MD5 | bbc732128f935fb888953e3f013ba6c7 |
| SHA1 | e9c33f60737d5039f5d58cbcbcbbfd0ec0ce7a1b |
| SHA256 | 2f195e60c7d68ea60361df23d5cefb422723f793dcec7c83503074c9dea03ae4 |
| SHA512 | b2022f9c7e026a10cf3c7a377b1b185dbeb8596fbc9842cc77214ff8cdfc4aea37e9b6431c1927d37f500acf4ea669a85c2bd4109acbf5f090c92bc59b94e2ee |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\352fd027c0e8f0e5.customDestinations-ms
| MD5 | 64f5c245989fa7edd02c184fc18eba3c |
| SHA1 | dc4a3025c0effc4996f92f6811c0003f8fb8e04d |
| SHA256 | 3f6d71656cf194102e1ba397a8b8b18aa8260be92a5d9411b98600166126faba |
| SHA512 | 0d418f2df05a9cde6092745a765f3fd153d6642c07d23af31507e1b6e0bc90c8dd62559060f216e8cf76759a9414b2aadcd9628b980420b4ce38fcf59b8cc44d |
C:\Users\Admin\AppData\Roaming\Zoom\data\[email protected]\client.config
| MD5 | c886b66f26be148a026a0eedf4342f91 |
| SHA1 | d6f4edc0411f27aa924b595457f80dc45ca3309f |
| SHA256 | 87483a55613f9876fede9a7d52487d5d9aef6fc1cb970d6dc28659ed5b8c294f |
| SHA512 | 49686588fc238f54e52d853140405ed253b18d2826b678ddc5f8dfbd3769195b5c0e5b06d0fa0b90bebef9744e0ed2b3044eb9d42b81dbf8575a77798bdd4a73 |