Analysis Overview
SHA256
39e4555e23cba84c99419fa6dde808448bab40f058912a81d5da3205874c1646
Threat Level: Shows suspicious behavior
The file MicrosoftEdgeSetup.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads user/profile data of web browsers
Installs/modifies Browser Helper Object
Downloads MZ/PE file
Checks whether UAC is enabled
Sets file execution options in registry
Adds Run key to start application
Modifies Installed Components in the registry
Checks computer location settings
Drops file in System32 directory
Loads dropped DLL
Drops file in Program Files directory
Checks system information in the registry
Registers COM server for autorun
Checks installed software on the system
Executes dropped EXE
Enumerates physical storage devices
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
System policy modification
Suspicious use of AdjustPrivilegeToken
Uses Task Scheduler COM API
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Modifies Internet Explorer settings
Modifies system certificate store
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-22 16:59
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-22 16:59
Reported
2024-03-22 17:04
Platform
win7-20240221-en
Max time kernel
45s
Max time network
311s
Command Line
Signatures
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks installed software on the system
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeComRegisterShellARM64.exe | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_de.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ru.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_sr-Cyrl-BA.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_es-419.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_lt.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_th.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_mk.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\psmachine_64.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_hu.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ko.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fr-CA.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ga.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_mi.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_tt.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_hr.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_pa.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_sq.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ug.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\NOTICE.TXT | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_te.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_cy.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_am.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_id.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_sl.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdateCore.exe | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fr.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_is.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_kok.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_pt-BR.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ka.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_nb.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bn-IN.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_sr-Latn-RS.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_tr.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ur.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdateSetup.exe | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\psuser_64.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_cs.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ca.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_vi.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdate.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_nn.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_mr.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_sv.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_as.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_zh-TW.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_az.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_mt.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\psuser.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bg.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fil.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ro.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ta.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\psuser_arm64.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bn.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_gu.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_km.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_lb.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ar.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_et.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_iw.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_gd.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\WpadDecision = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\3a-31-e6-b0-02-01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\3a-31-e6-b0-02-01\WpadDecision = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\3a-31-e6-b0-02-01\WpadDecisionTime = e0af85717a7cda01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\WpadNetworkName = "Network 3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2D\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\3a-31-e6-b0-02-01\WpadDecisionReason = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\WpadDecisionTime = 80bd566b7a7cda01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\WpadDecisionTime = e0af85717a7cda01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\3a-31-e6-b0-02-01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\3a-31-e6-b0-02-01\WpadDetectedUrl | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\3a-31-e6-b0-02-01\WpadDecisionTime = f0aaab5e7a7cda01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\WpadDecisionReason = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2C57B559-8C32-4399-91FF-80093C13E1AC}\WpadDecisionTime = f0aaab5e7a7cda01 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\CLSID\ = "{5F6A18BB-6231-424B-8242-19E5BB94F8ED}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback.1.0\ = "Microsoft Edge Update Legacy On Demand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc\CLSID\ = "{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0A5F4B64-7FCB-4C1B-8133-CD01DB52BE83}\InprocHandler32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ = "IPolicyStatus5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\CurVer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CurVer\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CurVer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CoreClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0A5F4B64-7FCB-4C1B-8133-CD01DB52BE83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\ = "PSFactoryBuffer" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f0b0000000100000034000000420061006c00740069006d006f007200650020004300790062006500720054007200750073007400200052006f006f007400000053000000010000002400000030223020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c09000000010000000c000000300a06082b06010505070301030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47409000000010000000c000000300a06082b060105050703011d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df053000000010000002400000030223020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c00b0000000100000034000000420061006c00740069006d006f007200650020004300790062006500720054007200750073007400200052006f006f00740000000f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe
"C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe"
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzkwMjA2RkMtRUYzOC00QTE5LTg4RDctMjBGMDUxRTk5Q0FBfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezI1Q0I3RkMxLTA4RkQtNDdDMC1CRTM1LTdFRUU4MDkxNkFDOH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSIyIiBkaXNrX3R5cGU9IjAiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjEiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yMSIgbGFuZz0iZW4iIGJyYW5kPSJNMTAwIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMjMwODE2ODAwMCIgaW5zdGFsbF90aW1lX21zPSIyNTc0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100" /installsource taggedmi /sessionid "{790206FC-EF38-4A19-88D7-20F051E99CAA}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzkwMjA2RkMtRUYzOC00QTE5LTg4RDctMjBGMDUxRTk5Q0FBfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7Q0MxRjAyRDMtN0Y1Qy00OUYwLTlENDktMUVEREQxQTRCNEQ4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjIiIGRpc2tfdHlwZT0iMCIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iNi4xLjc2MDEuMCIgc3A9IlNlcnZpY2UgUGFjayAxIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iMSIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMzAiIGluc3RhbGxkYXRldGltZT0iMTcwODUyODQ0MCIgb29iZV9pbnN0YWxsX3RpbWU9IjEyODkyMDIxMjk0NjY5Njc2OCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE3MTcxIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIyMzEyNjkyMDAwIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7949758,0x7fef7949768,0x7fef7949778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1492 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2128 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2136 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3212 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3312 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3708 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3700 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3460 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1828 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1944 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2716 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\MicrosoftEdge_X64_109.0.1518.140.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\MicrosoftEdge_X64_109.0.1518.140.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\EDGEMITMP_2A05B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\EDGEMITMP_2A05B.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\MicrosoftEdge_X64_109.0.1518.140.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\EDGEMITMP_2A05B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02F515DC-DEE1-4830-867E-8C58F611898B}\EDGEMITMP_2A05B.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=0 --install-level=1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3584 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzkwMjA2RkMtRUYzOC00QTE5LTg4RDctMjBGMDUxRTk5Q0FBfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezJGQUNEQzA5LTUzM0ItNDQzQS05RTc1LUE1QTQ5QUIwOUE0M30iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSIyIiBkaXNrX3R5cGU9IjAiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjEiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTA5LjAuMTUxOC4xNDAiIGxhbmc9ImVuIiBicmFuZD0iTTEwMCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjI4NjUyNDYwMDAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIyODY4MjQ2MDAwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMzI2OTM4NjAwMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMGM0MDg0ZjMtMWJlZC00MjQ2LWI4ZWQtMjA2Y2NiZTYwZTNjP1AxPTE3MTE3MzE2NTImYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9SDNGWGNsNlg2aUtWNHFJZ1ExV2IzeWVLWHZDR3RNaVBvYlJRa2FZd1pObWFSOVV6bnlEMkslMmJFSDNGRUMwakhpT2cwS3JRMSUyZmptanMlMmJ1SkhVRHhOU0ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNDA2OTYwMDgiIHRvdGFsPSIxNDA2OTYwMDgiIGRvd25sb2FkX3RpbWVfbXM9IjI1Njc2Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMzI2OTkxNjAwMCIgc291cmNlX3VybF9pbmRleD0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjMyOTk4OTYwMDAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY2MDkiIHN5c3RlbV91cHRpbWVfdGlja3M9IjM4NjA1NjYwMDAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMTI2OCIgZG93bmxvYWRfdGltZV9tcz0iNDAxNTkiIGRvd25sb2FkZWQ9IjE0MDY5NjAwOCIgdG90YWw9IjE0MDY5NjAwOCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNTQyMzAiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2668 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-installer
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=109.0.5414.165 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=109.0.1518.140 --initial-client-data=0xbc,0xc0,0xc4,0x90,0xe8,0x7fef44fffa8,0x7fef44fffb8,0x7fef44fffc8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1152 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1488 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1564 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --first-renderer-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2176 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2180 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=2208 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2228 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4164 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1592 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2972 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2988 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3080 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4240 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4496 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4540 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3108 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3760 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4000 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4692 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4708 --field-trial-handle=1208,i,7356360929920850899,11120272423071344411,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3208 --field-trial-handle=1268,i,4177666847890412988,12293138297554121909,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\Installer\setup.exe" --msedge --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files (x86)\Microsoft\Edge\Application\master_preferences" --create-shortcuts=1 --install-level=0
C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU11BC.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU11BC.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /healthcheck
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzFEQTBEODMtRjQ1QS00NTVBLThBNkYtRUE4RTIyQTM3MDlEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNEYwMDcxQi1FNDFFLTQxNEMtQTY5RC01MzZCOUVFQjkwRDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iMiIgZGlza190eXBlPSIwIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSI2LjEuNzYwMS4wIiBzcD0iU2VydmljZSBQYWNrIDEiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSIxIiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODUuMjEiIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NTg5ODQ4MDAwIiBpbnN0YWxsX3RpbWVfbXM9Ijk3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{31DA0D83-F45A-455A-8A6F-EA8E22A3709D}" /silent
C:\Windows\SysWOW64\wermgr.exe
"C:\Windows\system32\wermgr.exe" "-outproc" "2548" "564"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C5DD21E-27F4-444B-AA2C-27BF2A91FFAD}\MicrosoftEdge_X64_109.0.1518.140.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C5DD21E-27F4-444B-AA2C-27BF2A91FFAD}\MicrosoftEdge_X64_109.0.1518.140.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C5DD21E-27F4-444B-AA2C-27BF2A91FFAD}\EDGEMITMP_80066.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C5DD21E-27F4-444B-AA2C-27BF2A91FFAD}\EDGEMITMP_80066.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C5DD21E-27F4-444B-AA2C-27BF2A91FFAD}\MicrosoftEdge_X64_109.0.1518.140.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzFEQTBEODMtRjQ1QS00NTVBLThBNkYtRUE4RTIyQTM3MDlEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4RjVCQzgxMC1DRTA4LTQ2MjEtQkE5QS0zOEE4RDZCNEYyQTJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iMiIgZGlza190eXBlPSIwIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSI2LjEuNzYwMS4wIiBzcD0iU2VydmljZSBQYWNrIDEiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSIxIiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEwOS4wLjE1MTguMTQwIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NjU4NzA4MDAwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNDY1ODk4ODAwMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ3MzUzODgwMDAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NzY0ODU4MDAwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NjEwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MDY2NDY4MDAwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjA1NCIgZG93bmxvYWRlZD0iMTQwNjk2MDA4IiB0b3RhbD0iMTQwNjk2MDA4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzMDE1MiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-94a1a798754e4385\RobloxPlayerBeta.exe" -app -isInstallerLaunch
