Analysis Overview
SHA256
d87ebd2195a7afc26e8b620660337fddad34a8320a1ff6faa71752518f5f3976
Threat Level: Likely malicious
The file file was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Sets file execution options in registry
Downloads MZ/PE file
Executes dropped EXE
Registers COM server for autorun
Loads dropped DLL
Checks BIOS information in registry
Checks computer location settings
Themida packer
Checks whether UAC is enabled
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Drops file in Program Files directory
Enumerates physical storage devices
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Modifies registry class
Suspicious use of FindShellTrayWindow
Checks SCSI registry key(s)
Checks processor information in registry
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: MapViewOfSection
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
NTFS ADS
Modifies data under HKEY_USERS
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-09 11:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-09 11:47
Reported
2024-04-09 11:57
Platform
win10v2004-20240226-en
Max time kernel
588s
Max time network
589s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\Downloads\WaveTrial\Injector.exe | N/A |
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\WaveTrial\Injector.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\WaveTrial\Injector.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\WaveTrial\Wave.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\WaveTrial\dist\node.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\WaveTrial\Injector.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService.1.0\ = "Update3COMClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback.1.0\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ServiceParameters = "/comsvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\ = "Microsoft Edge Update Process Launcher Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.ProcessLauncher" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ELEVATION | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CLSID\ = "{77857D02-7A25-4B67-9266-3E122A8F39E4}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ELEVATION | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\ = "Microsoft Edge Update CredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-399997616-3400990511-967324271-1000_Classes\roblox\shell\open | C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 775609.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\WaveTrial\Injector.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\file.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdc55746f8,0x7ffdc5574708,0x7ffdc5574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10008 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\WaveTrial.rar"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=13104 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\WaveTrial\Wave.exe
"C:\Users\Admin\Downloads\WaveTrial\Wave.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=10772 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3124 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,6687049563776719116,3126187785664915787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 /prefetch:8
C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe
"C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe"
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe" /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU8E90.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OEZDOUY3QkMtMzA2Ni00MTkyLUIyN0MtM0U2NTZCMkJCMUM4fSIgdXNlcmlkPSJ7RTg1RUIxNDItNTU3Qy00MjkwLTg2QTEtOEM5QzA4M0E4MjUyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDOThFQjY1My02REZCLTQyRjUtODVDRi1GRUU4ODZFOEEwRDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODUuMTciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MzczMTkwODI3IiBpbnN0YWxsX3RpbWVfbXM9IjUzNiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{8FC9F7BC-3066-4192-B27C-3E656B2BB1C8}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OEZDOUY3QkMtMzA2Ni00MTkyLUIyN0MtM0U2NTZCMkJCMUM4fSIgdXNlcmlkPSJ7RTg1RUIxNDItNTU3Qy00MjkwLTg2QTEtOEM5QzA4M0E4MjUyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxQkQzMUU1QS04RTM0LTQ5NjMtQUFGOS04RUQzRkY2MTNGODN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MzgxMzcwOTI4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\MicrosoftEdge_X64_123.0.2420.81.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\MicrosoftEdge_X64_123.0.2420.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\EDGEMITMP_5F035.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\EDGEMITMP_5F035.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\MicrosoftEdge_X64_123.0.2420.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\EDGEMITMP_5F035.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\EDGEMITMP_5F035.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.106 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48A2DA12-8AB2-4640-B4AB-A6E345D72F13}\EDGEMITMP_5F035.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.81 --initial-client-data=0x230,0x234,0x238,0x20c,0x23c,0x7ff63579baf8,0x7ff63579bb04,0x7ff63579bb10
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OEZDOUY3QkMtMzA2Ni00MTkyLUIyN0MtM0U2NTZCMkJCMUM4fSIgdXNlcmlkPSJ7RTg1RUIxNDItNTU3Qy00MjkwLTg2QTEtOEM5QzA4M0E4MjUyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszNjdGM0Y1MC04QjhFLTRFODItODBGNi0xOEMwMzUyNEJFMzZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyMy4wLjI0MjAuODEiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjczOTg5MjExOTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3Mzk5MDUwOTAyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzc3MzU4MTMzMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvN2EwYTBiZDYtYjljOS00YzU2LTk2NDktZTllOWMyMmZiZTQzP1AxPTE3MTMyNjgzNTkmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VHhKMSUyZmh6TGd1a3pNNEpLYlJEYmREbGtTQlpMUmMxSkRwNHViTk5zbXhGNlF3UTdVcUN0UUY3eTdtMG5mYnVBUHlpQiUyZmZIZkJlbmY5WjV0bTkxQnpnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyMDg2NzQ0IiB0b3RhbD0iMTcyMDg2NzQ0IiBkb3dubG9hZF90aW1lX21zPSIzMDgyNiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc3NzM2NjA5MDYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3Nzg4NTAwOTg3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjM4NzExMDA1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTA1MyIgZG93bmxvYWRfdGltZV9tcz0iMzc0NDQiIGRvd25sb2FkZWQ9IjE3MjA4Njc0NCIgdG90YWw9IjE3MjA4Njc0NCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDUwMjAiLz48L2FwcD48L3JlcXVlc3Q-
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe" --app -channel production
