Analysis Overview
SHA256
bc07898a6136045b88ae61abdf5cb081a4b7ad792c555afce1c42b3ce43cdf0a
Threat Level: Known bad
The file Nezur.exe was found to be: Known bad.
Malicious Activity Summary
UAC bypass
Modifies WinLogon for persistence
Downloads MZ/PE file
Disables RegEdit via registry modification
Loads dropped DLL
Executes dropped EXE
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Adds Run key to start application
Drops desktop.ini file(s)
Checks installed software on the system
Sets desktop wallpaper using registry
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Unsigned PE
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
NTFS ADS
Modifies registry class
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-07 22:44
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-07 22:44
Reported
2024-04-07 23:07
Platform
win11-20240221-en
Max time kernel
1201s
Max time network
1215s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe,C:\\Windows\\winnt32.exe" | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
Disables RegEdit via registry modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| N/A | N/A | C:\Windows\Temp\{71AD48C5-0E29-4DA3-921F-0D59F33F2C6A}\.cr\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| N/A | N/A | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Software_Launcher_v3.1.1\Software_Launcher.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Software_Launcher_v3.1.1\Software_Launcher.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Antivirus 2021.exe | N/A |
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\{24a68a65-6ac6-4276-9d7d-2c3939d8474e} = "\"C:\\ProgramData\\Package Cache\\{24a68a65-6ac6-4276-9d7d-2c3939d8474e}\\windowsdesktop-runtime-7.0.17-win-x64.exe\" /burn.runonce" | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
Checks installed software on the system
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Public\Desktop\desktop.ini | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
| File opened for modification | C:\Users\Admin\Desktop\desktop.ini | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Local\\noescape.png" | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.IO.Pipes.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\de\System.Windows.Forms.Design.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ko\PresentationUI.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\de\PresentationUI.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\System.Drawing.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ja\UIAutomationClient.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Net.Mail.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.IO.Compression.ZipFile.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\PresentationFramework.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Diagnostics.Tracing.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\Microsoft.VisualBasic.Core.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\Microsoft.CSharp.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\fr\PresentationUI.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ru\System.Windows.Input.Manipulations.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ja\UIAutomationTypes.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\swidtag\Microsoft Windows Desktop Runtime - 7.0.17 (x64).swidtag | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Reflection.Emit.ILGeneration.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\vcruntime140_cor3.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Reflection.Primitives.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\mscordaccore.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Threading.Channels.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Runtime.CompilerServices.Unsafe.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\System.Windows.Presentation.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\fr\UIAutomationClient.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\WindowsBase.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Threading.Timer.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Net.WebSockets.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Buffers.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Threading.Overlapped.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Linq.Parallel.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\WindowsBase.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.IO.FileSystem.Primitives.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Console.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\System.Design.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.IO.Compression.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ru\System.Windows.Controls.Ribbon.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Net.Security.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\System.Printing.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\Microsoft.WindowsDesktop.App.runtimeconfig.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\zh-Hans\UIAutomationClientSideProviders.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\pt-BR\PresentationCore.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Threading.Tasks.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Threading.Tasks.Extensions.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\tr\WindowsFormsIntegration.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\it\System.Windows.Forms.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\cs\System.Windows.Forms.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\pl\ReachFramework.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Diagnostics.DiagnosticSource.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Net.WebHeaderCollection.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\zh-Hans\System.Xaml.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ru\ReachFramework.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Reflection.DispatchProxy.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Private.Xml.Linq.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ja\System.Windows.Input.Manipulations.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\de\UIAutomationProvider.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Runtime.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\it\Microsoft.VisualBasic.Forms.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\ko\System.Windows.Controls.Ribbon.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\es\System.Windows.Input.Manipulations.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\createdump.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Diagnostics.Tools.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.17\System.Net.ServicePoint.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\pl\PresentationUI.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App\7.0.17\fr\UIAutomationTypes.resources.dll | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Installer\e598eaa.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFB5128C87DAF4C343.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSICBB.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI5178.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598e9e.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\C2F0B9809D7807446B6E51D46D69C165\56.68.10360\fileCoreHostExe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF1C20946618118253.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAA7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF660A0140F426FB60.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF3D.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF3E843AC48CB4F886.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF21309C2C064E628F.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\C2F0B9809D7807446B6E51D46D69C165 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{93812F65-BAA9-42E0-AF19-F15F39A92E3C} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI8C2.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFAC98C4B810A76CF4.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e598ea4.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598ea9.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\winnt32.exe | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFC51C5A292E74E168.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFCCEB8F26B6BFD6C0.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF11DDDFCC86D0ABF1.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF0644F0215283281C.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\winnt32.exe | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIECD7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF2E1457F28EF16BB4.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e598e9f.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI4A9.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{A638EFAE-5229-46A8-9A18-D0FF9D9827D2} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF9B1CF5566F103E19.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e598eaa.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\$PatchCache$\Managed\C2F0B9809D7807446B6E51D46D69C165\56.68.10360 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\$PatchCache$\Managed\C2F0B9809D7807446B6E51D46D69C165\56.68.10360\fileCoreHostExe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF038664D00A6393A5.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI13F1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598ea3.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{089B0F2C-87D9-4470-B6E6-154DD6961C56} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{6B4D3428-4800-446B-971F-62A7377F06F6} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DF6B7E8AD5D452902A.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFD2DB2CA8CA4A76D6.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFD15.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI285.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598e9f.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598ea4.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598eae.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\~DFAB7FD7D84C4762B3.TMP | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e598e9a.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e598e9a.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIF1CA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI630.tmp | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\24 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" | C:\Windows\system32\LogonUI.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\22\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\22 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\25 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\25 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\23 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "124" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\23 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\24 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\EAFE836A92258A64A9810DFFD989722D\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\56F218399AAB0E24FA911FF5939AE2C3 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3084248216-1643706459-906455512-1000\{3767DD93-38B5-4F95-9C10-BECFE857FBA1} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\EAFE836A92258A64A9810DFFD989722D\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\56F218399AAB0E24FA911FF5939AE2C3\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202020202 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{24a68a65-6ac6-4276-9d7d-2c3939d8474e}\DisplayName = "Microsoft Windows Desktop Runtime - 7.0.17 (x64)" | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\C2F0B9809D7807446B6E51D46D69C165\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\EAFE836A92258A64A9810DFFD989722D\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\dotnet_runtime_56.68.10360_x64\Version = "56.68.10360" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0000000001000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_HostFxr_56.68.10360_x64\Version = "56.68.10360" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8243D4B60084B64479F1267A73F7606F\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{6B4D3428-4800-446B-971F-62A7377F06F6}v56.68.10360\\" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\dotnet_runtime_56.68.10360_x64\Dependents | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\windowsdesktop_runtime_56.68.10379_x64\ = "{93812F65-BAA9-42E0-AF19-F15F39A92E3C}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\56F218399AAB0E24FA911FF5939AE2C3\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{24a68a65-6ac6-4276-9d7d-2c3939d8474e}\Dependents | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\EAFE836A92258A64A9810DFFD989722D\SourceList\PackageName = "dotnet-runtime-7.0.17-win-x64.