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | roblox.com | udp |
| FR | 128.116.122.4:80 | roblox.com | tcp |
| FR | 128.116.122.4:80 | roblox.com | tcp |
| FR | 128.116.122.4:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| FR | 128.116.122.4:443 | metrics.roblox.com | tcp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | tcp |
| FR | 128.116.122.3:443 | ecsv2.roblox.com | tcp |
| FR | 128.116.122.3:443 | ecsv2.roblox.com | tcp |
| FR | 128.116.122.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| GB | 104.77.160.204:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 172.217.23.202:443 | content-autofill.googleapis.com | tcp |
| NL | 172.217.23.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| NL | 142.250.179.142:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4---sn-aigl6nzk.gvt1.com | udp |
| GB | 74.125.175.105:443 | r4---sn-aigl6nzk.gvt1.com | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 104.91.71.146:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| NL | 172.217.23.202:443 | content-autofill.googleapis.com | udp |
| FR | 128.116.122.4:443 | assetgame.roblox.com | tcp |
| FR | 128.116.122.3:443 | ecsv2.roblox.com | tcp |
| FR | 128.116.122.4:443 | assetgame.roblox.com | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 104.77.160.206:443 | static.rbxcdn.com | tcp |
| GB | 104.77.160.206:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| FR | 128.116.122.4:443 | lms.roblox.com | tcp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| FR | 128.116.122.3:443 | realtime-signalr.roblox.com | tcp |
| FR | 128.116.122.3:443 | realtime-signalr.roblox.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1b-lms.rbx.com | udp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 8.8.8.8:53 | nrt1-128-116-120-3.roblox.com | udp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| US | 8.8.8.8:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2b-lms.rbx.com | udp |
| FR | 128.116.122.4:443 | thumbnails.roblox.com | tcp |
| FR | 128.116.122.4:443 | thumbnails.roblox.com | tcp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| DE | 128.116.123.3:443 | pulsar.roblox.com | tcp |
| US | 18.189.4.18:443 | aws-us-east-2c-lms.rbx.com | tcp |
| US | 34.236.199.72:443 | aws-us-east-1b-lms.rbx.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| GB | 18.168.24.16:443 | aws-eu-west-2b-lms.rbx.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| FR | 128.116.122.4:443 | trades.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 104.91.71.134:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| FR | 128.116.122.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 216.58.208.106:443 | content-autofill.googleapis.com | udp |
| FR | 128.116.122.4:443 | presence.roblox.com | tcp |
| FR | 128.116.122.4:443 | presence.roblox.com | tcp |
| FR | 128.116.122.4:443 | presence.roblox.com | tcp |
| GB | 88.221.134.145:443 | js.rbxcdn.com | tcp |
| GB | 104.77.160.206:443 | static.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 192.178.49.3:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| FR | 128.116.122.3:443 | realtime-signalr.roblox.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| FR | 128.116.122.4:443 | presence.roblox.com | tcp |
| US | 34.236.199.72:443 | aws-us-east-1b-lms.rbx.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| DE | 128.116.123.3:443 | pulsar.roblox.com | tcp |
| US | 8.8.8.8:53 | cdg1-128-116-122-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-east-1b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-east-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| HK | 43.198.131.65:443 | aws-ap-east-1a-lms.rbx.com | tcp |
| HK | 43.199.18.162:443 | aws-ap-east-1b-lms.rbx.com | tcp |
| US | 35.155.71.13:443 | aws-us-west-2a-lms.rbx.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| US | 54.215.132.188:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 35.155.71.13:443 | aws-us-west-2a-lms.rbx.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| HK | 43.199.18.162:443 | aws-ap-east-1b-lms.rbx.com | tcp |
| HK | 43.198.131.65:443 | aws-ap-east-1a-lms.rbx.com | tcp |
| US | 54.215.132.188:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | followings.roblox.com | udp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| FR | 128.116.122.4:443 | games.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| GB | 104.91.71.134:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| GB | 13.224.132.58:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 34.212.3.31:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| GB | 51.140.244.186:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 8.8.8.8:53 | edge-http.microsoft.com | udp |
| US | 13.107.6.158:80 | edge-http.microsoft.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| US | 204.79.197.239:443 | tcp | |
| US | 204.79.197.239:443 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| FR | 128.116.122.3:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| FR | 128.116.122.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| US | 204.79.197.239:443 | tcp | |
| US | 204.79.197.239:443 | tcp | |
| GB | 104.84.73.17:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| US | 204.79.197.239:443 | tcp | |
| US | 204.79.197.239:80 | edge.microsoft.com | tcp |
| US | 204.79.197.239:80 | tcp | |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
| FR | 128.116.122.4:443 | auth.roblox.com | tcp |
Files
\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 31f9e08922765ba2913632f758bc7423 |
| SHA1 | b36b4bf74d6d4b6c8c0e38d9c6b65ec7da2fa9e7 |
| SHA256 | c2988c13f66ce033fef65f3af20a00faf555047e710dc6c282c124c848c1eb88 |
| SHA512 | 13808d6b3cf8f8e645bd421eb3916b12cfcef46ab5f0ce1a0cbda91c4be374d03504ec09d1a5916ff2944cc24135cd46dc5be3e6c72fb599b30a58cf8aad7c57 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdate.dll
| MD5 | 9cb2b82fbdde7133369f0d8618dba139 |
| SHA1 | 4ac0771b6da4c435ed9ab270e4b87f5720fda0de |
| SHA256 | 0aa838b27da61c7bd94e073b35cb5cf1cf0762d74ccc0214d052f7327d52ae06 |
| SHA512 | 002ffd9938e309693e2b4ffa3e2d3add2046f133e0f219cb5e8f898f55003815f326c98f529fddef9f7653a9a81e3ebb543f8ca034e786b25ae960c3cb2c730f |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_en.dll
| MD5 | 90afa78198ebd61bb588145b28f6ae28 |
| SHA1 | 56e954a7a9d086a30c49b3fadb39108ed41008fd |
| SHA256 | 900f4de13607028d1e4442d361e7e0b80670c9601cde0a634a12119b13ad1fb1 |
| SHA512 | d3d5a80e06f1cdf976cff20ac840eed31034e7e7eb37ce10d58bd7a99c2a3a6db711358e32d77e8248e8f7029aee2b87b37a8ae600810c4b454ee3c08ab723e1 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | f5e9477194d0d7c18a7c3529a10f917c |
| SHA1 | 17b0f78f7c56a89ddcf2232242de8f13f0cdba18 |
| SHA256 | f5c45634efa29acb9dbd1f16880737797171630c3f81fe23aea26f4dfb094323 |
| SHA512 | 227d890734313d4dbaed48501e6c4cd1f3d1bef403bbab1f65084ead6a32779381bd9d71eab03ca6eed332a7866030eb1fa01fcd1c28a8d7899705dde33446da |
memory/344-113-0x00000000007F0000-0x00000000007F1000-memory.dmp
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 23a351591308d49bfe2625d302820715 |
| SHA1 | 4787ceafc8492b09f85a1c8abb7e5d0c07f52e96 |
| SHA256 | 7610b2c0bf22563e850e185864d9244eee94c853e6595cd18ac59b6d603af651 |
| SHA512 | cb266826f6ca3de75968dffebd2a3b480fd3348fa1c0b972851f1008540285cf93158555448446fb8b83f1fbff726221e05a3a18b11da0518ad65283d8eb8247 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 433681ca511d96f96479ac2cca102522 |
| SHA1 | 321b86c79779e3685b022012a4ccae8b5f3aae19 |
| SHA256 | da5f97895efb9698657ea213e6d0cab53ffe6bee32933ca2341406faf64dfcbc |
| SHA512 | 7b90a0c624f9500a6aaf39c9244818d128cabc898f5e1e8a28f7a67fafb603b6906610834e172d2762703660dae2cc541d51a5b7478644faa5b6b820b6724188 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_af.dll
| MD5 | b02f36aca674edfd030906d8aa7d3e11 |
| SHA1 | 638981c1e6713e1c2ce2f551bf7326a1d48ae3c7 |
| SHA256 | 962a6ed3be729a924512528f6170fcec6a86bcdc37f89faf8df3e31fb2c9bf21 |
| SHA512 | 2b5c087c5a1a12e87b6b3ad621b9d5e0380f0a962a727bd261ab1b0ed0a40aa9d7c2500648469758889df598b86e343cb2a3f2d034d07250243a7d1e99dbdfb5 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_am.dll
| MD5 | 9a1b664570e9631e6cedf8c2d662421f |
| SHA1 | d9efd018975d111a08e35fa92b1d8955dc31eb5f |
| SHA256 | 52d1f080f3c41c4579603c3cca47b6667472d6b4ed787a3dd7d345ed8b3ac747 |
| SHA512 | 69d4b33cecc3280ba369dbdf60fae92481e8965d6640a1424ac4d72a2355f3d0c367469f638ea6296c1e508fc906f94a2987eddf9cff3ca13659113cd4c178ef |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ar.dll
| MD5 | ff770d70c8ba319bd01ca708e2644572 |
| SHA1 | 6b8c84053f4ae62afdc7002cb3f2e849800dcbb9 |
| SHA256 | db673f6e96287e8827ffdea3ae880aebb5f1b2bc5d45bf26be6513629ed12f1b |
| SHA512 | 8bdd358dcff62a0e3927202e7bcb85d374a2cc351e940707ed4d2638f4f40b3666c7741345f6c0bcfa75b9b3204c1a821dbb44458fdda95a05b0b6a253890cd1 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_as.dll
| MD5 | 009dce4ff4b372178c28397fce96a59f |
| SHA1 | 92277110bc332fe7863beb2ddd4e09fbc55bf81c |
| SHA256 | d333edca46076709ce749e5c55efc888e49120e27c63ffecdf3e78222ea155e5 |
| SHA512 | 4661f3262e7f002916530cb2c9c70d2de5297ba634ad451d4fb39870a26d1a829082995737b5c0b0911c32a20720862dd753330aeb30e993a882fb4fbb110c43 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_az.dll
| MD5 | ef2bdeeade769996349c0a0f4a7c5872 |
| SHA1 | 8d3944bebeca2cc674b0459c637e125df0621967 |
| SHA256 | 6d23e6e87ce3e847ed059781bf895c846e5e34e66083f92089cf08b403432a55 |
| SHA512 | 260d001693a36c7a5db55739d1781bc41b7c76a182d6761229af2723ec223b426b4b4b568544bcd1c97b2415821f2a9514a49c5483f9038438349f7dc31993b8 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bg.dll
| MD5 | 7efa4d227351f5deab462bce9149d40c |
| SHA1 | 85cfaed5408724398f9a3584f9737ac24f4993a4 |
| SHA256 | b36e0c8bb231ec5597b6a8e86379400d1c3dd2218ec8f401c53538ba7fdbc383 |
| SHA512 | 88dbf96fbe3b1756799f6dd9f216e26449277f0b692fcedf099ee5b8563ec2b44de967cfaac0ea7baf072992b0e24166986070811c6a752923c6894961ab3f36 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bs.dll
| MD5 | 78bbea4a67479fad54a247e877c213c3 |
| SHA1 | 800c9ac56787b18fbc010cf0734b4a187d3f4a7f |
| SHA256 | beb02561cdbe2694028c2106b603661d4b7649fb4add685e5314c7c1d27f6252 |
| SHA512 | 8528525660df61bad32f3492659d412367ac42291be8f018ed1017d47baf205ae95b091616b0ac2b20859b1ccf504068dc4e317e176495e9021b109c97c72bc1 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bn-IN.dll
| MD5 | f7d821198825ff1e2cf321d15e7033b1 |
| SHA1 | fce91abf0300084e22521c81f8d194965f25f556 |
| SHA256 | 3518a0aafab4518df873bfe4e1c9e71e3809e092870acdb12eaacfe52c01e25a |
| SHA512 | 85b196fe52121c49dddb552dfdaf3f986160b53a78523760dd94ca08cafc5ba75098a744dc5e605419c9914a111dd207d7d737afb91d73bee7ccf0cf83a8dbfb |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_bn.dll
| MD5 | a164b4c542d58d702e81e05024d95459 |
| SHA1 | e034353f3b1e2afff2ec5c36b36028a94bba9567 |
| SHA256 | f332fd86ea630afb90bc9d50925b25bd85037e18f186aa45c047fc179ccd77a4 |
| SHA512 | f7f22ae416d949a45887e0f0f6f67f6b9518d8f5a26578365dc1bbe979f731eaacca34a53c1d55947ba9cb99697df6ea628f005701f711afbd73fc356f848893 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ca.dll
| MD5 | 7f21e0d781e6ca29c3912967eb920b33 |
| SHA1 | 25f8be269cb3a1dd322de909b8d25e22919febcf |
| SHA256 | aa499ed11eb86855c85426158f198b3efb6fcf67c3b484793f34240bb04f049e |
| SHA512 | cdd78c9656aaee68306527e3a81bf6b2bb749b971342c1fe2b45230cc06d97a9ba6e6f6aa4ee50de0d5abf983b0f1d0cad3718162f046e623f2f6dda6ea87200 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 64223294845556ab103ce781a07db647 |
| SHA1 | 988e53cba0f55e6405df02ac35f8013e79fa839f |
| SHA256 | 8ff65e8754d8f33260e75d43c40b8a4b25eb7d42b85ef73ed6d67ea603c513a1 |
| SHA512 | 58af56f6212b055e350047b641bcf4fccc22012f70e12a4df24d5e2af0964f42ee25cce3d5c8cfb75071bb2e2f9cfde3d3142f2502a1a2cea20fad7e219e0de7 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_cs.dll
| MD5 | 7f14c4c134a48cdba2c41ad653a5fda5 |
| SHA1 | a181b6f139b9e999efb74a11b3a966480c706e79 |
| SHA256 | 6fe845b8e932d1422935eadb0fdbbbcaecdf567778f50f6a10eee72e6ac860e8 |
| SHA512 | 4cfe470e0039f7452db7dacdd8512c5d873b597a583a35cf6132cef3080b3787f816022b14e067bf699bce2b142be2073dda65e9bbfb81457e8fcd8b1436e02c |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_cy.dll
| MD5 | b2d69e686d4d6401479b2cbeb5c62c77 |
| SHA1 | 696ddb825bd7f812c11191bb53c2c00d548d4c00 |
| SHA256 | 40810d25a6f9be67b000ad8228dc20e41e2b0d2223d0ae13878f265fa13bcfde |
| SHA512 | b0d877c0ea2266087b8f464efee9fa54a504ec12215d2e7f3f463081075e7128e2d9437a550773e2b703227ca952e0283f940d3a6e1325aae2784e53fb3e6a29 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_da.dll
| MD5 | 5666fafa9199b490d2b20cbf2f5395f6 |
| SHA1 | 1f43b774ef9a8fc218279dd81e437ffeb40966d1 |
| SHA256 | e4bd6dc7a20b9053b9dfff7c2c6a8abded5914994d300fd1466c9b271a0bf42f |
| SHA512 | 660403a3abe9a4c9ed7a1e54e5e582816c57cf3cc9a69cf67b8794e98989933d90acdea4df9dce222d82dafb92145efacfd30bae93c09193be281dc5ec634502 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_de.dll
| MD5 | 79c1cef8c38d0ad8e4eac06c84accebf |
| SHA1 | 4092a10acc777d560f255c85b1a1437dd53a7101 |
| SHA256 | 5f50709f64eb3f03766e7aee5f446e8cadc1737d0f404db73f5dc447c1f77899 |
| SHA512 | 13cd04233e8af9c194e44d1f322aa29d156fd399717278cde1fbcac8acb1efdc4a004e5e299ff19ce8b423b3cbcf35337c27bc435a777bd60e0bc4e8417aa9c6 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_el.dll
| MD5 | 0dbe7ed570d8139edfb03b022abe1b03 |
| SHA1 | 099e20aeaf984cfa025f017706c694a98f04e2e2 |
| SHA256 | 77b34e4beb5b9b9110582cf55432dd1c75d1816d5744d56c26617d44b7ba37d0 |
| SHA512 | a0667ef377c52467f8c7da6627f9c06786c8134979929a60c8e248a08f44b0bbfbccbc79458db84d9c4e183446acac9e7e18a65ea4b5e8b60ee3a911d8c96a1d |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_en-GB.dll
| MD5 | 38d1b69a1f1e07a99c9df5416b7fc639 |
| SHA1 | f46cca601d1cc38ddb8e93f393dbf9be909e49a8 |
| SHA256 | 952c6fdbcd0d333319e80d415caa91757ce759fb4d8adcff3229b134c5257244 |
| SHA512 | 9ce6849d6915352e746921b9e7c3222d8e99577c77405ac9d44d33d4b0d70df74bbf06d6ec750d38afa21f2824a081bb74dd271b79ee38015e4b23fdc5d840c7 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_es-419.dll
| MD5 | e393fa3d70aaa6dc5bef5dcd7df4ff9e |
| SHA1 | 292fa091659e5954b760e75da9ac9c3d2e4ef1c2 |
| SHA256 | f40ad5f9cde0853afd1834d3823bcb2a50cb358eee188b5d7a1d88b751237026 |
| SHA512 | b3c879009495975f1603380d10756281ddc5a004474fefbd0fc470741f7f5b59ca8c3603d87f9bed6709a31f8eb04a7d84ca8c10db2c9d4a43487604058a3163 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_es.dll
| MD5 | 10bef36b121886cb7468bb209dcc6836 |
| SHA1 | 8b98619e4d8ade70f1f9008f6183de785b6b4509 |
| SHA256 | 515f0a0334db3271f84bbb288aac9b907d6c363dc1a9a6447117a7e7c967ad29 |
| SHA512 | 3b3a06f02d5bf5734b99ee38a249c3232b61f2a5fac837405501bd9cc9c8cbcbbb38dbadf3734a7a6b986a79ef34c7ce63c8c8fdde7d10c8bd916a13eb8f662f |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_eu.dll
| MD5 | cc332ec84b9dc507745c1833284ad4d4 |
| SHA1 | acab1658ed5f20201ade23311f6436da6bc7ed73 |
| SHA256 | 6533a3d4e7af844763e89e3a4bf2330dc37dd2dfd6176f98720140b1f22a7830 |
| SHA512 | 5125af4cdefd131d79988296362e92dbed46c7ac70264a9592fbc633ea2527944745c7c3cd475b0117efb0729885b696fa7f90cbdacc04d699d6aed235482259 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_gl.dll
| MD5 | 64e4a461716700e7f14e7014abe9816d |
| SHA1 | cea6b0612f2dffb7e42d23629d41ffd73cbc63b8 |
| SHA256 | 9674903cdc0e08f18c8f071ed9fccdb8aa20184c85d48d99e8e90de4f4e33a05 |
| SHA512 | f68f902cd1a3e1232401db23ab466e7a38ae09e3324bc91fd6066d19b9246dde068178b73ae5fa6cdecc420b0d3a818f183f46d280f53e8c311b063c029537f3 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_gd.dll
| MD5 | c98c2777d3e3f5b4cdaacfac7b92233e |
| SHA1 | 879cb8fb3f292c05aab59a2852daaa089b13cd00 |
| SHA256 | 1afc654cdc779a78ac66c08f527da746ae99197d2b4a8d23f024afabbe98434e |
| SHA512 | 72ad4fd9e2f3b29f937ba0cefe6adeb85edcf26f913b5f4dcf8d7921a7cfd38fa1eef67db7c83e1ebc4714dffcc4adb9dd6ca909b2b7ebaf2827d2b2f90523c1 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ga.dll