C:\Users\Admin\Downloads\WaveTrial\Wave.exe
"C:\Users\Admin\Downloads\WaveTrial\Wave.exe"
C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --log-file="C:\Users\Admin\Downloads\WaveTrial\debug.log" --field-trial-handle=2028,i,16056247233291861037,3038573767245795551,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=2008 /prefetch:2 --host-process-id=2644
C:\Users\Admin\Downloads\WaveTrial\dist\node.exe
"C:\Users\Admin\Downloads\WaveTrial\dist\node.exe" server
C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Users\Admin\Downloads\WaveTrial\debug.log" --field-trial-handle=2744,i,16056247233291861037,3038573767245795551,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=2740 /prefetch:3 --host-process-id=2644
C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Users\Admin\Downloads\WaveTrial\debug.log" --field-trial-handle=3924,i,16056247233291861037,3038573767245795551,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=3920 /prefetch:8 --host-process-id=2644
C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --log-file="C:\Users\Admin\Downloads\WaveTrial\debug.log" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3996,i,16056247233291861037,3038573767245795551,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=3992 --host-process-id=2644 /prefetch:1
C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --log-file="C:\Users\Admin\Downloads\WaveTrial\debug.log" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=4008,i,16056247233291861037,3038573767245795551,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=4000 --host-process-id=2644 /prefetch:1
C:\Users\Admin\Downloads\WaveTrial\dist\shared\bin\wave-luau.exe
C:\Users\Admin\Downloads\WaveTrial\dist\shared\bin\wave-luau.exe lsp --definitions=C:\Users\Admin\Downloads\WaveTrial\dist\shared\bin\globalTypes.d.luau --definitions=C:\Users\Admin\Downloads\WaveTrial\dist\shared\bin\wave.d.luau --docs=C:\Users\Admin\Downloads\WaveTrial\dist\shared\bin\en-us.json
C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\Downloads\WaveTrial\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Users\Admin\Downloads\WaveTrial\debug.log" --field-trial-handle=5008,i,16056247233291861037,3038573767245795551,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=4580 /prefetch:8 --host-process-id=2644
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\RobloxPlayerBeta.exe" --app -channel production
C:\Users\Admin\Downloads\WaveTrial\Injector.exe
"C:\Users\Admin\Downloads\WaveTrial\Injector.exe" 11876
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 172.64.135.21:443 | the.gatekeeperconsent.com | tcp |
| US | 172.64.129.8:445 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| DE | 18.66.242.6:443 | cdn.amplitude.com | tcp |
| US | 172.64.135.21:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.135.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 35.167.29.99:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.242.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.4.157.108.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 54.229.184.161:443 | bcp.crwdcntrl.net | tcp |
| DE | 108.157.4.29:443 | tags.crwdcntrl.net | tcp |
| IE | 108.128.218.76:443 | bcp.crwdcntrl.net | tcp |
| US | 172.64.128.8:445 | www.ezojs.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.29.167.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.184.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.218.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 54.219.188.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download2436.mediafire.com | udp |
| US | 199.91.155.177:443 | download2436.mediafire.com | tcp |
| US | 199.91.155.177:443 | download2436.mediafire.com | tcp |
| US | 8.8.8.8:53 | 177.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| DE | 18.173.233.68:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.233.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 172.67.174.4:443 | www.ovardu.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 172.217.16.238:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 18.195.175.1:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 142.250.180.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.174.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.175.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 142.250.200.46:443 | www.googleoptimize.com | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| BE | 104.68.66.120:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| BE | 64.233.167.154:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.167.154:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.66.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.167.233.64.in-addr.arpa | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| GB | 142.250.180.10:443 | translate-pa.googleapis.com | udp |
| US | 172.64.129.8:443 | www.ezojs.com | tcp |
| GB | 172.217.16.238:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | 8.129.64.172.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.64.136.15:443 | go.ezodn.com | tcp |
| US | 172.64.136.15:443 | go.ezodn.com | tcp |
| US | 172.64.136.15:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 172.64.136.15:443 | go.ezodn.com | tcp |
| US | 172.64.136.15:443 | go.ezodn.com | tcp |
| US | 172.64.136.15:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| NL | 23.63.101.171:80 | apps.identrust.com | tcp |
| US | 184.30.249.27:443 | ads.pubmatic.com | tcp |
| US | 172.64.137.15:443 | g.ezodn.com | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 15.136.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.137.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.249.30.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 172.64.137.15:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ut.pubmatic.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 185.64.189.226:443 | ut.pubmatic.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 172.253.119.120:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 120.119.253.172.in-addr.arpa | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | d1321af3dc9f5fa4bbfb812a9a828ba1.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | d1321af3dc9f5fa4bbfb812a9a828ba1.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 108.157.4.123:443 | hb.yellowblue.io | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| IE | 54.154.224.30:443 | ap.lijit.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 107.151.11.18:443 | ghb.adtelligent.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| DE | 18.154.67.92:443 | cdn.prod.uidapi.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 23.227.151.242:443 | ghb1.adtelligent.com | tcp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.4.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.31.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.224.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.67.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.11.151.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.151.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 172.253.119.120:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | resources.infolinks.com | udp |