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\8243D4B60084B64479F1267A73F7606F | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8243D4B60084B64479F1267A73F7606F\PackageCode = "E1DEC18EB86A3C24E93AD744A7A9CCF7" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_7.0_x64\Version = "56.68.10360" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_7.0_x64\DisplayName = "Microsoft .NET Host - 7.0.17 (x64)" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\{24a68a65-6ac6-4276-9d7d-2c3939d8474e} | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{24a68a65-6ac6-4276-9d7d-2c3939d8474e}\ = "{24a68a65-6ac6-4276-9d7d-2c3939d8474e}" | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\dotnet_runtime_56.68.10360_x64 | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\C2F0B9809D7807446B6E51D46D69C165\MainFeature | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\EAFE836A92258A64A9810DFFD989722D\Version = "943990904" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\56F218399AAB0E24FA911FF5939AE2C3\SourceList\LastUsedSource = "n;1;C:\\ProgramData\\Package Cache\\{93812F65-BAA9-42E0-AF19-F15F39A92E3C}v56.68.10379\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\EAFE836A92258A64A9810DFFD989722D\PackageCode = "72F4FFFA326817440BB78D19B5C07B35" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\0CDC6D012275297408FC47E8F4FA7EDB\EAFE836A92258A64A9810DFFD989722D | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\C2F0B9809D7807446B6E51D46D69C165\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_7.0_x64\ = "{089B0F2C-87D9-4470-B6E6-154DD6961C56}" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\C2F0B9809D7807446B6E51D46D69C165\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\56F218399AAB0E24FA911FF5939AE2C3\Provider | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\EAFE836A92258A64A9810DFFD989722D\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Installer\Dependencies\Dotnet_CLI_HostFxr_56.68.10360_x64 | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\C2F0B9809D7807446B6E51D46D69C165\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\56F218399AAB0E24FA911FF5939AE2C3\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8243D4B60084B64479F1267A73F7606F\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\Dotnet_CLI_SharedHost_7.0_x64\Dependents | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\{24a68a65-6ac6-4276-9d7d-2c3939d8474e}\Version = "7.0.17.33416" | C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Dependencies\windowsdesktop_runtime_56.68.10379_x64\DisplayName = "Microsoft Windows Desktop Runtime - 7.0.17 (x64)" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3084248216-1643706459-906455512-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8243D4B60084B64479F1267A73F7606F\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\8243D4B60084B64479F1267A73F7606F\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 404340.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\windowsdesktop-runtime-7.0.17-win-x64.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Nezur_Loader.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\TrustLauncher.rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Software_Launcher_v3.1.1.rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 678314.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Antivirus 2021.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\NoEscape.exe.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Nezur_Loader\Nezur.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Antivirus 2021.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Nezur.exe
"C:\Users\Admin\AppData\Local\Temp\Nezur.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://aka.ms/dotnet-core-applaunch?framework=Microsoft.NETCore.App&framework_version=7.0.0&arch=x64&rid=win-x64&os=win10&gui=true
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xac,0x10c,0x7ff8d4a13cb8,0x7ff8d4a13cc8,0x7ff8d4a13cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5340 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6196 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5520 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,4052407275687631006,6561377161786180821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 /prefetch:8
C:\Users\Admin\Downloads\windowsdesktop-runtime-7.0.17-win-x64.exe
"C:\Users\Admin\Downloads\windowsdesktop-runtime-7.0.17-win-x64.exe"
C:\Windows\Temp\{71AD48C5-0E29-4DA3-921F-0D59F33F2C6A}\.cr\windowsdesktop-runtime-7.0.17-win-x64.exe
"C:\Windows\Temp\{71AD48C5-0E29-4DA3-921F-0D59F33F2C6A}\.cr\windowsdesktop-runtime-7.0.17-win-x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\windowsdesktop-runtime-7.0.17-win-x64.exe" -burn.filehandle.attached=612 -burn.filehandle.self=620
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe
"C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.be\windowsdesktop-runtime-7.0.17-win-x64.exe" -q -burn.elevated BurnPipe.{AEF44E77-7B2C-4DF8-9BF9-826B17BFCB9A} {B10D38E5-EC2C-4D10-BB87-7FA128C5D7F7} 1880
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding D33BB999D10681F78ADE9D304915598C
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 583C17566C1BC8BBE9B6AC7F87C37C4E
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 03F527B43E790FD1F54CE5ABE2F0E322
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding F6C9B668D56A25BD0CFC8FA1CBB0CAB6
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8d4a13cb8,0x7ff8d4a13cc8,0x7ff8d4a13cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1720 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5316 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5468 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004B8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7120 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,13184573854162141409,5040361473181629728,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=7120 /prefetch:2
C:\Users\Admin\Downloads\Nezur_Loader\Nezur.exe
"C:\Users\Admin\Downloads\Nezur_Loader\Nezur.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://1cheats.com/store/product/41-nezur-key-bypass-lifetime-license/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff8d4a13cb8,0x7ff8d4a13cc8,0x7ff8d4a13cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,12539606884552879085,2051230242366377280,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1976 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,12539606884552879085,2051230242366377280,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,12539606884552879085,2051230242366377280,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2600 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12539606884552879085,2051230242366377280,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12539606884552879085,2051230242366377280,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://nezur.io/key
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff8d4a13cb8,0x7ff8d4a13cc8,0x7ff8d4a13cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1880 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6340 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6056 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3760 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6500 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\TrustLauncher.rar"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\TrustLauncher.rar"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3196 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4996 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7316 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Software_Launcher_v3.1.1.rar"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7364 /prefetch:1
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Software_Launcher_v3.1.1.rar"
C:\Users\Admin\Downloads\Software_Launcher_v3.1.1\Software_Launcher.exe
"C:\Users\Admin\Downloads\Software_Launcher_v3.1.1\Software_Launcher.exe"
C:\Users\Admin\Downloads\Software_Launcher_v3.1.1\Software_Launcher.exe
"C:\Users\Admin\Downloads\Software_Launcher_v3.1.1\Software_Launcher.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4996 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5072 /prefetch:8
C:\Users\Admin\Downloads\Antivirus 2021.exe
"C:\Users\Admin\Downloads\Antivirus 2021.exe"
C:\Windows\SysWOW64\mshta.exe
"C:\Windows\SysWOW64\mshta.exe" "C:\Antivirus.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\497c835854254912b442f95ba627e96d /t 424 /p 1512
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8048 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,1732834358134447507,16614281292749428879,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe"
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe" -burn.unelevated BurnPipe.{2283F1CE-D622-447A-97CC-4BB9DC4EC952} {7C034ABC-E7E0-4939-94A3-B3E994514C3E} 6056
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe"
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe"
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa39bc855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | aka.ms | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| GB | 104.115.33.152:443 | aka.ms | tcp |
| GB | 104.115.33.152:443 | aka.ms | tcp |
| GB | 104.115.33.152:443 | aka.ms | tcp |
| US | 13.107.246.64:443 | dotnet.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| NL | 72.246.173.187:443 | www.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| NL | 72.246.173.187:443 | www.microsoft.com | tcp |
| IE | 52.31.160.208:443 | w.usabilla.com | tcp |
| IE | 66.235.152.225:443 | target.microsoft.com | tcp |
| IE | 66.235.152.225:443 | target.microsoft.com | tcp |
| US | 8.8.8.8:53 | 208.160.31.52.in-addr.arpa | udp |
| US | 20.42.65.91:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.10.230.54.in-addr.arpa | udp |
| US | 20.42.65.91:443 | browser.events.data.microsoft.com | tcp |
| FR | 68.232.34.200:443 | download.visualstudio.microsoft.com | tcp |
| FR | 68.232.34.200:443 | download.visualstudio.microsoft.com | tcp |
| US | 13.107.246.64:443 | consentreceiverfd-prod.azurefd.net | tcp |
| US | 13.33.50.59:443 | d6tizftlrpuof.cloudfront.net | tcp |
| US | 13.33.50.59:443 | d6tizftlrpuof.cloudfront.net | tcp |
| US | 13.107.246.64:443 | consentreceiverfd-prod.azurefd.net | tcp |
| US | 20.9.155.150:443 | westus2-0.in.applicationinsights.azure.com | tcp |
| GB | 2.18.66.88:443 | tcp | |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| JP | 40.79.197.35:443 | browser.pipe.aria.microsoft.com | tcp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| NL | 23.62.61.155:443 | r.bing.com | tcp |
| NL | 23.62.61.155:443 | r.bing.com | tcp |
| NL | 23.62.61.129:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | nezur.io | udp |
| US | 104.26.6.104:443 | nezur.io | tcp |
| US | 104.26.6.104:443 | nezur.io | tcp |
| US | 8.8.8.8:53 | ga.jspm.io | udp |
| US | 8.8.8.8:53 | framerusercontent.com | udp |
| US | 8.8.8.8:53 | app.framerstatic.com | udp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| US | 205.234.175.175:443 | ga.jspm.io | tcp |
| US | 205.234.175.175:443 | ga.jspm.io | tcp |
| US | 205.234.175.175:443 | ga.jspm.io | tcp |
| GB | 54.230.10.25:443 | app.framerstatic.com | tcp |
| US | 205.234.175.175:443 | ga.jspm.io | tcp |
| GB | 54.230.10.25:443 | app.framerstatic.com | tcp |
| US | 8.8.8.8:53 | 25.10.230.54.in-addr.arpa | udp |
| GB | 18.172.89.91:443 | events.framer.com | tcp |
| GB | 18.172.89.91:443 | events.framer.com | tcp |
| GB | 18.165.160.46:443 | framer.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 18.165.160.90:443 | framerusercontent.com | tcp |
| US | 205.234.175.175:443 | ga.jspm.io | tcp |
| GB | 54.230.10.25:443 | app.framerstatic.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 172.64.207.38:443 | use.fontawesome.com | tcp |
| US | 172.64.207.38:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 38.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 172.64.207.38:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 176.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.184.250.142.in-addr.arpa | udp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 194.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.97:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.240.235.135:443 | m.stripe.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| US | 104.26.5.38:443 | 1cheats.com | tcp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | udp |
| US | 104.26.6.104:443 | nezur.io | tcp |
| US | 8.8.8.8:53 | key.nezur.io | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| DE | 216.58.212.174:80 | www.youtube.com | tcp |
| DE | 216.58.212.174:80 | www.youtube.com | tcp |
| DE | 216.58.212.174:443 | www.youtube.com | tcp |
| DE | 216.58.212.174:443 | www.youtube.com | udp |
| DE | 142.250.185.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 246.185.250.142.in-addr.arpa | udp |
| BE | 74.125.206.84:443 | accounts.google.com | tcp |
| BE | 74.125.206.84:443 | accounts.google.com | udp |
| FR | 173.194.18.38:443 | rr1---sn-hgn7ynek.googlevideo.com | tcp |
| FR | 173.194.18.38:443 | rr1---sn-hgn7ynek.googlevideo.com | tcp |
| FR | 173.194.18.38:443 | rr1---sn-hgn7ynek.googlevideo.com | tcp |
| FR | 173.194.18.38:443 | rr1---sn-hgn7ynek.googlevideo.com | tcp |
| FR | 173.194.18.38:443 | rr1---sn-hgn7ynek.googlevideo.com | tcp |
| FR | 173.194.18.38:443 | rr1---sn-hgn7ynek.googlevideo.com | tcp |
| DE | 216.58.212.138:443 | jnn-pa.googleapis.com | tcp |
| DE | 216.58.212.138:443 | jnn-pa.googleapis.com | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| DE | 142.250.186.174:443 | youtube.com | tcp |
| DE | 142.250.185.78:443 | consent.youtube.com | tcp |
| DE | 142.250.185.246:443 | i.ytimg.com | udp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | udp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | tcp |
| DE | 142.250.181.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| GB | 18.165.158.133:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| DE | 142.250.186.42:443 | ajax.googleapis.com | tcp |
| GB | 18.165.160.37:443 | assets-global.website-files.com | tcp |
| GB | 18.165.160.37:443 | assets-global.website-files.com | tcp |
| US | 8.8.8.8:53 | 42.186.250.142.in-addr.arpa | udp |
| DE | 142.250.186.174:443 | youtube.com | udp |
| DE | 142.250.186.78:443 | suggestqueries-clients6.youtube.com | tcp |
| DE | 142.250.186.78:443 | suggestqueries-clients6.youtube.com | udp |
| DE | 142.250.186.78:443 | suggestqueries-clients6.youtube.com | udp |
| DE | 142.250.185.97:443 | yt3.ggpht.com | tcp |