| MD5 | baab875fbcead06d6bfe0eb3325f9d1c |
| SHA1 | 7c770a51d93b5651f14a290858fc25a8c5458378 |
| SHA256 | e2706880a1ed7cb34faef4ca0f3b2df7aa4e75d869dae74c86d750df8423c1f9 |
| SHA512 | 994fa0d9f9d02b1320acc5ad336e30451931a52e6a8c48b3b5d9d5179b42c68feaa14fc76cd2ce99f682f1dfad5d8ce21b87a12321fabe504eb9c0844a49fd32 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fr-CA.dll
| MD5 | 000135745b1756a8a8d3e73140e18ac1 |
| SHA1 | 2399c903c91bb969794a41d1a5e693e8f33125d9 |
| SHA256 | 92b4f9d8fb86a8aa24f929d27e76e680923717e29a88ede229abf357eec3a299 |
| SHA512 | c0b3484a02888fd6323b6754d76325cbd5b48cbeaaeea91dd2ad8c2a3e74ee51294e7edbbf4725e9b00c7c589750199548444484c5d8d15ed973bb63bc8f0773 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fr.dll
| MD5 | 1e41bacb6e221e7db7772bf7a9b9b228 |
| SHA1 | 5036f8c73029b74b51da93330e5bd6be78998953 |
| SHA256 | ecef2e77abe7a1e67ee7e2b1e281ff3f2b1e0cdc4ae1d96ca4e6d25730587efd |
| SHA512 | 81bc5de9bf1c392c886b9d83de8e3dd290399c31504ed998a746eb2b3cc2f7c43154854973146a29e9164b2fd6df8e6bae7a63c9288c4dcb7ac9313c18289c9d |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_gu.dll
| MD5 | 2bc86512dd0753e4649fc66d72760498 |
| SHA1 | 21d7a1ff5c5f54f9aec52b4d6dd6beb72c9988eb |
| SHA256 | 01df748e21237a03eb6e9d616cf0ab2cc63272a736c8e6fefb476a2b59be3302 |
| SHA512 | aa7cc40847eb65bd67c07261d48c18322d63cd7acd5d230cd93847ee7e94e879ef87e9fb96b4131af7aa45524b3c48a01c3a215bc515a2227223504045cfdc83 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fil.dll
| MD5 | e448e42312360c764f4eb091472aa469 |
| SHA1 | b8afcc1406fcd0041c50ce858883d1a629700537 |
| SHA256 | fb31e09bdf7fc834317bd9ddc3376bd1992c3eacde48ee71a133f969e20401f6 |
| SHA512 | 8af85244d4b24292289feb560e79f69e65dbdbf16ace5cb12fae73371630b71e3bb122bb276debbc7842d8b53b0ea3a12eb89acb51b3c8f39fb45c8337304077 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fi.dll
| MD5 | 3cdfa04a84ba151c6ef1e1711d90b243 |
| SHA1 | d306f97bd7a3a6f620994c5c98758034a8899727 |
| SHA256 | 0a063456432fce42401c8362714e98ec157e9f9e5ed3eebc4d96f9b4a039167a |
| SHA512 | e02ba732feab507c478df22aacf2b8399bdbed4f937cddcde9a3c0dd38cdab0a9c434dcfa8989c1d97fdf1e9efa67b64e9dec631663bc56df0356ca2036e2cd1 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_fa.dll
| MD5 | cf17425264c5d3e95ec3cc93e0cfd95b |
| SHA1 | 132652c83194a66e1820ba805b0cd1060ab7c66a |
| SHA256 | 0a394125c397e472932f7bcf40e2f54ca1050e0620d35ca322c6f48d80bdbf4c |
| SHA512 | f7e2408ab5560717252c0536ab652cedbc2cd17a7e6d375d7dcfbd2cd8894b4dcd71f023d2bae35237250e1cbda08385a1484550a07f13901f39e6d75e9f87e7 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_et.dll
| MD5 | 999504016169d3caedb132c230feacc2 |
| SHA1 | a0efc52f4104906ac51da46f24779358a319df8c |
| SHA256 | ec804f7507269d52785b699b4fd18a2d1a3ca7e0956dc15bac034151596b75c6 |
| SHA512 | ae3b4b3c38ac6af5dc80238d0e3730ccdfd436dca6daee317b58f92cca22ea51ea2ef720e32f92693d23e8383fefccf9c46c10a148036687f0a7dd8bc844f274 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_hi.dll
| MD5 | 3a60d0c9d26cd258b08f80daa33b0134 |
| SHA1 | ea55affe72494cb0f7145644277270627d68f99f |
| SHA256 | f8647909bbfbe73c0c962eae21c45ca58717f97cfea7dad404fde52367f837b7 |
| SHA512 | 8e1b6e53020652f391511c8b4e64b8c12bddf5c52f869c8069349c44576520a9529bf120d377c243e5b6dbee0c37a8d9b31a0e4eaf2126b553d485e840027370 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_hr.dll
| MD5 | cabeca48e04e6bcbe4fcd9231bb70ff1 |
| SHA1 | af016512f0bd3a51b38eb22c7aab8ce07a48e9f1 |
| SHA256 | fc73ca5d57213643d99432389eb371e13d0217c4718aadf551677667b5f9837b |
| SHA512 | e3d1b7f9a5a4672da70090c2c63fbf1a87a27d127a538c940764b611d3e8952ffe7384bc5e103e7d5b90b216eaa595086a9bc070bc9700c7e450476be17a63e8 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_hu.dll
| MD5 | df6a438814eb75ad639cc572f123924f |
| SHA1 | 8aaaba665de347cadd55dce07133265e30d48510 |
| SHA256 | 416d5ed542c2dc6bb7219d2a76b5729ae835db4b63015a9a998a0eaddeeda1a9 |
| SHA512 | 02171d854bfc57845e6eb344a48c4aebd653d229ffd94d4ce1d3d76a623503c6a6b104f9323a7afd16bd0a2007a0d544d8e31f52a3e24a3ee0a4a6520f0933db |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_is.dll
| MD5 | 333f733cabf382e901c99e1d3049f767 |
| SHA1 | 8c858f0ad0f06f137fbc340f01831a7eccbbbaba |
| SHA256 | 15fb8bbde296a384f6c9bf3acf0d8f6860e30d7dbac2c60cb928300d8464d81a |
| SHA512 | 81abb4abcca78181956dab1bd8a3b9523cc38f30348675342198f2cf3394fe1366d12f8b61fba7775e8c572c45a23603eca96fe36e693ca2d5f5bee0300101c4 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_id.dll
| MD5 | ef49bfeb60ee4283650932e4e50de722 |
| SHA1 | e592965caf1dd2f894b24a09f2cd14294ece7d84 |
| SHA256 | c49adb300b05a792e3b2d0e91d200055886acbbd26b7eaef43722ab3f5c40752 |
| SHA512 | 0a15abbb7f5e43425a561c91ce775ef6944044f3ea9e1dc60371189c79c4fe1cbe059ad38a7492f8b2342f1ecb5fa3a60e1643793bf9db90c21e64f1eeced079 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_it.dll
| MD5 | 20af857014bdfa8f869145dc25fdb5e5 |
| SHA1 | 0d876e9b0abf907b4cdc0767d120504cf2ecfab5 |
| SHA256 | 13f6f81e6507f2304768922e81ccac99951bec4163cc576f2dc3f65b78cd08cc |
| SHA512 | 992443bfe3c101270e1fe5b39d8adaf1990b46e79ea2b285fe848e6632bea2ddc6e2a1523611359518c79b0ea4ad5a228f5d778bdf78872010b67e753866ae72 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ka.dll
| MD5 | 6e590abdacf69c0a95371ac48ab92698 |
| SHA1 | f2a4a183010cafedb76c182a6149bbc313ed608e |
| SHA256 | 975cb32be3ee396f0a076483206fc6a9f8d3671c439ca5aa3649d7cafc1276db |
| SHA512 | d2cabc0ae33c9ca75f6146d2c7ed3f37df03a2e6b82e7e6180a2a7bbbd32bff4fa157ec1c8d906c48445c79ad58105ac30e0217739ac21beccf13be369f0cdca |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ja.dll
| MD5 | 7bee509a3cb93cb97a3c419ded29b379 |
| SHA1 | 51b83ac0e624da9dd877894ddb229382c25d479b |
| SHA256 | 9c24aa6f46f6bb4127a27efb46279762582909dbbe491c2fa1a621a8d9da2408 |
| SHA512 | 0f148229fa873878827437177717ca3be23630f62788886f53703484073d282e3204cb86aab49e493bbde2b2638bc1d6b7f05a7290b32e2b6115854774cf995b |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_iw.dll
| MD5 | f2b801a134d0e6016a500e7237f17fc6 |
| SHA1 | 05135e4f7c5c2ffdf7989c761947c7f482e6f859 |
| SHA256 | 556146c69e56b62901e3741d606e12e766324651793c26ed75861c172a34fbf0 |
| SHA512 | 9fd5c3bdd6f6cf4c75869eb0c80f71f00207e3bd0a3cf1ada37ca0916018ad691d93c335faebb919de551ea7e0a0fb8c0ee4b406a573b48f6ce01a21558c555a |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_kk.dll
| MD5 | 2b4883e2c8eb6a1cc0618972ab9022bf |
| SHA1 | 90db614ce4217fe3703b87ce8be687e7b244da58 |
| SHA256 | 2815b85a065bab6aae4af23cf5c8ccb5c8f587b5ac57b9719b2fcc6343d573b8 |
| SHA512 | 5e86c7028fa5520fee13b29c833d5949b28bf6e803752df71b6abbe9e1fa5b43c9948e6b4956e554cd5461a101824e051e20b6762cbb418f112f938563f05e20 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_km.dll
| MD5 | 19305a2fae65010d305d658338cc4ea4 |
| SHA1 | 70fd2048440da6d411fd0ab61f441cbb706b3b11 |
| SHA256 | 27bb6d533b10539f18b9ac37c49d8340ad7bde91e5150981fdd317ef38bb7efb |
| SHA512 | 5fa9f71e2d5f2b588935be0c1a91faec745e20992584071052cb7624637b7232fb6e5d60aa79926cf2c3ccca47f95ce494769a679259bbf2d5c98374981c61c9 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_kn.dll
| MD5 | 0b3764cd341edac4f859306f942d816f |
| SHA1 | 6728dcb1c38c7fbee72bf1a23084c806cb724499 |
| SHA256 | 9a7de95fa49e02bc700acc2820cd4099a997988cb57663d2d1e4c2f3c4fe365f |
| SHA512 | 147380a455df8a314fc7c4173a8e9c2103b09206f0efebcaf8bea96b56ab72f9ee1f92c89146873adc73761d50103543cbe6dedd7717c7ead821157c1bd111ce |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ko.dll
| MD5 | fc2bf0ff5b72217e0b581be65464836f |
| SHA1 | f3e63c61ee645d8ea1db82188ca9c0a74c2f5f9b |
| SHA256 | d5b610c073a7e96e6ab38fb15218395a94e4526446a1087f8a45f90fc0b25ce6 |
| SHA512 | a0de9d8638e89d29dc9b6639ab7e2abeeb710093d6db3b67b0a7290184d0c2200e69ba750f94cec66a4e939687dda65344d6bb020f961fb095444f9c1608462f |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_kok.dll
| MD5 | b0993ff03e515e491a2b30344995f46b |
| SHA1 | d4591561bf7ee245a6ee8ef3f10ce59479f46683 |
| SHA256 | 7df3f55e10eb57e79a10a43c9c839ee4dadad6581b1cb696812636194ab3f97b |
| SHA512 | 244f15d811c519e46a1742502b7cd4c956231239a35f064289398d2b9b94807849f0c0243ebd8d7cb0545a212f23d7d0b621e0254987e2cce46879707ef1af04 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_lb.dll
| MD5 | 6221c97091684fd9bbd8163c637d5090 |
| SHA1 | 3aec34ea62e34ae3e16175ba2d08ebbd76291871 |
| SHA256 | 25c2a63f3c30534cae9e8a966738927712056047dabe80317708a303b57b36e9 |
| SHA512 | 3f5e895e13a0774dd985ef13a15bc02549c8b7588b451413414f4935a6378710cd2f55ad619d5ce298cbb545819df7bd7438518ea21e5b588a0df415cc15a1a7 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_lo.dll
| MD5 | f341581e529ee7cc558769c1cd23297a |
| SHA1 | 88c956c86045cce4a22fc5ecb16e6184b3ed4c59 |
| SHA256 | cb5c131a93dd2b77cb0ef5499acc8a0b8d9de15a7193a314452efde262054377 |
| SHA512 | 196542376cd3ec6352a60c2e523ed240c4e1252a8ceb67d4b5ce27ff62c43e6bc5e7191f90afbd0ab910e325b6092a4c5e445fa021b8b02744bf494c62ed9317 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_lt.dll
| MD5 | bf5c6d4441d9495cd1b2a982004a026d |
| SHA1 | 9d92d96194cae48ede6296aff0244f55bd8ca363 |
| SHA256 | 9ef68efd2a91caa4b41321215e4d6adda225311e48ac5c2bddc3e3afe379a595 |
| SHA512 | a93f651be188a27f90148009c2cc41e194799e3466b1d971f607ee80cda2ee75ce24003d14ae919ab7bfdd14907937aff31672421aed067f381f2480ef3a3a75 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_lv.dll
| MD5 | 114b0fdf0183801f36202b4aa52a8c6d |
| SHA1 | 25de0a71c950117c332f3cddaa0f8bc4b1e6a90e |
| SHA256 | a8efc8a3399a54ca234bd76247f217576fd8cdc891d1d487e86ba06fef676be0 |
| SHA512 | cd16f28783f1707215957c6e545cb8454e8d267a606fc91142c7feb1e8f83a020338d4ae3177779bf31b34324e6d8c35d648442345beb019112d402ffb7a0657 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_mi.dll
| MD5 | 10cd5ec2455ae2eb80280aa5f3a00ad6 |
| SHA1 | fc0ac954970bb33f9e4f372efa3e99fdc9c32a2c |
| SHA256 | 9f1f89692559cb6428af5336f29577640015df9fba272dbdf8a44709c9c34496 |
| SHA512 | 1f5209b4efc1d28e3ddde4e8087565861c31bb31e8535d1086601e0d56594ab5b163db0588c8913f6e710630cfa57c4aaf5f2c94717849cc5c73520bb1135738 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_mk.dll
| MD5 | 699c8fb732043a02378ead6badb69cd1 |
| SHA1 | ea9c3bd2eed254ff56dec2cff952a8804ae52ade |
| SHA256 | 976be8789d91935bd083691afe245bea0230dc159dc2524c93cea2a78229d2e3 |
| SHA512 | 9e8f0af3d5a3f2c602f6566d8ad323bc27d182b6ddb26756d7d2dfa9dc2756f3243c258f6de96f50b8525fdd31cb7230cb360d4098492d52fd7b8a0904ea1f11 |
C:\Program Files (x86)\Microsoft\Temp\EU8B2F.tmp\msedgeupdateres_ml.dll
| MD5 | 821fc1cebcf23ef54a7179a966172724 |
| SHA1 | 1cc6f74fd03f89b17aee368657326c7b61ac4971 |
| SHA256 | 7795e21a9b66720c1771a90156f0beff5c7bd1318bfcda2309d8f0973f5a8272 |
| SHA512 | 7ff2f81b6bd0751b6aacc7ece6c937895b09acc13453eae3fe9ac5c0d0c4c9eeb6751bf083d42f0ddf941fa4660832d358b22142ef3bdde697b67eb1da49c832 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 57fbd4c485c22ac4bfa740e11a4b28f5 |
| SHA1 | 4f240ac7ab36b0bff8231abcf8c955c19c92e474 |
| SHA256 | 375798f05f17a106e80fa7859451a193cb24baae79488986d850d5833fd579a4 |
| SHA512 | 662d072b2e1ca05323f66a2979f88d7ce56732cbc44d8b8339e349a9cca2d7bbfa6acc7c699789b1e4666462e964a9dfd2a3ff1e55c86bf2ba67c285afa2fabe |
memory/2216-187-0x0000000000140000-0x0000000000141000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 753df6889fd7410a2e9fe333da83a429 |
| SHA1 | 3c425f16e8267186061dd48ac1c77c122962456e |
| SHA256 | b42dc237e44cbc9a43400e7d3f9cbd406dbdefd62bfe87328f8663897d69df78 |
| SHA512 | 9d56f79410ad0cf852c74c3ef9454e7ae86e80bdd6ff67773994b48ccac71142bcf5c90635da6a056e1406e81e64674db9584928e867c55b77b59e2851cf6444 |
C:\Users\Admin\AppData\Local\Temp\TarA220.tmp
| MD5 | dd73cead4b93366cf3465c8cd32e2796 |
| SHA1 | 74546226dfe9ceb8184651e920d1dbfb432b314e |
| SHA256 | a6752b7851b591550e4625b832a393aabcc428de18d83e8593cd540f7d7cae22 |
| SHA512 | ce1bdd595065c94fa528badf4a6a8777893807d6789267612755df818ba6ffe55e4df429710aea29526ee4aa8ef20e25f2f05341da53992157d21ae032c0fb63 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | c826baed5997b86308fe60587f2ab5ba |
| SHA1 | 93638ac19b3189a507b56f548521fd15a1fd19e2 |
| SHA256 | f53e6d3cd504417a9c16c6e8b0a787160ed6fbe71772f165818d144425a2a618 |
| SHA512 | 56ef29d0fea4643babdbf16ecb50be69d048b5e84cda376e3a50ff3749aea380380f4202f4c13858ca40b1a565a73e9dca2c0878c39df4e672b63bb3c18bb6af |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | ae96db45d7d679362292b8e6c2a3cbc6 |
| SHA1 | 5fea1ee03d142e85bca5516736b3b3e2ae388d6f |
| SHA256 | 4d73fe2109641773944d9b96d8e3ebfafa769f5d5d686f64b5a35bf079f92854 |
| SHA512 | c427e757932f4382b835ea6dd8184e6f37b47e41fc7124b58fe8c3901f9ad481ffb5a35391f266895bb507dd2d8d721488c2978a072be4b13cad823a41984f2b |
memory/344-683-0x00000000007F0000-0x00000000007F1000-memory.dmp
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 7d0848472e1a54331640b3fec5c6aa07 |
| SHA1 | fd891b56c51d110871189758fefc901d6ce20800 |
| SHA256 | e2270be40c97e627e1606de67a1962ab2ba3febee899c6ef89278903b8c94afe |
| SHA512 | f537a32facd6c5a133781e71c837998cef0d6194a1f51fd50657d338da22edf5b048f88e251e59d1bf1fbcc5ffc846607e399c94b9255b5b579e8397328260b0 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7646a72ac2159c50a8d0a59977be4fb9 |
| SHA1 | 481df68d90f15feb1a7f3d6cac591dc2a5e0359c |
| SHA256 | 27fff755b77d5d193b2f4ae1b4f56ea144996afd0151624202ee9981569268dd |
| SHA512 | ddffb6738f9759b394931a409fd96e937abb158e2365d3b77119c6275c48372859c1e034114e85f91b02265ea5fae598c341fc3112382a9893c186055c8ec694 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0e8e9846580f299d0cb09fc92ce8cfcf |
| SHA1 | cc384dffc33001b095453c8f07889f3540c1867c |
| SHA256 | 2a7ce752710ed4ecf3ca6a328d9a8d93c3e7b4cd7c5b9f7326cbb545a64c113a |
| SHA512 | a38f798253abf41af1cb9cc64e2cebc5bce1b3ed8ffa98ce7007413fec8d0955aa8e260d3c0bfcf97fa706ebe2004b290b64ee575f13a5fb96ca46c288858126 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6db58c26eff7aedfedf12a1d33ff6415 |
| SHA1 | d615d18e488f213301c0cb71691fb7e10fed291d |
| SHA256 | d47dd3d2f7ee74f102747f7edb11300fdd9ecdc8a07b6ba905ff94c38d465859 |
| SHA512 | 1330acb06ae89c729b192220860c2b25a77c63d322159e2f79aecb073dc06a26571f0540bd9f2b35ea495e26f1db791c896d2f36d8ececa4c5bc34e643175b4d |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e383a6418f78e83df4afd828e095d672 |
| SHA1 | 2819bdeb3e77601749923e9002be7f4b69a35eee |
| SHA256 | 1067f14b2dbcad9b55facc40d73036951b5fad758d79683cb9e675f6895ef2dd |
| SHA512 | 51fc154bb54eb6a81ff79465fd343cafeeecb284535afda326e75a487af9dc2c8be11acc56042b94c80470a193ffec842a8a5e51831897b55a8b43db3d00a869 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c770a674acdf5dd8146c109ee3d998e2 |
| SHA1 | d7746082f8b8ce0131589263e923498f7473caaf |
| SHA256 | d7f991382cac97681901667bb31f7613a68987eca930de542b054d2a17a2cec6 |
| SHA512 | c71522af67043578a0f3a27f725956cd9758471eb1aba46116600647fcdbd060c518c0c7f38e5a5f82ab1fccda9d5eb36b062bf561efb6bfe2d65ae7ddd5705a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 03edef0d590be3a79d155a6f56105c65 |
| SHA1 | 43b6750eb85fb6990ef2d15ad03f80c9a4f06eab |
| SHA256 | 6952c5bf75d5baff90a3ba8027ff0b038d4b00e7d5a3aa51c5c4b2b6681499f8 |
| SHA512 | 696e178d92cc27f07eae7e55bd4f96733c48c223d52756a3eaaf25ec407ef9d5e02a758e089396006f23b0b739d731ce4ad5ac338a4340386b42c93cbdb4d0f9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 601fd296f5be3504821bf8f330f9d564 |
| SHA1 | 4d90ab10ccd1c851df5a1e99952b89abef888da7 |
| SHA256 | 65d3dbc0a775790dc045dd4c95109c3768f3d8c47e1724ff9a3651e5cc3c7716 |
| SHA512 | d57524d199c699a93e18fb63ce432b6c246a9d36fbdf87da55c2a030cda7bb1853b9a59b2e42763cc92d799c04224e2534cf40e9406fed84d1f2c0d86978e4dc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f13eb4937d3f20124f074fe88baad3f5 |
| SHA1 | f144fa3e7377ab97e9969ca39137449d8b4caa17 |
| SHA256 | 939179a655c6e54431a2bb09797cd82d51d5f2d29fa6b54fb9848bf2c5a53c07 |
| SHA512 | b603651b6bc787649e4c668911733f2e1030495a324e543378666460b0de8d78c57223785bd72af012fb9d3695a289f444816725fde64d4ee318b4ebaa1d2f6b |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dae4dec34442c6914b3b4ecd855cf23e |
| SHA1 | bbb1a46340198fc2091b292d972cc539d1bdd9ab |
| SHA256 | 780dd1850b1516ea10b63a3cd693ade267dc24eadfa6cc10668b72cf257ec4cb |
| SHA512 | 44f7b437940078f7f8079a1acfb4feb03ed6613df4a96413c7c9c9a3eb7ffa809a58df7851db42a521500b768c5a33ed7f4e3234af9f1e6483d6cce54c0fd57f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a343e4a4733a67156332120886c7dd2c |
| SHA1 | 9a7a6235b790c00373c171f84abc4e85e70e9385 |