| US | 172.66.41.9:443 | resources.infolinks.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | router.infolinks.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| FR | 185.235.86.123:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.134:443 | gem.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.41.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| GB | 172.217.16.238:445 | translate.google.com | tcp |
| GB | 172.217.16.238:139 | translate.google.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | s.adtelligent.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| GB | 172.217.169.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| GB | 185.83.69.226:443 | s.adtelligent.com | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| DK | 37.157.3.26:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 8.8.8.8:53 | public.servenobid.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| IE | 34.248.77.228:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| DE | 18.66.248.39:443 | public.servenobid.com | tcp |
| BE | 104.68.78.171:443 | secure-assets.rubiconproject.com | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| DE | 108.157.4.28:443 | api-2-0.spot.im | tcp |
| IE | 52.18.157.212:443 | match.prod.bidr.io | tcp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 35.214.229.219:443 | csync.loopme.me | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DE | 108.157.4.28:443 | api-2-0.spot.im | tcp |
| IE | 52.18.157.212:443 | match.prod.bidr.io | tcp |
| NL | 35.214.229.219:443 | csync.loopme.me | tcp |
| US | 50.31.142.31:443 | b1sync.zemanta.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| GB | 172.217.169.70:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | 70.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.69.83.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.78.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.77.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.172.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.248.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| GB | 172.217.169.2:443 | googleads4.g.doubleclick.net | tcp |
| GB | 172.217.169.2:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | download2430.mediafire.com | udp |
| US | 199.91.155.171:443 | download2430.mediafire.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 72.246.173.47:443 | eus.rubiconproject.com | tcp |
| US | 199.91.155.171:443 | download2430.mediafire.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 54.209.244.95:443 | sync.srv.stackadapt.com | tcp |
| GB | 172.217.169.2:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sys.ctrackapp.com | udp |
| DE | 18.195.23.231:443 | sys.ctrackapp.com | tcp |
| DE | 18.195.23.231:443 | sys.ctrackapp.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | 212.157.18.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.4.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.229.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.173.246.72.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.244.209.54.in-addr.arpa | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | tracking.andornet.digital | udp |
| GB | 142.250.180.10:443 | translate-pa.googleapis.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| DE | 18.195.23.231:443 | tracking.andornet.digital | tcp |
| DE | 18.195.23.231:443 | tracking.andornet.digital | tcp |
| US | 8.8.8.8:53 | go.etoro.com | udp |
| NL | 104.109.249.151:443 | go.etoro.com | tcp |
| NL | 104.109.249.151:443 | go.etoro.com | tcp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 54.236.215.164:443 | cs-server-s2s.yellowblue.io | tcp |
| IE | 52.51.67.139:443 | jadserve.postrelease.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | 231.23.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.249.109.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| FR | 91.134.110.136:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | marketing.etorostatic.com | udp |
| US | 8.8.8.8:53 | etoro-cdn.etorostatic.com | udp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| NL | 92.122.63.182:443 | etoro-cdn.etorostatic.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 213.19.162.90:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 54.155.53.124:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 139.67.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.215.236.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.110.134.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.63.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | 124.53.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| IE | 54.170.58.114:443 | g2.gumgum.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| FR | 178.32.197.52:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | cs-rtb.minutemedia-prebid.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| DE | 18.66.248.42:443 | cs-rtb.minutemedia-prebid.com | tcp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.46:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| NL | 213.19.162.71:443 | prebid-server.rubiconproject.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | cdn.dxkulture.com | udp |
| US | 104.18.42.227:443 | cdn.dxkulture.com | tcp |
| US | 8.8.8.8:53 | 114.58.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.197.32.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.248.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| NL | 145.40.97.66:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 54.158.49.188:443 | ssp.disqus.com | tcp |
| US | 184.30.156.32:443 | hbx.media.net | tcp |
| IE | 54.228.145.228:443 | ads.servenobid.com | tcp |