| DE | 142.250.186.65:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 65.186.250.142.in-addr.arpa | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | tcp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| DE | 216.58.212.138:443 | jnn-pa.googleapis.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 142.250.185.97:443 | yt3.ggpht.com | udp |
| DE | 172.217.23.110:443 | play.google.com | tcp |
| DE | 172.217.23.110:443 | play.google.com | tcp |
| DE | 172.217.23.110:443 | play.google.com | tcp |
| DE | 172.217.23.110:443 | play.google.com | udp |
| DE | 142.250.186.65:443 | lh3.googleusercontent.com | udp |
| GB | 74.125.168.104:443 | rr3---sn-aigl6nz7.googlevideo.com | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| DE | 172.217.16.196:443 | www.google.com | tcp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | udp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | udp |
| US | 156.67.74.145:443 | trustsoftware.net | tcp |
| US | 156.67.74.145:443 | trustsoftware.net | tcp |
| US | 156.67.74.145:443 | trustsoftware.net | udp |
| US | 8.8.8.8:53 | imag.malavida.com | udp |
| US | 8.8.8.8:53 | docs.wallpaperengine.io | udp |
| US | 8.8.8.8:53 | static.wikia.nocookie.net | udp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| NL | 23.62.61.152:443 | imag.malavida.com | tcp |
| GB | 3.162.20.125:443 | static-00.iconduck.com | tcp |
| GB | 3.162.20.125:443 | static-00.iconduck.com | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 104.18.38.64:443 | i.pinimg.com | tcp |
| DE | 178.162.193.112:443 | docs.wallpaperengine.io | tcp |
| DE | 74.120.188.204:443 | static.wikia.nocookie.net | tcp |
| US | 172.67.190.76:443 | seeklogo.com | tcp |
| US | 172.67.190.76:443 | seeklogo.com | tcp |
| NL | 23.63.101.171:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 204.188.120.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.190.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.101.63.23.in-addr.arpa | udp |
| GB | 146.75.72.193:443 | i.imgur.com | tcp |
| US | 107.161.178.166:443 | lflsoftware.com | tcp |
| US | 107.161.178.166:443 | lflsoftware.com | tcp |
| US | 107.161.178.166:443 | lflsoftware.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| GB | 13.224.81.74:443 | cloudconvert.com | tcp |
| GB | 13.224.81.74:443 | cloudconvert.com | tcp |
| GB | 13.224.81.93:443 | api.cloudconvert.com | tcp |
| GB | 13.224.81.93:443 | api.cloudconvert.com | tcp |
| GB | 13.224.81.93:443 | api.cloudconvert.com | tcp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | udp |
| DE | 216.58.212.174:443 | www.youtube.com | udp |
| DE | 116.202.236.233:443 | anyconv.com | tcp |
| DE | 116.202.236.233:443 | anyconv.com | tcp |
| DE | 142.250.186.110:443 | apis.google.com | tcp |
| US | 104.18.20.206:443 | a.pub.network | tcp |
| US | 34.160.152.31:443 | c.pub.network | tcp |
| US | 151.101.1.194:443 | confiant-integrations.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| US | 34.160.152.31:443 | d.pub.network | tcp |
| US | 8.8.8.8:53 | 110.186.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.152.160.34.in-addr.arpa | udp |
| GB | 3.162.21.19:443 | c.amazon-adsystem.com | tcp |
| US | 104.18.20.206:443 | a.pub.network | tcp |
| US | 104.17.246.203:443 | unpkg.com | tcp |
| DE | 172.217.16.194:443 | googleads.g.doubleclick.net | udp |
| US | 34.111.152.239:443 | optimise.net | tcp |
| US | 34.160.128.112:443 | api.floors.dev | tcp |
| US | 34.160.152.31:443 | d.pub.network | tcp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 34.111.152.239:443 | optimise.net | tcp |
| US | 34.111.152.239:443 | optimise.net | udp |
| US | 8.8.8.8:53 | 19.21.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.246.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.152.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.128.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 34.160.128.112:443 | api.floors.dev | tcp |
| DE | 142.250.185.130:443 | securepubads.g.doubleclick.net | tcp |
| US | 34.160.128.112:443 | api.floors.dev | udp |
| DE | 142.250.185.130:443 | securepubads.g.doubleclick.net | udp |
| DE | 172.217.16.196:443 | www.google.com | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 54.159.174.96:443 | sync.srv.stackadapt.com | tcp |
| US | 23.33.40.4:443 | analytics.pangle-ads.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| DE | 142.250.184.194:443 | cm.g.doubleclick.net | tcp |
| NL | 188.42.105.236:443 | sync.gonet-ads.com | tcp |
| US | 70.42.32.159:443 | b1sync.zemanta.com | tcp |
| DE | 142.250.184.194:443 | cm.g.doubleclick.net | udp |
| DE | 116.202.236.233:443 | anyconv.com | tcp |
| DE | 142.250.186.65:443 | tpc.googlesyndication.com | udp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 174.137.133.49:443 | dsp.adkernel.com | tcp |
| NL | 31.220.27.134:443 | s.uuidksinc.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 34.128.133.112:443 | ads.avads.net | tcp |
| US | 34.128.133.112:443 | ads.avads.net | udp |
| DE | 216.58.212.174:443 | www.youtube.com | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| DE | 142.250.185.150:443 | i.ytimg.com | udp |
| GB | 74.125.168.167:443 | rr2---sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | udp |
| GB | 74.125.168.104:443 | rr3---sn-aigl6nz7.googlevideo.com | udp |
| DE | 142.250.185.97:443 | yt3.ggpht.com | udp |
| GB | 74.125.105.10:443 | rr5---sn-aigl6ns6.googlevideo.com | udp |
| DE | 172.217.23.110:443 | www.youtube.com | udp |
| DE | 172.217.23.110:443 | www.youtube.com | tcp |
| DE | 142.250.186.65:443 | tpc.googlesyndication.com | udp |
| GB | 74.125.168.169:443 | rr4---sn-aigl6nzl.googlevideo.com | udp |
| GB | 173.194.183.104:443 | rr3---sn-aigl6nek.googlevideo.com | udp |
| GB | 74.125.175.135:443 | rr2---sn-aigl6nzr.googlevideo.com | udp |
| GB | 74.125.175.134:443 | rr1---sn-aigl6nzr.googlevideo.com | udp |
| NL | 216.58.206.66:443 | googleads.g.doubleclick.net | udp |
| NL | 149.154.164.13:80 | telegra.ph | tcp |
| NL | 149.154.164.13:80 | telegra.ph | tcp |
| NL | 149.154.164.13:443 | telegra.ph | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| GB | 145.14.153.202:443 | spottedhorsetradepost.com | tcp |
| GB | 145.14.153.202:443 | spottedhorsetradepost.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| DE | 172.217.23.110:443 | www.youtube.com | udp |
| DE | 140.82.121.3:443 | github.com | tcp |
| DE | 140.82.121.3:443 | github.com | tcp |
| DE | 140.82.121.3:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| DE | 140.82.121.5:443 | api.github.com | tcp |
| DE | 140.82.121.9:443 | codeload.github.com | tcp |
| US | 104.21.30.29:443 | handbreeadretwaiw.shop | tcp |
| US | 104.21.30.29:443 | handbreeadretwaiw.shop | tcp |
| US | 172.67.185.32:443 | cleartotalfisherwo.shop | tcp |
| US | 172.67.185.32:443 | cleartotalfisherwo.shop | tcp |
| US | 8.8.8.8:53 | 32.185.67.172.in-addr.arpa | udp |
| US | 104.21.44.125:443 | worryfillvolcawoi.shop | tcp |
| US | 104.21.44.125:443 | worryfillvolcawoi.shop | tcp |
| US | 104.21.18.233:443 | enthusiasimtitleow.shop | tcp |
| US | 104.21.18.233:443 | enthusiasimtitleow.shop | tcp |
| US | 104.21.22.160:443 | dismissalcylinderhostw.shop | tcp |
| US | 104.21.22.160:443 | dismissalcylinderhostw.shop | tcp |
| US | 104.21.67.211:443 | affordcharmcropwo.shop | tcp |
| US | 104.21.67.211:443 | affordcharmcropwo.shop | tcp |
| US | 8.8.8.8:53 | 160.22.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.44.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.67.21.104.in-addr.arpa | udp |
| US | 104.21.23.143:443 | diskretainvigorousiw.shop | tcp |
| US | 104.21.23.143:443 | diskretainvigorousiw.shop | tcp |
| US | 172.67.166.251:443 | communicationgenerwo.shop | tcp |
| US | 172.67.166.251:443 | communicationgenerwo.shop | tcp |
| US | 172.67.144.218:443 | pillowbrocccolipe.shop | tcp |
| US | 172.67.144.218:443 | pillowbrocccolipe.shop | tcp |
| GB | 74.125.105.10:443 | rr5---sn-aigl6ns6.googlevideo.com | udp |
| DE | 216.58.212.174:443 | www.youtube.com | udp |
| DE | 140.82.121.4:443 | github.com | tcp |
| DE | 140.82.121.5:443 | api.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| DE | 140.82.121.6:443 | api.github.com | tcp |
| DE | 140.82.121.3:443 | github.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| NL | 23.62.61.97:443 | r.bing.com | tcp |
| DE | 140.82.121.3:443 | github.com | tcp |
| US | 52.167.30.171:443 | fpt2.microsoft.com | tcp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| DE | 216.58.212.174:443 | www.youtube.com | udp |
| DE | 140.82.121.5:443 | api.github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7c194bbd45fc5d3714e8db77e01ac25a |
| SHA1 | e758434417035cccc8891d516854afb4141dd72a |
| SHA256 | 253f8f4a60bdf1763526998865311c1f02085388892f14e94f858c50bf6e53c3 |
| SHA512 | aca42768dcc4334e49cd6295bd563c797b11523f4405cd5b4aeb41dec9379d155ae241ce937ec55063ecbf82136154e4dc5065afb78d18b42af86829bac6900d |
\??\pipe\LOCAL\crashpad_3816_ZKZFCRNGBRONYPOA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | caaacbd78b8e7ebc636ff19241b2b13d |
| SHA1 | 4435edc68c0594ebb8b0aa84b769d566ad913bc8 |
| SHA256 | 989cc6f5cdc43f7bac8f6bc10624a47d46cbc366c671c495c6900eabc5276f7a |
| SHA512 | c668a938bef9bbe432af676004beb1ae9c06f1ba2f154d1973e691a892cb39c345b12265b5996127efff3258ebba333847df09238f69e95f2f35879b5db7b7fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e83f3247198ce9ad6c9c3411f129b32f |
| SHA1 | aca5cdf1870f11bdefa33032d34a6853b9de4c66 |
| SHA256 | a2f8b9cb384eee89540ddc7f5048c510cd16011f75944d25530b450da740d3a7 |
| SHA512 | 7a9d051c3dc4a5fa4330eb562309254e02fe9902685f867ee39b0290b44bdd3baac8902da2738e3fe74eba541c11f318df706318660252feaa98b19214070762 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e40ef18edf29cecf14d162ccde1511a0 |
| SHA1 | 5cb1e1f2d15a3e84a1ec208261d1223249677a9d |
| SHA256 | 8843dcc3a9825b98a818f709af80e2dfd301f0151baa0561e58dccf4a92ab8c4 |
| SHA512 | 19c2599373377cfce960d56bad50a2c72cd5260c5dde75371e05113004cd7f943205e8b939d202b963482c2aa0840dfa07343d58a12b934add5f11f3d90b948b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2404bc6b0defe414da8f65d1ffc45e29 |
| SHA1 | da1650eccbb4e8a3fa237b61db38e2b3b5859721 |
| SHA256 | f9a8c6701e62a8559d3386135bc629fdfcd32a501726c1d72338feaa3034ed09 |
| SHA512 | b8090d6df12e40dd67af6018b5340cc14a729085b8edc8cb18dbf6979ec87a98b1416681e787f9c8047c364d81b95bad118046f2be1d8902fe26f6e1ca63292c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ae746230b9adeaaa0e574bb890970183 |
| SHA1 | a30877d7e3ad14116c2a7c505143a7b31671f113 |
| SHA256 | 8ee5fbbbf778530ee8e1255bfbb89ebbf064eed9d87ab0a600396cd009d376f1 |
| SHA512 | f238201d6060e810cc7ea2177f1adc4a3880a48502b567f47544d1bf0a3f82740b7d26c657702047a3829da81dadf3fadf0b4db74e95de24015c6f3434f1927d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 186e7fb8f0e512ab67feaf05d6d864a7 |
| SHA1 | 3e147d5dc89ba70368197e7da73da8a640c7693c |
| SHA256 | 40263fdce89f9810579e64c1533e7b1090d37790817ea979277facd9e40c8a08 |
| SHA512 | 429c42317a9631e06eae2017dc5a7fdb84d92f85e6791f8f54cbd73e0f056b6e20fda88b0160b8e0bc95f50bacbaf0c74137f845bdbd27d1153cc76413611336 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fd9fb9a9459ec9f137dd0ff614c7aa26 |
| SHA1 | d3a056db9008f9824ca14ba9a3311efab50c516a |
| SHA256 | 5cdaa7f8c9dc583716270af08144b7ef718cddfc9a60343d558f20cab002c2d1 |
| SHA512 | dc28b71a3115efbd772ca8ef55c96f2db9cad6f2812e80c198744b3ec82b39bab7d6507acfaeedf4b24c5a0f47043b93a03e27708332aa70c12964eb342c9a56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58625f.TMP
| MD5 | d161089d41c8b632abc441b533e07ef6 |
| SHA1 | d5314eb0d3bfc7a6de05fd2ef3610c8a67eb4e8c |
| SHA256 | 44ca04ed0446898bb69a8f3852e41433ec0476ad2be5c17c487b53205d039bf0 |
| SHA512 | 47b5e434ad1c7dc4371d4e33f7b18dcdc51bff5e3ac2584adf34ca1763b717d4944882af928359d218b10a7312dac36326e54850f415e1a9b457b24544e39f57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d2b27a423f51922015e6884eb3252731 |
| SHA1 | 63cb294a47440dc20305ae26aed346266f3d40c2 |
| SHA256 | d38a7f524254a5f59ff20cfca4df7be56f61caccc037bb8f2b5c362e0f9beceb |
| SHA512 | fb915a2ccb2a4b65f43b0fc061fc09c40038b15fdd25ad3b8943628141ff4e76668b17f0fe836caed0cc3c73cbdb15110c097503d359e5c40164b28b69a33778 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3e7225f5216557d74a7d7d7f0141bd3c |
| SHA1 | cd54689f876b0105f81ae26a290910544acc4b3f |
| SHA256 | 6c39e8c4b2b27e87def4dcee0a9cff5a990501ba7e8b2ac1e1ff57b84588ea0e |
| SHA512 | 9db95d76f0cbe383e9e2afbc2cc3b023d76e9dfc54fbb0bd505a2a97d2344c7cfa3ca847d8c6c981d5f5bbdf55bb4cee08a4e3a6f4de7f3de9d8ac33771c1f4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3135cb9e6cf5d295a82fe2e1c3fa98ba |
| SHA1 | c76ecec3c83acf998ce26acc5b08244f3f019fed |
| SHA256 | 352e7b63dda300e72d94c28527ebc1d6d526c89e4d9adf1d2ecc1fdf2b44353c |
| SHA512 | c29feb1d9bfc009f811d63ff4ee5ba34220eaa4d1457024ecdc3aefc141363abd97f1722fc8bc18eafe19be881e372ba3997634eae41c62c6aeab63044df292b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3fb9b26ba1e3285d75b7edf0aeb087d2 |
| SHA1 | 41890dc1b0b5885a6de141bbedbcb8ffa55ca259 |
| SHA256 | a806bb104198a770b4036a3cb25195b1fd8d5fffbd92aea0d51faf37a1bdd99f |
| SHA512 | cabdc2c6fe56f611818d00858bf902ab8d7ae41bea72dbe1635f5f7f52447b21faaae5f9253c286970af18f9fd533d28b640ff9be24a54506dc87944b9028189 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cd113a33811b3452afb2ef653b5e74ee |
| SHA1 | 56754e6050d25c63b9ed762afcb5e30f56880bd8 |
| SHA256 | f2c9d33b433789354e458e3b36e93fef930cf75edd023c0d55fb53d993748868 |
| SHA512 | cc9378d50ca0b89da4f3cf8f649f4c620d607b5a3576650bf97a62a3e09b7bf4d8800c41fd9b40a435874a1873deede1c0e7cc5baa18b52a7a6489ac7c3ef3dd |
C:\Users\Admin\Downloads\windowsdesktop-runtime-7.0.17-win-x64.exe
| MD5 | fd66da4bbc7838f2d548c80adfdf0387 |
| SHA1 | 44026603adf5260c07fd5cde058c61f8a0481e44 |
| SHA256 | 5c442f22f399408ec56c94204ab55c2fa6be2966c545feae6f2589b3100a3406 |
| SHA512 | c8cc217acdc36c951fe6abea638fc1f8967e3f4d1eb37e2a44eeb2056f15af7186b875942f34ea8b2785f0877b60ae275c02297988e069a6b5e89882debb1bbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 58747ad8cd42633707116f7070abce12 |