| SHA256 | 26ba9de27dbf04be921bd46f2a35106b24a57832b9a929e486d0e89022217884 |
| SHA512 | 83aa590c2c142cfec5800980de05bfce3be4916acf8e3892496514c1ff56a59266d24cbd0ecb0a6f6a483366e30c530988c12b60083f307e3ae7940bf0260c4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 326d121f83613c2be5a05623ec84ff20 |
| SHA1 | 7460b50b0d3bc5600d994b17cf156bc8f7ea316e |
| SHA256 | 768c1cfbbdef2a93b6518526da3096dc241da640b876d440569e514168c323a9 |
| SHA512 | a644cda34abffa76724ba05e0d3443343647e223c960a28b57f482bd57e32f3458a4796a97ca772f7bb19f764da9f2a1b7c4f569be85443fba5dd0f13561d3de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 06f1ddf57dc0fc8af78c22c88aa934ea |
| SHA1 | 0afa325de13299bf43eb63146c557a819eb04b64 |
| SHA256 | 0467ddf2bfc95b2b49d8512aee705da23f77660c44125f6c68f31f64e1ead333 |
| SHA512 | 6addd3501f2a0da9e7c302182261464f7d5414698e2f5477e666caa988f632be5cd26f2d2fb6a83a809dbef5ff30499d44634ba697f5d030524fafe10d962ad8 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7d0f2606045933ae35f2f2b6eff4ae4d |
| SHA1 | 38d5455a49b495aefb23d1893d26935d49e9a763 |
| SHA256 | 38b9cab529b6bd06d452cef5228628e81df8a1466acbc4d3a137a87437f73aee |
| SHA512 | 663b08068186c5b367882adbfe9f636b574c5e92911c0dd1046ffe327a7bd1fccd1d65cd8b1f79ad6ba854c9ec042f08cee18a75b8c1c73028d5577803c7743b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 68a833b829cb72dfe27086ccf06087a7 |
| SHA1 | 3086aa6591da09ae8824d06228af0dc746a29f8b |
| SHA256 | a965ff9737b376a46ead6f98cdaf5a7c3a39f56cf8580fa7237e40634b07331a |
| SHA512 | 0e2b322ac26b15de321ed701d94b5812163d72c4e375255323d656a756c3bea2b063196893aef585165e80d31f050dda0529667b68338d0af79e30d305a0756c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d31a6b67ef1df3271fe21ab37880ec5f |
| SHA1 | 7a2070bc338cbaf0cedeb776770b5ed6bbbce603 |
| SHA256 | 9f81af146eba4ccb2d32e33c50a7e59c769091d05458ef9fdf8270c4569f10bd |
| SHA512 | 0cfffc1f69eeef717b9614084acd890ba1f8eacbb6bfc1eb2340fdfc5dd765306d3f96f54729d10ce3e6a9ba862b72c8d62eacce3312ffbf51db162874fd674c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 84542d366359e6578ccac4f9fc57a72b |
| SHA1 | f750f1fa729e16a35b74a260b93118b1e0206472 |
| SHA256 | 03a69b85ff1a3e012f801997807103f639387559833ec7818ed1c94a582974de |
| SHA512 | c39dd845a29608aff8d1960ecfbd1973074252160ac623de834ded812103f7f3664ebba1b5c2915bc76b87d663484b4a6b04ec1de719893c09c0fd9412baab0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 60e3f842371d8089340fbc01924ba83f |
| SHA1 | 4aaaf91d96872e74ec542c34605c3ef454febc32 |
| SHA256 | 3970888633ff8d0bf8e761a10bdd7bd370d716dc226b16f4a9c4a17438d8ffd1 |
| SHA512 | b15b3954102c483ba72e202c93f4cdd06cd8c203c2073d14fe5fe653ef9ee02ad46c2e4ce47daf886a2fcfd939e329fb7afe8ced1af8ab177e2a372624c5dbb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4760367b6801191c27578c262b493356 |
| SHA1 | 9257d5382c7df520d69a0644ef13aa98ba0b6d5e |
| SHA256 | 887c74c5b642de4b2fb0812f9b0995643dd467642d1d0d1e5b49a703c450dc21 |
| SHA512 | 9adf281ddd783b473db7705315fbb68363c91efe3757e2b9cbf206a2babe23f86835953942289669381f80e2f0206edd115dad0154076ee9572deefee94a701f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 77dba3c5edb739ff88da401a03b85519 |
| SHA1 | 33a9bb10e6488b150f0c476a2ece289232488e7e |
| SHA256 | 70806ad2acc4c30e0d535261fb2d3dc473fc3690c122ea20b33a58b0a72b7749 |
| SHA512 | 4a254370eb95d69da2d11ca316743d4db5c68f48b168bf5007652038f927f87a1485916b2bc2779251ee573212c113d07c0351c5ef4c03f0985e78c7f5fb711f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT~RFf77c88d.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a3f6ccc951246e76d76051a0ef0fc901 |
| SHA1 | 25b6ac01fc48ad2616f6b10a5990bdf54cff0073 |
| SHA256 | 35899df424ac95d61cfe110b020339f19444e5d4b9db2eb29f3792384f9f99c1 |
| SHA512 | 320980f12dff80e59a51efe1d1c7f7c2ecc246cd85c6b9ccf97fa26a1bc9f0da46c9d5c13f136f48679fcbb68de28272e6282d4e9c4a9a6fdf23c5da02965856 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 60c6e90f8bd89acf897cc6f772d6e672 |
| SHA1 | 0440f0c3ff665359cfef11910e7b56eda8e68fdf |
| SHA256 | 01b2e0146a2b7250fc5bb764b1c4b1ae268cc03b410a84146713672b534cc5fa |
| SHA512 | 527df5f70405bcd589b7c1798aa9a2345fb47691ab35eec9f72aa680e2a7aa2b30b77606f8b0b97bc208d4a3d13ac72dcea8b9ca2ff1e7e30037acdb1d5711fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5ba60b4ce9b9a28e6a877a27696a83f8 |
| SHA1 | c64896b515ecef39d7d74f25e65e82f5aefda643 |
| SHA256 | f652a419143094ed6136150198b00c158834cbc9ee94ab7be94cce1e37b73d8d |
| SHA512 | 88f56a01c8e2916b0d0186ea749e0824fc6568712819bd583a72430b545c8a0281be4bc400aa3dd3a4f653a5210f0dc123c65b204b9a45726446956eb2f28bdc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f4ca378b68c2dd3bfd0a4d58c419f5d0 |
| SHA1 | a1413f9dd391fd4c1a29181a88dae9685926f641 |
| SHA256 | 6facd89161f3a088129f0437182c97e1b8a6d3973ef699b36ccee45041501db3 |
| SHA512 | c83800c20623494b4712f6c3a5f5d3134e8233150a2aa00307b319175a879125e8f09faa462dbbfc048b84d355a6d731e84ed50f526c0fc4c9d59b958a1e45aa |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\109.0.1518.140\MicrosoftEdge_X64_109.0.1518.140.exe
| MD5 | 8086e504417a0306d93055c5c18552f5 |
| SHA1 | 2ad46f8dac6e378831086d8f22502564f4431c5c |
| SHA256 | 9b6ee5ae71795d09cf4c4432241c07c52beb7942c7687815a3ced970c0c68ec3 |
| SHA512 | 6e77a03d32b0ddb7d465b7bdc2724a6dd33f2457ae39301740eaff5d5b259077c97e15e360252dfbcdedd5d2781e4647bb8efb634a82ead29fceca6e5cdcfbc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 176bd70feb21d2f099af4bdc05050bae |
| SHA1 | 502e778d72632d1dd193543818a923490ace8663 |
| SHA256 | 98fa9d2a8fdc91b5102907fadcf1fcdc26d65ba3568c0c734329e929a97d0c40 |
| SHA512 | 71dcd007f0799870c4d7df3aa67e94c046b89b8e7afc43883df62240c85f54722051ca34d083caa2a88df42fd1350cabddb66db715159d09ff9e42950ff17246 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\31d20c3b-9578-460b-8ac5-cf8181a05702.tmp
| MD5 | c387e9fac8b5c45291cd444b337d205a |
| SHA1 | 70dd5d1a5a880c9163f753eb51b8a1598422e493 |
| SHA256 | 500ae2511855c561ba01e3f3b59b373276a0bca9018d1d52d2e110c5938f0e30 |
| SHA512 | 3805173d6cd7fd5fcabad9dda7171a800b61486d0b097a8c2b64b0a7ec5e22b82a7ddcac451cab539de0fd43d9c83f6f3ec966e9c3b890fcfb102ff21e67d6c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db2bde7460aa6bd9b79891bb10dafc13 |
| SHA1 | f3a2950f812ea0ab741e6488ef856e9c0fdff28b |
| SHA256 | 3a224be57d64f8baf7edb2a98138ec03fb6778d12a09088b6b547f1dcaf0e3bb |
| SHA512 | 2d6cef36c8286184b05eeed31184a4b8b57883f1b7bac03bd9ccba94c5fd83ee2dfa2777fc2135e9de706fe15049fc43738774901b90a5321a1fb0729d40d39e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\000004.dbtmp
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 55cc492cfccac18abd8eb727442797f8 |
| SHA1 | e77679044ad63457ecd3a6a4b01729a3c787a1f3 |
| SHA256 | 3fb11c4bc1d970a0328a752ea4242fd3d36b9e0fc6d90937d62280d9562410a7 |
| SHA512 | 567a99d46328c12d4421f3da531a76b6c59ef59cf85572b07e92b6d8a5e45f63b3691cb3d4f374885aceaed6236c9e5525b320c4c556c9a083a85b06cfdfc9d0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 55ff654563edb22e4b17d0d405d6231f |
| SHA1 | 44d7bbe1b9d4a881f119d6e86266e4cd58fedbf2 |
| SHA256 | 747d6cfaaeae38582eac60c28eb73cb12a738f94c8d89ff7b61f05d066ffebb4 |
| SHA512 | a2beeb514bb390d3dcb642b4d5770cdc49f9ea86c7c822a7aade9a18d61186478aa255d93016bb9437ef40bb22bd38c6f0eae7786d653279ff678895ece34f3b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | dd33117183dd31d71d353a55295e454a |
| SHA1 | e859719457024b34b540f0709d8c0e0b2c4260c9 |
| SHA256 | 140ec701042bb96736b9b786fccbb2b37c1de102056cb356469272a7eb10862f |
| SHA512 | 05e4bebed53a92f47240bc65d7880a9c4f9310e076a9c0f87087e4eed26e11ea273d89e125092597c6636a528bdeaea382c5698ecab69344276b826df04be7e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0027c8a980d503ac30f685b2f175e9b5 |
| SHA1 | f64c8d122bd260bba661b9c031a117cd5d89b9c4 |
| SHA256 | 77d0ff267262612647e3d8ce5b0b8db1f44274de077759336d901f0c7ff17275 |
| SHA512 | ebbeb4874171bf4a970676f581c405bbc4ac0f8912aa2a8482b64133e5dc6ff176576769b5245fbbba64d5344d60e6c1a4f7ef18419ddba48acf09e5251abbd7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | c76ad50957b45393cfcc7150fab1daf3 |
| SHA1 | cfa3f2ba0cd30e39734769701dad7b4e34e7979f |
| SHA256 | 18276aee31e7308ce83e95b2d9b47bc13beaeea23ce667a6df32be473c6386ae |
| SHA512 | b2144f95b2244eccffe319e3f1ccc97266611958709596df811c6506913b1aa12d98d93ce42ee41cdad0ab7bd53a3a52da5f32dc49f9e3ba985fd71840830fbb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | da2d78a7b1e7bc533d52fcf8078b5c7e |
| SHA1 | 578e9a3617a57dd411838fe5d8dacea43081f887 |
| SHA256 | 7d113e83ff5163cc5dbd1dacee62048afe10a2b13d92a4ddb289b8da79e9b74f |
| SHA512 | 8886c446342af5703ff35756111318296c6ed4321a2adeda59c8f46f9bba0bb840ad9da91ae6bf6bf4173eb9d5031b101d9951b2119b6060f90432ec7786dc47 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f291d0f596e7522fcd8835ed7517fa67 |
| SHA1 | 6367970208b97c52e9c6a17b47c49c91ff1c4737 |
| SHA256 | 179cbae2924c281f26e8e4c3a907b3bf44ed45a43c7847283e7b884cd6988cf5 |
| SHA512 | b16346bc1e49bc4992172e2cb58620f910df2c0433492ecf825c388fbf8f13c106591b3cf17a1ef4ffa403e480d4bc03571e869845f5a890bdb5f5166fc56c52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 14395ba4e4d5ac285e10749a36eedfe4 |
| SHA1 | b94a2105f403519e20b637c634810290fa35ab4d |
| SHA256 | 602786349b0e70a8e3400a1fa8b21a4d9f06c4050ae7bbed2e1c90e6c23d43ec |
| SHA512 | fe33ff5c8228c7e8a6bdd07b6de30d9ab7a3a973bf5f7b87932acc3607228c062a8984f9a83eab20934584efeb18a2716f79a45ec335dadb6e639df075c883ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0857ff7e22b1e94400e07855cb5b79b0 |
| SHA1 | 53fc69d0acd4aa96cf2f796761e849f1e9a334cd |
| SHA256 | 3196203417c1930e183bef2f1242dd39becba7499bcd47d42c0e839dc03205e5 |
| SHA512 | 01ec0d10a11e82d17cf3054e691810366fe7c05a44e7f7dae582b67dc4b091e889e2bbecb0eafd968449d34e166ede4abb81b13a5a94c13e8655d7c199bc6e41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a205dc27-cd70-4bff-9225-548c9be217fb.tmp
| MD5 | 5bce8aa7a81371e1dd215d248de262ba |
| SHA1 | 41904027b81f018e3d101aabe877eb6939e6e0f0 |
| SHA256 | 926bf6baddbc845c514b7e326c70bbb2011f24f0412f80452713ca53700ee002 |
| SHA512 | 078b9deca25915fa5015735d2deb3d21dc8412417b151167fc839259bfce10e66796525ff46f3aef5959abfe9dda35cfffe4736f7204c97deda439b51ad0b716 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 77b482b82198bfcb9950bfa6402dd592 |
| SHA1 | dd3c957410eb143dc698ac985fcef6cf6a148d31 |
| SHA256 | 2b824db55914f911eaad1cb67be66fb741d6d896d67840c9bbc1993b4c6de9f0 |
| SHA512 | 5f35869ace6ad3072212b73b0dd52b42c6c0c906cb54baa03ba6cc8cd11923d4a8209bf828d91faaaa906ff2d9f88a0a6dc97852a4ba5c3f1136bbc66b70ae82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 9026c1a039bfb1796b34eeb74a8a716a |
| SHA1 | 0fff9a37ca34aa4811e4e48f4022f1e3bb5f95d0 |
| SHA256 | 4a3b444e966106bf9551108f259d543858a36d28acd8d2dd2f38e522ec922cca |
| SHA512 | 51704c92f1a4fdb55604faabae333157526fb93f3b669aeccdd04a9f728122cf81bc2c8ee0df2efa23661666a697e8f4daa491b25a64282aaf68a4420d341da8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 939164ff02012b1414c7172856c5af74 |
| SHA1 | 994f2dd068f2234c01d6b810c8550584cf1f03c6 |
| SHA256 | 738e9001462a2c9464a6daa279a6ec204596e60f5e5f22701960b18fab2d1dc4 |
| SHA512 | d1a8d3db41706e6e8da5a977aa538c012092e6dfa34c8197e77e95b44bf4b49f21d106f750a280dbfaf114fbef4a85b5cd1b7e1cf16ce8d44fceddf63d637f5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 8b4e950062f07fa052e80e8bc398d751 |
| SHA1 | e45c9b6c4a6358522305dce527b7f15865ec96d3 |
| SHA256 | c8e0b3d44d5e095d96d3bbfbdf6550cb643c4555f15b4d8b82483c94b00c29ed |
| SHA512 | a9d8c9752ec86e4f06b214c0de485e9d6fe3a5f5cf9cb2323675399a6a5743e17a1b7d5b230f09979c38aa175dbec63d3156e8d8f9596b41fdf0291f5fbf32cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 4581cfb5cfcbc0fbfbd9a1feffc585b5 |
| SHA1 | dcc4a7039fe6e7c949c02e4a3e0a5e9070a6e344 |
| SHA256 | b751f2f4e0cb2da5da6b56834b2f72615461c9cf9dd3c243adbaabacb3ac319a |
| SHA512 | 6f9c931800f843da5664040346c729a9ea2173cae487a7425de538f3c09ee421b5364806136cdfd90ac85061558ec5163deaf701b405102d9be73ed18d6a1842 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 7fd069146ea79b16633bc8b45f90482a |
| SHA1 | 98dfafac54f6f5db51e3baea698208833ed1b642 |
| SHA256 | a746ba588555b584fe98e42ac1a2dfbb92c2831b54c263f51fe91d124b9214d7 |
| SHA512 | c31822f497ebb35a5da455e77965f16a83e2007215ae88e64bc21019d8d45fff4671ab4300d9cf518bd2b652d071cc582fdfb99b4807c75e2022755e6c60a06c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | d7fdbcb8d6503f298c868ecb58923ee5 |
| SHA1 | dbc83af0f2ac0a86bfe17ddd2b3be2ec632924de |
| SHA256 | 6c9b95456093a4e1239e7682a9cc561f752f65a5c1215f8ff40285fff6b10fa7 |
| SHA512 | edff41c1e7ea7e8b3662bebbc1e365d8176873db425815e0b152a7337bb64e0b004115e099d3ed94070da6424742148f96467243411deb6393cfc1681615075f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | d4a9bb7e8de8f088750f8da0db9ddee2 |
| SHA1 | d66ee47dab71c9574724661c929edc45bee2f21a |
| SHA256 | 0e10069fab6bb3083dba1b56b844c6682e9092ddd9d7932f78aeb902c14a712c |
| SHA512 | d351afa877d7abb9152631d5aa897718b9ad10a87bbada7852891a814ff95a6acc961f81641640ee061f7207df0742b5e5ed3d833fea0a1ffb5e0aa219686c70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | 30c8c377858046143a08d308366545a0 |
| SHA1 | 2a6b5a3c088f30fac11c681690e92b1814b953fe |
| SHA256 | 89178bb7164978e49b4315c4dd593f6b7ec87f6d6a35802298b9107ee7772931 |
| SHA512 | b8d4db370e2f02b68b89fb110360ae15ae45e2209ea0ab65efb490427712ae5bac19b7e8643539353572f8cc3c556778d5378f83a69240afd36db72fff3804a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 15a2f0d9497bdefec193f1951b076696 |
| SHA1 | b673c0729fa90d589261edd38bcaa74439297cdf |
| SHA256 | aad6b6bb918d96aa219dcb54ff8a8a9587a9abbe51b4ee131fdb1a82f028745b |
| SHA512 | 36cb398ffe146e46e57ba37a2ac92d03476ac0b0368c64ce0102ac3b9d6a484d5e4200c136db9e04f25b327641299457b8f9d140aba6bef6a9fdc04313415e42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | d7565a09f0e7f8e021a2c5edddcd4945 |
| SHA1 | c5a82be29a109dfbddac991339ea3dedcbaab2ba |
| SHA256 | 25663ebdb25e073b113f8827628dd576acfec11f9d834b7560e7e1e848338516 |
| SHA512 | b81c4a276f378999d70d91b2b646604daebcea4fb62f917d0e096c57e7a529ca72abe1a22c3b349ceaaebc86c2d1de23d77a5e634e7378d62ff0c88254c6b6a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 1904bd5ae318095a1e4868b08c152fef |
| SHA1 | 05cabdfa6820f2f87662dd90b60cadbc1087202a |
| SHA256 | 348f2eaa83b62b335932aefb859ef7a3f4e8a7c6cfa00a3087b146828af25077 |
| SHA512 | c6ff18b11c2c36471cb25e490ee8d2583d629878b449a08a75b282c83ed7c57ea801cab5d05bd2758bc0d7e0f4ea0612cdd87f2749d0763d5a0455f068647541 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | efd99f6b50b61e6bc88ab81db271f5dc |
| SHA1 | 13a91d8c6aae48306779d950cd3da773bac54a04 |
| SHA256 | 3eb3416904e2d4354a4760874b015d4b7ad0f4f231889eb2e80a7c2ba79c22b9 |
| SHA512 | 3532987383c85b0cb80ada4314a3fd155cfb78d23470aa7ea43c40342d48982bb8b3824b65c05fe496662e433ce65598cc902cc9e51d6a32802709683221e160 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 6fd1421c547715cb7b78ca67104bfb78 |
| SHA1 | cc7f1d6761d9c7256745ef7586ad53e3183f0e2f |
| SHA256 | 57b9a684f743cf229723c1a5e9936d930cf48c3b5056c16c09cdd71ee6fe803d |
| SHA512 | f64899cf62a1696adbf62f597f69c3a1ddd62319071f9a87076977b9f6c80992b333223a07cc1645a2fd578306e30abae12e18afc41cd582ee9717ebcb423a69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 29963aaea2da098051b50ba350b38de6 |
| SHA1 | 328dd3c00ccc2038facf3c96aa311b1cb93d53cf |
| SHA256 | 4717d2736626a85d7596c764f5c6d2df2a0621813ca1e81c7eaa85c66be025e2 |
| SHA512 | 9c25d4c67785059e3be741262f7476a6f512e37e7b4feea46227886cc18541573aabde3a2fd4f6b58ba7d223f12b0596fc8770ec952c29d278543a82a4944b2e |
C:\Program Files (x86)\Microsoft\Edge\Temp\source2592_775212198\109.0.1518.140\Installer\setup.exe
| MD5 | 97378d32aaaadf3e4ed6dd1201ea55c9 |
| SHA1 | 1fbcd1801521f48902c1da667f35a1ac9bd8a112 |
| SHA256 | 6ec48960d9e7ee94d15339b7403c052a73f0fb04937f995da76fbf517766b84f |
| SHA512 | 9d0a2631ea61bc2143fe3768d63a8874bacdddc74e828f1021084d80cc021d33493503e2ea2b9ca434936ad0b132a1c4bed420cdc165039e81d26c78f5c883a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 3e751b90a726640163f4a9364f5e39d3 |
| SHA1 | 145612b9ebcd3a06374fcbd6d7764a6f21f3e5ad |
| SHA256 | f191ef79c74cff0dbc9b1dd7fd1c2664834631b04787150f103da1bdfb7bd041 |
| SHA512 | 8cd4005cb0c495bf6ad2935ef970313f3702575284d44241e6dd9cc0ae6405fe19af9b3cce5c413b357108e7593a4edb58f43815944e9a0dace21759ca2a1845 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 789683f532e250f403aed20154863513 |
| SHA1 | 84ce38471933a7bafb2a6ca394e3ce4e177d51c2 |