| US | 69.166.1.67:443 | sync.go.sonobi.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| DE | 52.28.163.106:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | us.shb-sync.com | udp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| DE | 108.157.4.110:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| DK | 37.157.4.28:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 227.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.145.228.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.156.30.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.163.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.49.158.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.4.157.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 8.43.72.98:443 | pixel-us-east.rubiconproject.com | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | tg.socdm.com | udp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | udp |
| JP | 124.146.153.170:443 | tg.socdm.com | tcp |
| JP | 124.146.153.170:443 | tg.socdm.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 54.209.244.95:443 | sync.srv.stackadapt.com | tcp |
| US | 54.167.230.135:443 | sync.ipredictive.com | tcp |
| IE | 52.51.195.53:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.18.47.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | usersync.gumgum.com | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | a.audrte.com | udp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| IE | 34.247.233.198:443 | usersync.gumgum.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| IE | 34.240.126.98:443 | a.audrte.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 81.17.55.106:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.106:443 | rtb-csync.smartadserver.com | tcp |
| IE | 52.48.157.114:443 | rtb.gumgum.com | tcp |
| NL | 79.127.227.46:443 | id.rtb.mx | tcp |
| NL | 81.17.55.106:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 28.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.72.43.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.153.146.124.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.195.51.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.230.167.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.47.18.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.233.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.126.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.157.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.us.e-planning.net | udp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | ads.dxkulture.com | udp |
| IE | 52.18.157.212:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | ums.acuityplatform.com | udp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| US | 45.55.126.71:443 | ads.dxkulture.com | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| US | 8.8.8.8:53 | 71.126.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.122.59.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.113.74:445 | static.mediafire.com | tcp |
| US | 104.16.114.74:445 | static.mediafire.com | tcp |
| US | 104.16.114.74:139 | static.mediafire.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | ghb2.adtelligent.com | udp |
| GB | 185.239.172.170:443 | ghb2.adtelligent.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | 170.172.239.185.in-addr.arpa | udp |
| FR | 164.132.25.181:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| NL | 193.3.178.3:443 | ads.us.e-planning.net | tcp |
| US | 8.8.8.8:53 | 181.25.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 107.151.11.18:443 | ghb2.adtelligent.com | tcp |
| GB | 172.217.169.70:443 | s0.2mdn.net | udp |
| GB | 172.217.169.2:443 | googleads4.g.doubleclick.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 23.227.151.242:443 | ghb2.adtelligent.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 185.239.172.170:443 | ghb2.adtelligent.com | tcp |
| GB | 172.217.169.2:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| US | 172.253.119.120:443 | csi.gstatic.com | udp |
| US | 107.151.11.18:443 | ghb2.adtelligent.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 23.227.151.242:443 | ghb2.adtelligent.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.2:443 | googleads4.g.doubleclick.net | udp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.16.226:443 | securepubads.g.doubleclick.net | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 172.253.119.120:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.59:443 | th.bing.com | tcp |
| NL | 23.62.61.136:443 | r.bing.com | tcp |
| NL | 23.62.61.136:443 | r.bing.com | tcp |
| NL | 23.62.61.59:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 59.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.71:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 185.199.111.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| DE | 18.154.63.71:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.63.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 23.73.139.35:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 35.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scriptblox.com | udp |
| US | 104.26.5.195:443 | scriptblox.com | tcp |
| US | 104.26.5.195:443 | scriptblox.com | tcp |
| US | 104.26.5.195:443 | scriptblox.com | tcp |
| US | 8.8.8.8:53 | 195.5.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 142.250.178.3:443 | tcp | |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| GB | 142.250.178.3:443 | udp | |
| NL | 52.142.223.178:80 | tcp | |
| US | 8.8.8.8:53 | 239.249.30.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.121.231.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| IT | 108.156.2.126:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 126.2.156.108.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e0811105475d528ab174dfdb69f935f3 |
| SHA1 | dd9689f0f70a07b4e6fb29607e42d2d5faf1f516 |
| SHA256 | c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c |
| SHA512 | 8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 47b2c6613360b818825d076d14c051f7 |
| SHA1 | 7df7304568313a06540f490bf3305cb89bc03e5c |
| SHA256 | 47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac |
| SHA512 | 08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac |
\??\pipe\LOCAL\crashpad_2064_EYQFVPDJNJMTRWFV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7538246fde456fad55ce97adc751155c |
| SHA1 | ec7bb9c25f741a86a603083f526e0d4f715e9ed9 |
| SHA256 | 3b82c537715974e31903ddab86ad35355b44d402f329a521cc7e85e96f9626cd |
| SHA512 | e513d985aa1c0c233c864cc8aa4a5ebeb527f20ff8c43955b1b411c7ac618527199050d2fe9e7631d08d42475ade8b8d94abecac070f7a14294b7c2ec717a3e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ef486eb93e899ab572f540b01b6c3248 |
| SHA1 | 5648a71780bc45885078e018de7203e9f001867b |
| SHA256 | f400f5a5d69bf39d42e37c1a5a3c9dfd6adf38b2e7c0ea8e9648c4b57d93e871 |
| SHA512 | d9c78b6ba37bce89026d74983d05eb15017c955fc82b7c74f08d0dfe881193e2c7a08a2579475c0edadd54147b1328f1aaaeb6e40166791392ac8912e694f18d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8eae124ed536ec4bfa9ff2292cbeb9c6 |