| SHA1 | c993cd6bc092aae2568b120f8c96deee7b8fec1e |
| SHA256 | 06b8e9ac64a25126382322ed25fd4874b8362d9247544c02a81f5750cefad473 |
| SHA512 | 3b95866762082a677686dc1e03f1584f7c779f4c413370f9558d2ceeba9fb57ce4c27bee1936bb43c15bba308c2d48a0bf2471b3825f950c2c9c32c8a2471d9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 53ead455beadd2f965eff4d30051c23a |
| SHA1 | c2a6a423dc1a017d443d51c8e82174597fa6a1b7 |
| SHA256 | d4fa0e8c45adb306e06ce84612afb68e29737be6a55f1b72747f5f73866d5ee2 |
| SHA512 | 915a6640c4267d5e8e9149bb2dc3a780e6f3ed3fdcd043042b6d7932fc5e3c33a231bdcf3698b94404423df309a7e2cd4cb88c7ee848d006c166636040f9771a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7ce7d8e353702acb9e016809f5745d7b |
| SHA1 | 3e45d929f1f8f0a0c1cb1dd609bf2ad46a8944ca |
| SHA256 | bd26092a2df0fab83bfbdab89d326273998acd032bfecfb00b6738b32d082b6f |
| SHA512 | a76337a57de292935de55bce7420c13b2bb1fab52e356eccb0ab738bc8220df70ace9b5c6489ee36868198414b2e0ebf2caae1d29f87a2ac6ae7953e0260498f |
C:\Windows\Temp\{71AD48C5-0E29-4DA3-921F-0D59F33F2C6A}\.cr\windowsdesktop-runtime-7.0.17-win-x64.exe
| MD5 | 9a4a515072b4b95c4172c7f42c355881 |
| SHA1 | 6d9c7baff5012192665ee05a28b5236f7965ec91 |
| SHA256 | 5fff377298dc84781cd9ccf6ca7b30c1b917774ddc9bd16b6fb5e51525b0a9f0 |
| SHA512 | f34b84d38e11a1dc6a67b48f2350800451797a502c9100d20bf88f332477d8926abd03d570400a2201acf518b4c414ea7079c39465da6b19696254c5d06dbabc |
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.ba\wixstdba.dll
| MD5 | aa531c5359ebfb8204c12e774c7ef280 |
| SHA1 | 1a35e2a5d9d9c51ff59279fa3415ad0346573438 |
| SHA256 | 44b362b78639baccd5c83f0b224a206730b1276fab849c77fd1fb17db2f07014 |
| SHA512 | 49e13931d6575655ddbc1da4e09484dfee9c0308c5d071470b1d903ac37819730c6b7c7fe452f4425aa3c5bb18b1c0b16f189618517f81c378cce75e52b46722 |
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\.ba\bg.png
| MD5 | 9eb0320dfbf2bd541e6a55c01ddc9f20 |
| SHA1 | eb282a66d29594346531b1ff886d455e1dcd6d99 |
| SHA256 | 9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79 |
| SHA512 | 9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c1009275fe9681e21615352186a0a25e |
| SHA1 | d1eb4b34e23ea1daf671d40241f21321e3709079 |
| SHA256 | 467da6bff3db87f3888cba80ed1e46a383e20309ec7ebdd5809ee148098ea79e |
| SHA512 | a180f79775d9ecb076b629a0ea2894dffb7612ecff744ef4d4e3e2301a560538e555f303d8b186e7b74a6da8957cafb8311392841ff3a0b91dd2f206cda2de94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 243ebc2075f60068b2b5079bc6a40038 |
| SHA1 | f8a430a3f5dd6386444d0ffdb1cb9459920f5d49 |
| SHA256 | 53687f457f81d6318fa0c47ab4d0a71ee371c981d8b57b29c78db130d6a97f33 |
| SHA512 | 3c38f837b4ad5b33a3271a2174e94c8e9c06ba7846fa14c46d8f6b0743dce7e08f6a9473e4d4cab7cbe9d75f4dab03c1b8b90578b9a13ab5c8c81f7b18ef3061 |
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\dotnet_runtime_7.0.17_win_x64.msi
| MD5 | e15fbf7a8a963e9488da1bce2aab2008 |
| SHA1 | 3b3be9012b79e291d9afdbcfb329e7a5edb514fd |
| SHA256 | 43a85b212dc8bd07fa24e8234e566c0b5b3e3be74447d2f3c91863d8d7d50e8c |
| SHA512 | a169c9329ef01ac3f6ead9949810c67f4a23aefe6c366805336566f9209cb890ccf78e5b55563e44ad6125d28787c505c1e2fc91e7c9dcfafb20fb9c96261ad0 |
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\dotnet_host_7.0.17_win_x64.msi
| MD5 | aff0d2e8d2d5ad56533dc229e41f7931 |
| SHA1 | 8624889908dae497c25b8c1d5b5cac44a5fa4b37 |
| SHA256 | bc3e9994aeba1ab1ced4503dd88c9ffa5921511518b9b7d92f45c1078ba5c8a2 |
| SHA512 | 56911fbf497a1a3f7bbc876cb3eb684e12dde854761789aec6740adaaa64b92ea6bf3ccf2e5f0b5617a9579f5dba65294b709db86699597cf50d76a9f185fb4a |
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\dotnet_hostfxr_7.0.17_win_x64.msi
| MD5 | 11a825cc2f5527b9dca7467b5650d01f |
| SHA1 | b2d7978a1c1c3d769926b794036d2ae5fc173fac |
| SHA256 | af62031d31f0c5d1ced8ed3437d292bcdae409fe9c1092a6f057dd0618fbeaf8 |
| SHA512 | 6c86827a72e1188cd0fa6eadbd1829d8b8373b1b7182696ed8586d79d3bb94f8c4dadb4239401eccba20f1ec49f8c786e914354f00300a5ab9fdab461edb6591 |
C:\Windows\Temp\{94CAC228-1783-41A6-A147-348CA8FBBEF6}\windowsdesktop_runtime_7.0.17_win_x64.msi
| MD5 | 5783d0b143091b222292bb0dc983f04a |
| SHA1 | 6f35c3202a162d14ec62fca94613553ec120ca8e |
| SHA256 | 49a7758ffd434befeace7137d907afab0ad891e54a320641b5e2c09e7af0f91a |
| SHA512 | 56bf629eead8facdf6c21f5b4c667daeaf8ab569ead4b3482d68748588b8fc71760c1169be04c85da8dc44bf5ae5f92efcd81e8578f24bea048a654c64527765 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.17_(x64)_20240407224852_000_dotnet_runtime_7.0.17_win_x64.msi.log
| MD5 | 317b53e73bb05903667cd61090f9a7b5 |
| SHA1 | 5a64350d01e211f66e3513131fc8e9c919090b68 |
| SHA256 | ba4c56341627e9ad5aa7838d633eff24fa2ebb35ffda26c0c49e6e11160bd376 |
| SHA512 | 0a77766a2fb839748ae72ef0771566f525fe7f75b6c1883c99d1af1c6e57074cd630269417c45762a0c923f7321be29e20c872cb3058c0c7eb6768f1382743f1 |
C:\Windows\Installer\MSIECD7.tmp
| MD5 | c0777f5c9995b8c0b08ed33cee7e1008 |
| SHA1 | 12f08bb8febedb3f16b22bf94bc47c5c3910a477 |
| SHA256 | cf531f10cb410f4825bab4fd4b15df8e02cb9a18505a3a3b05c4c2f4ccaf90d3 |
| SHA512 | a3478bc42730169abcb7635f1f73bc8b1a639fe2094c7e3866d8321b6efdf0740f8867dccdd5fb1b12f73b8e89a51758280ab9c3d184d36a7b86f3f91ac9dc0a |
C:\Config.Msi\e598e9d.rbs
| MD5 | 87d1bd4ed4c587cbd9b9268836659896 |
| SHA1 | dd6fcb679406e5e707b3201a09e9b037eed1ae43 |
| SHA256 | 9494df9d11f135e22d336e80a0c0bae79007ddb3e3769fc999d9f1e283bac9f3 |
| SHA512 | bb1fb489d849ad62da4a6ff635ffbbcfa68b488a5529394cac5b28b25bcd9be671bee8d469b7739583b4b773ee97bcd049f185725fca930f0f6620023dff89f6 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.17_(x64)_20240407224852_001_dotnet_hostfxr_7.0.17_win_x64.msi.log
| MD5 | 619dcee00c98e53b9a2d0460a2616db6 |
| SHA1 | 9ad69f2b0f8f6bdaf16b96f29d034f2a9aef26da |
| SHA256 | d4c29884e2abc91b80b0c0c74cbc0253b1c1165536e06f72e081b06e97092ddd |
| SHA512 | 304df5978e1da7fbe25f0f005958c376f2c1f5d7b420a7f9a1a8c5fae0b27b89f690bc355239be8b7192a828e6b187064ec6800c58c0e4920088f3a482ee1198 |
C:\Config.Msi\e598ea2.rbs
| MD5 | d6e463510a558c483a5686831bfc1eab |
| SHA1 | 3d311be0740ed9299ee402533d6c21ce31f89490 |
| SHA256 | b04d78a4fa26f42cdbae479bfe2b9a00441887432f466f2a90f21fd8d711ecc3 |
| SHA512 | 3c4bbfc8f365fd38d1b72d2b730e967ea3cbf94c0a581b9363d70cf7f17cc773f2f783a77b141ee102f8050cdda5c2bd2005b9566d9f6906ec1563a07c949647 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.17_(x64)_20240407224852_002_dotnet_host_7.0.17_win_x64.msi.log
| MD5 | 65e167f035d2e1fbeb672a70e66c9a25 |
| SHA1 | aa14e5c1630ed909d04fb9995b96ca280baca09c |
| SHA256 | eace00136fe3f14bce1ca40a2f0e4ae89f239e88725b1c44b32a4213d4cd09a6 |
| SHA512 | 885245112964a6b5c5e7b45827f8c1d6bd0aacf4029f1866cd254d6b9d15b64a69ed7aa27ab23413b888e085d03a2f02247dd27cb9fd08308e091d77502a5844 |
C:\Program Files\dotnet\ThirdPartyNotices.txt
| MD5 | 5c13a5ea8c8cc3474240981d0ffa88ff |
| SHA1 | 1d8d3ce27d9dc3d9fb4fa4b06c20137d25879d80 |
| SHA256 | 4f9bb3901879bafae3a17c6c4009ee5c15384a06fc234bed78937969079c77da |
| SHA512 | 32ea79ff5194d8a18e75f277aed5610b4955db15b0abbcc2664cf07f372bebfc57eb665ad078dc3da3ce5ee0d8856140c2a1bc7032b578dd103d43998d682d88 |
C:\Config.Msi\e598ea7.rbs
| MD5 | 8d34bf7102c1857b2d6650b8b816d55e |
| SHA1 | fadabae580ffae22277b3a940393e60ba0190813 |
| SHA256 | 9fbfbc84508f39fbb72d52c38e9018b09c965297b50741ca2d0a730aad64b3a0 |
| SHA512 | 0c2a9ad21a4018a779dd7a5ca050c86bae92e44c07501ae401f60e4e1120bda691aabed832d2b4ad9b5a97897c87ba070f511a06a49cab71181820b9b1085a29 |
C:\Users\Admin\AppData\Local\Temp\Microsoft_Windows_Desktop_Runtime_-_7.0.17_(x64)_20240407224852_003_windowsdesktop_runtime_7.0.17_win_x64.msi.log
| MD5 | 2072493c845a26a0e50c60060c38f463 |
| SHA1 | 8e5267724682a7670c9b853ad57d4ca15f63f321 |
| SHA256 | 5acc7d219a3b73ae28194d50e32dfd116ecac2408d1700cbb826d07cc266b971 |
| SHA512 | c49281de0da44e3ba939c281d76cfed29917cd376d513c5db45217e5bea183bf342613a45103c8f30d877fa1a1057e792ade05ac4ceca406460f7f987f33216e |
C:\Config.Msi\e598ead.rbs
| MD5 | 27721982340ed382865d4a41596b9a5d |
| SHA1 | d80cc284d3c93722d557bab62bbc8eccd47d7936 |
| SHA256 | f949fd606f0d5b0056fee9a6b27e68098abf6de397658ff1464703ce0eb9ea2b |
| SHA512 | 5cee3eb663cf9860eb8be57034b00caa7668a6181d255f54dff5501ff6c61bae4881a725670c3f42686b469bb720abbf445dc45b4bf4ed499791a6dcb8d265cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4551ee5a174bdad3d15e56194587d5ca |
| SHA1 | 51976b1b97e78eceecf80804f2785795c17cbf97 |
| SHA256 | be0a929e33ec9ee987666a95c42865f6d62cc19bf29b211189d5f63587be4922 |
| SHA512 | 9eda39c58f2495b45c72b6c89dfc858aa80d502afd11ad77b07715d533e089ee10beb028064a11f2ba29d8fd289ebb3ed12285b466726b313944b4e82b81016e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | e5e0fa84b4bbd376ece21da324b3a9de |
| SHA1 | fdb861265bd66f9fa9d7d6724d66f7e9ff86c9d7 |
| SHA256 | 08366b693a0b52c869c5eb18054c52b0672387ae17246731d447945e261b7262 |
| SHA512 | c98a3a6a0806c6725a1b89bd288c8b1e51709f7a4a568c6ebc23d46ca401fdaf22dfa112b73e879124a36fb26ce42716b0a8a8279ce793376f272ba934b09cda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | 57b536c098866feb0ec2df84bb377c23 |
| SHA1 | be11272bdac73078e740402423a777a2bb652fbd |
| SHA256 | a8f3d486c6dfaf3c6b210c7ae3405cbc3b9abbd72ba66fb4a66da655d3d207aa |
| SHA512 | 2fe4400cb3a310cb14fc70e299c0404be8980d884a2b24f6fce20ff6cb33984393ec3293eac7471f8003d4f62c2a60eeedb52eae6e98e62da99ac06ddefaf6e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13357003644529099
| MD5 | 7af65081b79b88a95e623ee678c9c1df |
| SHA1 | 30bd4f5ed05ba7a1aa153ecbea3c0b8faa5cc70c |
| SHA256 | 344d68f6a45020d22d1bae4ce2cde508b3d1c1dd1d6972a5bdbbba1f17fbfff5 |
| SHA512 | cc239a453aa6a4b3699ba8abfec85af5d72b2120db4887831306140bde97e9ab41d785180f473a502db84418b3bff3019e3353523ffb603e235a1f3b8b54d5a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | d85ccc532c5dec9701f39983777531a1 |
| SHA1 | 691f32804007563e899a1314fda956fdeeaa7f73 |
| SHA256 | bd875fd0a98fabaec024cd4d027767de7afddb11df57b1e31577240339654c13 |
| SHA512 | 3cadad935930392e6bd88052e80031ae840f1b1ebd1766b1153f6ad27b1905f5f412dcb83c3ab93dc9a19eb5dc06eeb7652de6144a359dcb5473ddd2e96f8b50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | d64c70e0d01002314ae20b9592bd84ad |
| SHA1 | dd76e28f07e29fbc829460ed6ac1c6126ab37ea5 |
| SHA256 | 7491d656bcdca8c43d5d155d4b73d52ed4e1da443d35c4c5a8a0aff47f4fbb47 |
| SHA512 | b0c211e537b579fa0ff9ad6b82dcba252454e06922624b0b633fc7f775eeca1e319aeb9990bbc0a92f0c1dc1b7c2b77b9893ef7b4054cfde92035e398bc049d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | f2577ef3bc8736a710bafd2649b775ac |
| SHA1 | 59cd4d15c89fa4ce07702ccbf83800a044cc1728 |
| SHA256 | 0a3b24c742a2fda2560d164a025e06a0406c4f025b21bdc88a1b6c74b4076a79 |
| SHA512 | 105a2305eea67565fb40f6cc03c8c3034d114b9db6f1994d3326d3a43136f32f23dc9deac99b51a05367b6b7e39890104c08d52aaa8e77927c3dffa02b88089d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 23aa019f2cc17e09dfdeb403965b484b |
| SHA1 | 387301d2c4682f329d5bcb7a0f9b0791b9e58439 |
| SHA256 | c465bdcb208f86421e1d8d045d83df196b41e8ce061b8c78c9ed62d105e4b3fb |
| SHA512 | 68f16e7c31eb25a8023cd9efc191a02ca805200e221acf1d374f4b96b1c7fd5355bf148d2fff6ac9c9d4ac9c7958a82515f0e28bd1fbc96cd95087099ed3ee3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 9fb244bfceed41f86a7eff48891837f3 |
| SHA1 | 0fd3b9549593136866791995746a46a26a645501 |
| SHA256 | bc2f72ac4ffd9c60ca47d65370452a65f4f588cd91104e960af7a0d5bda2a3c7 |
| SHA512 | c04b29955f38eccd9e12745b8f725f0677b3783030d2f63fae35b72edbad4888bab7a57de871d772bbfbe1f9ea0d1de7fad6b0f6bfcd14a479f0abf9382abb95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 93103e72035e94a6b9060a42ed787f62 |
| SHA1 | 9fda931db6d0dd90fb0d79ba2e4d71a3d68153f6 |
| SHA256 | 04417d9a414c1903df248ba71e85c6437498f4550429b4c3f5903ec3f7548da6 |
| SHA512 | fd64cddfc1c6c930077d5bdf7ced0f69076b99e6011b7c028a5bd9f0039b9596584f4e18eb8d7b7dfcbe42616e607b96d26035fc23a2ee9c6b711e2a3609210f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | e1164b06c8b1e3578e25f7c9c7d9e9a0 |
| SHA1 | 3f2763c4c40731974a53c6cc4132fb9cd20207de |
| SHA256 | 32e494e03706da5ddb4a1a87117901fddb0d540fd0df85e4e6de16edb3c93630 |
| SHA512 | 9354e0958ff46aadf30be4c89dd87fbbeafb515a3ce9868057e8184344c477bf6717e5cf2e3345a92b83cc8b03fdfcd3f854e0f5b965c33c1fe208de1100826d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8060d60e9eec4992ebd0aaeee8f18ea2 |
| SHA1 | db166857ca87fc6ac85374871590bb7577abf577 |
| SHA256 | 77726dbec0c51ab00214a3b06ad4d48133ce36a8ff82f9793d2228fb39274d7b |
| SHA512 | 02902e9d099c32d672c932c5a09deb4e2634146ea52bc2eb4e879218ca79838591179bf88335874bbd2db077135904fd4dfc4b469038697db78f67e974b7a333 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 17fe03ac20bab3c3603a84d9064e95ce |
| SHA1 | 6954bb68c82007c0dd77f43733db37ad50eb30d8 |
| SHA256 | fdf16ccd156a45fad3b0ccea17097d9e7042094cea3323c4c1dcb2bcb0c65196 |
| SHA512 | f080deff6b3f4df696271f88b9901daa84509eec137affd9d5e70614cd10a61cb9e57158660924214f1f915353900b65d894371da704934b9ca293174a7e6bc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d9e66bba2ca3997bc27161fae75e6e3a |
| SHA1 | 72191413636e2b897ec33af6efe533d5d3053c47 |
| SHA256 | 056b23edeb305b58af68bb183078ec64917c9439661134a0c806fef6f6603f67 |
| SHA512 | 967041298bf2690617561a699194bee57de2a07e1533103ec498e418c639cbb8e28fcf917d395126de323830eff5240a84d72818e9edbae8331011659bc41556 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 05fc7530eb91a1df43ee54ee35d4beb6 |
| SHA1 | c6a5b1a056c62ae4228116dd034eda6d0cbe1e42 |
| SHA256 | 7c4dae9006629b2d436060005cd3205a4ab84b5b3c524342c6f30d49ccdeae7c |
| SHA512 | fa0a5e797e121430fdb219d3e669691b70d14bfb3c833b4f51465117204df56c80b1cf64e2048727c6bc5cb179ba9b4661ea3ad37c9869fd7e97f996a3b39700 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d0fc934a39cce04fe3d5144358d992bc |
| SHA1 | f4e2d7421a8e4c431514f33b216823767c17d3c1 |
| SHA256 | c5b337f9383305e2917ff7b3de60d341d6a90b115c03899e5c9027575dbd2dda |