| SHA256 | eba8cb27cc788a1c38385bdc13714f353a639e84dcb17ef481a48afa543a2637 |
| SHA512 | 4271f9c24387b809826a1a95f1d92f6dd9321bdf7b100f6229f564be4448904ad741dad1714c6c15732a0c8cdc8f855d20f221f000da7fa136524a9a6eda625b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | ae5b193737141a7d6f2d60c9f16f708b |
| SHA1 | dac04be2083cfccebbb21132c81064736a2bfb8c |
| SHA256 | 87499498423c165a546bb41a633b41bfcb2b507f2b6cf2caea70236eaeff91c6 |
| SHA512 | 7a4d3e9b4398cd694ae5580cf974ef6c7778ee506c004c7a892abd5fec822ab38b2458dd89f0083daffcc4602f51ab82858454bd6ffb4fe4fcf4ac5c0403bcfd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\000012.log
| MD5 | efc901fb0facdca4b7b4983a3c4f3b22 |
| SHA1 | 68ca1837e06186fb1c56f935acba481a0927c05e |
| SHA256 | c9d82f431c31d1a5b967f620116c533d9b1fbd70ca2ed2db0287a49b88682851 |
| SHA512 | 7f814fb483ffa80f4d9ebd7d6ae7821f9319c31b64af8182f925c72f45af732da9209da5b22eca7a6465e0d60e03b41e29730609379fc57f82e1065a47bd4e84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9f110f47554b23e2c30fdae01a3cc38b |
| SHA1 | 142d0bb8831152f80d5d388ebf9659971a433ad2 |
| SHA256 | adb3c593c875b861f4861bcd4825e94aea312ea232b1a41948a28ce3ae210028 |
| SHA512 | 06456cdbc0212835071bf93387914d5188a1da25d25dc76e9167e15a0eafd75122280ccc437d423c9fc079165572ad6c0183ce69a8017111e9e1280c06d351c5 |
C:\Program Files (x86)\Microsoft\Edge\Temp\source2592_775212198\109.0.1518.140\Installer\msedge_7z.data
| MD5 | bd70ed26e6e6f3193043ac09c58c6a1c |
| SHA1 | d733a65e17f2851d5116598dd80533efc1656468 |
| SHA256 | 7a474217d20b9a6fe3c3a46c0d6d5b2d2040fa790663f6da9202ee7cb07bb448 |
| SHA512 | 3e2ecade6d687b0736d5eafd7527b24095b9c51f0c8ba99398b23da2d8843c49fc8c1fa37190d385b504d8224c8c517d78d44ae32e10e45d54b19477a6970756 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | c06cbcf98f9d3f2cbb966b04cb9cb1f9 |
| SHA1 | c8a62dac8381c26ccf544542f0b4d95081702846 |
| SHA256 | 6b1036e5d412cdfebf8130e2f736368a30430df57bddb224a79de7757a642643 |
| SHA512 | 7d77a97f5a1c650c76b71a2f968118426237064512ba6d84143f33271c3b927201203475f309bab46c8ff1804c57a5c30953029ca860e4a2d5bf4695694d015e |
C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\telclient.dll
| MD5 | 5302ed4cb82bfcddbf6a1a0ca866c649 |
| SHA1 | 55479d5eb1382010c27bcd1f2007a02220b218e0 |
| SHA256 | 9cc602a91aec700e4ea01f2afa0caa4ca3a99a9e27751a1da203e2dc190dcb9a |
| SHA512 | 51bff0aaa1f243c8f291164c7cb9f0c8d250681e13cf62c26c513164c9399f7dba5b439ce26bcd35f35d1f7ea35ab1d3a4a5bc0b5d3549a0d9bfa10968e48e20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\000005.ldb
| MD5 | bce8b3cb9b3069bebe1ff716d47624e9 |
| SHA1 | 5d6063a9008d2d9dc96e8df9f90f6cff4a0d064c |
| SHA256 | 67c1290ed8c7a89d1106742b8249c04e2b4206c514dd60d1ea58efae2065517b |
| SHA512 | 30126a98548d45dfc859ea2f6bd5fef43ddc5697488f8f2b2ca849eba49570d54931c9ba861937d8e597e93d7c1470db59d21bf4dc9d70daabe024db0eeffc8e |
memory/2216-4058-0x00000000001C0000-0x00000000001C2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b575302a893a3ad79f93990992ec14d2 |
| SHA1 | ede54454d879ce3bc0969521f5d5bff6d4b9f954 |
| SHA256 | 89504629bcd02c0fe5721f7e26bd152b4949b6ed72bc55b800fc11b545f58277 |
| SHA512 | d31c6789644a8e38c722fec983bcac3b70496863d138bcc4b6d596f0183d4040eca337ed7129dc9f217017958a62b4cdf89202c736b3ae75db4ede0a0e3ab50d |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6906450aee868aa3cc9ba131e47073d4 |
| SHA1 | 59da1dc4a7072f072095d567ae968404463c6099 |
| SHA256 | c35da8237008c71e1ec34aa5c699c09330cf1d385aaefe7bf2879dc6f5b2e180 |
| SHA512 | 5edb0514ebb7af5c3d9e5c429fd9b507b9bf1be5d29fb4374542e86ca1ccb92580b06479129d75db67eb838f63f0eec3e0bbee2969a55184351217983ae5e6d2 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b278fe376a076a6e336ab316a65c4b16 |
| SHA1 | 3a7e1e85b1e22b6b9dc316140d9e1f6c695e99d8 |
| SHA256 | 375fb3a4dd03be2a9ba6dea4a6b5340b4eb9fe67371c5e0371497d4960d3fd28 |
| SHA512 | 0853de129895e694468766de0f98d76fa8ea6f55e55fe2abf9fabafd582007d4a95376b4ec5bd89cecc77555aaceb609b5f553b21c59e9a78026bd3b947caad8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\741144e4-f392-49fb-acb1-c67cc38e224b.tmp
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3ecfda25d77054e32f7cc76705ae295a |
| SHA1 | 26079ebe06e3b2e274b079c93dd27efa1efb308d |
| SHA256 | b30856b7460dae88acf7db16275132ca4785e1c84c6e26a79395658e53ad83c9 |
| SHA512 | e769598f8dd7aaf40b41b156ba66b78064cb02046ba5c22bad71467f818f2b447558ac1654a8fbfd70caeff7585d94f9fc5ce5cccb5c248b6b2d99e798b77b37 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c57f8fed8da042bf4755630c16979b4d |
| SHA1 | 83b37b3c858055a6978d8278d3e95b6b367839ce |
| SHA256 | 8b8ce1b426618bd59536847f3f27c084705d5b183e352ef054ca892e59bcacab |
| SHA512 | 2305bbfa786149778599b9d643f6417037e71427064f30a1d68c3218b2b15400e12228a3620a162046b050e5e545c4dabc37859e8f239f1ca593857ad23f5037 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3f2090887eaf1470e56ecb09300d916a |
| SHA1 | 9f67f3a18852c1a0e4791e7c0895e77fc86fd799 |
| SHA256 | c82fb1da6d6906a6b8d9ba2a3c67264c437af69a07118f7979977dcae28b6730 |
| SHA512 | ff192207b1ac6cef88551f06beb3c9f87bc2bb4054ce61fde4dae8609a21d4d63d0712e59e6fab7574ff198073a66f344de808eb469f5d4da1f25d0008e52de0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9ce06ede13737db657e584ae20e80ed1 |
| SHA1 | 08d9ffe364ee7fa86a45a2ed3873f2158c3047de |
| SHA256 | a173897d3c2a44def24228d44c6af934514928c4a22d11b059525ad0f258bd7f |
| SHA512 | e2a211eb0e50d773846f6210fb4d7d44798176702df00b260a28a63f75b6765b7b82c667c6275a4003d07d33471af2b5d9113f3da295c96be9a0c98943df00ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk
| MD5 | 4650f1b88241fc2041022a31102a7361 |
| SHA1 | e05d2c72c4c825f61fc30d4bb134b27ad09f6752 |
| SHA256 | 6cac3b8fcc593d3b9d9c4b8fa2194f538cd19eb38a32ef096b8c89c95af6da44 |
| SHA512 | 3f53d1b31dfdcad77d5aa8919b071ab761fd7bf0b6beda9cda7fa6f911660df15cf51fce2fa97b4febf6df2538a1a0b147f20ac77c605767a7dbdd2e0f08d6dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5b3fe21b214fd8cf12e402fb5235c79a |
| SHA1 | e2f18b9f03d7210f8429c8e7ad5d0ee887bf629c |
| SHA256 | e91ae6513067aebb1fee2b8c9abe14f2784606099ff1360d986102c9d7521b32 |
| SHA512 | 476535b12abe66eefa8eb37e25f4343818fd6bdfba7e2328b49df723b3b0e88b051f57be97e90ee337ef0178f8bbfacf470984f23bf261ccc658e7e1660455cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5ab1e55a309a3fb4c351d12c95692922 |
| SHA1 | 42c0e7a0fe0ba52a430e304ce1d9545f9bdb5e2e |
| SHA256 | 9873eb8b53eeb3be3bb564ad593dcd0859ba048d404d9e0e1f6b0becc6fcea97 |
| SHA512 | 6e2b92fc0f2593e041bced51adb90cffbd3ab44b57766c7c18d42cb50d32c8a098a57d0797c9b5e77d726211d28e973c94f91de1d9e9773358e1f868b771b742 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | f68cd2a6c96827d36f0485f3c1f0ad20 |
| SHA1 | ec57d9859e1c3612a8a3ceee79243572d0517839 |
| SHA256 | 86d66dfe46d4ba7f486d97cb15f843e44d29b22cfbc4dd139a8f8ff57e4ca6a1 |
| SHA512 | f2213c386cd42d6675f300011e1e3a78ff46d2a93e8c732a90c528f14b3920ca0213d14fc80a8f4a0e49151e178be92d654f722048d95c667f16ef7a6db2836b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c3fc3bb6d7bebf8c31710e0a56b37412 |
| SHA1 | 8c2e4ef5f72e40d29eb0d2dbcb6c083350424059 |
| SHA256 | 6cde592b4cedf249152469d2b57a1a3996f5e711c8ea531e05b1ca159f09dcee |
| SHA512 | 43d4ab491706b668d277b5e34ec5f6f6597ed44496bb8efcb1708b38dc90747580fcd6a359d002ed3f00d2391cf32c75f748c2ed8de532489d293d0bcc1e9718 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | aa7839f49ba56bd9adde688424cb1469 |
| SHA1 | 00d85c2740bbc4027edbeb93b47e80ae06a37a12 |
| SHA256 | 1aa8d2326e842a4d7ea9ad9147da5dda17ec7601a56db427ccb80a0a3d643726 |
| SHA512 | 7828407819dda297127915d72e8ce23a1a6f7b29a82f1e05e24475557a5ee380e34553b8e3d025cca05129f0eebacbef5d6ea295cf51730fa76681a6d598fd61 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 16034dc2e0744f9edb5741ea556f72e8 |
| SHA1 | 9aced488d9b811554e1f367496f5fed344a00ba5 |
| SHA256 | 43147f5f335df2fa2299424249dcd6d5f0db138f74aae0b90bf547187fbe9d49 |
| SHA512 | a73fd3483aaf78b53fd9abb2f9ed139cc12e89f5dc6f1b8cf54d87c78718d57c18248ee9277261baee3579c7225d49e1f93e6db97d02acc22ada8aaffd5dbdc3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 883e59f6958839444f4ffa2a15063379 |
| SHA1 | 964cad2cd61471c1915169a4f69a30748a3fa10f |
| SHA256 | f1cad84bcdbbf9701f25d1c4ee2d979882bb1270a2bd3edf93d8280a90d52a27 |
| SHA512 | 5c5f88b2da186e9a87fba05d6874e671f7812d22ca987420d6f1385115ce2578eb9589d37a79ea8cc89256c7cf2752fe022197ed8beb49cf311f39a4680b89dc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f487d5b98509bc49ff029d4786c0821e |
| SHA1 | 0a60e32dec63f1b02bb17f06f0068f3250b6b4c7 |
| SHA256 | 697018dde04a4643d40471c72710b49d38051aaa94dc6cf1fcd176e6330d5c23 |
| SHA512 | bcb2c823793ff750e141d42c26c1768893a00920076c2cea7208748632f7211acc2294dbf79deeaae1107adc4f2c2ee50c5f2e36ceacaf71e41e13acd7238fdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61815ca5-a021-4aa2-868a-8daa45cf9875.tmp
| MD5 | 74b65e06b1ab5f4283685db76055aa80 |
| SHA1 | f7cdefc5dc8fb32db51422c630ffcde585706d92 |
| SHA256 | a757a9d578c0d2eb9bf2bc0b52c4fbb0fb0d5f368d5500bd5398d71d7e6ee462 |
| SHA512 | 395d7007a7140e90430ba1519b0e4935f71626560d4c0b82d497674a14ffe1d32e46fd664a5e90c5225833eab4c70682889d2de91e199cda1b16f6e4625fc1f3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d72eb8ecd85a94ab6ca21946362ad9c3 |
| SHA1 | b223e424e93dd463b5e41a41c0651e8257862c84 |
| SHA256 | fdc3815e115d4635eda2cf396f2c5142d427b68bccfbb757524b19f4e249e68d |
| SHA512 | b705e0151b9408c50d6acf30193b25ce39ad62cb78cdd01600bfa1f38ce8692ac0ee3f02e538c60b9fc633e654ef3f33f542a8ed1a6a7da0dcc8f17848f988dd |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | fdeea706d43b7aafa91be4a50a609433 |
| SHA1 | 51ccb961f8dc73345828a27b55f1faae816ae25b |
| SHA256 | af45ffa3cbb18c930b1e6b51aec3096a3a1e6df50da861c4d1e4a154615bf548 |
| SHA512 | 583acaf4ece04f370870134ec7e44a3c9339924352936a210684d4759d4db78fbfe739e721607076e2fac3fc02c86bc2344763226026b80c77398645a88f048a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e83c723abd0f3ba70f9301dd7578d7d4 |
| SHA1 | 3a401c1c8a319c14821f278ce93d64b27c60de50 |
| SHA256 | bd4f7f817f0b3d3c9d1711f22912e12b4dab26e6701d66772c892fdd54d3695a |
| SHA512 | 96077e108c09e2f4383c0350cdc71fbabf5f42b08674e8597c625f2ec3ee9d7f7805f847d43f79f47b549894bb6c5f8a41bcc9e2c4c2689c9729d9ebff6d1361 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 562458476e6e1f63f8e67bb38baabbe6 |
| SHA1 | 24fec54e22b39d13d4b5f4bd018573e92d390936 |
| SHA256 | 258adcfc0ee57cef8fe4fa2f10aac13e19d39757105a91ef8e19af9d1d46d814 |
| SHA512 | 6c9232228e95d410612187faf1fbf87371339734ed85ada0de900a36ca73fccb16d3e9560c388ffca2ec391b02e545106ea08811e42bb66f9ad6b2eeb0f7b27f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 84eb2bb9a4b5c42eb795e6cddf20cfe1 |
| SHA1 | f3ea59eb804f70eb3595c75a716e416067b2e064 |
| SHA256 | 5c5e229edf2277d91f44494573ed60f608d27c6f52795054d8a6ddf643ae6c07 |
| SHA512 | b127722fb147b8766756f6a44a8df4f0eed555a979cb9d6493bdabd8f2e94ac35288264d50bc0cc61f16799eec92b59c61eb4d3be6902ab1716395cc1db131e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b9d00b6952a3ec04498826cbd30ba5e |
| SHA1 | 6c2824b7cfe7688ff3b9c6e94172991fb3a9cd2e |
| SHA256 | 17e2f358112933b755f721b345dba0c2b7b02c596e3e4e5f0697bc89ddb65647 |
| SHA512 | f501082524101137750d5c749ed12abdf59684ca7a6b2766d4d5c36211350eb0eb9e8b722b421cc0b408b7468d2e53836d0449e787ab9442623d0a0920995588 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 6f31949030977602d108ccbde537d019 |
| SHA1 | 39c40a1358425cf76b1601cb20ba09362b38d817 |
| SHA256 | 9f0b2aacfc742720c5c7deea9f11fa353ec16b4d6b7f3788de6ec1c050d9acd3 |
| SHA512 | 1d7d49f3896e2de91035b95c01a8ca224b8054fd9acb46bd55000347559a7dd7ad690da0fccf6c8b38073ecf864cf51032125aa0f33f733cd32505a056d33391 |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e6979b09646cd2e9295a4f85da1619a8 |
| SHA1 | 57284731e42dd40d9537c344167ee86b511b1d46 |
| SHA256 | 102a4c20a15f7b4b1172bdb3a95a894bedae04fe2cf62e68d80f07c8f198cebc |
| SHA512 | 4da810ef77b40faeeadf478b60141ef5a1a388f0675e45f07aecc179973d5430f21683a4ad5eebfa4e73e367a0b2d80286a85777af88e9487cdda4c898793483 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3853e639-0800-4c72-9a43-ca0b9c8f4c36.tmp
| MD5 | 366de6430c84559381d0ba56473b2d42 |
| SHA1 | d2df3ebf73d56e634bd05994793177e16d5daab2 |
| SHA256 | cd42ed2120157018cf5d181450ef345315d659f4909b465987da847cca8fa1e5 |
| SHA512 | 2cb35b929c0311a4dcbd3a6755efb9afb8c1e8a94eeded4492b5e41cffaca1d7d1b2fd8aae7355ed70d9dffe126810fda9644727ddc92dfe67a9e82d076fb80c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61f780263253131be8806b89939aa010 |
| SHA1 | dd4a9d6f7a41c8797d64ba9015abcf3ec7ea406b |
| SHA256 | 916f8f5a51531543434e4e0a93ef9da83f79dc73b6e0b29127bac976ddd76761 |
| SHA512 | 2df2cf0a4a33821f80fec89f7ab624f7c8beaf54bf453d40eb6ef71c95a56ae7511beeca209aef96da3a20ddc75e75c4ef5d2e21ade917ec23656ff43aa84b9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 20cebf451327096132318c30458cd8df |
| SHA1 | 86956adbdadf4c2c12d07106b6bb3d2717022403 |
| SHA256 | 6eab748aa759c5d7830e87bb9462c7cf9ee354bb50e413ba4f485f16cb401b30 |
| SHA512 | 84b744bd3afbc5b37f9a1996b08b0d78d484b1c8d291e9d4827c5c9f725887334df9038d0bc44c0c57fcb8ba2b912f35d9d8470a8355658def9a66335f6c9f91 |
C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\713d3e39-b188-41cd-98d4-04208a53b0a8.tmp
| MD5 | e887b91c3504ec435382ea9cc1e7928d |
| SHA1 | c977be810da32ca9c98c424e57ec7be6ca8e1028 |
| SHA256 | ff7e762ca6889894731e4c64745ffb2ca10aacefabdd709050a1d41954fe8d4e |
| SHA512 | c06a88d4dfb93212bb7b9c1694eefa5f741e89b1687d180ec500c2688f2ce864b645cfdb43ac0b448e9811a7a5ab1e06e8bc9960bdad942ebe4b8b4434ae1a0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 565de31061bbcf22c350f771bc2cb796 |
| SHA1 | 897645f79164f16ba7e45e93507c43b7612feade |
| SHA256 | 34e2d8645b49e4f6f25f8e9e78587427ff4a667c88df8b7f7091e92a2f4b9c51 |
| SHA512 | 2c14d3c57861227b428c446b8bebafdce1e87048d2ee7d51fbc90aeeb6406b72982d443c2e11c0300d207363198d5aa6dc964b34d046972d96491ed3f1bc8ad9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 18b43df67d56315fd505338b0112a372 |
| SHA1 | efa4eaa30f58ac7fcb1122073ea96eb4857c1805 |
| SHA256 | 0b0e26eb5ae7f760279ccec01138f8636c69fe4326cf87f4e92b614da3232b6a |
| SHA512 | cf7a1ed7398b0defb92173ac37b5ed5d58b675598b5a7fc31da0153070372dd05675d0841942d361dc7cef3448141f014da172e722be3f2165cce47c4b6c277d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3021e61540765b8eb7cf64fe1c556690 |
| SHA1 | 7b16f48b34396d4618b406686e78fef3c2fe7490 |
| SHA256 | f0be8849acbf2cf90391d3c51222f8872736b1a54a5359971d8829e8bdc78c87 |
| SHA512 | 2e73bfa37433bd84f49f453b189efc522fe2efbbd06dccdeef71f90c0b3761984f1a02f747323e460c79c99f80def1ae1fab6d072d30b2b326b7f98c4899fa6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f7a1cb05eac23a4aef5e56d6e8001dfc |
| SHA1 | 88e914e6e3aa63d2b2295a3a85d6109bef79ef0a |
| SHA256 | cb1cfcc4a5b317babd62b9f67f47ed97868c384f9bfe1d56f2b8da1da25d03a1 |
| SHA512 | 2253a4d298f1d30c359da22643a3641e58be2c496f94949c56476c16320fbe8b4ce6cf0ff9bd8a88d952488383f193b46e7747f014d9455474dd4aa0dc93fe3b |
memory/3980-5645-0x0000000000140000-0x0000000000141000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\69670c04-11a1-4980-8e51-ae7ef357975e.tmp
| MD5 | f73828abd54c9e01ecfd21e990a98f11 |
| SHA1 | c49ee71dcc4b83894d839e7cfc0553a33d6f4c42 |
| SHA256 | cb100222ec129952ced138ddd5fcf69bda147a8e68f3386c27d5abd8b40775fc |
| SHA512 | 23fa7d85562d765f6a73df51857704001ef3539744a1eeda37302d30fd1040d8cb2ac49a99c3864b1e30cd0ab1cb8a65562b1990c38cf3249d02c3113503823e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5f3db1dcac8994ef82c07e5d3397daa7 |
| SHA1 | 76b0812e93c98e553e6b36073111f384f5a70bba |
| SHA256 | 671411bb77845e0b2f72b2dbfb86578309f12ce3aa3ceb895cbf5fcdc0b6a3ba |
| SHA512 | 53498583fe97015b249ebd1ebad88aa285ff86ee43fd298583bac967b7db12fd67d0ba9a621077dab414ca4df0b90ebe4c6fef8f0c302742065b5ca29b684d3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 32ad46607ce2e0fa42056e22d696c4f8 |
| SHA1 | fc7dc1c1ad4e80d00a4af51fe475f9aae7b5a568 |
| SHA256 | fd86b589213ad5e17147cc7fb1b39de48a788cb2d24feaf405ac62cc87f82b87 |
| SHA512 | 89b1ad615b56d26607f35d345dcaebb1285662b3ee371286f68f36749f47c548c6d092749bd9e3e04a343e5e23b71446f67dc7b8663b0b18cc80b253de2721e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C5DD21E-27F4-444B-AA2C-27BF2A91FFAD}\EDGEMITMP_80066.tmp\SETUP.EX_
| MD5 | d8fe1ad87b1addd7bf0283d04a5788c5 |
| SHA1 | 764fbab3ee79df7cd02cf1b5add9f8a31f993d46 |
| SHA256 | f826917589f7f33f03b7c4d4bb4169c8da5ab853ba26f0f7626792ded87b5e0f |