| SHA1 | a80dedcf2326e85d41dd674051290f6be5d74c6b |
| SHA256 | 841acf7947b751f2c3c6159be7d978728c658c30a3fc20ec21448c042c804e53 |
| SHA512 | 0bd2924d0c4685a86bafcbbd60f322cc576070503260d6c75719a4dfa5d06b00a843fe3e05a9a30a95177d49f32aa0090c8f7594c4dd123100230b247110581e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | 47f8e503b36983d33b24d9f13ea01900 |
| SHA1 | 3e871fc02c62e2c7e00c1d6fbdd45d82967595eb |
| SHA256 | d8122145edd4f6055d63655631eeefcd28ef64ccc45b7d0f626a72e0194e7d19 |
| SHA512 | e776370d96b2418b7d4f1ad8341f230cb9e39618b47daf8b2e5dd2ecdf47ad21ca5164a73bc971ffa7e4b5ff38305f4903ec5f8389288eb7ee6c540a14af2241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 492cb0352c780d522589da93b16d5c2a |
| SHA1 | 1b96432b1f0ce2cb114648c37bb9dcbc0547c6d6 |
| SHA256 | df50d1bb4b56298ae7f8045090ea452bca6ff5e489f5413ebd8b2f980fd2048a |
| SHA512 | a3b91354a8af5d8b04f27bc1fdeb91ec8b29273caccf31be3623652361cad4db5eddf794248447d6cf2ad2f78051ca02d443a806ac6d4b7c758aeb60d5d66079 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 67e3100d3977ab48412030b54caad9d8 |
| SHA1 | 92676c1534a00b4dd105ef2ed57ea408c8e6e5de |
| SHA256 | 0948b2305e58f909168c37bcecc6a40c17879476ebfb40609b4f01756c039d48 |
| SHA512 | 61270e86c40915856134056f80c4473de55f748db26ffff76d552ecde53ffdc91992559b472f841c026273e21570777b3373a24d718dc37779e318b28fa4135f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe577b2b.TMP
| MD5 | 8e692daa802adde9adfe2cc14007ae41 |
| SHA1 | 04953a8849f2198dcc302dcf9af854cb0627ee76 |
| SHA256 | 1e2f2adc6209b08cd8c5211cde380de1acd6b04b8c229f00a972a90112edad35 |
| SHA512 | 2a2281cbcd852da3ede1eb870aed0de2ede04a9eca4aff2d498803497b5690741b2c88c5c9c6fcedf7749d3265b83f3d93709f272ecc9dcc924ecde84248506a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
| MD5 | 68b24c33a1084c384158245ee07e703f |
| SHA1 | 1f40cdfc988534806606faf81344ba79a1528ed9 |
| SHA256 | f95947735f1ba1e43b46a1ddc7229b71d37aee7821495f87f1f2d25563d47fcc |
| SHA512 | 1af1c596736b46a538a06285196d05054c062f29335080d136d325dc305d2d65d266517386d8d54a37de94036c878d9ababa76d9a5f5e8d8d07236d5ac0bb9ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | d426c43c6cc7a7743d76db59c58610b8 |
| SHA1 | a7c12e4dd37ff6845d6dd4a44186ec2a0a9f3c7c |
| SHA256 | c4b8cdbb769d3093115c63894cb191f91fd40cfae265a140ea300e09578081c8 |
| SHA512 | 8fc77be70db2bcb89172fd5251367534eacfbaba60313c551a1837ca57a0ab3d4ca15ac9e6cb48dd9fd1c31b7084a92eb2c301f30e9857e21b5b64bac72415b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f5a2a6c341b00b81521f73698ddda6a8 |
| SHA1 | acfd92c3b0a0c76ae9cc6540743242770ae19e7b |
| SHA256 | 364f48109fb4cb84be09ea0491372ca22efd9f9ea5e53e8e294e709f3c8cf77f |
| SHA512 | 746cabd8f1bc3915334548cc0261557e570ea3338d4eed864c50a86657c8d8eba30c02e7500f2d02327164add76c6226fc62d5dca9c7d868e8809075cfa066cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 16cda11b7f0de92799ba96d9954eadc7 |
| SHA1 | 694cac831f311ffea943502b0d13c801a1d4fc62 |
| SHA256 | 1c07adc01a0281ce5ea9efd8b93ca9e07be3a72d38e8cbb4947ef376a7b6081e |
| SHA512 | 624e7230d201cf6491ea13438ef302705fdcacd64beb4a803a64bd9bda7a46a94e43185a49340459fe46d64adabf72d6b4a405a482f5835cfdbe77ae8c45d6ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d4f6f7f89e03a77fdb44a75a7be94e50 |
| SHA1 | 3e22e5fd68fb8d50a485551dfd808fc354fa3582 |
| SHA256 | 02cd6f9dafa20ab8ef41b24e3d4b74cd007eabbc4f6d02d54030f9995f8ed6e0 |
| SHA512 | 0857d4db097658c00048f4ef2da64844102ebf3546401db7f3c5ffb537a5678e2e216053e2a4db251e5828e28f4efbea37553472421789e6f3cf186f5bb2de06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 53eb98dca25964e140959a84ba12c033 |
| SHA1 | 8f5fc7cd14d15efe68d30735c90cf8476b33779b |
| SHA256 | b7e84c5affcef5d799ca490dfa8d8f6b165cdb4dcff0d914face12e299addacb |
| SHA512 | a6b1755c35331b3d56201d0827e142cbf4b15a59f7da49d85f0930da9a3b015c51e6250e9b943636ee7b06efa9115e60058fe73561f3c342768e5f5e78065ff6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f2e936a8a5d58679e74f2cdc9a28425 |
| SHA1 | e9b8afaf3d3dc7c640d44f32cf6b012e96b0a973 |
| SHA256 | e7bb1901ca98ecbd0f31452d6aec85f5575ceedbe3370cc2113fbecc8c832649 |
| SHA512 | e0f7d4e50ba1fbd6857200adb339eb8489c31361f82e0b7997835ec756c2be372fde16e69a4a7f9abb0c30527a3499153c14c63028b7ed47259c08b60e129f6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a9f5d91e0bc32b4f664dfbeb8e5e9c68 |
| SHA1 | 52b19f3d83cffffedfd9f2d5cfc241273f220372 |
| SHA256 | 632218d83a594d3fac1017812e0e4d292be4e6029218fc3357e572f409479649 |
| SHA512 | bf1fe7a7ab8b1d6aff3efe4721386645e2097c9e11caa8f0a5a18ff3cce5dbae36473232bd19cb1ca89c8e572669d9a1684032382ed50bd2f4f43aabf11ed7aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7f6d7d6106238479b9f3750b98d480ae |
| SHA1 | 02409e89eeaeef6e16aadb2cd26ae5fd6c4dbbd7 |
| SHA256 | 1f2534f936f3108a68ed1c9b6656ea57c896a348d2eb91b941ac992a2a383c4d |
| SHA512 | fd24801e43bee792ff498d46048c988d0897bf071aef332db888d9ff22cb68218fce1690ec8d933b22a5a9d1eb9e7a54140fec22c2bbb5093b724dd09983a101 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\dd102711-7ee8-4f3f-b51c-3326dc1bd08a.tmp
| MD5 | 33f603e541458226d74403ca18ec3b84 |
| SHA1 | 2e20567267a8d7b274f0879a0dc52555a4a14803 |
| SHA256 | 27497c5ae9e4a31fe501e5eff59e4268f50883b7795b5ac2fc0e9a410b936e8a |
| SHA512 | c3387ec6fd1004d74583b94b6c3e380979d00ea38e19cb83d78102c0b5e5ff471be061921f69af360aca9ada11f4835bd1f6eda859dcd58339a63ae35e3733d9 |
C:\Users\Admin\Downloads\WaveTrial.rar
| MD5 | 0159c8632597db4afc30105f24cdd3ea |
| SHA1 | 5e80272c6ff0d820cdb0a4f98f7fbf0d558f5957 |
| SHA256 | 0ff0224edb6a27b5c23adc7fb759864bb3c645f2cf2f38d0a0290c1fa691fdd2 |
| SHA512 | 587e4dc7ae21036f3aaec3e99955670ef0c457fab23db79b71f0963acc79a1f2eca61b2233b6770672a139b0f8a9ae98ad65bed2431aac476fe7d4e293e666fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 73255fec68f4de65253b70980acdd5a4 |
| SHA1 | 9442de8ad9c4a678bf00de905cbb278dd94f038d |
| SHA256 | fd52684fc02d35866baec898baad02cafff08b1621e8c3815223ab604ffeccc1 |
| SHA512 | acd9529e27ed097a561aaac7cf5ec55e09ced454519c6dfb63a0aa13e95d1e3131b66cc93ce7f55177eff84f43010bb38e8e9decd75f256e730823c2a0579ff6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ccc0bde364a167681217cb088d50821b |
| SHA1 | 07dac2f663f33851d7d41fbe0a44e0d69dbd2eb9 |
| SHA256 | 371f1cffa60f95a78c19a38a48f836474e42c4f1ff687f5bd239f38be71e2489 |
| SHA512 | c18ac86db9d89dc82c6e66a9127760ed1b68c2c9e993451f3dbff0793cf557ba0345f0a41aab8332995f955c402814deca984137f2248167df44af92078aeb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2235f0caa0c492bc5ce8ea68845cdb5 |
| SHA1 | 28ddb8f24ea08d1ccbce7cd551e47e0b309c434d |
| SHA256 | 641f9a1d2988b0fdfcee43c404d47f5ad0b619e414b5aae853e658bdaed1dbb6 |