| SHA512 | 3347ef56fac39849687f5bcde930398e6a60a4242965a98d8fcb841cc1023319037ac57beba4ea5fda19da9e467d16fc9fcbb774d12f8aef495214e0024db9ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49d00e503bd498299b737afcce3ee4d6 |
| SHA1 | f119a3b5f420fd2ba3d5f2f76225bdc2f92d17e6 |
| SHA256 | 67b83d70ab071095e327b6899ab2a4b42f5378972e4adeeda90d9c8ab86f9696 |
| SHA512 | 763475b83aab504d7671506d8f6c3d252e29aa8efd09b439cefb56aafe74581182df7bbd26305fa3e95197a2d1423bcfdb6d237dbb0f3e1fc5cf5acccb6a3056 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 259b529cfd09bd942b1b334b42c8d860 |
| SHA1 | 4d1fd758cb87b56b949d31dff1a86a2717fe7a0d |
| SHA256 | 35c3da227634501879df81fe58efe2d67158241c040cc06f92eb7559b2a329b2 |
| SHA512 | f863a8b0d76dace6df5e9c8b9bde772d0f226bb5a9d6790c8edb3d1832aaae4d6480fc8a8cc8c6f740582dde7c82c747cc8950d42f5d1fa9b6ad0905381a881e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e1b8135a777627ec074e27275319cac8 |
| SHA1 | c5bbbe32684912ceaabfba2884174375d502b0da |
| SHA256 | e8a010460f4f51c99f68e0c7057d3d7e8803e0b81d2d38ed3a70799e123234ef |
| SHA512 | 27f870a02b2522525c5895f947a9b6b1af7146ca5408b07bb2266211de1db9bd3ce182f423e3a1b860d37d155331d208312f8de58b55890ca8e951ad116852fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b0cecab572510cf1054b85526e1de5ed |
| SHA1 | e322d84005af40dbca8e70fb9e47b9475cb9dbed |
| SHA256 | 79795a9fcef69b2671c6cfcb8754bbc5307a3b35c84a5044511e9270aee48c6b |
| SHA512 | cc9d34b520109e67aae6c0f04db6d7b8134109bde399c9b4e23e6f5759370f14dfd00eece0fe93b4ee8a29e40d78899145943be8054e8e6fe9b59a65ba5c0d82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4e1c65afc738c591808b38bbec52972d |
| SHA1 | aca82fb800b4b849a7faf5648b85ceb74a3bf03f |
| SHA256 | 2b53dd41ec568b652eb0e3edd4b3dee54188984234a45a4cb74ea775cfda1f9a |
| SHA512 | 7be396aa9a6ec908e5cd22f08fee2263a92246b426978cd9460915e49ba1d5fae590e7e81fed23f27486f2d72cac5e5c79e3b069f07b378d6c2bae5a5b4ffc43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
| MD5 | cc02342db2208ecabc30e77c8de3f180 |
| SHA1 | f634de34f17fc112fd186b2517fdb9567e375e54 |
| SHA256 | 1aba1c4c148f6192cc8b6da02127cc75222592c3ed9b4a0a5764a508b255efa8 |
| SHA512 | 42a0ed3adaac09f4e5cd7979211729c37dd18807406c55cbb0c5493d7d6e4fe06119cf3e15880fef597ceb3d1bfc3c37b07ec2324de216ba8a48116d602d4d62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057
| MD5 | 7c991c5c2a30ea0384d8180dc4f4d51e |
| SHA1 | 6380f7a5f02bebe6b208ef0fee3e3bab0404f3fa |
| SHA256 | d55e83b3dbe544a767335e1127f3c7d631bafe72dd953fb68dbcfe4f153925ef |
| SHA512 | 78bd55a6e99ff77e8eaeb259ccf5a9fdf83caf7f69f843ea35e7ac95f2da1c6e4fab371c32ff78553f008549db00a5a509194f22de846b8a11cd78ae124bcdde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4c0f385c82a3e63567060cf7e8da263 |
| SHA1 | 71447bb6782a02ee5ce60a8517c3934ae1484ca6 |
| SHA256 | c16a754a66bd5f89755b8ea8321f4f7bdde1453d012fd48c6afce12645e69b78 |
| SHA512 | 7e5d750297c843015240aff72d7a6936c49b172c01c0431d000c95c0b03dbba7e293ebaf223e93d5aad741576d582f30deac8464fd900da506024dbb77ec5fcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058
| MD5 | 0b3cd1b50ed2ca10ef0128239b814952 |
| SHA1 | 4b2482007986aac6ebf125f76faa426ec065063b |
| SHA256 | a4c0de61a15313e44430a1ea3ea22b942c4f6d16a45d8476b5b0e996f7898b72 |
| SHA512 | 33d68be322fbcf5e7db5215d151144f1f2538495241f21df12b7ea3685c32e7368c5ac19044525ef9ac761fa67ca49d656992c55b16c952168c525310ef4dad6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | a127a49f49671771565e01d883a5e4fa |
| SHA1 | 09ec098e238b34c09406628c6bee1b81472fc003 |
| SHA256 | 3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6 |
| SHA512 | 61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | bd72bbee586e1ccd001d0b09fb4a0479 |
| SHA1 | d6a9f9e658642090a2982ce8b7c59571ec126d9b |
| SHA256 | d396d7e26505c676cd1bc38ab1c1875417d68120235f79199c40f4f8fcea58cc |
| SHA512 | 5b8c5b52edfd060c015b3ead4db3307b56b7de5d90b30022026bd648f694da3a6c033e569ae2fb88e456d3860aa19c63bac5acd4c7cb1ff57b35b57acf534813 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059
| MD5 | 72bb4c85a84842c567c3aac7557a8758 |
| SHA1 | 243f094e33c49baba8b14e1480159a36c301ac12 |
| SHA256 | 3e1c90b4292cb96443de23eb1afe1396d814f219d7ba1212efdb7cd5f431d843 |
| SHA512 | 35dc11e9aa986ca65f1f0f54a17ab68667c31f3b91fa43116f8985bf08426c5afe200433de9917579327f66336743cbc4ea3d1da1b3c2228f2debb30c6053026 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a
| MD5 | 3619c36cda34fb4d17a84d297253721e |
| SHA1 | 66ecb1e7538a6468432f84637d56477c394fb73d |
| SHA256 | 5710fb08e7d45d5b173c17c8c011f5ac8ef7a6a34c6b6c99e56083c0247431ff |
| SHA512 | 8e7d158de2c4b435d1eafbf9418b77d955f054ecb7b49580a3cb177d8442a9a4f9681eeb2afc1263973d3ef6c2974895dbf7eff2a390ecd16338a305e1409e6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b
| MD5 | 623915455103bc2b9dc84822f900b480 |
| SHA1 | dad4e7dec435171dfd501c8def7f493727f9af4d |
| SHA256 | 2d50d700c25880fc838b80106a94f04f391f5180cb59655cde7834f1fd55cee1 |
| SHA512 | 1588816cf6f16a6158a8d459f8699a1f2e39d05d424d77ab6151208bdfbfb44455301d7a5877b60e92f4c63808fb20306ba09ea23e2226d74478177db0871f31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | e121064892c625fc705091652713eef7 |
| SHA1 | 244258d146eb167e4eee2b443f80248eac1d7f72 |
| SHA256 | 3d89538ba00ff93f6099d3d896698403eff6d920061eb377b7c88e4e49b9bbe2 |
| SHA512 | 9092236c62017d6f715d936ab66ad40ecf44f9ab95e50c9e65b9766b5c0a9a3ff022b71c701a3fa3d2375c4e6520b1cdc905b81541ddfe0a1f1543d483e0bdbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | 05e9593ab4b8b7d7cdd4a4b9a70de0b9 |
| SHA1 | d7604f8d6a3e4af51edd65a941cf19852fe8e916 |
| SHA256 | a103975f91a91e69852138dcb4ac101e3120506b1ff02c9507b7bab0e232703c |
| SHA512 | 33f3a2a2c04665dcfaab727f0d3eb92d72c37422281ce44ff2c2bb610966f794472f3dc4d45399a150a4a017eb831d4ab51f280818f77648886fe735df1dddec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f
| MD5 | 3d9aa41eec5c5c829aaac25b1530a3b7 |
| SHA1 | 83850e040253d6bb1438041fd6c6e2b3cc2e70aa |
| SHA256 | 517a1747f778ba041725d8e4ccbdfe1bc7560fee2942ec2ff594c9f566abeb91 |
| SHA512 | 0deb5b44f165ee83bd9dcb2a18a7552b987da2cdd151b026ce9a7d02a31d2efbe386e4709fdf104b563288f756fa12249248e9224b3037b71508f0a12cae50d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e
| MD5 | 3706fdeb518318733f614c5affe8ff97 |
| SHA1 | 51f6fb7915e0152dfe45a6c3160c6d94d6c3c570 |
| SHA256 | b1c78a5493d2ebec39bf9ff2cac65726d6f0ff38cb34c5381e7c30e2040de95c |
| SHA512 | afee34e08ecf8b17e3a9cb928445adb5e86ee57f72007938d825b4d944525b53d467060bb130552c39f1ea44c5539fa31e624be3e1c4377d635f9522f70fda46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060
| MD5 | a03b564974eed51f7201d10a02c12389 |
| SHA1 | 4984f62d1ea00056dd9bdccd31d9a52c8309a542 |
| SHA256 | 80e071fb79557e188a58c8ea1528596c1c8ec36ba6760cd7d65a1c7b5c3284aa |
| SHA512 | 88e2bb757566de259d960fd362c6ba07846bb6e692d3fd0dd92e7ddb9209c77466c2ff8e2ddad3d2c12654708746b05a98a5d77296e1f723845b8e3fb95bc78c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061
| MD5 | f739088e751e2a5b47b02790cb04537a |
| SHA1 | 8580e253008e39d1dd71dadc881e489352e783da |
| SHA256 | f4a044fe7c3b29cb6f0ecd8d0cb98cab209795b19432862ae526df1c32454909 |
| SHA512 | 1cf541695afb8341c99cfb37af562549de9fa37086d52e84b7e3f192a9e45105aa85b8afd35f455d1c3ad5d6c2400e4daa8d1d5c4d8c256aed28feaa098d7d80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062
| MD5 | 4c88a98d83e1e016602321d7c9f10271 |
| SHA1 | d806556a1c3d173c5fd9d8d4b3f481f54e5b1475 |
| SHA256 | cc517d1bd8762e6286c31df1a7be023633190348c4af91214bd31f9a7728c682 |
| SHA512 | fc7f6a972940887bc3f91b6a67c1c701dcb25ce43b57fbb49fff1891fc270d57b35c74199ac73d7cbb3ed212713063bae88d6dbda89395c685ba701177655f26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063
| MD5 | c94d1568fec78ace0a8ee374431715f3 |
| SHA1 | e28472a22100f1bcd3cd98bb2a974778318d5b8c |
| SHA256 | ecc5749d6517c2c86b86ffffb020024a02eadf98bed36f4889ffb0ec935b70e4 |
| SHA512 | af9573a25f9ba41ceced539a82b32df69f4193b91f21c5ab3d6740e8522e7e045b5c4f50b6a5c6a16846fe1d30e2391185e5a55723f24a24bff4909169b077a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000065
| MD5 | 0df640709faef1238b9dac0c1fd9841d |
| SHA1 | 11d24c376877d902619f481c31c61d4ebdf3dedf |
| SHA256 | 038a887a85a94ff165a4f9559ebf5b718ec4ba9e08f37297ac5da016840b8bc3 |
| SHA512 | 36706b422f803878b301a884d0ba1b06d80b1f5084b0fa8e56ddaacf840c2180d53c42cdbbc8417d051933d16690ae94c28b45dd6315116dc460c427e1f42154 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064
| MD5 | 0bb95b771e0fe281ec3ea918991ddb13 |
| SHA1 | 8e8a7a76ba7bebc128dbeeaa65073e97aa0e920d |
| SHA256 | e1fd5a3263aec39fd895722d3cb258bac856e7ee5c53fdb771ffd2fff817f0ce |
| SHA512 | 764d6b5aba4a174a095b189ed7c6ebe972a9c7d660a5c4e42de2f61f1ddc539ebdd8fe79c15db76a029be23e3e4e235a6b1b2446a1fd62b27ee1f69d32e4c2bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066
| MD5 | beb9fadcb684e278d7f428366dc1402e |
| SHA1 | 7b8da05656017206e981b0c757c94c6b87893fc0 |
| SHA256 | a82e913d21faff67a840bda5aaa3d0f0776d7d8f47be6107fbd9658af8b2cd85 |
| SHA512 | 2d80a909a0cc7dbb0789d6a44896457bbaf416a0c72d0f216ac8debb7d66967cff69646aa4883894bb5b9d4a1758aed91f5c4a7df4fe38d3f002d54d823a8d01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067
| MD5 | 0b20dd9359027aea77db1f4dd3b52bdc |
| SHA1 | 98a3719190a64b01fafd2c27f9841691c463a357 |
| SHA256 | bba959e81d3ca68fd7613433c70c4f3669e1f4afad22e342fe91ffa059f7af5c |
| SHA512 | 3672f8910d5f873956323bc7c55c6e9f10b46c0913dfb47c819d5971d6c3f185e44d5457809a9d38e50dfa73109bf4db7d1f93960626b01adb6b30e749de80cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068
| MD5 | 12ae98f20e746e5822800707e63b0530 |
| SHA1 | 24839270926decc4fdc78394885a10a28f9ffd63 |
| SHA256 | 3fee9c464f63afc654beb0e600f11386c24fa928a4482b62411ee41c70596027 |
| SHA512 | a7fb2aa00c3feab19e89a62e91694bd105a2cb082b36d45d04e1cc0e10f8e8193c2f1ca93fc122a75981f64e2cafc9fea6f49a215a7d6f237c749ed033a80c3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bb98a798a47c618e0ad436676697c161 |
| SHA1 | 02d7fa35e3f295b23f277e435005aad8b6f38c74 |
| SHA256 | 863e78b6475693a197125cbf853c0c495018e83d8a16dd52a8ca850bbac7318d |
| SHA512 | c0f886f289cdd64f93d73b44289c7e9002dcf82c8970fdb63cfb18eda2732e55272b6b782b7fb7acffdc8201fc512db71f97c5d4b3db8ce086454b3cd57da10b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 998a4b8e1492e47d333e6391c55a5045 |
| SHA1 | e483eba0d36dca278143eda308db8e4f91c2d497 |
| SHA256 | 67023ad597d1526041d37097c73623f18efd88869f8711b614f3a9e6ac6f2280 |
| SHA512 | cbe7c8b500b3c15b95d10a67975259e6cb21d03ba59f4f21bcb218a4bdfef3851530bb93667fb4a70fcdf0db8e0ba9ca508b3e67c488db49d54bdce29d04c91e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | ae78984688bad532c4b71ec4da822f3d |
| SHA1 | 64ee212978d5a0fd7578f380a50fb6f6ec0a0ca9 |
| SHA256 | 17f2e5d353360de2bdb79616bd05d6cf9a96f09e949ec3c0de4abef71fbefc92 |
| SHA512 | 6f1303cd2d05f551859cbd486c81377a47ca3d2da9ace7a85e76974599f8666507bee8a08764f493e416185d5e2c8477c0ec24969a4bb25146c7005422c35aaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
| MD5 | e3726be5903bdc3e755a9e49b13b4d75 |
| SHA1 | 5bb50dda728ee519d473bc9691878ff2dd113082 |
| SHA256 | c710a0335a5fa28c7c208872aca114129517ff48ecaf6476e28ed4f52e3a32f2 |
| SHA512 | e51c2a02621075920a8a4b9584457d3f3ebacb70ed3709c105c53933781f2fc1fe682fa114b3b5a242cec1429655e392222b962f5923c58ee864089ec63234f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
| MD5 | 36fc86497b5b47cc031ce21ac137d566 |
| SHA1 | 77ba420b1cdf51ebcfed9dd031d1d0a9c9f116db |
| SHA256 | 62df18f671119333688a9fea0693b56773f0366009682c72d2393dc329b2802e |
| SHA512 | 968013bf0eb2e758095cafc6abc4e4f1f061c0fdead456bb1521777bc0c28bf1cd161b8786ae688d7bf8f302a70a36bbe43e2d15ddd07f1716f0cdd096c6aa91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
| MD5 | 312d78d27a06cee1223563ba4b0887ca |
| SHA1 | e9bc03c9b4c6648860a4b69ba982516375390be9 |
| SHA256 | e670013f79524f44843c77d418d7321a04c38367b7f6dd3b7aec7f2c2a7572af |
| SHA512 | 333ee385de4981614c3f75407fee69b7eb6bdd007731af99b43d0b948fbbc261f473066b1a91829bc499630bfc471d52cd0ee58e83aeff45f446fae5a5b9cf7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 7ec01e09491fae7a17fa096bf431d04f |
| SHA1 | 084bf57c16848f1d8167b09fd3f4418b0de7cfa2 |
| SHA256 | 07bb6768dc38191f0659f22478d80ed9d24d2a6b84a7f3e78e0d32bfec78c751 |
| SHA512 | 72ba70222d848f7dc45d8fb0abc7780765ca31d77849658a2cfc78b188d4642922a5cb1c437c1d5984e013d70944bc9bbfee26e599212ef89b7e0ee6eaf2f1ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | 2991ed7d6e0f6cef781b41be1026153b |
| SHA1 | 35768823f8d42f8ac7421a2db8ab17c78fa6ed1d |
| SHA256 | 8890fe5a8f972c0b844db1a8837ae33cb8cfba13244b75566ecb90d54fb454fe |
| SHA512 | 18c7da9cf991178514812404d9b92c93a52c3390f24e4d7a5d4b2a9d68e81fbd2e98fb13b5abba0f063c410a7a961d454e5a8e1d389890cd14e03be06bff036f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
| MD5 | 4c186bdefadf200b9ac1bbb9856d8844 |
| SHA1 | 3bd79494c4660cfd3b1ba5db7a77f2581e62e2d8 |
| SHA256 | 324e1dad5e00ba645faacbe270d4a0c20b8e107f26b77db4b92025128e5faa4b |
| SHA512 | 0012aae12d5b6129d3db5f11ac6ab28c1349918f72cc26e1c2547e67fbccfd90101ba9c7fde6a7dc7b378cf9e25b1266a5658bc5baf77e09ebbc683bf5d7a1fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | 4f4528c9c008b046a973d6e48c0c38b7 |
| SHA1 | 91571bff69b1af1df2e93bfa7e60b0a08c1e9081 |
| SHA256 | 3cc9d69593fcaf1a367e19718a736edbf2c4be0fd566f43b365430512e6c2581 |
| SHA512 | eeecedf96821cd6d50fbeee72ab4340339336c476c508d26e78744c44d8cb0a1736bb2181c9b0a75514caa67bceb51f22b0c012c2b3fc71ba41e8fb86b33e652 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | 25ba347cfe7d7a5183eddca5946e7b08 |
| SHA1 | ad298d87ce0311c14d69cc3bd7210c64d7026679 |
| SHA256 | 9f32fcc7c39d123785ca1ecef16b8a166b202560cd5ceb8caf15b0b8857cbad4 |
| SHA512 | 3c956860d8abbcb717ebf0f91815c95e599a0a86261f4847ea60e25a2fb52f92c2e2e234fb199a219bc9caacbbd745f9f82e6c0b56b3237757f18607d5bf05cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | 96307038302a630b3af229c387d19f2f |