| SHA512 | 46d055c5404d5796abcbe1a1c419645c20355fe2a7b94870749e93bd4dba5492c5236480d33fcc55e2d11b88d85bedfd3bd7b9199e72b55e49164b014cb34d52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 444ad8fd15c8ccc0a8114735c644f25f |
| SHA1 | 1d6c8ddb8333bca25711c35e2c514759f709cd38 |
| SHA256 | b285293d00aaf78bd0bbc69f0e546402393cfbcee77632b9eb15eba8ab97970b |
| SHA512 | a382c02ee8b4900cc7ea2b43958f7ab8a32c6089a4ac0308383f976e48876a6a8c691023058c825e5f1f57792197e2dbcdb632a8908f14975a29ad5895ba4e8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 619a44f0ba80145154f281ecf5adcf5a |
| SHA1 | 49355d01d8c6cb00649f41ffd806ee745a832c6d |
| SHA256 | f81b6a4c9496b77423f3478080ab3c8bc97786fbd69ec6ad66a75a79ee6289f1 |
| SHA512 | 300b3f020d8eb5f8ed2ccb58562e5eea1e770679ed0727eaf6d4138b38d37f591af679b2480ae00a4d4b118b0e1fdc0a551f28c1c2fe75779063d1fa13221284 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5cf39c1b75bc462fc31bcb60145200f0 |
| SHA1 | 11d232305d6cedaa2d9ac11ae2ffb5a61e4328b6 |
| SHA256 | 91cd50499775148a11670b1b20ca879013dfda5c4a62d2958fe6b4dc69f7a719 |
| SHA512 | 2f4d9b7a63279e75e4bc831a5c1b1032664254c7a51ce1f1174a1723c3d18360342526acd7fb5bc9e29994d129ef1c6dda7fc33d5dee988a0036f5345950f45f |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3b5c8f6415aa802e4d5093b8dc4633f9 |
| SHA1 | 443516782e54226003890e75ec85bfe3fe437dfb |
| SHA256 | 7391a3a0b8eed5dd34b1524e8bfdb538e318e99bf99e9f35499de8f72e54821e |
| SHA512 | bb1eab168c922dddbc544db66e8a2c256a0baf29420318a19fe40686ec692534b2a5efd23085c1d2a447012d7aff6b29128555d074d3196152634ee00a5d6c0a |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d891e923206fc81c98b045a828ef645e |
| SHA1 | 1ffd0e1ee27672c08ec647c8bcc4cebb11d031f8 |
| SHA256 | e5008129436603ebd85fe019039d38ab1131b6b686104e84fdf27b3a044e1855 |
| SHA512 | ebebd33857cd6bfcb4e9828aed4a874cead4126e9d5f1fbb7efb253c916592e1b731cc6504d29eb439fb6c9335dc904b15951633962d23ed938ceca17f6a970e |
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1186fe1d61567fc2d0e1471f52cdb7dd |
| SHA1 | 6046cd0dab97306fef125a0f21c65aa7446c8df6 |
| SHA256 | a8c9b689d78502517fd26a1d77b89b3aaa690eb8f83080da338850265166718e |
| SHA512 | f6a97fff2c7afc7680a57e031ffae70f0cd989ba493b6a703e35ee048a2b65a1b22998f0d39d318dcd33170565eeb07ff55b665896bbda234fd16635fff3f455 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2d45874de32a4af60c410f4cd5b21921 |
| SHA1 | 983c39a927001039f0a0dfe0c7c102a84acc6009 |
| SHA256 | 275dc9a1f44451990b0e3fb32525c1cd67373de2d303ac57e54850e912c1547f |
| SHA512 | 80b8ad5006c4075537018d7ad62a0e0e5ce8613208e2eb7ab6f82957fe3e1ad2dc9e7f26c400db7121c9d1d74817aac697ff1f6228555dd099ff5090521943d5 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-03-22 16:59
Reported
2024-03-22 17:02
Platform
win10v2004-20240226-en
Max time kernel
146s
Max time network
147s
Command Line
Signatures
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\msedge_resetsb_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062} = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --no-startup-window --reset-startup-boost-last-used" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Downloads MZ/PE file
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Checks installed software on the system
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Drops file in Program Files directory
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_click_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{983A8821-FE45-462A-919F-41A3B80645B2}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.21\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\122.0.2365.92\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\Application\AppUserModelId = "MSEdge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-566096764-1992588923-1249862864-1000\{0FB73704-F702-4B2D-9020-1D76DF20E57E} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgeMHT\shell\open\command | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO.1\CLSID\ = "{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\shell\open\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --single-argument %1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\Application | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-566096764-1992588923-1249862864-1000_Classes\WOW6432Node\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.xml | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CLSID\ = "{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\Application\ApplicationCompany = "Microsoft Corporation" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/html | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods\ = "13" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{983A8821-FE45-462A-919F-41A3B80645B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\ = "Microsoft Edge HTML Document" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\Application\ApplicationIcon = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe
"C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeSetup.exe"
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.21\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTExMkJDRUYtMEMyMi00Rjg0LTkzNzAtQjZGM0U0OUQzMkFFfSIgdXNlcmlkPSJ7REQwNTI0NkItQ0M4Qi00NEU4LTgzRTktRDA3NjcwOUI1OTAwfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezQ2MEZFQkU2LTk0NkUtNEFFQi1CMEFFLTcwRjM4MzBGMzhCQ30iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4xNyIgbmV4dHZlcnNpb249IjEuMy4xODUuMjEiIGxhbmc9ImVuIiBicmFuZD0iTTEwMCIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ1NTU3ODQ1ODgiIGluc3RhbGxfdGltZV9tcz0iNjcyIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}&appname=Microsoft%20Edge&needsadmin=prefers&lang=en&brand=M100" /installsource taggedmi /sessionid "{1112BCEF-0C22-4F84-9370-B6F3E49D32AE}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTExMkJDRUYtMEMyMi00Rjg0LTkzNzAtQjZGM0U0OUQzMkFFfSIgdXNlcmlkPSJ7REQwNTI0NkItQ0M4Qi00NEU4LTgzRTktRDA3NjcwOUI1OTAwfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MTQ3QjY1NkYtNjM5OC00MkVGLUIyQzEtMkUwRkJDRDYwRjAxfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjUiIGluc3RhbGxkYXRldGltZT0iMTcwODk1NzMxNCIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzUzNDU4NzI5MDAwMDAwMCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE2OTE1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NTU5ODQ3MDI4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\MicrosoftEdge_X64_122.0.2365.92.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\MicrosoftEdge_X64_122.0.2365.92.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff60e1a79a8,0x7ff60e1a79b4,0x7ff60e1a79c0
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9FDE969F-3743-41A5-A9AD-34910DDFCDB6}\EDGEMITMP_C9C03.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff60e1a79a8,0x7ff60e1a79b4,0x7ff60e1a79c0
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff7515e79a8,0x7ff7515e79b4,0x7ff7515e79c0
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODUuMjEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTExMkJDRUYtMEMyMi00Rjg0LTkzNzAtQjZGM0U0OUQzMkFFfSIgdXNlcmlkPSJ7REQwNTI0NkItQ0M4Qi00NEU4LTgzRTktRDA3NjcwOUI1OTAwfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0ie0MzQjQ4RjExLUY1NTAtNEZBNi05Njg5LTNDNUEyNzg0RTUyOH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSJEQURZIiBwcm9kdWN0X25hbWU9IlN0YW5kYXJkIFBDIChRMzUgKyBJQ0g5LCAyMDA5KSIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIyLjAuMjM2NS45MiIgbGFuZz0iZW4iIGJyYW5kPSJNMTAwIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjI0IiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTM0MzI3ODUzNzE1NzIwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjQ1Njg1OTY5ODMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0NTY4NTk2OTgzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNDgwMzI4NDcyNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzRjMTU4YWQtZGE4Zi00ZTg2LTlhYzEtMGZkYjQ3M2E4NWFkP1AxPTE3MTE3MzE1OTMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VENEWTRwd20lMmZVc056cmxYdjRoQ2U5Q2xicHgzM1BnTWslMmZTJTJmMHhPTTNrQ0lRRXI0RHJtV25lZW1PVUZWUkJoSyUyYnpERmM0bkFiVXo0TUNHcVJXb3pPdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MTg0NjA4OCIgdG90YWw9IjE3MTg0NjA4OCIgZG93bmxvYWRfdGltZV9tcz0iMTY4NDQiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI0ODAzMjg0NzI1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNDgxNzE5MDk5NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTI3Mzc1MzM5NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjM3NSIgZG93bmxvYWRfdGltZV9tcz0iMjM0NjkiIGRvd25sb2FkZWQ9IjE3MTg0NjA4OCIgdG90YWw9IjE3MTg0NjA4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDU2MjUiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --from-installer
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x254,0x258,0x25c,0x250,0x264,0x7ffe0d8a5fd8,0x7ffe0d8a5fe4,0x7ffe0d8a5ff0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2236 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2432 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2624 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3364 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3380 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --extension-process --renderer-sub-type=extension --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4512 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5208 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5208 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5332 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=5400 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6064 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6064 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6224 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6200 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6852 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6620 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6456 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6392 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=7064 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=7036 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6068 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6340 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6344 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5724 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=4752 --field-trial-handle=2240,i,12339805006271949163,17047085353720034760,262144 --variations-seed-version /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.2.166.20.in-addr.arpa | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 104.91.71.146:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 146.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.171.91.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| NL | 142.251.39.110:443 | clients2.google.com | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| NL | 142.251.39.110:443 | clients2.google.com | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 95.101.143.153:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| GB | 104.91.71.133:443 | bzib.nelreports.net | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 95.101.143.153:443 | assets.msn.com | tcp |
| NL | 172.217.168.193:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 239.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 152.199.21.175:443 | msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 95.101.143.153:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| IE | 68.219.88.97:443 | c.msn.com | tcp |
| GB | 92.123.128.168:443 | www.bing.com | tcp |
| GB | 92.123.128.139:443 | th.bing.com | tcp |
| GB | 18.172.153.86:443 | sb.scorecardresearch.com | tcp |
| GB | 88.221.134.80:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 193.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 20.189.173.2:443 | browser.events.data.msn.com | tcp |
| US | 20.189.173.2:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | prod-streaming-video-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | prod-streaming-video-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| GB | 88.221.135.98:443 | prod-streaming-video-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | 2.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| GB | 88.221.135.98:443 | prod-streaming-video-msn-com.akamaized.net | tcp |
| GB | 88.221.135.98:443 | prod-streaming-video-msn-com.akamaized.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 92.123.128.169:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| GB | 92.123.128.139:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 98.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| GB | 92.123.128.168:443 | r.bing.com | tcp |
| GB | 92.123.128.168:443 | r.bing.com | udp |
| GB | 92.123.128.168:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | 219.197.79.204.in-addr.arpa | udp |
| GB | 88.221.135.98:443 | prod-streaming-video-msn-com.akamaized.net | tcp |
| GB | 88.221.134.80:443 | img-s-msn-com.akamaized.net | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 23.44.233.157:443 | ecn.dev.virtualearth.net | tcp |
| GB | 23.44.233.157:443 | ecn.dev.virtualearth.net | tcp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.233.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 104.91.71.142:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 104.91.71.141:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | 142.71.91.104.in-addr.arpa | udp |
| GB | 104.91.71.141:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | 141.71.91.104.in-addr.arpa | udp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
Files
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 31f9e08922765ba2913632f758bc7423 |
| SHA1 | b36b4bf74d6d4b6c8c0e38d9c6b65ec7da2fa9e7 |
| SHA256 | c2988c13f66ce033fef65f3af20a00faf555047e710dc6c282c124c848c1eb88 |
| SHA512 | 13808d6b3cf8f8e645bd421eb3916b12cfcef46ab5f0ce1a0cbda91c4be374d03504ec09d1a5916ff2944cc24135cd46dc5be3e6c72fb599b30a58cf8aad7c57 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdate.dll
| MD5 | 9cb2b82fbdde7133369f0d8618dba139 |
| SHA1 | 4ac0771b6da4c435ed9ab270e4b87f5720fda0de |
| SHA256 | 0aa838b27da61c7bd94e073b35cb5cf1cf0762d74ccc0214d052f7327d52ae06 |
| SHA512 | 002ffd9938e309693e2b4ffa3e2d3add2046f133e0f219cb5e8f898f55003815f326c98f529fddef9f7653a9a81e3ebb543f8ca034e786b25ae960c3cb2c730f |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_en.dll
| MD5 | 90afa78198ebd61bb588145b28f6ae28 |
| SHA1 | 56e954a7a9d086a30c49b3fadb39108ed41008fd |
| SHA256 | 900f4de13607028d1e4442d361e7e0b80670c9601cde0a634a12119b13ad1fb1 |
| SHA512 | d3d5a80e06f1cdf976cff20ac840eed31034e7e7eb37ce10d58bd7a99c2a3a6db711358e32d77e8248e8f7029aee2b87b37a8ae600810c4b454ee3c08ab723e1 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | f5e9477194d0d7c18a7c3529a10f917c |
| SHA1 | 17b0f78f7c56a89ddcf2232242de8f13f0cdba18 |
| SHA256 | f5c45634efa29acb9dbd1f16880737797171630c3f81fe23aea26f4dfb094323 |
| SHA512 | 227d890734313d4dbaed48501e6c4cd1f3d1bef403bbab1f65084ead6a32779381bd9d71eab03ca6eed332a7866030eb1fa01fcd1c28a8d7899705dde33446da |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 433681ca511d96f96479ac2cca102522 |
| SHA1 | 321b86c79779e3685b022012a4ccae8b5f3aae19 |
| SHA256 | da5f97895efb9698657ea213e6d0cab53ffe6bee32933ca2341406faf64dfcbc |
| SHA512 | 7b90a0c624f9500a6aaf39c9244818d128cabc898f5e1e8a28f7a67fafb603b6906610834e172d2762703660dae2cc541d51a5b7478644faa5b6b820b6724188 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 64223294845556ab103ce781a07db647 |
| SHA1 | 988e53cba0f55e6405df02ac35f8013e79fa839f |
| SHA256 | 8ff65e8754d8f33260e75d43c40b8a4b25eb7d42b85ef73ed6d67ea603c513a1 |
| SHA512 | 58af56f6212b055e350047b641bcf4fccc22012f70e12a4df24d5e2af0964f42ee25cce3d5c8cfb75071bb2e2f9cfde3d3142f2502a1a2cea20fad7e219e0de7 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_cs.dll
| MD5 | 7f14c4c134a48cdba2c41ad653a5fda5 |
| SHA1 | a181b6f139b9e999efb74a11b3a966480c706e79 |
| SHA256 | 6fe845b8e932d1422935eadb0fdbbbcaecdf567778f50f6a10eee72e6ac860e8 |
| SHA512 | 4cfe470e0039f7452db7dacdd8512c5d873b597a583a35cf6132cef3080b3787f816022b14e067bf699bce2b142be2073dda65e9bbfb81457e8fcd8b1436e02c |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_es-419.dll
| MD5 | e393fa3d70aaa6dc5bef5dcd7df4ff9e |
| SHA1 | 292fa091659e5954b760e75da9ac9c3d2e4ef1c2 |
| SHA256 | f40ad5f9cde0853afd1834d3823bcb2a50cb358eee188b5d7a1d88b751237026 |