| SHA512 | cdb74097f9edbc9e59f2689af78438d13eed5aca5086ccd26f4251a92552907bdf4e990b81dbf985548d43bef79803aa89fa575f366983887527ac78d1410fd1 |
C:\Users\Admin\Downloads\WaveTrial\dist\client\assets\index-daab.js
| MD5 | a19bf5e804004e0397a4547f9a8568fe |
| SHA1 | daad35851be0986f1a99f5563976309c2f7fc800 |
| SHA256 | 66909b895c0b86eb1edaf95c0d728939a4986f01bf5112023bf52a6afc021155 |
| SHA512 | 2e98dedf48e2f16543ef28cdfad832f77a6250f6e71cadd2245e58aa4872a91934f390ad8552a1c59b035ead123904b95c31a1fb3d7ba3dbf49968b018755c5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 606d94c13553598bbc7342347f6677bd |
| SHA1 | 48ad52ca502829d9431badd3eef1872f7a0dd555 |
| SHA256 | e7e5ffb2a3398ff833e27e4ffa74fbb33c49b609da63dce51a601a47e13bd419 |
| SHA512 | f61d572855d6aeda5faccedebf49c89e1c3e7cad755df190be70fa78a3354d44e400849fafe24db40d8b15532f75c9a302ca0188847e281ab1df5ee0464f82d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c398b85e3c44be065b9e68c1d3b51602 |
| SHA1 | 7cefca400111b926511aa48f44d57f162289124b |
| SHA256 | 222df9dccf6279a9ae7698dd107af666820ee18e086f383efc7660cd1a3aed86 |
| SHA512 | 1f5c79e4bfa4102934a6a21ad5fa22b62416f14d5c3de02e3580906192fcdf0c6b7736becd8a1d7f65ad97ffb70665d9dc36a34f078a786909f105fbb381d321 |
C:\Users\Admin\Downloads\WaveTrial\Wave.exe
| MD5 | a8bd4a6b2f1d00928e61870a5688c13d |
| SHA1 | e17646d5279534f2e3eb0e0cfc8b6c536bc0c095 |
| SHA256 | 2c51f67e236cf95e2d51df4178699da09869ab077924cff0b3df1c512878ef2f |
| SHA512 | 6b5175beea4071668c87b16af3177bbb2cbaff6b28909dc1e09ad5b16b449c62d6adc372a0094de627fe9835f0c474d16708c3f698355ba1664bf321fa19f5fb |
C:\Users\Admin\Downloads\WaveTrial\Wave.exe.config
| MD5 | ae882f91fe4dc052fabd06774b2d30aa |
| SHA1 | 92cbe5c66373ea3682116fab8068534920d281d7 |
| SHA256 | 50bd62b7fa97cb9564c4b418034138f30af993f84988b085e2b16d39aa74d79f |
| SHA512 | 3fe7174259817beae8101e2ab7be068b9030bccff00a1f5aee13cfab3585037fdb1f9b470feea212351f85ec96f31da63289e4574d69e4ef413fce3fda3c6c78 |
memory/5396-1343-0x0000025A61DE0000-0x0000025A624E8000-memory.dmp
memory/5396-1344-0x00007FFDB3170000-0x00007FFDB3C31000-memory.dmp
memory/5396-1345-0x0000025A7CB40000-0x0000025A7CB50000-memory.dmp
memory/5396-1347-0x0000025A62910000-0x0000025A62934000-memory.dmp
C:\Users\Admin\Downloads\WaveTrial\CefSharp.Wpf.dll
| MD5 | 36946182df277e84a313c3811adac855 |
| SHA1 | bcd21305861e22878271e37604b7b033ec347eb3 |
| SHA256 | 8507a4662220eca49d7d511183be801cd394f13dc0e9898c55361020fe9a4720 |
| SHA512 | 80b1e947b1940dccfe5be8a1ba1e8c1d9eacb122d73724a21233164f5b318fa57c249256f621f0f9c1e6a9e4c902eec58827bb899e20f2990f4ade1d685f1abd |
C:\Users\Admin\Downloads\WaveTrial\CefSharp.Core.dll
| MD5 | 16f8a4945f5bdd5c1c6c73541e1ebec3 |
| SHA1 | 4342762c43f54c4caafaae40f933599a9bb93cb5 |
| SHA256 | 636f8f865f23f2d47b73f3c16622e10b46437bbf7c89b0a2f70bae6129ab046a |
| SHA512 | 04115c425c3015ee4355cde2a6e5e28ec24745ea77761a40c0986b54dc14bc67cb142986988d79df87e75ea54d21ded9384842e01cf0714b84f7378e6a13400d |
memory/5396-1349-0x0000025A7CD10000-0x0000025A7CDF6000-memory.dmp
memory/5396-1350-0x0000025A7CE00000-0x0000025A7CFC1000-memory.dmp
memory/5396-1352-0x0000025A00000000-0x0000025A01000000-memory.dmp
memory/5396-1353-0x00007FFDB3170000-0x00007FFDB3C31000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 2b7ec9fe5044c75348bc52964bf50b78 |
| SHA1 | 039e784c53ba423877c5c845ffb044abbf4c110e |
| SHA256 | 71c9403962b1f930169325d2c812125a0088d2a695609486bb6f31185e84ff97 |
| SHA512 | 92cb64599e198177093bda32e1c962fdccaa049d9875292b97c6b014d0d0afde750dcef27151751dda3f8639df41bed611bce7816c04d4e581b17b132d169016 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | a1049ef0608a6ddb0ab75cb79ea8fe19 |
| SHA1 | cb4693e21215e7d9a59bebc2c8b56b9d127dc137 |
| SHA256 | bd762e8d2cc3fdb113012bdb3d340aef64af2a1b91d1a787bc3de8198cc11346 |
| SHA512 | e52517ff69a27f3d34a20c67b3b3d5cd86b8228287ed3b924e97a8f893f0aab09ecb1f19c2ea4dfd54cac507b4ec99e8f0ea23638d0384d4337b30294db619e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e
| MD5 | 44c814efc5001b046870408993412f9b |
| SHA1 | 4eef0368867c99e6f174fcd3c9eac2b8034e612c |
| SHA256 | c4f2c55404dedc4a65520e0007f50105d5d6927219c45da46d964633bf42a4d2 |
| SHA512 | f45bcc13a09bd311fbf8bacabce9bdd9927e73b90075ea6bf500f3ebd0636368d65761d2ae2d9c295266f2393e6b67c4007efef1add09cb44cac5d34cbfb3e81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2dbcf78b5e8244d25e5d08e8df5152c7 |
| SHA1 | 457e8bdc544ef5717819e30d1813b2d290871e61 |
| SHA256 | 53fb91ba6db6343a7a0ff4897feea7b03424a9f8425f46887ce29bd14f0dd8fc |
| SHA512 | 65ab203b36e87c71313eb0e16dc9d3120838f0fad93c11d197c3b349cb01e1f0d0b5f0ebb3f6ac25cf541bdcb1070a17f2fc74750f1a6c81db83d9eea5faa741 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c5426e8ea31058622c9fe675c47f1dcf |
| SHA1 | 79c6e3594ca3c570e95adf244c91ce6cb929cde5 |
| SHA256 | 5e3ecf6ddf37f10c832616a20c99a6b3fa4368c7ff5d2fb97999062a7d6d3a4a |
| SHA512 | bf64bcc8c9de23a564f61e9bcba1b7076d1807dc9b3684b0db8cfba70f580e9d0f84215cd4f79de60161f52a22969efda902e511a3ba69a578c8e2c80d41eb5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 69943752863f657db194acafbf30ccd1 |
| SHA1 | 3170138bab598816fb70089805ea320b74585133 |
| SHA256 | 9ff19ccc1a216d4b127ea4b9c5ca50cc780deaf46b1336b72c6b47234ea2ed97 |
| SHA512 | 7ed8450d78159a2732a51d16909bd23de66a9e29473c18470dfd4cb09534574c2f2ac9ab6888b1d2049fb0bea2d1a842dce85433f24063a836c51efec3c22d93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 84cfa3e0cfdb51769651c4c118ed1e8e |
| SHA1 | 9c1b44f55904c8e47260a2012e468be4a8b2806c |
| SHA256 | 38f63ab004decee8792afd7fb8878c8d83c610c623920bdd40cfd8a0ce29e5c8 |
| SHA512 | ca4d14bc381180b5677906e688eee9ab4bb72c4173882e7334e7a8e6ae990699ab59d601d8769809c116fbee77d9515218e6f4e3845a21de48e5c733c0c3fc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 88dcb397f6553abd842b4d285d73439b |
| SHA1 | 5cc894bfb5dc788724d999a6e66fc836ae3df4ac |
| SHA256 | 3f18fc90ba88547d64892d3205aaaefdeb6111ef2d42a0f5aabc7d262f335c42 |
| SHA512 | 792fad99a507f0294a65c6befd4df5a43a48d0739c50ee07cb5c0fa0a8d64178fc4bdb829d88334c4ec90623d424ec0e8bbcee205522e7ad01dd3f8c5dacbb3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c429dc2210ca4beab089191ebe9308e0 |
| SHA1 | 586ff4805a0f370c7ddad53d246a80304993c756 |
| SHA256 | 6bc3634b9c17b0d1f05c727c6ee913815cf0b23a6b2f615ad3e762396329e139 |
| SHA512 | 30e8291a178d4461b45c10c4420c40944c8691abb04cba1aa4bbf73e133eadf9f0091c0f1452bd08feabb4bb4a319530d6f9a5ea7eddf2bea2b62dbfb0e8ce9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b90b6bb7f11f5216b6f3cacf0a3b7a68 |
| SHA1 | 4eeb301cb0270338636c091569be19fdfd806a1e |
| SHA256 | 5554f4e83f4860e72f630f4eae14b62510b47bf73270a0cf076593e21449f310 |