| SHA1 | 809e0c51574d579c0885ad721864759799a5f6f0 |
| SHA256 | 655d6807c60ea8cbb2424d67bcf2c5835f77d12a88350efd8da7611965980cc9 |
| SHA512 | 66883242228172ecb0d5a801281e677bd4dbbf5589be4c8d44a5e586aae37ef8c016e7aaff8d20cc6209558376595345c411c50a6551a10fd64c7f18952ac7d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c
| MD5 | 2432fc7522b1c64221ba3c4ab653360e |
| SHA1 | 2ad9bc92ea6682a91d665200973dddae80e3b31e |
| SHA256 | 4a52e0ff68542803a503b8c8b1c4440fe477368289ff0a4617fae736cf1ff965 |
| SHA512 | 0161452007579c3d62937f9f3cf07571bc3dc5f07872ef5d93abd386ba26d8ea0ca3eec229d39fcca51d85e907d834ae82b04b64fb32dbcb1cbab7d7f0c26d01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b3914e2d91b8a2fef8fbb0a98be9ba33 |
| SHA1 | f65984e0432f357cb4492e8ae94470d760769010 |
| SHA256 | 1e87ed9373caf557e551325a43b8b8a5100f6ff316f20b1b59335265c627360e |
| SHA512 | bf4bf04cfd7b36d40d358bc97cfe95afd1f4281717ed83dca154638af9494ae913990c857875d871b5c8d0f5453a9e961489bff942d269bdf507ee178cde5a69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d5e2291db305598a5f7e401f00302098 |
| SHA1 | 1073a1e6c012ab7adc38cef5ff956b1c886f666c |
| SHA256 | 181777140a4717024e8d6a2fbfe97b2b1ff3f67ae6ea0557bb091998607b5a65 |
| SHA512 | fe1e7a3418a90398efd67509e6eb17947ea3b1685ffa9cd7123f92f65e3e30db8e2d8d4ba0c6e1e6dbfb209c5829adb949704091aef512c99bb2ef09e5ade8dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cc5678c48b875588d25e0de69ae59e4b |
| SHA1 | 11fcfe6a39a90ec599af49c4d4ed5b27cdbbfd30 |
| SHA256 | f41973d3a7bd5736cab9641691487bd887c529d13b6e829a9865b6e1c4865cd2 |
| SHA512 | 70e8ff656c95585998b78a395f0c2561514652adf44f147ead7b3d603c98d386e12c94a81ea6b7bc88619d2580a4ae7f65e70cc8e37d8d8dc1f3d0066e12bf81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f062cd6af0b3338de5e5179d36dd5038 |
| SHA1 | 2b5fd22da9a3a0f5d68789a3e20808d08b2915a7 |
| SHA256 | 1f9010f93522214def00e7d705680b4cba13e9be0f8e5a0e7d0c97d72c65d05a |
| SHA512 | 62976e7ef83f700e910aa6a69dbe797f2769829984fc0aae868a2198a29ea1f46e4e8636fc0b0917c9ce3b669dd3152741d053bab1d8c2d342ab6d59d1b7b66b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005c
| MD5 | 830d964feade2624fc5c5fe85b70d0bc |
| SHA1 | 85b9ffb8f5618217974207f6a601c22c8c8333e0 |
| SHA256 | 8d4be961405adfaf1e80d565ce42baba337a2deb06de55bd83a8778548a2aa19 |
| SHA512 | 6a998cfc05202bfc1f8130427d6d92157cef9e901b92531a026f9e38d20fd60e11bc84de82bd69012227ff04b1f6949a031b2bab35159fee09f0aa22f58c6ab2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c625aeda97fb47c3f5412ee63cedab49 |
| SHA1 | ded6448c00ea0a2c9af5854cadfcc720c33f36ca |
| SHA256 | 78f6e2a1b414c112681259aef72a0990a271e3b139fe9d91f9cb446f89273f9f |
| SHA512 | 0ad621edd18a4b566f8a6feacd36394b3cd217e37a3ba4f9a176534da0bc2df15c0456c0dcaeecdadaf35f9bbd8e559035fd7516e9ab853759769b3c3416b2f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | de9dfee671182c5cd5873dc3e255c8b4 |
| SHA1 | 98be5c0aff92eea446c328f1ca214d452328e589 |
| SHA256 | 54cc0e6c8a6be4fda06d1e9602bffe6f5bc40535201671aebd243f2e5347fe78 |
| SHA512 | 6d0838518ed7e061139551f516fa77d582b50545f45cb787f91c089fa40fda9977481747b62f534bd3283e4af036b806b1c31e97ce34c6b7fcf6158c0e209850 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 255f7e4a0f5b5c5cd02ebb4a3b653fcf |
| SHA1 | be7be3845047b1feba2f9ebb095d5e9d91e8a9c7 |
| SHA256 | 6035aeb745589bf87e52f0b0e2172992b6161905b36c0400c643ca47038211a5 |
| SHA512 | a966fe67adee142b163881e8dde4e5417c29633a5318e5bed8e5a4aeabcc90e34294d823edc7b2b265887754161341932f39dd1e66a58ce36fa91cc03cd044ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f0f481c172d2bf8739e02099170a13ed |
| SHA1 | 2d2acc6e2e587255c4920684dacbea99d4073320 |
| SHA256 | c10837fabc7d3e417651238151e3bc1532b2207f84633a039f0680a2926e56ec |
| SHA512 | 857671063114f3becad5ca935d98829f534a15019184ea7df9b2ca9e612e8c21c527947355fa73a0d9db7b98e7d12ba57675db1b76a30694183f5b4455c43e0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 017bdac56e95b80b361ad510a4d99fa4 |
| SHA1 | f682836696b537c6c80058a472c63cdb407efdc1 |
| SHA256 | 05cf9224bbb26a5b804d9260ba05f0e8728e74f9a51bda2a8d5d44f5a3cf6089 |
| SHA512 | d2ea00b26f532f450fac0b47b165d5ccc3a1c4108bd0a27ff13d0563194551b2108502916c0a7f627576b02f872201f6801f76b5b95429831c3696aa541d7270 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | f27220629407caa5f328677153995632 |
| SHA1 | ecc2bd913a7c4464b1707f6047960f5d1cf0495a |
| SHA256 | 60881e38645cfa992fc2038d286a44aea79319713d485d846c1fde91a7c16c55 |
| SHA512 | b5471547c852bea269fb857a8e3f39ed2f069ac857d4746857c3ff34986b2c7309a64b543aca9e5efbe2d90c61d98ecbe17722b4f2dec54ba92e6b6b27764a73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7ea8d005-4325-4bb6-9733-92edae247854.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d5d0c4d8aedeb7a34f85150a74960adc |
| SHA1 | 3fa8659d0a33e8663691ad247d1aa5e6e928da47 |
| SHA256 | 5e23ef6cfa2bd5f54935c791bd433ca32951521bd6100ee07e4626e4a3b0cbb3 |
| SHA512 | db34798980b586933a68f25911c55c5501b1cb5136426c7dec1a4997581577d2e09803a78b0fa578df96c6b108e01c41eec47c9e3b5ac167517beb73db2210a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 40b088fc442d8734bc36bb4f10d9613e |
| SHA1 | 8921940f7c64c939c3a92ef494beb8c900c71378 |
| SHA256 | 89845eae08d07b14540f4fe2584fb6a3d8ed22997db22ac35f6ec0c031ddbae5 |
| SHA512 | b74c643e7c4b9862e14aab302ed3be5be795a1ce392f4c5cdac76b1cbfadcfe402a2d326b60234bbd735272e38619e104bd1dcdce3bd836b42e580e50a59ef58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c97885226c378ac4e671d922568e38be |
| SHA1 | d159c4fc9951570b1e8b98c56086f670202e6d62 |
| SHA256 | 88ded443cd2dda3807f926ba6b83d2fa9fa3dfc530375787d3055d281f47acc5 |
| SHA512 | 04f064e86cb8eeeb33cb83d3a8440d2f4cbabef1eff83b4d057a7ddbf11a3b7f5e03f1f2e121baec6414bcbe85e8a813cce3597719d9ac0add4c5a1d7b28a423 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 09b7431c1f2438db4ce3bed4a732d203 |
| SHA1 | 7c4f8e254459443d006262a754574a6f0f65817d |
| SHA256 | 4f9cd4475d49541dbd7b2c59d3ad0542d5fe7be4918e88d641afab145fef5313 |
| SHA512 | 224775db6667384bf0443834eee2c817fc4b508fd827f293d73b6a978e17919b638e5012d6a97622a3beb854b7427bf10acb804be0a1af6672ee571afe4aed0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a21621e85cdeea21332836475b741949 |
| SHA1 | 70b05dac52e17b0b114c92c0ea6fa6895197fdd1 |
| SHA256 | 2431335b35c9555268a432bec5c7a127d99c35362d227c47769e5646b06512c8 |
| SHA512 | 710aee8bb30956de4b706e7ceda91228d9370251bdd900184605286c9d9e82af3b71221574e98d7598309322d4caa218466b184165c9fb862d03ba5a1c22e263 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fad90a902cd70db8f22cdc940f2d35d |
| SHA1 | a1ac83b4187cad77ace94811ffb2429bff8cb67d |
| SHA256 | ed660b81cb5c390a1ff8e43f00507511642d7a267b51c10aea03ee0cea6878dc |
| SHA512 | 4447ff4f759d9e57d1ea662d9efe37191dbc9903f4adf2542a22d08d98824014b1b6938cdda8152c4f4f926355f26eff7a0897e2a0d82d89b0c567ea7ad21069 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ac0ac24f538b44c1f7cae89efa1e1949 |
| SHA1 | 8e429d20319c1aa7f7a5a15ba0084e1e3b14fafa |
| SHA256 | 5fdb4ddeaf31952bf3b5ff670f9f09e3b1f37ae286da6e968d48e790cb1195b5 |
| SHA512 | c392843293e03163da1726ba92a898884c192524f8a3cb4cf23a876e9fad52183cbffdaf43443f2fbe83a99fc37fcf93f09517e098ed78cdbde0e993db917065 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d11172394485a07961bfe6e07b45f566 |
| SHA1 | e088823158c5656dd146a92a3641e4a89a09475c |
| SHA256 | a45863ecde10282b8fa9c5bc182877719722c63d3709f298876e974d798ee599 |
| SHA512 | 5008b7333dd1b0467250114899a1a5b0d15e8154ba579683a2fe888d86e37719e4509d0cec6643a4a6e31ef9c66870fa2eddfe2789cedf8c88a6d456a8aa58be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | af78d0aeb39e18dc8e72683a852d8c1e |
| SHA1 | 59af833e6ae0e725a1b304a1bf4cbba6742cadb3 |
| SHA256 | 343cce244b6f01d0131bdb72c151d7861aa55c7a2412d93b7c5e99e142cd9fb0 |
| SHA512 | 721d9b8599cb017b061ae0a20f6961674225ba2ddeebc98cfc376976d87efa1a34f048e0e269eeccc673037876f3692aad7d80b611035c9f2620bbb8c8bca59f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9d48af6b7e03930ecc0ded576cfcfd71 |
| SHA1 | 6ee302dd41673fdfe29e7bc9619e23d5deaadc59 |
| SHA256 | c467e048659dd888332047b50676406534c62b9aeb56b65784bc786a2209696a |
| SHA512 | e553449d02f4b8b0c688fc47cb3f7c71cfce346c3b26f4f8f90d0658b5d24119a81b81b0130953c596f6499a48f2e70d8718fbe90b60b9168bb7954cbb78ef97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b2bd93165e704a0c7b492418096aeeb4 |
| SHA1 | d78d7adf1dcd6de46a45611f17cc6c1a4445b969 |
| SHA256 | 8d662ea9e313f1328d493f86c15d27f91fadd4fa7502aac5a07937a4d2dd470a |
| SHA512 | 94a2999158bd7c77beecae1e705147626f848bf4738b5b2a70748599fb6ce8602359fad5eaac81f9e092fa4447d0438579b984b616c6aba4382755d27cd7cf59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 0500ac7584b02c86bfbe56be48126395 |
| SHA1 | 7a7036efac961bacf6f814c3ede4a07ac3840433 |
| SHA256 | 16e052bd07dba930d59d33f6f8934d95eb1c443e6800461c7fa83f6c2ce23b60 |
| SHA512 | 4cb36fe609d597cab04b8eb7c9e457104f32cc3e2733309c521f7fed4d9f7642fe9cd00354780d82dea0f26be895a76a1319192a0578a9870ba7d96a4e3c596e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 80e1db2c16aecc025d2affb07757faa0 |
| SHA1 | 8bef0802d4c2cc20f003055e32d9be3b6ffdb595 |
| SHA256 | 18d471a56576b55fe0c583ffd349d46efa0f13efd8d3acc286c2d7145497abff |
| SHA512 | 1a3f997289a8891292478662b6045923e58da692cc0ca16330fb0858af6f63dcd1df5685fada7d39b9fe5e54d74572533b2cc19c1c47523bdc9a2a5266c9bf37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a3057442b5495d87e87a6e4a0bcf1066 |
| SHA1 | 58b722f19dd05a8f23375e0595dca0c2a9e9b199 |
| SHA256 | 588a6cedc286fdba8ec3655cea0bd88acc92edda3475d29bbd68b8b92111b29c |
| SHA512 | 36459e1989e6cefe4c8ed7e0d10be2c5956e1f2a62c6ac30feeb9e0e24964b5b33ff21195a857fdc900a57f138907ab4d3d2d8820284db2f1ccad3a527cb030b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d0a55d42f748d596a72790421ce7301e |
| SHA1 | 5cd6f5edbc692869b039237aa8e3c1ad8e544e7a |
| SHA256 | e36cca682764387d7f92942317c9d71326601c915efab2d41f6028ff364572f5 |
| SHA512 | 4f146e7da527be59a9bb3749b2ce88d02617b935a9ada60b8b0de06c8ab62907e8a11f182a4faf8dd624ddb7bb2f8841ec9ff02c5ba1d05d8c9b0756a720bb78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\339fae31-80a9-4278-94bf-b894576ca52f\index-dir\the-real-index~RFe5ee146.TMP
| MD5 | d6cb72ece54828da4e5cf5eff2e3f85a |
| SHA1 | ee91ffa69afb7a9b439926dda163bbb66043814b |
| SHA256 | 38dadf2960c7b66f76acdf019124abf83edfe9fc39e92e5a0e6a6eb8fcd7de49 |
| SHA512 | 7540c0d77fb8cb056b30826a7b308b3bb5c02691b7a70c6bb2acbba5e2dd5393ae0143acadd36734b434d5dccbe7fcf794d6b9cb9617448f3049aa70ae782d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\339fae31-80a9-4278-94bf-b894576ca52f\index-dir\the-real-index
| MD5 | 447750a61de8628846e3513a10869540 |
| SHA1 | 6ccbd859488c833481d2264786c62e902101ab90 |
| SHA256 | bdd32e77e060ce40c0fd96d45620ce75524cea01d79fc6ff4e0b9898347f744f |
| SHA512 | 6aff190b0d30b9d2b68b4396cdb4cdfc82df2230ac932b49f4f72ce783b0aee310184ab9c59a086290aff566f52ba601782218ddc488297e38bf234105d7fac8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | de3c09d0c645bfa7b7b35570abc337ef |
| SHA1 | 6346da292dc150aab4f10a5c4facba14eab159ca |
| SHA256 | e03af24abbcb1afeee0f6d589a00342ece7c7bb4eca1ad8cfe4d6681836bfb20 |
| SHA512 | 1e0606a201abb975b127a94b30266dcbfcf861e6134318b14eeff911f7063b087d70c20bc2505684a1c41e649ef5a5c83223c4856c9ace8d62036d5ed45102f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 299f4f9f493d9a4d522b81e131fd7eae |
| SHA1 | efe19613e15e9bc2f26dd89d564b2c8b5ffde5b7 |
| SHA256 | 261d05ed9166730f6076b143587a7e19e645cbda9482d6e50a2382d4cf61d173 |
| SHA512 | e9fe65219fa2ccdd7527eee729ca3ae3c1633ce26a7bae8ea8c7a85af00d1acd21413bf4575a16e6dc04db9a778675d2ff43e525d7e14d721b41516eba852fdb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\abcab2c9-a3e7-4527-889e-3c5949532d7f\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5911935bf46e253b6a61caca968d1bfb |
| SHA1 | 3d98c1247efddf086344335c60620594c07efb70 |
| SHA256 | e0c088b18c0b034ac74a1feb09a78051c1c29d9cfdd8dfaec6b759795a6723cb |
| SHA512 | 34a6bd9adec43f65cd11b79b7995b3165410d11a6daae6611cb74e33758a82ab2fb43830412c319e1939c1bcae54871de90665936695dfd9e6eaa2e1c57fc52d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp
| MD5 | ea114a7ac75ce8c32791d5dbc241c2ea |
| SHA1 | 10fa6fae7957b0b0634f2a1ecb5411e070d2ebaa |
| SHA256 | ead6771257d3c0d77be59849bb9e3132a9954c3b8605e2bfc463b43c7fafaa85 |
| SHA512 | 5519efab1199a31f606aa1b389d4fddb86022517d542d9e403224ce72fc4ab20ee6520e68e3908e3ad85f07254e953d913b9ceb0183fb741cb908234f0f6983b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9d19486419b0e8801d063b9663c5727 |
| SHA1 | a870e41b6b6df7572d8ae0be39388f303cf51c13 |
| SHA256 | be928ba48f430945c00cdec9f376345c7341c6ca94c9faab1850e644ccd9af1d |
| SHA512 | 9643f9244b228cb647d95f103e359e3bc05d8e5b01014b23670fbd1b0743fca10b58c55e3944c73d5277f1470dba62a73e03df07aad9be9dc2f89b6a91c81f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b
| MD5 | 530f5281cb2a808f5d83e29941a25f2b |
| SHA1 | ab22859d6aebd7621602a44b3b39349a8749949e |
| SHA256 | 0cd4ee64b33093789d565ef7520f2805685332e104b2ea01750f430e0b699439 |
| SHA512 | b226b209d0bbbbd839e3afcd64f246e3d3a9142174b315752d20130c9efc766866e96e628cfe4421817bdf3861d7c81e8a9701ab63a1292e7e997399eab36224 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1
| MD5 | d36a279a33de96214071fd7f70c747d8 |
| SHA1 | ceac09f798320386352d961e3b8a1c557361c2eb |
| SHA256 | 1b07b593ad68e1a8a0d1b0e3ae27ef5c9d9512f6638bbef8555dd046580b92a7 |
| SHA512 | d58b0a54678ceed317222ba60eb1ed34c08e92a44839e83047640294bd79edbb2237962892be029110843de7c9c3bcf8ea6d5d9dabe687027669f27d5fc2ffa4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a3
| MD5 | 5416adda2605f64197034c00ba971124 |
| SHA1 | f2b3e5949b05bf493a7d846d5f2d157ead8fda23 |
| SHA256 | 17abe76f8cfd85312b9e957dcce49b26eb2b51b7f55d67ff5cb5008a31861857 |
| SHA512 | 6f27ec864db9391ce6e3d39277366702ff0c05c28b0b665aba86738877b83d8e3517006bdbe56e4c6136b4dfe243571f9ee2a8b337d2aa6d91598203cb57f53d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a2