| SHA512 | b3c879009495975f1603380d10756281ddc5a004474fefbd0fc470741f7f5b59ca8c3603d87f9bed6709a31f8eb04a7d84ca8c10db2c9d4a43487604058a3163 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_gu.dll
| MD5 | 2bc86512dd0753e4649fc66d72760498 |
| SHA1 | 21d7a1ff5c5f54f9aec52b4d6dd6beb72c9988eb |
| SHA256 | 01df748e21237a03eb6e9d616cf0ab2cc63272a736c8e6fefb476a2b59be3302 |
| SHA512 | aa7cc40847eb65bd67c07261d48c18322d63cd7acd5d230cd93847ee7e94e879ef87e9fb96b4131af7aa45524b3c48a01c3a215bc515a2227223504045cfdc83 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_kok.dll
| MD5 | b0993ff03e515e491a2b30344995f46b |
| SHA1 | d4591561bf7ee245a6ee8ef3f10ce59479f46683 |
| SHA256 | 7df3f55e10eb57e79a10a43c9c839ee4dadad6581b1cb696812636194ab3f97b |
| SHA512 | 244f15d811c519e46a1742502b7cd4c956231239a35f064289398d2b9b94807849f0c0243ebd8d7cb0545a212f23d7d0b621e0254987e2cce46879707ef1af04 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_mt.dll
| MD5 | f14f8f20b0a851f6fc387d4871f3d078 |
| SHA1 | 68111340e7d0b60177d9503c6cd683178e0e3b37 |
| SHA256 | c564ad9f8ac54c15cd8854992a3fd51e629aad344e295b7c27b1b8a2352b499c |
| SHA512 | 4d2c3f3098d4cf94f48ee6253279dad1e1bd88cbe56b5b1abe2ec99693bf47cea1ae07561e46a8ff75a23c156cf9c297e9ff2311eb204dfbcfbffbd67a583cb9 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ms.dll
| MD5 | bd908b4e55e0734e0c385b275969a8cf |
| SHA1 | 44d9bc7ce298105e02f127cbcb56348f2166aea2 |
| SHA256 | aeae3ab23602fe3a16a37542333e9e9fafbe9a9b5bd75a8160f6a6e6693051f5 |
| SHA512 | d0fd2f2c5a8e6fc46c820f9a9a7495621568372096a9eaad205e6819bc445803d678a9241f2365d77995e579d40eaa377e60915a11a1439683944ea490f8306c |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_mr.dll
| MD5 | c522b1f946733d1f98287e7cdfb7be85 |
| SHA1 | b73900227cf47832275183e4fe34cd323d60fa8c |
| SHA256 | bc7d941dd7ea8641320b8219fc023e38cf21b2e0e8e90d7b2a0f230a62582dde |
| SHA512 | 53ad9ce365ab86e54dd769c6b33d157fc0380af228a972076b24738615799a1128ae19fde353beb46bc847b68bb528b83945ddf0d08c622877d37a98594b1fc0 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ml.dll
| MD5 | 821fc1cebcf23ef54a7179a966172724 |
| SHA1 | 1cc6f74fd03f89b17aee368657326c7b61ac4971 |
| SHA256 | 7795e21a9b66720c1771a90156f0beff5c7bd1318bfcda2309d8f0973f5a8272 |
| SHA512 | 7ff2f81b6bd0751b6aacc7ece6c937895b09acc13453eae3fe9ac5c0d0c4c9eeb6751bf083d42f0ddf941fa4660832d358b22142ef3bdde697b67eb1da49c832 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_mk.dll
| MD5 | 699c8fb732043a02378ead6badb69cd1 |
| SHA1 | ea9c3bd2eed254ff56dec2cff952a8804ae52ade |
| SHA256 | 976be8789d91935bd083691afe245bea0230dc159dc2524c93cea2a78229d2e3 |
| SHA512 | 9e8f0af3d5a3f2c602f6566d8ad323bc27d182b6ddb26756d7d2dfa9dc2756f3243c258f6de96f50b8525fdd31cb7230cb360d4098492d52fd7b8a0904ea1f11 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_mi.dll
| MD5 | 10cd5ec2455ae2eb80280aa5f3a00ad6 |
| SHA1 | fc0ac954970bb33f9e4f372efa3e99fdc9c32a2c |
| SHA256 | 9f1f89692559cb6428af5336f29577640015df9fba272dbdf8a44709c9c34496 |
| SHA512 | 1f5209b4efc1d28e3ddde4e8087565861c31bb31e8535d1086601e0d56594ab5b163db0588c8913f6e710630cfa57c4aaf5f2c94717849cc5c73520bb1135738 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_lv.dll
| MD5 | 114b0fdf0183801f36202b4aa52a8c6d |
| SHA1 | 25de0a71c950117c332f3cddaa0f8bc4b1e6a90e |
| SHA256 | a8efc8a3399a54ca234bd76247f217576fd8cdc891d1d487e86ba06fef676be0 |
| SHA512 | cd16f28783f1707215957c6e545cb8454e8d267a606fc91142c7feb1e8f83a020338d4ae3177779bf31b34324e6d8c35d648442345beb019112d402ffb7a0657 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_lt.dll
| MD5 | bf5c6d4441d9495cd1b2a982004a026d |
| SHA1 | 9d92d96194cae48ede6296aff0244f55bd8ca363 |
| SHA256 | 9ef68efd2a91caa4b41321215e4d6adda225311e48ac5c2bddc3e3afe379a595 |
| SHA512 | a93f651be188a27f90148009c2cc41e194799e3466b1d971f607ee80cda2ee75ce24003d14ae919ab7bfdd14907937aff31672421aed067f381f2480ef3a3a75 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_lo.dll
| MD5 | f341581e529ee7cc558769c1cd23297a |
| SHA1 | 88c956c86045cce4a22fc5ecb16e6184b3ed4c59 |
| SHA256 | cb5c131a93dd2b77cb0ef5499acc8a0b8d9de15a7193a314452efde262054377 |
| SHA512 | 196542376cd3ec6352a60c2e523ed240c4e1252a8ceb67d4b5ce27ff62c43e6bc5e7191f90afbd0ab910e325b6092a4c5e445fa021b8b02744bf494c62ed9317 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_lb.dll
| MD5 | ae1afaba80329dbf7a2d8c9ae899cb31 |
| SHA1 | 59a3c94260512c89f4fa36605273d0a23ca39681 |
| SHA256 | c01f4e503aaf3b9ba81cdd79255cf3073671758f370bf07fbc59081dfbcd8e45 |
| SHA512 | 7c043fae0aea39b5930e48b2f5eb5a7660da5dc69f288febbac54b3d9b129540c5aa3423fbb77e7c127c6a16bbacb0dfc31f6e3246812a33c1683aecef029acf |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ko.dll
| MD5 | fc2bf0ff5b72217e0b581be65464836f |
| SHA1 | f3e63c61ee645d8ea1db82188ca9c0a74c2f5f9b |
| SHA256 | d5b610c073a7e96e6ab38fb15218395a94e4526446a1087f8a45f90fc0b25ce6 |
| SHA512 | a0de9d8638e89d29dc9b6639ab7e2abeeb710093d6db3b67b0a7290184d0c2200e69ba750f94cec66a4e939687dda65344d6bb020f961fb095444f9c1608462f |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_kn.dll
| MD5 | 0b3764cd341edac4f859306f942d816f |
| SHA1 | 6728dcb1c38c7fbee72bf1a23084c806cb724499 |
| SHA256 | 9a7de95fa49e02bc700acc2820cd4099a997988cb57663d2d1e4c2f3c4fe365f |
| SHA512 | 147380a455df8a314fc7c4173a8e9c2103b09206f0efebcaf8bea96b56ab72f9ee1f92c89146873adc73761d50103543cbe6dedd7717c7ead821157c1bd111ce |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_km.dll
| MD5 | 19305a2fae65010d305d658338cc4ea4 |
| SHA1 | 70fd2048440da6d411fd0ab61f441cbb706b3b11 |
| SHA256 | 27bb6d533b10539f18b9ac37c49d8340ad7bde91e5150981fdd317ef38bb7efb |
| SHA512 | 5fa9f71e2d5f2b588935be0c1a91faec745e20992584071052cb7624637b7232fb6e5d60aa79926cf2c3ccca47f95ce494769a679259bbf2d5c98374981c61c9 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_kk.dll
| MD5 | 2b4883e2c8eb6a1cc0618972ab9022bf |
| SHA1 | 90db614ce4217fe3703b87ce8be687e7b244da58 |
| SHA256 | 2815b85a065bab6aae4af23cf5c8ccb5c8f587b5ac57b9719b2fcc6343d573b8 |
| SHA512 | 5e86c7028fa5520fee13b29c833d5949b28bf6e803752df71b6abbe9e1fa5b43c9948e6b4956e554cd5461a101824e051e20b6762cbb418f112f938563f05e20 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ka.dll
| MD5 | 6e590abdacf69c0a95371ac48ab92698 |
| SHA1 | f2a4a183010cafedb76c182a6149bbc313ed608e |
| SHA256 | 975cb32be3ee396f0a076483206fc6a9f8d3671c439ca5aa3649d7cafc1276db |
| SHA512 | d2cabc0ae33c9ca75f6146d2c7ed3f37df03a2e6b82e7e6180a2a7bbbd32bff4fa157ec1c8d906c48445c79ad58105ac30e0217739ac21beccf13be369f0cdca |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ja.dll
| MD5 | 7bee509a3cb93cb97a3c419ded29b379 |
| SHA1 | 51b83ac0e624da9dd877894ddb229382c25d479b |
| SHA256 | 9c24aa6f46f6bb4127a27efb46279762582909dbbe491c2fa1a621a8d9da2408 |
| SHA512 | 0f148229fa873878827437177717ca3be23630f62788886f53703484073d282e3204cb86aab49e493bbde2b2638bc1d6b7f05a7290b32e2b6115854774cf995b |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_iw.dll
| MD5 | f2b801a134d0e6016a500e7237f17fc6 |
| SHA1 | 05135e4f7c5c2ffdf7989c761947c7f482e6f859 |
| SHA256 | 556146c69e56b62901e3741d606e12e766324651793c26ed75861c172a34fbf0 |
| SHA512 | 9fd5c3bdd6f6cf4c75869eb0c80f71f00207e3bd0a3cf1ada37ca0916018ad691d93c335faebb919de551ea7e0a0fb8c0ee4b406a573b48f6ce01a21558c555a |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_it.dll
| MD5 | 20af857014bdfa8f869145dc25fdb5e5 |
| SHA1 | 0d876e9b0abf907b4cdc0767d120504cf2ecfab5 |
| SHA256 | 13f6f81e6507f2304768922e81ccac99951bec4163cc576f2dc3f65b78cd08cc |
| SHA512 | 992443bfe3c101270e1fe5b39d8adaf1990b46e79ea2b285fe848e6632bea2ddc6e2a1523611359518c79b0ea4ad5a228f5d778bdf78872010b67e753866ae72 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_is.dll
| MD5 | 333f733cabf382e901c99e1d3049f767 |
| SHA1 | 8c858f0ad0f06f137fbc340f01831a7eccbbbaba |
| SHA256 | 15fb8bbde296a384f6c9bf3acf0d8f6860e30d7dbac2c60cb928300d8464d81a |
| SHA512 | 81abb4abcca78181956dab1bd8a3b9523cc38f30348675342198f2cf3394fe1366d12f8b61fba7775e8c572c45a23603eca96fe36e693ca2d5f5bee0300101c4 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_id.dll
| MD5 | ef49bfeb60ee4283650932e4e50de722 |
| SHA1 | e592965caf1dd2f894b24a09f2cd14294ece7d84 |
| SHA256 | c49adb300b05a792e3b2d0e91d200055886acbbd26b7eaef43722ab3f5c40752 |
| SHA512 | 0a15abbb7f5e43425a561c91ce775ef6944044f3ea9e1dc60371189c79c4fe1cbe059ad38a7492f8b2342f1ecb5fa3a60e1643793bf9db90c21e64f1eeced079 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_hu.dll
| MD5 | df6a438814eb75ad639cc572f123924f |
| SHA1 | 8aaaba665de347cadd55dce07133265e30d48510 |
| SHA256 | 416d5ed542c2dc6bb7219d2a76b5729ae835db4b63015a9a998a0eaddeeda1a9 |
| SHA512 | 02171d854bfc57845e6eb344a48c4aebd653d229ffd94d4ce1d3d76a623503c6a6b104f9323a7afd16bd0a2007a0d544d8e31f52a3e24a3ee0a4a6520f0933db |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_hr.dll
| MD5 | cabeca48e04e6bcbe4fcd9231bb70ff1 |
| SHA1 | af016512f0bd3a51b38eb22c7aab8ce07a48e9f1 |
| SHA256 | fc73ca5d57213643d99432389eb371e13d0217c4718aadf551677667b5f9837b |
| SHA512 | e3d1b7f9a5a4672da70090c2c63fbf1a87a27d127a538c940764b611d3e8952ffe7384bc5e103e7d5b90b216eaa595086a9bc070bc9700c7e450476be17a63e8 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_hi.dll
| MD5 | 3a60d0c9d26cd258b08f80daa33b0134 |
| SHA1 | ea55affe72494cb0f7145644277270627d68f99f |
| SHA256 | f8647909bbfbe73c0c962eae21c45ca58717f97cfea7dad404fde52367f837b7 |
| SHA512 | 8e1b6e53020652f391511c8b4e64b8c12bddf5c52f869c8069349c44576520a9529bf120d377c243e5b6dbee0c37a8d9b31a0e4eaf2126b553d485e840027370 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_gl.dll
| MD5 | 64e4a461716700e7f14e7014abe9816d |
| SHA1 | cea6b0612f2dffb7e42d23629d41ffd73cbc63b8 |
| SHA256 | 9674903cdc0e08f18c8f071ed9fccdb8aa20184c85d48d99e8e90de4f4e33a05 |
| SHA512 | f68f902cd1a3e1232401db23ab466e7a38ae09e3324bc91fd6066d19b9246dde068178b73ae5fa6cdecc420b0d3a818f183f46d280f53e8c311b063c029537f3 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_gd.dll
| MD5 | c98c2777d3e3f5b4cdaacfac7b92233e |
| SHA1 | 879cb8fb3f292c05aab59a2852daaa089b13cd00 |
| SHA256 | 1afc654cdc779a78ac66c08f527da746ae99197d2b4a8d23f024afabbe98434e |
| SHA512 | 72ad4fd9e2f3b29f937ba0cefe6adeb85edcf26f913b5f4dcf8d7921a7cfd38fa1eef67db7c83e1ebc4714dffcc4adb9dd6ca909b2b7ebaf2827d2b2f90523c1 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ga.dll
| MD5 | baab875fbcead06d6bfe0eb3325f9d1c |
| SHA1 | 7c770a51d93b5651f14a290858fc25a8c5458378 |
| SHA256 | e2706880a1ed7cb34faef4ca0f3b2df7aa4e75d869dae74c86d750df8423c1f9 |
| SHA512 | 994fa0d9f9d02b1320acc5ad336e30451931a52e6a8c48b3b5d9d5179b42c68feaa14fc76cd2ce99f682f1dfad5d8ce21b87a12321fabe504eb9c0844a49fd32 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_fr-CA.dll
| MD5 | 000135745b1756a8a8d3e73140e18ac1 |
| SHA1 | 2399c903c91bb969794a41d1a5e693e8f33125d9 |
| SHA256 | 92b4f9d8fb86a8aa24f929d27e76e680923717e29a88ede229abf357eec3a299 |
| SHA512 | c0b3484a02888fd6323b6754d76325cbd5b48cbeaaeea91dd2ad8c2a3e74ee51294e7edbbf4725e9b00c7c589750199548444484c5d8d15ed973bb63bc8f0773 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_fr.dll
| MD5 | 1e41bacb6e221e7db7772bf7a9b9b228 |
| SHA1 | 5036f8c73029b74b51da93330e5bd6be78998953 |
| SHA256 | ecef2e77abe7a1e67ee7e2b1e281ff3f2b1e0cdc4ae1d96ca4e6d25730587efd |
| SHA512 | 81bc5de9bf1c392c886b9d83de8e3dd290399c31504ed998a746eb2b3cc2f7c43154854973146a29e9164b2fd6df8e6bae7a63c9288c4dcb7ac9313c18289c9d |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_fil.dll
| MD5 | e448e42312360c764f4eb091472aa469 |
| SHA1 | b8afcc1406fcd0041c50ce858883d1a629700537 |
| SHA256 | fb31e09bdf7fc834317bd9ddc3376bd1992c3eacde48ee71a133f969e20401f6 |
| SHA512 | 8af85244d4b24292289feb560e79f69e65dbdbf16ace5cb12fae73371630b71e3bb122bb276debbc7842d8b53b0ea3a12eb89acb51b3c8f39fb45c8337304077 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_fi.dll
| MD5 | 3cdfa04a84ba151c6ef1e1711d90b243 |
| SHA1 | d306f97bd7a3a6f620994c5c98758034a8899727 |
| SHA256 | 0a063456432fce42401c8362714e98ec157e9f9e5ed3eebc4d96f9b4a039167a |
| SHA512 | e02ba732feab507c478df22aacf2b8399bdbed4f937cddcde9a3c0dd38cdab0a9c434dcfa8989c1d97fdf1e9efa67b64e9dec631663bc56df0356ca2036e2cd1 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_fa.dll
| MD5 | cf17425264c5d3e95ec3cc93e0cfd95b |
| SHA1 | 132652c83194a66e1820ba805b0cd1060ab7c66a |
| SHA256 | 0a394125c397e472932f7bcf40e2f54ca1050e0620d35ca322c6f48d80bdbf4c |
| SHA512 | f7e2408ab5560717252c0536ab652cedbc2cd17a7e6d375d7dcfbd2cd8894b4dcd71f023d2bae35237250e1cbda08385a1484550a07f13901f39e6d75e9f87e7 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_eu.dll
| MD5 | cc332ec84b9dc507745c1833284ad4d4 |
| SHA1 | acab1658ed5f20201ade23311f6436da6bc7ed73 |
| SHA256 | 6533a3d4e7af844763e89e3a4bf2330dc37dd2dfd6176f98720140b1f22a7830 |
| SHA512 | 5125af4cdefd131d79988296362e92dbed46c7ac70264a9592fbc633ea2527944745c7c3cd475b0117efb0729885b696fa7f90cbdacc04d699d6aed235482259 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_et.dll
| MD5 | 999504016169d3caedb132c230feacc2 |
| SHA1 | a0efc52f4104906ac51da46f24779358a319df8c |
| SHA256 | ec804f7507269d52785b699b4fd18a2d1a3ca7e0956dc15bac034151596b75c6 |
| SHA512 | ae3b4b3c38ac6af5dc80238d0e3730ccdfd436dca6daee317b58f92cca22ea51ea2ef720e32f92693d23e8383fefccf9c46c10a148036687f0a7dd8bc844f274 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_es.dll
| MD5 | 10bef36b121886cb7468bb209dcc6836 |
| SHA1 | 8b98619e4d8ade70f1f9008f6183de785b6b4509 |
| SHA256 | 515f0a0334db3271f84bbb288aac9b907d6c363dc1a9a6447117a7e7c967ad29 |
| SHA512 | 3b3a06f02d5bf5734b99ee38a249c3232b61f2a5fac837405501bd9cc9c8cbcbbb38dbadf3734a7a6b986a79ef34c7ce63c8c8fdde7d10c8bd916a13eb8f662f |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_en-GB.dll
| MD5 | 38d1b69a1f1e07a99c9df5416b7fc639 |
| SHA1 | f46cca601d1cc38ddb8e93f393dbf9be909e49a8 |
| SHA256 | 952c6fdbcd0d333319e80d415caa91757ce759fb4d8adcff3229b134c5257244 |
| SHA512 | 9ce6849d6915352e746921b9e7c3222d8e99577c77405ac9d44d33d4b0d70df74bbf06d6ec750d38afa21f2824a081bb74dd271b79ee38015e4b23fdc5d840c7 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_el.dll
| MD5 | 0dbe7ed570d8139edfb03b022abe1b03 |
| SHA1 | 099e20aeaf984cfa025f017706c694a98f04e2e2 |
| SHA256 | 77b34e4beb5b9b9110582cf55432dd1c75d1816d5744d56c26617d44b7ba37d0 |
| SHA512 | a0667ef377c52467f8c7da6627f9c06786c8134979929a60c8e248a08f44b0bbfbccbc79458db84d9c4e183446acac9e7e18a65ea4b5e8b60ee3a911d8c96a1d |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_de.dll
| MD5 | 79c1cef8c38d0ad8e4eac06c84accebf |
| SHA1 | 4092a10acc777d560f255c85b1a1437dd53a7101 |
| SHA256 | 5f50709f64eb3f03766e7aee5f446e8cadc1737d0f404db73f5dc447c1f77899 |
| SHA512 | 13cd04233e8af9c194e44d1f322aa29d156fd399717278cde1fbcac8acb1efdc4a004e5e299ff19ce8b423b3cbcf35337c27bc435a777bd60e0bc4e8417aa9c6 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_da.dll
| MD5 | 5666fafa9199b490d2b20cbf2f5395f6 |
| SHA1 | 1f43b774ef9a8fc218279dd81e437ffeb40966d1 |
| SHA256 | e4bd6dc7a20b9053b9dfff7c2c6a8abded5914994d300fd1466c9b271a0bf42f |
| SHA512 | 660403a3abe9a4c9ed7a1e54e5e582816c57cf3cc9a69cf67b8794e98989933d90acdea4df9dce222d82dafb92145efacfd30bae93c09193be281dc5ec634502 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_cy.dll
| MD5 | b2d69e686d4d6401479b2cbeb5c62c77 |
| SHA1 | 696ddb825bd7f812c11191bb53c2c00d548d4c00 |
| SHA256 | 40810d25a6f9be67b000ad8228dc20e41e2b0d2223d0ae13878f265fa13bcfde |
| SHA512 | b0d877c0ea2266087b8f464efee9fa54a504ec12215d2e7f3f463081075e7128e2d9437a550773e2b703227ca952e0283f940d3a6e1325aae2784e53fb3e6a29 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ca.dll
| MD5 | 7f21e0d781e6ca29c3912967eb920b33 |
| SHA1 | 25f8be269cb3a1dd322de909b8d25e22919febcf |
| SHA256 | aa499ed11eb86855c85426158f198b3efb6fcf67c3b484793f34240bb04f049e |
| SHA512 | cdd78c9656aaee68306527e3a81bf6b2bb749b971342c1fe2b45230cc06d97a9ba6e6f6aa4ee50de0d5abf983b0f1d0cad3718162f046e623f2f6dda6ea87200 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_bs.dll
| MD5 | 78bbea4a67479fad54a247e877c213c3 |
| SHA1 | 800c9ac56787b18fbc010cf0734b4a187d3f4a7f |
| SHA256 | beb02561cdbe2694028c2106b603661d4b7649fb4add685e5314c7c1d27f6252 |
| SHA512 | 8528525660df61bad32f3492659d412367ac42291be8f018ed1017d47baf205ae95b091616b0ac2b20859b1ccf504068dc4e317e176495e9021b109c97c72bc1 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_bn-IN.dll
| MD5 | f7d821198825ff1e2cf321d15e7033b1 |
| SHA1 | fce91abf0300084e22521c81f8d194965f25f556 |
| SHA256 | 3518a0aafab4518df873bfe4e1c9e71e3809e092870acdb12eaacfe52c01e25a |