| SHA512 | 2aa840eda30a7f590b81171e438c2a78c5350633f0a679781397325a80ec719f43ee26c0fd02396ce8211d211a769f3ede7444185d2065711aeac9ed26e8d1cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3765047dec0dd1f590a1a4b5b58693d5 |
| SHA1 | c30fd829ed5c9bc74ce9791c1cbfd6b372c43115 |
| SHA256 | 1c37ee9806dc980856c013b80b4cc0647d776b870c990abb135c9032e7d4cfe8 |
| SHA512 | 159cecd4dbc3137beea1a989d21dfcc76574d59223a03596093c11222449d13078ce3bf7ac2772536d132f8ed662b79f7265e86ccdfa49ff940f7cc668b497c8 |
C:\Users\Admin\Downloads\Unconfirmed 775609.crdownload
| MD5 | dbb820772caf0003967ef0f269fbdeb1 |
| SHA1 | 31992bd4977a7dfeba67537a2da6c9ca64bc304c |
| SHA256 | b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc |
| SHA512 | e8ac879c7198dffb78bc6ee4ad49b5de40a5a7dbbda53d427d0a034941487d13c8bb2b8d590a1fcdd81cd6abb8f21fdfcd52924eb00c45a42ee06c1e4b3d590f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f0a511d833b12734a3d07e7885b84d8 |
| SHA1 | 79d58d94620aa5d34a2b7b943b19ec1f1e8041cc |
| SHA256 | 28039b1c6f4167897c3a9e66f55341369b419d2638f19793e178d418d92276b8 |
| SHA512 | fae580451e0b4b95d931771f1fb9677e05566aad5f20188630674f20c0994242b35673b92120012f2fba7d6bf13cc1b12b447861004a19facbc4277f844aea76 |
memory/456-1876-0x00007FFDB3890000-0x00007FFDB3D8E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a6607057db9fb680e40792f3ca0464db |
| SHA1 | 312e4b27bd352d2b82adac4b5d2abf3fc8bb6c7a |
| SHA256 | dd0cebe14bebeca197d34ca64b9695eabd95479c15fa5d7cc465504eefae04e5 |
| SHA512 | c57c0a2232c0295dfd13702e739858b4f27e62dc135765dadf1117ca285643419a82b5cefba58652719b7d375f8c5a6d3032061abc212ed45ca3ecb9137e9b7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2aa212806e6c6108aec0c352a08b13bf |
| SHA1 | 8f36cf555824b983b20a9142637cce5fd2ddf57e |
| SHA256 | 9f2f00b401443513df67a1d310e4c09941d141c5a0c1afb70fd3406a8cbb6f71 |
| SHA512 | 4770da058521517984ebcbc3a19c7a64d2a40725201031d5b7c4f15089b07153ccef846cd9fd71877bf89405171169f7cb4c4efb878ad640ef1ff1e54ff6ee7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 13987f5d1e0178033220e75a08009fa4 |
| SHA1 | 50d7ec7402c0e6fd5c2154c104d26f38886e7c7a |
| SHA256 | 62c3c8f0a041dffca976e4ce5916ff8083b2c1ca41e96105177a61a575fd0527 |
| SHA512 | 723e89438e78283aa82420c276fc57746735532fc857c1e69bd0a7f6cf600ea1aa32fbe8a299e5b006b629d436be4a1dafd23a5c1702573be192f6d43dc8f875 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\configs\DateTimeLocaleConfigs\zh-hans.json
| MD5 | fb6605abd624d1923aef5f2122b5ae58 |
| SHA1 | 6e98c0a31fa39c781df33628b55568e095be7d71 |
| SHA256 | 7b993133d329c46c0c437d985eead54432944d7b46db6ad6ea755505b8629d00 |
| SHA512 | 97a14eda2010033265b379aa5553359293baf4988a4cdde8a40b0315e318a7b30feee7f5e14c68131e85610c00585d0c67e636999e3af9b5b2209e1a27a82223 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\configs\DateTimeLocaleConfigs\zh-tw.json
| MD5 | 702c9879f2289959ceaa91d3045f28aa |
| SHA1 | 775072f139acc8eafb219af355f60b2f57094276 |
| SHA256 | a92a6988175f9c1d073e4b54bf6a31f9b5d3652eebdf6a351fb5e12bda76cbd5 |
| SHA512 | 815a6bef134c0db7a5926f0cf4b3f7702d71b0b2f13eca9539cd2fc5a61eea81b1884e4c4bc0b3398880589bff809ac8d5df833e7e4aeda4a1244e9a875d1e97 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\Cursors\KeyboardMouse\IBeamCursor.png
| MD5 | 464c4983fa06ad6cf235ec6793de5f83 |
| SHA1 | 8afeb666c8aee7290ab587a2bfb29fc3551669e8 |
| SHA256 | 99fd7f104948c6ab002d1ec69ffd6c896c91f9accc499588df0980b4346ecbed |
| SHA512 | f805f5f38535fe487b899486c8de6cf630114964e2c3ebc2af7152a82c6f6faef681b4d936a1867b5dff6566b688b5c01105074443cc2086b3fe71f7e6e404b1 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\StudioUIEditor\valueBoxRoundedRectangle.png
| MD5 | 521fb651c83453bf42d7432896040e5e |
| SHA1 | 8fdbf2cc2617b5b58aaa91b94b0bf755d951cad9 |
| SHA256 | 630303ec4701779eaf86cc9fbf744b625becda53badc7271cbb6ddc56e638d70 |
| SHA512 | 8fa0a50e52a3c7c53735c7dd7af275ebc9c1843f55bb30ebe0587a85955a8da94ff993822d233f7ed118b1070a7d67718b55ba4a597dc49ed2bf2a3836c696f6 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\TerrainTools\checkbox_square.png
| MD5 | 2cb16991a26dc803f43963bdc7571e3f |
| SHA1 | 12ad66a51b60eeaed199bc521800f7c763a3bc7b |
| SHA256 | c7bae6d856f3bd9f00c122522eb3534d0d198a9473b6a379a5c3458181870646 |
| SHA512 | 4c9467e5e2d83b778d0fb8b6fd97964f8d8126f07bfd50c5d68c256703f291ceaed56be057e8e2c591b2d2c49f6b7e099a2b7088d0bf5bdd901433459663b1f8 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\ui\Controls\XboxController\[email protected]
| MD5 | 55b64987636b9740ab1de7debd1f0b2f |
| SHA1 | 96f67222ce7d7748ec968e95a2f6495860f9d9c9 |
| SHA256 | f4a6bb3347ee3e603ea0b2f009bfa802103bc434ae3ff1db1f2043fa8cace8fc |
| SHA512 | 73a88a278747de3fefbaabb3ff90c1c0750c8d6c17746787f17061f4eff933620407336bf9b755f4222b0943b07d8c4d01de1815d42ea65e78e0daa7072591e9 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\ui\Controls\XboxController\[email protected]
| MD5 | 83e9b7823c0a5c4c67a603a734233dec |
| SHA1 | 2eaf04ad636bf71afdf73b004d17d366ac6d333e |
| SHA256 | 3b5e06eb1a89975def847101f700f0caa60fe0198f53e51974ef1608c6e1e067 |
| SHA512 | e8abb39a1ec340ac5c7d63137f607cd09eae0e885e4f73b84d8adad1b8f574155b92fbf2c9d3013f64ebbb6d55ead5419e7546b0f70dcde976d49e7440743b0f |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\ui\Controls\XboxController\Thumbstick2.png
| MD5 | a402aacac8be906bcc07d50669d32061 |
| SHA1 | 9d75c1afbe9fc482983978cae4c553aa32625640 |
| SHA256 | 62a313b6cc9ffe7dd86bc9c4fcd7b8e8d1f14a15cdf41a53fb69af4ae3416102 |
| SHA512 | d11567bcaad8bbd9e2b9f497c3215102c7e7546caf425e93791502d3d2b3f78dec13609796fcd6e1e7f5c7d794bac074d00a74001e7fe943d63463b483877546 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\ui\Controls\XboxController\[email protected]
| MD5 | 499333dae156bb4c9e9309a4842be4c8 |
| SHA1 | d18c4c36bdb297208589dc93715560acaf761c3a |
| SHA256 | d35a74469f1436f114c27c730a5ec0793073bcf098db37f10158d562a3174591 |
| SHA512 | 91c64173d2cdabc045c70e0538d45e1022cc74ec04989565b85f0f26fe3e788b700a0956a07a8c91d34c06fc1b7fad43bbdbb41b0c6f15b9881c3e46def8103e |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\ui\Controls\XboxController\[email protected]
| MD5 | e8c88cf5c5ef7ae5ddee2d0e8376b32f |
| SHA1 | 77f2a5b11436d247d1acc3bac8edffc99c496839 |
| SHA256 | 9607af14604a8e8eb1dec45d3eeca01fed33140c0ccc3e6ef8ca4a1f6219b5dd |
| SHA512 | 32f5a1e907705346a56fbddfe0d8841d05415ff7abe28ae9281ba46fedf8270b982be0090b72e2e32de0ce36e21934f80eaf508fd010f7ab132d39f5305fb68f |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\ui\Controls\XboxController\Thumbstick1.png
| MD5 | 2cbe38df9a03133ddf11a940c09b49cd |
| SHA1 | 6fb5c191ed8ce9495c66b90aaf53662bfe199846 |