| MD5 | d6f27248d0b338a5e9aa64b7969b301d |
| SHA1 | f222d3d95d3b6df50a66b19392501a90ad60c4dc |
| SHA256 | 677bede5209907bc7ebb241580d7e5b723477fab974cf86a96bfce1036816b74 |
| SHA512 | 787512056bd45957c202d13710ae382f3c55480a1c6fc28b1c4e4bbb62aeb2d072c27a1757bd0cbbb1eb185bea0bfd2173b8820ea64f3364072996ef768ad49b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | 045937268a2acced894a9996af39f816 |
| SHA1 | dfbdbd744565fdc5722a2e5a96a55c881b659ed4 |
| SHA256 | cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf |
| SHA512 | 71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f
| MD5 | f17dce14bb70fed36277227552654374 |
| SHA1 | 94b40c19e0340ea787e77a137dc7f3236b7ac4c9 |
| SHA256 | a353c198af4fbe852f11e7d009e2f58dda33b87f9050aa589159a0453fe6f125 |
| SHA512 | d365890687dd623a1fdecb91bc4c9e8ad8160ff1765c25dc29c0073fd7e64ce5b374e73fb48be5986f7f0a85bc729679994296bd441cc39ad3d73ac8a0138365 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5f3b7b.TMP
| MD5 | 96664a582db02a5ff9e888dda7d6730f |
| SHA1 | 5af09c221b0932204a193211d467befa65e3aae1 |
| SHA256 | 3f70f164e005f5c9c4ff31ed7e16b6a4a5e2b55deb44e08e34544c4e0cf5fa0a |
| SHA512 | 86f6973bf199335f3545ec4b3b6e88037409648b4f54a78a0444f6f292e2d06a2348d8a0df6e5eca34121df7a52ee74b23bdad6e33a2be646148f62987fe3e5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 7c1f9e775e136fecd0f72fba8d909549 |
| SHA1 | 9cf1439cb8900efe3199ddee74612b238d1267e7 |
| SHA256 | a63aa1c320fe4b1ae75bcdbe5c7fa20ff20bbc106f20b2864feaac9bd7b8bb52 |
| SHA512 | 03500194bf772131c5de675f77d3bc7406dd0ce7370e674ba2ee02be6813cfb8ba60165e44d39194ef6cff1fe7f690d2e13598b6dc33ac31fc98ce2b42ddb266 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1dace5e174c7cf113aea454cc8dcf2c5 |
| SHA1 | 06f366c09fbf92fc453d0f1b7671385115761207 |
| SHA256 | 5542d3abe5ac852f49a9647d2d161cd7bd5e8e1a1b95b0fa33bff67232f8ac50 |
| SHA512 | 1c0ef2361e765b5ab3d49aac1b56782d99a40ec9c484abe1fe95c61e9e878313917488dc5bedccebe6225b1c43956553e0a6b69cc3b2a24340c8144a1376747e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | de178e20fb171737f932547ee74e0262 |
| SHA1 | 57171cc758d224ce1befe83f4b49e4c0fdcc6951 |
| SHA256 | a574948db1f32f5bd3c1735bcc78785be8e6c40ad1a98f2908b07d7835c692b8 |
| SHA512 | 22825385316f668204f65c4cef34af89f26434c2f5c85669e739e56f040f7001c6ebe29031b04eba1c56125c1ccb0fa86871bf74579af0aabc0230b13ed0d947 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2941dffa-9aac-4da9-adfd-cfb45607aa02\index-dir\the-real-index
| MD5 | d2510da5c6de520251b9c0ca822f9b50 |
| SHA1 | 43d7c5b85a8b57865ead04ef86f4251e5b14f9fc |
| SHA256 | aeac1986dd630feffa7771a6c9b158995ca57cbe37a341de5de7eff297910f95 |
| SHA512 | 1afa8b703e9e355ec2054f8602a6f3f98cdb595f312cda5da483d149e2cda08dbd3ad364e97de74c589c94170bd16187b255c8674edc4aecf56b8b65cc459365 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2941dffa-9aac-4da9-adfd-cfb45607aa02\index-dir\the-real-index~RFe5f80a3.TMP
| MD5 | ab1d3778bcc169b42e593eee99a9844c |
| SHA1 | 43131b3a417973bde6ea8c47b16d10f2b2ae3cc7 |
| SHA256 | e4a5abe56e984c47c913f58c21c4b9374d648ce522f2b948c1c1287e261bd97e |
| SHA512 | c739730698f30d2dc0f9aff3765629dbf12f71154cec9dc2d95df30d2a786aa8606e6f0091e21bdb26baf315f8ab2615b0deec9e5968d0f108342a8777d817a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 54d0f3b98953f5390b15d5f3f1c3650d |
| SHA1 | afa1e9de15dd7234607e0e76cbecb7f872e29fee |
| SHA256 | 87ec0084c383aef25836747641f319cd2c428b24950d04ed36007eb8ec35887f |
| SHA512 | ebff4bc2bac8b44222f378616e25d46655f283f759209164eca37216e56c51f6df6353e754e23a6cad17ecb1c06f40295c25f4e529f95f53fd42071399bbaea7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6b21f73fa4ed4eda7da3f33116f5dad1 |
| SHA1 | 8f85a08b3ef49d75edfdf9985b1dfa59dcab1605 |
| SHA256 | 4f5d6e6ecf565a6edcb4be5f29924de79076cdaa0ff877fcfc0e84bf2fd49a87 |
| SHA512 | a65cd07b3f762881bd94fbb8373f6fbbc606fc140d0bcd6a69523c805994e6276c944f949b611e5e722ec78591b20befc04b77648afef223c39061f2f756c603 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5ee65f59f0e1be252f15ac454e859130 |
| SHA1 | 8fdfb1ef6590ec9a6864f94934bd2197d812502f |
| SHA256 | a5a73cb2ddfe1cb74dd3dfeb4e95097d03fe65776c68b7eee814eb43d0d631bd |
| SHA512 | 547290451198a7946d63a82b01ebed04b4d32b91bf84f21b35ae857fe1df892eb01ed29b64e5d09f640f22547571ac841515b5e333e578a727ee7e083704bf89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\339fae31-80a9-4278-94bf-b894576ca52f\index-dir\the-real-index
| MD5 | cc3e99cc993614c90286c44bc7c778bb |
| SHA1 | cab258bc2bdc17f936ec64bea48bd8a320ac7cb4 |
| SHA256 | 77f099d8e3d06d6184f87976c0b2ab33f023578d9cc4fae53c17c4643a8e81b5 |
| SHA512 | bea92916534efc052ed14f12e1b5fc2560df74aa01226c3e82aa1253e54df24ecfe4276270ef61e3faac257d0cc9b4ccf1c2d48ff8c2bbbc0a3287289054cf08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 119891505c4d0606b6a3a92450b55b9f |
| SHA1 | 87dbebf2b2521d86f0b4c713d899a8d9b63da542 |
| SHA256 | 59837abb9193923fb45cba4117acd08e66ee0066162e7d099b797f1d704a1ef5 |
| SHA512 | 5c323bc7526e53b2da220ec17deae4245a7f36b231b0f962e4f7666e13e8a3f66faaa7733f99a913c1cee814e4c930bb9988e9669744a079502e625e31ec07bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 104941434a31b824c940f6d8f175d96c |
| SHA1 | 83107a8a92a6dbe33ef97e5b2b101987cc525c64 |
| SHA256 | 00a535a914db8dde461c3578864cd28228ce1915a4789f82049aac8aa8129ed1 |
| SHA512 | 2cb378e82276791231e6f2d5665b52d194da7257e39370c52b1f6850c9ba7afd2eee2864ad6d62b87be8d57960db4c2c8ee7a4cc27ae8b3d70a341e55f3662de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 703d1c064cf237d4b791a93ae814611f |
| SHA1 | 4e3a026c698a1fcbfe954828b1c64b22e70f7dec |
| SHA256 | 97a12201b2bf6da5ac3194c8ecdf40a384233bcabc7167aa3c51f0142e08cb37 |
| SHA512 | 9461a0eb9afc8d87dd93ddc244bf38797ef35539b65eaf051f3702cd2858f7314fc92f5f6931c138895c6003e243c091e65d6a96a6ac45a4b18a5adc40c52504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\339fae31-80a9-4278-94bf-b894576ca52f\index-dir\the-real-index
| MD5 | 04b685f26de1011b57eb6347b6887515 |
| SHA1 | c0d4af1302c8ada38e597d7ba1b9c81b4b0aa33a |
| SHA256 | 45e23979b2b25d44f0ad9335ff59fee0abf5a417be6f58e09fbc50348f372bbc |
| SHA512 | 2e2b17c8fce591bfc8228484362ea0a54fb9bf2138acca1178bdc569533ce417161923db2ba667c338759110315872c7141913f4a56307d3436c431575180fba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 42b41ffdc006e078b0d7edf085fcb219 |
| SHA1 | ab6732adb7692c273615ab2cf6a8d7833ea10558 |
| SHA256 | ea9004c4f98065a56d9286d61181132b1ae55d2657f3fad7e5daf50658fef72b |
| SHA512 | bdc5a1fc432bd9d75b449193b314e90810ac79d929775644ab1abe0b78d4f9212aa2d9bf39b545a8a1c7736c3d0a865eca83bcb58c6dee1789cadfd0003f7814 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f55237e19f2d0a87090d8b7aa3d2d96d |
| SHA1 | 72e00681c8595471bd0e57caee4b5993a277da40 |
| SHA256 | 22ea8fa1fc035624781d2cfbae02c35b7dfb5019c1e521d18bf66b32a3efdad1 |
| SHA512 | aa697673ec66197eb8c79035f2adbcbe498a3938734adfeada0e0885ee61ab55f1e680464b47a2efeff339ee55f04eab8c51980fa95561b5d16bfca5ded33c97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b9628c1b95cd3666314f9a377ccd8b92 |
| SHA1 | ad87e4b50911b9f536390f2d6c75a7ec885457d4 |
| SHA256 | fcf2680b55ed3b0d3c059ae8f776939a176bb9d7ce9c31737d5dfc0dc62c303d |
| SHA512 | c40465aac5cb0653c2f48b56facc57dd6a59705ae48f8e889f18de5cd699b404281f4d0211cbda8dc7499080148a0ec81ed6c729e2841ffa9abcb0184e603a75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4bd648da7d6dad5aea7559b6822c0631 |
| SHA1 | 4f93f9a89f886d4e65d9f8cdba4c1f187eb27099 |
| SHA256 | 8755553e368601a045d2bc3fc6a372ac914d025aef7e4a17a734a2f79d9970dc |
| SHA512 | 70fe70d3a21317eed282f73756de6c515eee9dedd784772bb0fb9686f170528cca2668d01b5eeb9f351fb81cce798268dfb4848b9fc935ee7ba908cee0353c0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 577a420c7dfa2b0c608f0bd958610e2d |
| SHA1 | 7a3441432fd204bac487a1c91f467b4c9b5e9fbb |
| SHA256 | e66061cf0ac44156bfe14f46340a3abac3b0305e8887a35033f209fd95debffc |
| SHA512 | 161584129bb411eaad23fba8b9f959a3fa644cc86597d5937cdd8194a598f4463e488b242e202528cb59ddf4e324eba0a3158187b04d0b91007dea5a2b79a0d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1d75e7ec4904962437e4ac77b887f691 |
| SHA1 | 1b1b11f7f4edc5eb6e15b33b9be46ed5ef8ab624 |
| SHA256 | 677a74be4c5b00e00d43e51a43ee927db7c5b3831f689f339e3db62b71e3a1de |
| SHA512 | 7e0eb44e91633a5a668cd36ad8bb7b48724e87b1714940aecac816a0586be74b6ae47927d3f3b6e0157a3b82b5975c80f5e3c6c963f582e3a98345d654c1fed6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2aa019b6cb94c3e5268163890e3df011 |
| SHA1 | 1b3fdcc3e20f45e0501d4abb146b61450cb20e77 |
| SHA256 | 6b4d545c1fc12b3c54d3df968fc9c817d88917b3c119ea3dab93622a47531218 |
| SHA512 | 54eb8c6526b7336bd2b46884c12bf1a7e2c328880b6be9e5f459300ba8d3102ab553c174915c0f81ca5bd9cdceeeefa85d7e1b1a84561f308858fee3583d355f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 20bf34d0645cfe92b19a2a483f305d5a |
| SHA1 | fcf6b5c6cfdc8e576cbbaf48ada05b95b03e16c1 |
| SHA256 | 2d933676a8ca0ca3b3d659bf5011448a22ea5f3aa0cd801a29af46008278ec40 |
| SHA512 | d4651cdf60d03db90787504d0d90e958c80029da58320f5b5723a0a9903336e6e124e83c9f9829f5ed27fe13578de9d2c47e4e333ea887f3a31f595df18b2a6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 922a03906ce6876e665c08a2a8710c54 |
| SHA1 | 4a9814fc9fdaab8088e338f1134cbbff985f88b7 |
| SHA256 | 7e0abd3131c35c0cc7698e8261befe2fa6e90c66b2aad8a90921dd428fb11587 |
| SHA512 | 7b7cf7a3a6028b945ed4b39ed279da1a46dde6cdb000b99d8cc6aac68db03c85ed35a7cac59d0492b89393fdd7ee9d66c42d12e6d5244ae45ae12ebe0d11e08d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 14837c79e47ba36aa983f6b066224e69 |
| SHA1 | 94ff1ce1f0db527d1493aa3a2347d794a4b9463f |
| SHA256 | 157277506e8cad33ee9255c1d05b599e27d6164f8a1bfb6b1bd0d5ffe6892325 |
| SHA512 | 3c4976e91bfd922039bfb7a640a2f32616aaf189aca0c9112f1e5fba05474b80700793117197b2e63e1363262c64aaa9821b52d4d5316186b5cd01273a6ab045 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 42031b7565996583517cda9b21391be6 |
| SHA1 | b800884e71447b6cfa4fbfb161d3293851eda020 |
| SHA256 | 2b492749b8aa8244ee6326af9c0855bc96f725da85519f3d0e24e46388670c07 |
| SHA512 | 7da3ec3cd63fb22b69426dc7e5ccc8adffcdf2055acf56c355f52164e001999c4f8312277dc0fc241caeb127e75a817d7c7ef5f799814ec3db1004598bdb4f68 |
C:\Users\Admin\Downloads\Nezur_Loader\Logs\Crashlog-10-57-33 PM.txt
| MD5 | 71d3a2e4ea672320ba9c2689be4f4dcc |
| SHA1 | dadef140957afdea7c81a068096e27245e715e95 |
| SHA256 | 85838d27bd3c4ee794c58ae5dd924ab7cc817a29d613188aa9b44131e3346774 |
| SHA512 | 72604eef32837bbe424b8736f48926a41a0a35c62c7512fe0a7ee537aafa8e31eb68516338276d91b33f8e05eb497eebdc285c3195a68b37ff4afa91a3fbe54e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bec7f2925194a7311ba5eff454849538 |
| SHA1 | 65bfda908a7d0c7bbc5334720386f88eb6a28758 |
| SHA256 | 548ba34a157c12b81b8067058334fdc3b005f772bd790ca80c3841f0fc1486a7 |
| SHA512 | de2110cbd4292d0cc09f620a2b0d65473455d5c147929745479605ea2344c9a1a2c4d529898f3fb9aaf34f116bb0b6c01984d246e7bd0642d9bec0be20519a16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b9325e6ca2ee62acdaceb06ddab52e60 |
| SHA1 | 205bff2c527666f63a94ef8d7fc22a9424ce86f6 |
| SHA256 | cd76a0e4732ea9252d01a5ed45c1394200f915aef236f9caf378819bb0ccc729 |
| SHA512 | 795cb348cdf8cb360a17f81a50691e70b0f7616dc6d48b83f8c0605a8256722b4891a4ee6a5f851b7e800c5843077daa81efe997f4dd0f16f9bbda13420e02c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ffc158c68a153c033063fad9af19f397 |
| SHA1 | e3799aec6aff8efab16e066c5230108ce85bb4a1 |
| SHA256 | a66b3de363da9f826384b960f086e9a72b107408fe66f7be25c584939d01d0b1 |
| SHA512 | 9bcc0bee3b1a4e04dea478d960be1d66478bc1b03cfd550ef1159326188fb87db12e8d2f3f537265f9785924bda26609b45dee45b05cd7e907d23abc1a14897c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b1
| MD5 | bcff1ad14908d17e46fa3885b14b3300 |
| SHA1 | b29647fe64d761eb9693da82a8b152b4c0770d15 |
| SHA256 | a64c04ce633450738ca6efd9d166adb6502d26b9f234dadc4b75e898d1ccacfa |
| SHA512 | 2efcec536298a1ddaa8243b4faf5ec6b9397f40d9a08499f381af35b7f371e352d7c53300d1b92fe0a67876d1ffb175cda62d3bfd15e64e6df407468c5fdfb18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 72cbd4346010533f2bcdcaf1f6fa70c8 |
| SHA1 | db48b98484127c32da3a38de2d7d3691ce1d229f |
| SHA256 | 1430e742ed3e69e45ad4a2f4b0e28c3bae294f3d082ef2d34f5a9a9ccb06f79d |
| SHA512 | 8de5449997a0890d437a665ec5acdd112395a79b242ef5c220753dd616577b4ea9b83cd7510e8dc811c5bfc62a57a8a62691f328cb8af35405fac403303da234 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2941dffa-9aac-4da9-adfd-cfb45607aa02\ce2f6b7bf5468d83_0
| MD5 | 98c0fed449bd02056d852e357c2f69cf |
| SHA1 | da3f3a7698121b12b1b66c63026ef10bce57d072 |
| SHA256 | 8fe169c9805d8487447b2f132fc0358bad2acd8acc93c3252e98dc400f8f508e |
| SHA512 | 94f3acecc3d5b499d4966125958f6c0356fbc5466ff4e8805b6a94c51d3f94b737bf08c1b948a6bdbd9262482cf97e4a4a5a5ade3f0d72491a19eef24ebead59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f510cd192bc312014a24f2e881bdf2e6 |
| SHA1 | 6add012fc626ecab9bc8f150d1c3bf0a6f508109 |
| SHA256 | 646a7434c324e102670069560b1ddc535fd0e19619df218acbcd6bbda5e64238 |
| SHA512 | 9156fdbcffa3d3580d415026592971abe62fc08203079379ef52a33a0914814dfc86e29f407dd5ce27a1498cddc7815452ddc9a18f120b5c15591abe5cb1256a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 32a970e7fc474f7f9f1fa53e812b7878 |
| SHA1 | c4f56063901846c732f7bf7209833abf2eff964d |
| SHA256 | d1718d9d84ac1f19ba007a4fe1bdae61dc5fe820d71c8729a193c6bda4562029 |
| SHA512 | f0bd26876088cae965b0e3c58c0df376cf75b602a3ef3915237dc28a4337db1062181a6cb527f5bf83d3ebfccf0be0f4cf87eb7c8afb5f7ad2d27835119e0ebb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\339fae31-80a9-4278-94bf-b894576ca52f\index-dir\the-real-index
| MD5 | 9a0595200a7f7aa7e74a852269feb8d4 |
| SHA1 | 5eb743131d37d866f55d16cf83f70e0fd60b41f8 |
| SHA256 | 6318c10807b288cce4171bd99da42af663bb94bf8d4fbfa9e9948068f58a7015 |