| SHA512 | 85b196fe52121c49dddb552dfdaf3f986160b53a78523760dd94ca08cafc5ba75098a744dc5e605419c9914a111dd207d7d737afb91d73bee7ccf0cf83a8dbfb |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_bn.dll
| MD5 | a164b4c542d58d702e81e05024d95459 |
| SHA1 | e034353f3b1e2afff2ec5c36b36028a94bba9567 |
| SHA256 | f332fd86ea630afb90bc9d50925b25bd85037e18f186aa45c047fc179ccd77a4 |
| SHA512 | f7f22ae416d949a45887e0f0f6f67f6b9518d8f5a26578365dc1bbe979f731eaacca34a53c1d55947ba9cb99697df6ea628f005701f711afbd73fc356f848893 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_bg.dll
| MD5 | 7efa4d227351f5deab462bce9149d40c |
| SHA1 | 85cfaed5408724398f9a3584f9737ac24f4993a4 |
| SHA256 | b36e0c8bb231ec5597b6a8e86379400d1c3dd2218ec8f401c53538ba7fdbc383 |
| SHA512 | 88dbf96fbe3b1756799f6dd9f216e26449277f0b692fcedf099ee5b8563ec2b44de967cfaac0ea7baf072992b0e24166986070811c6a752923c6894961ab3f36 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_az.dll
| MD5 | ef2bdeeade769996349c0a0f4a7c5872 |
| SHA1 | 8d3944bebeca2cc674b0459c637e125df0621967 |
| SHA256 | 6d23e6e87ce3e847ed059781bf895c846e5e34e66083f92089cf08b403432a55 |
| SHA512 | 260d001693a36c7a5db55739d1781bc41b7c76a182d6761229af2723ec223b426b4b4b568544bcd1c97b2415821f2a9514a49c5483f9038438349f7dc31993b8 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_as.dll
| MD5 | 009dce4ff4b372178c28397fce96a59f |
| SHA1 | 92277110bc332fe7863beb2ddd4e09fbc55bf81c |
| SHA256 | d333edca46076709ce749e5c55efc888e49120e27c63ffecdf3e78222ea155e5 |
| SHA512 | 4661f3262e7f002916530cb2c9c70d2de5297ba634ad451d4fb39870a26d1a829082995737b5c0b0911c32a20720862dd753330aeb30e993a882fb4fbb110c43 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_ar.dll
| MD5 | ff770d70c8ba319bd01ca708e2644572 |
| SHA1 | 6b8c84053f4ae62afdc7002cb3f2e849800dcbb9 |
| SHA256 | db673f6e96287e8827ffdea3ae880aebb5f1b2bc5d45bf26be6513629ed12f1b |
| SHA512 | 8bdd358dcff62a0e3927202e7bcb85d374a2cc351e940707ed4d2638f4f40b3666c7741345f6c0bcfa75b9b3204c1a821dbb44458fdda95a05b0b6a253890cd1 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_am.dll
| MD5 | 9a1b664570e9631e6cedf8c2d662421f |
| SHA1 | d9efd018975d111a08e35fa92b1d8955dc31eb5f |
| SHA256 | 52d1f080f3c41c4579603c3cca47b6667472d6b4ed787a3dd7d345ed8b3ac747 |
| SHA512 | 69d4b33cecc3280ba369dbdf60fae92481e8965d6640a1424ac4d72a2355f3d0c367469f638ea6296c1e508fc906f94a2987eddf9cff3ca13659113cd4c178ef |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\msedgeupdateres_af.dll
| MD5 | b02f36aca674edfd030906d8aa7d3e11 |
| SHA1 | 638981c1e6713e1c2ce2f551bf7326a1d48ae3c7 |
| SHA256 | 962a6ed3be729a924512528f6170fcec6a86bcdc37f89faf8df3e31fb2c9bf21 |
| SHA512 | 2b5c087c5a1a12e87b6b3ad621b9d5e0380f0a962a727bd261ab1b0ed0a40aa9d7c2500648469758889df598b86e343cb2a3f2d034d07250243a7d1e99dbdfb5 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU3E03.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 23a351591308d49bfe2625d302820715 |
| SHA1 | 4787ceafc8492b09f85a1c8abb7e5d0c07f52e96 |
| SHA256 | 7610b2c0bf22563e850e185864d9244eee94c853e6595cd18ac59b6d603af651 |
| SHA512 | cb266826f6ca3de75968dffebd2a3b480fd3348fa1c0b972851f1008540285cf93158555448446fb8b83f1fbff726221e05a3a18b11da0518ad65283d8eb8247 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | ac0c3ce5c9c6017d85d063255d311d73 |
| SHA1 | ac86a5b6e1b7d6ddb4d356528be625e7233768fd |
| SHA256 | 38417b7f6bd1543ec96241fd6aed6976d3f69bf24360474acd13e6345ad1d004 |
| SHA512 | dacfd1f94edf1d80c1dcea22d20f1ce142be02da3043cf484599958e2857ba6c4c4f210ff7b94fa8688a9b1da855bb2f60af769202c92c187228f8062ac3f827 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\122.0.2365.92\MicrosoftEdge_X64_122.0.2365.92.exe
| MD5 | 8160c90cae55f2e055b69bca9c804c3b |
| SHA1 | a138017286fa473d24d89e1c35bbbed0eaa61fb8 |
| SHA256 | 9a7ee9528d4bd6d459d25c869755e199be11528e93345306d867a913f2a94dc9 |
| SHA512 | 006cb68f51d955c1dfd78fdfbef5ce67c66e59ae356ee01e85f6102472b041b1ae398b0e9db2b5378f2613dd406da621bf59383ee9bb9f560532d3b876b8ef67 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 5e2531297ff9cdbdaa6cfd3ff5a1e194 |
| SHA1 | 4e0fa7d277a356cf8d7efb955c2ba91119b2edf6 |
| SHA256 | fbf08146e719695d80c9f4bb6589111069066b925d1266f54d4af8ba22a6c5e1 |
| SHA512 | 7f60082c51e46ef3d890f606096aaf0c8201d877e109a081630d1d7e1254e7f3957d3a841127556f5df86157fc286fb634622e496f320d998d206f4a18676adb |
C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.92\Installer\setup.exe
| MD5 | e57d4e600d42e4c112b8a5f43297c37e |
| SHA1 | 0981c5251048f46cb425313d9c20f21cd51c4fd3 |
| SHA256 | ca273139b833de79d48b91263b81f3b37e164706e4dedbd1990c0e0d09ba3161 |
| SHA512 | c7a831349e02c5ca30b4b3c708828a595b05f54e51f7e4eedb316ab0d855fb6a78a39d97887fcaac55547bb229983c119f75feb53992e6f30c46c52035767b62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ffd9b38af490efd36dd958b3e6f0423f |
| SHA1 | d4ccc72f66447a0413225d746858a436e72ddc86 |
| SHA256 | 8e139278f9f68adc2861ae46a5d548c95e51b4a6882d16eb33800556dc95ca4d |
| SHA512 | 198ea448e05e366e7b63c6f2b01a4bece79b91608b4c96edc50966d70b46f356dda82dc4b48382bfbbf85edb4e06926b18e672a432a9cb8d3d0742a105278abf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d448472dfe4cbe5a9805221b46a2e646 |
| SHA1 | 623f87d25ab1bc56533f77d93895214f0ecdfe8f |
| SHA256 | 99b5c73b4f2d7fd65b78c42249e31e15182d9c55906702dbe328a6bc9de167ef |
| SHA512 | 838c1876656f135f1ea6b6c9b0f20eb94eca01bdfd7edd92be8ef78efe8fa4ba1e5be464877068aee7306df2731b66ec6c17781eddc94515ce96daa39633fd2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | abbd7d09c9cf99703388aaf6a10cc0f4 |
| SHA1 | 0e38afe5f56163e0aaba9afa8b13b06a75d30676 |
| SHA256 | 5875cb182bd50042af2e40bc65480ac7e5cbee4ccdaf1ba5d9906fe360ed04a0 |
| SHA512 | 4c4baa3382a81a4ccc545e2e454b68c54df8dd3c03ac72e436e000d22d2513e95334d3c766bda443dc90ab7e052395205082c75dc45fed15c7b2afd5e49aa6e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 92fbaed0bba80db43c3f708e378e8b99 |
| SHA1 | 21260ccbb21079598d886b738b8cfc5293457344 |
| SHA256 | 6fa6b9bd3b50998a9edd96b185eb512fbd75292b23f19b49713dfe885479a59f |
| SHA512 | 413cb378ee17481bc7a73514637dee7307325aec5e82ef7b92018fc688da6bc226e90577376d77416002b9f853d42cf16316edf16235a75acf5e70b61eb9451d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4b842823d2b0ba1ff3c4a8bfacb82bd0 |
| SHA1 | 160a0a6d3ecfd1d4377ddde9aaf41a93af8a63f2 |
| SHA256 | 3c7bf2d70fd0aec28533781e23e242be58516037ca03bea4c12c34481287ae25 |
| SHA512 | 423be9da8e5b65ba2b779a5050549e324911b97740c3909487749026d551a42eb5a60aa2e2b4a8d0c511a25c087a07629b3053b75df380e7de1df1a515f29b01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
| MD5 | 47d41a980668e9bfae197488d6d56feb |
| SHA1 | 8acd8919b112d637a18e4c2f79f61fd62d2a1e6d |
| SHA256 | 87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43 |
| SHA512 | 165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | 8763fe2dc569a1b609b5e6d195f45fb6 |
| SHA1 | 0f4974db0aa9202dd0707dd61ba2608920ed8e90 |
| SHA256 | fa8f5b17b3a48f235c064274712e089b0019aef3d6f1246c3fea3eeca3a5d488 |
| SHA512 | 7a2431bd38de09875fdda472117ca1680f06367e74e6cfbb232f3ac1987984e611175c8813096d779f449f4b342ed7859df0aa2b6500ca52b6a0c537a1b798c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\3a71f882-81a7-488f-88e6-187bae9aa5a3.tmp
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\94d569bc-a5ab-491d-a0e3-8dc69a9e5ada.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\10aad79c-492e-4f98-ab79-609063d40e32.tmp
| MD5 | fc21c3084ece86a867515f4112126d22 |
| SHA1 | 7ad412386eeda21136ab332edced98af075cccd2 |
| SHA256 | 378723490592c0627ac18a287f9a9cb74970c3c6e10a177c322282bfc1d01e01 |
| SHA512 | 37777d2f86d5586b5db02fe8df853814ff0b1fcf0141adb8cf0a42ce3c15c5da8f65de89e2deb8c13040302f95c6b0ff523a4288c5d38ff7977212aa011b1309 |
C:\Users\Admin\AppData\Local\Temp\3c2ca734-9f1a-4bf3-8a67-4b7989e6c13d.tmp
| MD5 | 78e47dda17341bed7be45dccfd89ac87 |
| SHA1 | 1afde30e46997452d11e4a2adbbf35cce7a1404f |
| SHA256 | 67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550 |
| SHA512 | 9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp
| MD5 | 66f29c96ff7cc7fb0fe8faf0513fb47f |
| SHA1 | 5c1d8d02e20692858a86c0bb8f7cccca66935136 |
| SHA256 | 0a83b8ca5394abe033bcade578e0224f3a883b5c806c9da09791296e5e72b1da |
| SHA512 | 134743152cf07a459ab067e232e1db9bdadd78d077e557bef094ce6f5c92c644af5361eba651d43a2c603d833016475e8bfd92e3503125fb9c9e645239f49f28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt~RFe587913.TMP
| MD5 | 4ffea1e67ca3ae52f43013ca7f463bc3 |
| SHA1 | 34f1d2f941f9ae619a4b3c2270037c46c3c3f6a1 |
| SHA256 | 19c0473fb22868683bcc7167159e018072f099948fe4153543e8a6ba189f0066 |
| SHA512 | 5cee2262ec5e53c3d034e3f1f6371cb097ec82d3150b0f3a7051b782543c6ec835de21001cd90f84016269d035eaa56ab178717093d91492dac5059d571654d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 9c20468d3a201e0a14e2e20b362835b8 |
| SHA1 | 833ec477a69f5e10f631788c0e202181a53254fa |
| SHA256 | 007c04c51e76d14bddb99415859e5c2caab86f00e1490fb048f5da6e20127bc6 |
| SHA512 | ef9789a7a7d3ddba55ba406cf22aa300a9a351dcc0a8ae713ee1a75bc05c5edcafa260160326f77d3694917046029de5a90a5cad2ae4243aa0edd12092f591e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f88e7d4c-327e-4dcb-bd60-764915e62efb\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | e8a267384532d362c2329263853b7f3c |
| SHA1 | 924823eec4d8b01e90fbfe55a92f49c1701c89a0 |
| SHA256 | ecd501b440fd62b924b16e683af30b64ad6ae45dc06d5f807c4d77a1b0e934ff |
| SHA512 | 8782bc7134fbde9b1e903780240443bd559f32b67b672f87f9419aa0749d34e3a3e5d452419f1854e3d2d95bac326a65a8ec94d5f9c570265eebfa7a4ffc7c28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\content.js
| MD5 | 3d20584f7f6c8eac79e17cca4207fb79 |
| SHA1 | 3c16dcc27ae52431c8cdd92fbaab0341524d3092 |
| SHA256 | 0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643 |
| SHA512 | 315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 91859521a6b6ca7e24682f788fff2638 |
| SHA1 | 3b57a53bfbef270fe71faaa9578d5a619bce7343 |
| SHA256 | bc7939795ca39b4245a8b4aefb0b5f86c2c55af9617bdda710a9eb4d3aa8b873 |
| SHA512 | af985969808a62d1700f878ce5e861b2050ce2f058b74d38e220d4ae64c65eb6f3b3324c55bc25579811b43d386b5885944ad091bffe28d969c0be4f5a748f3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6ec3b4e1166e005570f9ec4ed45719ec |
| SHA1 | 02e8d6c5300ded002b1c6cf131f5b3cca163382b |
| SHA256 | 8d1812bc6684e9f7dd7cbcfc08a5c9d2dec6bf436abfa8967f5d97e14350e521 |
| SHA512 | 697dee675e5fb5618b1aca76fe3caf46d945cf8e07f1a2b482aeb8a5a3370bab4c35b772e49d4c1c8a0cdca52849a65aa7745c61c5bed5bfd9ac8e031d334e85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 16fe6ede1b28e332a9485086636fec0a |
| SHA1 | c2e6d73db4c534265f1c8bdeb9e1de828dbad218 |
| SHA256 | 76015a89ac46292314023a94ae6adb91f7bb0c4290ed47996acf1958f2040413 |
| SHA512 | 8ba4c7a7d779d28e19e3efbcd47a51739fbb01d6d4dc2a53a292c7dea2cdbc0ef8634a3398809707f2262fd5d4061dc68af7e6584617bf8b85dcbeb92418b4d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\4abc77c0-37bc-4354-a4fd-8170afa51be9.tmp
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 9c7d436bf2b076a7ab4df36ae0d7c26c |
| SHA1 | 1083d986d0597e277220dee700b8d2bde64b671f |
| SHA256 | 6a11c20d04bfe4a026587a068226fe40aa5462ee163cf8a95d1649e147e28172 |
| SHA512 | 3f1438168ad12f6f8968cf9b30e822c74664c1372c5623dd60ca5bff9114a5adfcd07608ec434566f58d4313af7bde9a2a25ce779a6007ed82410465c669da15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RFe58b86e.TMP
| MD5 | 8dff09964e4732fb1ca7d4bfca9fe678 |
| SHA1 | cf59a722011e6919345ab1ec37c282ab24f56570 |
| SHA256 | 5f7ef9f502b637a57725080dcbbcced25aa9b01ef2c53aabe12afadeec4ac25a |
| SHA512 | 68f99b06a92d08860576266fab55e1df1611062d397e6f65a1c384bd766cd0bfc09475c0aefb0ef200c3522059ba1442bee764aeb34761f249752d7370e3a738 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b9651c8ab2c85324552a78e9505ca719 |
| SHA1 | 4ba2f02f1810148e2c2c31d8dc5b690534d881a8 |
| SHA256 | 450b08001365c827d1b2c7ec334eabc87051f6236bd88f7d60987c48cbd151c7 |
| SHA512 | 282a23ceb6316052b8eac8226508e9d9a8bec82c97b90cffcc2fba976171a5594aa71e96a66882248052f9e28b64160d0a445f8a3d4572bf2a32e8303b5e7ed2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58c8d9.TMP
| MD5 | 86516f2701d679f8fe367abe55a65afe |
| SHA1 | 787c6fc1182a1ae5a053fe65ebe1b3996912bec4 |
| SHA256 | 322e4c7ae0bde676a7bb98032e9ff0d23d413f1cdcc7623985d45156701fec48 |
| SHA512 | 6cb1730d79b1a53ee4c6f46b1a1cd4b4d86974727d4a1e5aa14969e8e64d808492294c2a684db729fae07ab9131221c23c8165d522d058cfd02919e34e440c51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\61032af3-9e35-45d8-ae9a-f66b7bb0e08b\index-dir\the-real-index~RFe58cafc.TMP
| MD5 | 5235fb18195663ad42a8ab4cdf0de8a8 |
| SHA1 | ad74f77e6864c1ad4ab41741266a75dec7bbcce5 |
| SHA256 | f500acd8ed4a6a8c81cd5b2039be4a8c416ded3dc74517e61238af56f3d0ec48 |
| SHA512 | 66ca73f361381ed6bfced1e3479aa45b5c8964e2ed3f3e6b59a28b090e3aa116163751b8251b475f5b2fcd84d3db87113bd65cf79234b6c6d7f5a8f8ef129261 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\61032af3-9e35-45d8-ae9a-f66b7bb0e08b\index-dir\the-real-index
| MD5 | 6a4317d52d78cd2b2b818a7a6e0edda8 |
| SHA1 | dbcf165e23852607505adbe6e0dee9863ef3453c |
| SHA256 | 570c1dd6be1f83a9cf7020de1c737946795a4a139090785f04d993a6c5a32129 |
| SHA512 | 9f84741f7e2d202871fd513db2b9cbaea46f45821fdc807d7d348f16a42623de3b4091e6e83ad6fde04ddbc570ec12ea79c7aa0fa367aa70101213df73fad1ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 28c5816660cf92075126ea4ef37b7840 |
| SHA1 | 4ab9ce8835442b72efecfd9e98dd898c7d262da6 |
| SHA256 | 07ff85f9ebfd6ddbad7e9fec301d0ca8dbeae3284bbf2ec41bc59a36cd133109 |
| SHA512 | 9a084ebdef4314d70478f39c25b7fc1e6060c83911ef5e4c8122deeff226fd035bf59e7301af910dee4e40327de7e6f9c97fb38562174aa2efc8bb6737949b76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f88e7d4c-327e-4dcb-bd60-764915e62efb\index-dir\the-real-index~RFe58e663.TMP
| MD5 | c3c9ba51575b077cc223f228de4dcf76 |
| SHA1 | 804bfa86bcd63f3b812f8ebcf9c5e71db4eb916f |
| SHA256 | a5468f47bc180c05e0dcab780676006a44b178eeb2304505e7f8ab37cac5b20a |
| SHA512 | 7e3171fc7db6e96b2054a0a2b4ac84cd00e7639ca5531a33d241c7236ff77b9b340bd937ddee41c1a5018da3591d7b2414ca6efaa46a4f8e6da0ad48221d8a41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f88e7d4c-327e-4dcb-bd60-764915e62efb\index-dir\the-real-index
| MD5 | 35cec6c4849bb31148839dcf5fdb0690 |
| SHA1 | 802bfd2bd916c14898a55bceacb4e4a4b59a26f3 |
| SHA256 | b890cfd8f185cc295c9d0b23d5ff8ccac8b86fdae9d29eea8fb2c3bbd5512084 |
| SHA512 | 7df4ec9cfc9289a93fc66cf535edb9aa5cea0d70ac2251bdc784152cec9931dca9133321ba5f3d22ee1897c70f84dfc690cd211714b3bac682bf015a1a2f84a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 0de84833b0dceb64356e3ee3b1db9080 |
| SHA1 | ddb77ae560be6fbed5a420b7f96060987f4118b9 |
| SHA256 | 5ea15022393bc455aad8df8ec50ce897abadf0b7aa3ae60d980cebdc29eef7b4 |
| SHA512 | c159b2b3f0cbce38704f84dda90b968fb31143a935998342f8ee00756f69badcfdfb5bfb0a3564c35e7ce5a2a22c0d3e61765414acc08564a618e9295eb62c80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 7c5dfeb63d3170cdf9057cbaafcc82b8 |
| SHA1 | 70999d8395a542947fb993a1c6c8c640cd5886d9 |
| SHA256 | 70f19488bf72ea69acc000b30f9db3d2971b6e513e72ca769dc1eb2a6c2dd84d |
| SHA512 | 3b06db6241da45e18c8e7f5d4b2dfee4a25a43c53ad414869f28c3c29e718d4f105c7ea542595c17b5f3fa2b2e7b7ee612bc6713131f5b27fb17645e1962cc10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 5fa3f5229b050d3e301b9da64eccb850 |
| SHA1 | ad62511ac638a2a0a39448fc9f8cafb6b983adcd |
| SHA256 | ad25a0c196b21d84b477afeb3a88f6d7679e58f753f4dbf95cd7909d4b8be21d |
| SHA512 | e32b52e0d64c71e009e132ec9522274c4d7008b95df0206a45b62721016c4c0f1242e29663c345686b0180e50a646a575d0674e19bc70577ceb19f1a9893da49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 4ffa2d6f52b8bf696a672dae04ae3e39 |
| SHA1 | b6f2fb6a9950613c16e1f06e0f59a5e8af73611e |
| SHA256 | 2e8f2fdcc890c09e4c808c2a29ee0fa9ddaf124fb3b0973119bd17f459c64029 |
| SHA512 | 84c82b0a51ec394cbc07dad97a561d11721c77d15c8f65df8f0c9a3f05108faa1d689303296c1f24e7e8dcc549f624636d5ffa6e75ecd40e010c7e4a6073db70 |
C:\Program Files\chrome_Unpacker_BeginUnzipping4628_1686004857\manifest.json
| MD5 | 55cf847309615667a4165f3796268958 |
| SHA1 | 097d7d123cb0658c6de187e42c653ad7d5bbf527 |
| SHA256 | 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877 |
| SHA512 | 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 106ca2d2597d1d9eeef7becbe6e6b963 |
| SHA1 | e2c69df9d286d8e1067677e6d70e108fb51ee7c4 |
| SHA256 | fee576dd145c3c49bdc36d7af44b925d08360f2b01afe9d38fb83e651844c165 |
| SHA512 | d720d5df1918443a0c6c91509977d27cf348db379dd27b337fbb256880bdc3c8b33eef42e1842adf6b1d7d0372df2c43065627e0bacd02279d5438b83da3c9b7 |