| SHA512 | 1e92adcc10935d0c7182169f39c9f6b67c248bf39e8f92cf441e3df819dea8cc08ee2f62a62c3b9cee3288b25d5fab67480366fb763359bf3fac2d55e44e5b08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c5844b49a23fb05e06901afd4af8c176 |
| SHA1 | c9c78f86b4ccc76bed2edb51504f9edeedaad638 |
| SHA256 | f109a21b385ea4db8f20803adf9538409d18b3a599c40bcf69d19127d543d029 |
| SHA512 | 841659eaa02ff4c5bc8a27dc1e56a475bb4cf11652134dcd2d3365560262b1fb159672936597bdd38f788e1a6da22027a959237e3a3853eef8a4a147c19f707c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2d572b764a9ba41a2d1030295dd5c738 |
| SHA1 | ae545978c8da80938f3f27fbf35f4b2061604167 |
| SHA256 | c9b64d9bc33c99ee7cb23612f1dd16011b501fd44ab5b39fe78b6463f2e7c002 |
| SHA512 | 000f74436d58f736578448fcfb2b6dcc1546f4c17a0f04488f26e49ca38e6df219f177e376fb5fee4a3f8872d10d4ef2142221350e0a0eee3969df0d900c8955 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 61f9c6e9b97a92a0f38ab06c7c5b8ae1 |
| SHA1 | 2816ce3026a9ab0b2b5d9ea2ba4e2885ca7e562d |
| SHA256 | 3079dded4360d0bab6c79145ba992349ba9440f61139a74718c29a4ee076a6ca |
| SHA512 | 8c987bf0616a941553aece97997d11cdb8f9b43423bff975cdc727d3dbbaf04f756822c8bbb6d03e61d062e08f6f118a129eb5230bfdf1827fda440eadcaba32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 701958e12318fc0c6fa4fa189ce5ec2d |
| SHA1 | 2c2ac38c9c5e3378a52bc10f11742f600d896de0 |
| SHA256 | 16eecf9ffe2bc7ce253b0a807d71d5c6220562db756317a23ed73c13e5248270 |
| SHA512 | 955d0b350f77a56d93682de4f3d4cf68b9a28ed5dcd6b19230d871759f8bb32aa23cbec10aaf8f4afcca656ae7c666cb541f62fb3876345fc892011c16de5b2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 819a74237120f681180929f643045695 |
| SHA1 | 7d9ed604cc188e842263159ba495b4f41e722d13 |
| SHA256 | 34d63d424ab19ffcf484cccd971db38fd1f7b059573bce12a88b3b5f866c12f0 |
| SHA512 | e0bc0e4b9511d66298a33e4acc500171c475e5e6e311b7b69913a995a2f2fb10e89b1ca93b6f8bc3c1c799345d10be874e8dbd2d0ffb2c11131d1991bf684449 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aac30ce9764672bdc391817586c7db0c |
| SHA1 | e71acb757cb378153ccd57b06a533569d629e88a |
| SHA256 | 7e43c56399c236f73fa2685e67ce2ee841ed294be62d9819dd007e3a0c4feec5 |
| SHA512 | bf0ba3fea93b3b0a1c4c62dce63d49ba377241e4e58e6cd8cbc1b52da6957e32afb34bba892d2a6701167e47a00c8a2687ac0ba6a3dde1e5400584f760f45cc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 2ad3bc98f4fc11f426e80793f6ac8c88 |
| SHA1 | d5b8996b8aaea4f65079440ea276872697d6f413 |
| SHA256 | cbe60957e3107ca5ab58d0d308e0e75a5e3ef032b4f6b17eb643f0b1b4b3890b |
| SHA512 | 4a463ff76c07db2b52542d887d0a6f3959d5035133d7c3a67c87aa3590ecaac01a360f011e7f6b861178baa4c3b6036fdff1b550b9c83cd84c9c4d03b8467081 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ab209b72eef9d3a0e629bca0e8b49e6f |
| SHA1 | 4f4b141ccd70ae52d0b1eb3ac330ed6446427888 |
| SHA256 | 1443a56b840c40b70406e59ec7354a6d76fa516e5014189bc99ee6c71dd4f5fd |
| SHA512 | bbb225d1b8d62336814560e35259f6f867acc0e6b0fc2982ee3be93bb5971abc8f3ae3937b6b2cde186d7edfc288f26fc8582ea197ec3e37c1e09eda4addd663 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 75ab736ff387123a249d54b9d4a260dd |
| SHA1 | af30fad684e895b1006b7da7b23e773c1fe56a1e |
| SHA256 | 473c54ffadfd9a1295ccd47f1e731aa4544a28460684a2180405e8ba8a0679eb |
| SHA512 | 9519bca422784fa470299d501a2ea8bda1edd02a69294a3443328bb6cdbc2d69d62f1c78dd55d8ec743d4d9da570f584d786a480bdb3f7e4216b638009a372ef |
memory/5852-4460-0x0000000000C70000-0x0000000000CBE000-memory.dmp
memory/5852-4463-0x0000000000400000-0x00000000007CD000-memory.dmp
memory/5852-4464-0x0000000002E60000-0x0000000002E61000-memory.dmp
memory/5852-4466-0x0000000002E60000-0x0000000002E61000-memory.dmp
memory/5852-4467-0x0000000002E60000-0x0000000002EA0000-memory.dmp
memory/5320-4470-0x0000000002810000-0x000000000285E000-memory.dmp
memory/5320-4471-0x0000000000A60000-0x0000000000A61000-memory.dmp
memory/5320-4472-0x0000000000400000-0x00000000007CD000-memory.dmp
memory/5852-4480-0x0000000000400000-0x00000000007CD000-memory.dmp
memory/5320-4481-0x0000000000400000-0x00000000007CD000-memory.dmp
C:\Users\Admin\Downloads\Unconfirmed 678314.crdownload
| MD5 | a9781403e2e0f3539b81dbbc4ba52f07 |
| SHA1 | cba433e3c7690c1628bc620a43912f06db331065 |
| SHA256 | 16837f396802d446e72fb4d02c68a2e07b5657e3e1d3d738b79a2c8992ad1ad0 |
| SHA512 | 6c985a47a7bed1e150cbed5da08cb2528fdf8e5d80a482610ad7fb14d079cb19756872453b23ace8dade982b4979ff885de7b41e798b3d4ccdc957f2564836c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d18f0d68ecb0a875fdbe4b0199a2cc73 |
| SHA1 | 0228e0e7fa5bd18927b2d944c433446f77f6d569 |
| SHA256 | 94f9f748574e3c81dda209e53c994147d417ccbb32f8d2166bf78f65a3d1fc03 |
| SHA512 | 056b79434a6a320d1f79e56e887735a185f434e5cf687ad66fcbcdc8ad37b0bd6cc529cccd6e6277bffbfc916a9605a1f66505777d3d80057b727a33b25b59f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c4f36be89884a14964d3541b0737f66c |
| SHA1 | de7c8a023469e603ddd7cb4cb95e66651258cbd9 |
| SHA256 | 4e04e1bf410beb783d92f83415772ec56e105002d2e39c632c32be5e7289937c |
| SHA512 | 48ef4a234222896f3a54ac2a3636a4d1d885132f9107cd4c9b2a12f28d4a2d0a5d3b86fea2013bf9ad0ec326ad2004bf80fd26132db19ee07eaedb63c0f563f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 172752547a12b1610eeab97ccadd5634 |
| SHA1 | 1763be50a5e075170843ab857da8f64767e5b3f4 |
| SHA256 | 658f31681ba67f4be7db3076f2123f344fe427a701971e7c43a0cdbd24364366 |
| SHA512 | 324c1c29c477ad31557ac8cb3bcc541e0f1862ea6569011534b41d5cba769f7ba7c0ccb46bbd1a0561afbbe3bb47ce5749706e2f6586fca127cf7d2bd777f1e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 06553389fa5c19fc04a58486af4bd765 |
| SHA1 | dbfe3c58982de560acb1864533d37ca43c7705ee |
| SHA256 | e4896972569c6757d2c9fb180a5fed195cb16a810a02b3315be23f27397f80bc |
| SHA512 | 6cef460d9e5fc31f55c575bced261d73bb1b7ebc9d3a64cff4ffa7851ff5312279a4137bb4bb64ab8bd355c58cd00789e676594c0905a3b6ced1dce63f6173a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\676aa7d2-7801-4bfb-abac-44825cb526f2.tmp
| MD5 | db0b614f4dcd1a973c82d2edb360ef09 |
| SHA1 | be0bd85ca2e0c7bcc06f45000545a2ea819d2a4a |
| SHA256 | 3d9be7f4f192539f283173a369c8ddcdd44a16d51697cd469e2f19b7d773d253 |
| SHA512 | 5e904f228c593f751b75173728d25b6b3923b2c2fc9e06b5793367a62d34adb0391adddd67203a813e2f90b083ed6ffc6a0e2aa0cca5c54a462bb3ef8079d793 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bea027a5488c4e8fd20576c4597d7e74 |
| SHA1 | b2afe05cb4c6fb33b02a32b198bb191a80291436 |
| SHA256 | ebb29cbd9931a5f6265222c5ac7f356ae45fb746093bf93ccccb8bf47ce0fe72 |
| SHA512 | 47517b7a105c4f7077d9d7caaa94fae5c20aedcb4438e7afba323482b63088af9b9bec26311e9e7ae57493cad5abe3b8a19046b0405e698b37e7f8b37e7ecdc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0104b07f675e9d7e4165770018bd8449 |
| SHA1 | e73a374da9d41c05e5df420b7d145e9828e2c170 |
| SHA256 | 475927f74b12a2595992f6ff5c3d54c13bc6f6fda44b9846f6d6b78caacdee49 |
| SHA512 | 96a4a67cb6706c8f362876eb907a634b522f8e8171c932104446ffc176b1c563a7755190284b4f63960b69c398767b0828a2988cc8933eddf099370e9ffe13f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 52e8d7125187b2a9d05ae327aae943d2 |
| SHA1 | 1eb61a8b7099296c37e1cf6640b35ddf3bf26911 |
| SHA256 | 43920d426578b5abee37c66302e28bd3ddc5591ea4fb336c7f9b851a0daf47a0 |
| SHA512 | 162d041ce217c30daf45e80e81dbf8d67d5f85a28309f3bedd3fff48811179b6b5cd30e76f3f3234f7b70f3b980094b417ce6d178356749f17b74aa4b05c4fef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ef00652333e7a49fe368744195abe1f |
| SHA1 | 407fca7029743c358b1ce9ed2c5611172473740b |
| SHA256 | 46788195054ab05a351a8ff87390b03d047bb2ef80f1dcabbf5d43fb9b692e9e |
| SHA512 | fe31931ae3cdb690f12515a6cc49ee72a500c91b2d7e6a7bd3b0e3fe947372c81f9490d3b2fd64854375c4bdd1a587e163348699f9926eb9e504b5a2a2b49b57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0710bbfad5569b6719dbe8a493b11773 |
| SHA1 | 9362bf82029201bcaa913b1da1051051b55594b1 |
| SHA256 | 1c85902abee1bef489f44a758a51afc70e7f3673fd3cb4d0d49860b70ae7b0cc |
| SHA512 | baf359bebc8fafe7ddfcf5274c0704f86541a87b9fb5ff7f3cb931c5b4b83cd67cdb2c629f3995532392beccb344ddf3e1b34a3f626ae8908462cbcd758e5dc0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d14858cf216ff807fe04632e4d15a671 |
| SHA1 | 90ae2e4197e05584e499c5d403c455aae460d0a6 |
| SHA256 | 059b8a3f4ac6bee40976c0d40889619c489eafd9a39c7cf295dfb41d1dfb019b |
| SHA512 | bc8691f8d5d68e63782994845595239ebe85713d15c9c6fbca88e2aaf8a2b78a6ef6d3be37ed91e6e42ed270408061c137fd9d9036eeef3eac4a4b8e8ba519a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc0abd488d1c442af79da0727686b9e1 |
| SHA1 | 7ed85abd6f8666a85592de1c06148d6a0eae56aa |
| SHA256 | 425f673b1899c57628fd8473f0627f63b5d6a20ef8f79c70eecd3451c79f9fd7 |
| SHA512 | abeba29bb848b8a09533bfac1a61dde10efe26bbe5280cd6f53e783a52cd599a2a9958f74e5fb7fdc1e30578cbcc427864fe1c158e984dc3e99b79bdaf066783 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 96c0cb826e4778f449439d77ccf7197a |
| SHA1 | 7cf35dc6d69460035467fdc654d186d544a57498 |
| SHA256 | fdb4abf2b1ba33932bf8d18a5f9cfa6dc8e6d340324feffe003710a0d7819147 |
| SHA512 | 5f56810f8ec5af97e8c45973ceabc9e36ac48fc1780d7b95a298f029944ad8619f6725645fd956accea573c481d21a915c449fcfd1a0a64f6e246ae787d43eab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 307ef472cd3f7ba803402b1059ef0d9a |
| SHA1 | 309552d4b57059dd1c74bd9d86936408db2285e4 |
| SHA256 | 5b8a39c48187b24f5a4b7cc203dd2d39ef1bf06adb0490c8199901716a8f4ae8 |
| SHA512 | f7a5f1cf3c01a8daa0c9515bb3c441cd22076a068096e509a8e1b6854de16aa9fdddb8bf217772fee6b2edb78938329e8c3def5250cce0000b7c3b9564863afc |
C:\Users\Admin\Downloads\Unconfirmed 609953.crdownload
| MD5 | 660708319a500f1865fa9d2fadfa712d |
| SHA1 | b2ae3aef17095ab26410e0f1792a379a4a2966f8 |
| SHA256 | 542c2e1064be8cd8393602f63b793e9d34eb81b1090a3c80623777f17fa25c6c |
| SHA512 | 18f10a71dc0af70494554b400bdf09d43e1cb7e93f9c1e7470ee4c76cd46cb4fbf990354bbbd3b89c9b9bda38ad44868e1087fd75a7692ad889b14e7e1a20517 |
C:\Users\Admin\Downloads\NoEscape.exe.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8ba73ce7ba9b72b5a236eb2f9b41312 |
| SHA1 | 741367897089c5d46c59a1c569512519533b1c87 |
| SHA256 | 656fee5203507924ca279a797b0345ff3ef65aa82d1328a9f842807234f16bde |
| SHA512 | e0a48ba8ae0886a3298c7bb75a9a1fe05a941d30dd152473d1f81e493b23431a7a9e3c2221b36f28667e900b353128d4f4752a2fcd3356d506c5f51aee9bf810 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6c14761f8b021d81233daa119a3d9bf4 |
| SHA1 | 6509da1ef58bf50da93c68f51d84b60ee7cbdf41 |
| SHA256 | 5e223b0531f61c7298cf68ef6892e097d7b4fc9ee1065be1bb9931df97fa48e9 |
| SHA512 | a4099b55da572aa42d7c44e9aae5d793481388081df3c54ff3e0ea00e158e31cd1597819d4b1494d95785e20f7615e70379872bb25abee20cc689104a5376723 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2511930861d0b389f2626b35ec4b5ca4 |
| SHA1 | b89903e259b66836163fd4de2dda6c877021b4b6 |
| SHA256 | dcc2a7e09856ffed66b0ee2d3902637aba0fe4b89e777f2a89c52f06f7a59d07 |
| SHA512 | d314c98774db12b40bcb0fd3b49aae7f0933f8bca14161d45d99812b61778840b716cc721a433e478d020f3328eee0802ee9ba32c5f5c39b776b7793177e26de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a8a4950196aed89ae6c53ca01f3ff2b3 |
| SHA1 | 5179ac9002c1e05675fce755a797a9e18428f1ff |
| SHA256 | fdb0ebbe58485b284f7611c085534f2c1f86c6fcd2d410872e49b5d641c742e5 |
| SHA512 | 339ef18d8619deeac12e77ff06a1b076f0629cf1a90984fb1daab36ae1c1bdcdc2227858b100e441ee3b28298c6cc95ec36d6142255e3cf66fec2f5b9293d4c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | eed182f5e0a74d79d42e06fd09459119 |
| SHA1 | c3e8729eb268d10bea210e030bc48c9ad408d0c5 |
| SHA256 | 4eca403c7a933fb146f83056fc3291005dbd665b3f8937b1b01f6b09804ec4a1 |
| SHA512 | 430409a3d6fa3b3cf553d46f3aff8c3d43aafd1998ca35c254d5f0dc800dc224fbc2ad8ae55219e384f2a978d4a9a0eb3d6c02e8c9e28da9044b78af2f15cbb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | 210d824161cc47ff3c0f799169b9d78d |
| SHA1 | f33fd0ed5558f7bc1b690b68eec7f2d9393a60e2 |
| SHA256 | 12c1f007012d8ef11d074a35c8991a1d12343bd3029cafa2268fd24b0ee7c464 |
| SHA512 | 6f18ac772f938fbb5d0ae48fe9e21f2e23a6bcf2f7d936f4435f7f1dbe4ad48faef36cdbb83d790a61a5abe216dd3145512092a47a74aa802c8d9e505c662ca2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 41cbc198b64c4c7ab6c62e11614c17f7 |
| SHA1 | cc828ccfe8371a8c3cb4c57146fbbeca46c07eca |
| SHA256 | 021bd8e42293406929eeb1861f1b3b1562d8675605928192f44e3d4081b16cb7 |
| SHA512 | c3bb392b59583d1cdc1ad3f1d9e39f8aaf3b408a80b8c7c78043c4887bf1d14333233304744b9152a18db4a6940f68593c08c5656b740ad37a402ae0ed5ac5b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6634155e69d856180cad50b49cd54dd3 |
| SHA1 | 7a1537bd54e9a38eece6550dadc2dd76582ffb37 |
| SHA256 | 8c1d0452449e962d91abb3b7d43b9fc7f03e72fe36808c83d8c9ab84ba7c5db6 |
| SHA512 | 49720dc76d60545ad6a14decd170979780a9b7ac65543d0516fc066432330c5d34efe2cd63030793d275e2f5ce0ea1a484ae35f20ab013e3a488ec2564ca15f6 |
C:\Users\Admin\AppData\Local\Temp\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\.ba1\logo.png
| MD5 | d6bd210f227442b3362493d046cea233 |
| SHA1 | ff286ac8370fc655aea0ef35e9cf0bfcb6d698de |
| SHA256 | 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef |
| SHA512 | 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b |
memory/5268-5330-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/5268-5331-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/5268-5332-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/5268-5333-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/5268-5334-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/2816-5335-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/2816-5336-0x0000000000400000-0x00000000005CC000-memory.dmp
C:\Users\Public\Desktop\᧭ޅ⚅՚⍭⥺࿐൷∂⢩ീਏ⇕ᙈಯ
| MD5 | e49f0a8effa6380b4518a8064f6d240b |
| SHA1 | ba62ffe370e186b7f980922067ac68613521bd51 |
| SHA256 | 8dbd06e9585c5a16181256c9951dbc65621df66ceb22c8e3d2304477178bee13 |
| SHA512 | de6281a43a97702dd749a1b24f4c65bed49a2e2963cabeeb2a309031ab601f5ec488f48059c03ec3001363d085e8d2f0f046501edf19fafe7508d27e596117d4 |
memory/5268-5512-0x0000000000400000-0x00000000005CC000-memory.dmp