| SHA256 | 0835a661199a7d8df7249e8ae925987184efcc4fb85d9efac3cc2c1495020517 |
| SHA512 | dcef5baccef9fff632456fe7bc3c4f4a403363d9103a8047a55f4bd4c413d0c5f751a2e37385fe9eba7a420dbdb77ca2ff883d47fcdd35af222191cc5bd5c7a9 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\content\textures\StudioToolbox\Clear.png
| MD5 | fa8eaf9266c707e151bb20281b3c0988 |
| SHA1 | 3ca097ad4cd097745d33d386cc2d626ece8cb969 |
| SHA256 | 8cf08bf7e50fea7b38f59f162ed956346c55a714ed8a9a8b0a1ada7e18480bc2 |
| SHA512 | e29274300eab297c6de895bb39170f73f0a4ffa2a8c3732caeeeac16e2c25fb58bb401fdd5823cc62d9c413ec6c43d7c46861d7e14d52f8d9d8ff632e29f167c |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\PlatformContent\pc\textures\corrodedmetal\normaldetail.dds
| MD5 | f527b5859d7ca6c080ba954f3013883f |
| SHA1 | 3d00b598b1fb762ae0921bcc49ca189f05f417d2 |
| SHA256 | ff11c95774ee0405666fa313f1e53ebb46b1352bfff3456ac2b2caccdab07b4d |
| SHA512 | e908a29c4316a15f5c16a005c69b402e0525b80e0c3284d6f19074ab8b05d62d079ecf43974b223a68d7c56cbf1789df69ab260553de1aab0edfbdad5e6d654d |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\ExtraContent\textures\ui\LuaApp\graphic\shimmer_lightTheme.png
| MD5 | 4f8f43c5d5c2895640ed4fdca39737d5 |
| SHA1 | fb46095bdfcab74d61e1171632c25f783ef495fa |
| SHA256 | fc57f32c26087eef61b37850d60934eda1100ca8773f08e487191a74766053d1 |
| SHA512 | 7aebc0f79b2b23a76fb41df8bab4411813ffb1abc5e2797810679c0eaa690e7af7561b8473405694bd967470be337417fa42e30f0318acbf171d8f31620a31aa |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\ExtraContent\textures\ui\LuaApp\graphic\[email protected]
| MD5 | 3fec0191b36b9d9448a73ff1a937a1f7 |
| SHA1 | bee7d28204245e3088689ac08da18b43eae531ba |
| SHA256 | 1a03e6f6a0de045aa588544c392d671c040b82a5598b4246af04f5a74910dc89 |
| SHA512 | a8ab2bc2d937963af36d3255c6ea09cae6ab1599996450004bb18e8b8bdfbdde728821ac1662d8a0466680679011d8f366577b143766838fe91edf08a40353ce |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-f573c8cc796e4c97\ExtraContent\textures\ui\LuaDiscussions\buttonFill.png
| MD5 | 81ce54dfd6605840a1bd2f9b0b3f807d |
| SHA1 | 4a3a4c05b9c14c305a8bb06c768abc4958ba2f1c |
| SHA256 | 0a6a5cafb4dee0d8c1d182ddec9f68ca0471d7fc820cf8dc2d68f27a35cd3386 |
| SHA512 | 57069c8ac03dd0fdfd97e2844c19138800ff6f7d508c26e5bc400b30fe78baa0991cc39f0f86fa10cd5d12b6b11b0b09c1a770e5cb2fdca157c2c8986a09e5ff |
memory/456-8912-0x00007FFDB3890000-0x00007FFDB3D8E000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | d4379da2ca7a4b0fc0c04134cc5a0cbd |
| SHA1 | aeef61c0178bf3defde7f6c35d2ce53f3d1d6dd2 |
| SHA256 | 6020faeded9672a54e8c204963288b987f667006247a93359c8f133420a72027 |
| SHA512 | 530f46c553f2642b2769b3474cb9b12b522f2031c3c312111273c8ff72513986a782efa3ed6de541a342cfc387827a5b9400690e7de6c35271bb1d3c3ba5d9c5 |
memory/8788-9037-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9038-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9039-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9043-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9045-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9044-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9046-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9048-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9049-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
memory/8788-9050-0x000002C5DF240000-0x000002C5DF241000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.81\MicrosoftEdge_X64_123.0.2420.81.exe
| MD5 | cf5144a59c3b26558c05a5226c4b53fe |
| SHA1 | bcf541fbd1bf0168a2d63ead5b06d8918b89b296 |
| SHA256 | 3a848782e612b4fd77d4910acb1a6f91b1eea3336065d4643486ff17e24970ea |
| SHA512 | 2d46fdc92c09257cfafc9bdd659413d7925f405d7b78a6d9a44e353984d9fd70b7c3e9b87475eeee80f984377fdbb884055f4a4f10b7972746811326bfeb9a34 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 6a596bdb9717ebbe03f9fa5b4432977c |
| SHA1 | ed198ee6ec178332c70f8154bb2307519bb05a9f |
| SHA256 | 2207b567a1bd0072f509de34aad8def8bc0913ee364fdff266f708e7c9c2d5b6 |
| SHA512 | 3f331df9f9fa82eb0f7d1b43564b9e7ed68a81c46f80120966f386b9a958ce47599d37ef0c4efcabd9301d30b30a7a756c127a36f2e9b5a0547d9ab255580193 |
C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.81\Installer\setup.exe
| MD5 | 149e6b831dee17cc2122c64124654b5a |
| SHA1 | c4f67f0781345cfc6fdfc5670dcbecf3848afee2 |
| SHA256 | 3095052d066346ec2b48726ef87623f3e5e93400c6dd8b1e45a628fc0d72cf40 |
| SHA512 | 679966f6a48ccf9cac63c36a8f6823ed1476198b08d29368db94584b2be2ba4cb1278f4f6510a520933fd09bb83594ab544c94be4c0b05f1d8ee99443fc49085 |
C:\Users\Admin\AppData\Local\Bloxstrap\Modifications\ClientSettings\ClientAppSettings.json
| MD5 | 636492f4af87f25c20bd34a731007d86 |
| SHA1 | 22a5c237a739ab0df4ff87c9e3d79dbe0c89b56a |
| SHA256 | 22a1e85723295eeb854345be57f7d6fb56f02b232a95d69405bf9d9e67a0fa0d |
| SHA512 | cd2e3a738f535eb1a119bd4c319555899bcd4ce1049d7f8591a1a68c26844f33c1bd1e171706533b5c36263ade5e275b55d40f5710e0210e010925969182cd0c |
C:\Users\Admin\AppData\Local\Bloxstrap\Modifications\content\sounds\ouch.ogg
| MD5 | 9404c52d6f311da02d65d4320bfebb59 |
| SHA1 | 0b5b5c2e7c631894953d5828fec06bdf6adba55f |
| SHA256 | c9775e361392877d1d521d0450a5368ee92d37dc542bc5e514373c9d5003f317 |
| SHA512 | 22aa1acbcdcf56f571170d9c32fd0d025c50936387203a7827dbb925f352d2bc082a8a79db61c2d1f1795ad979e93367c80205d9141b73d806ae08fa089837c4 |
memory/5448-9111-0x00007FFDD4990000-0x00007FFDD49A0000-memory.dmp
memory/5448-9117-0x00007FFDD4AF0000-0x00007FFDD4B20000-memory.dmp
memory/5448-9116-0x00007FFDD4AF0000-0x00007FFDD4B20000-memory.dmp
memory/5448-9115-0x00007FFDD4AF0000-0x00007FFDD4B20000-memory.dmp
memory/5448-9114-0x00007FFDD4AF0000-0x00007FFDD4B20000-memory.dmp
memory/5448-9113-0x00007FFDD4AA0000-0x00007FFDD4AB0000-memory.dmp
memory/5448-9112-0x00007FFDD4AA0000-0x00007FFDD4AB0000-memory.dmp
memory/5448-9110-0x00007FFDD4990000-0x00007FFDD49A0000-memory.dmp
memory/5448-9118-0x00007FFDD4AF0000-0x00007FFDD4B20000-memory.dmp
memory/5448-9119-0x00007FFDD4B80000-0x00007FFDD4B85000-memory.dmp
memory/5448-9120-0x00007FFDD2B10000-0x00007FFDD2B20000-memory.dmp
memory/5448-9121-0x00007FFDD2B10000-0x00007FFDD2B20000-memory.dmp
memory/5448-9122-0x00007FFDD2BA0000-0x00007FFDD2BB0000-memory.dmp
memory/5448-9123-0x00007FFDD2BA0000-0x00007FFDD2BB0000-memory.dmp
memory/5448-9125-0x00007FFDD2BC0000-0x00007FFDD2BD0000-memory.dmp
memory/5448-9124-0x00007FFDD2BC0000-0x00007FFDD2BD0000-memory.dmp
memory/5448-9127-0x00007FFDD2BC0000-0x00007FFDD2BD0000-memory.dmp
memory/5448-9126-0x00007FFDD2BC0000-0x00007FFDD2BD0000-memory.dmp
memory/5448-9128-0x00007FFDD2BC0000-0x00007FFDD2BD0000-memory.dmp
memory/5448-9130-0x00007FFDD2410000-0x00007FFDD2420000-memory.dmp
memory/5448-9129-0x00007FFDD4980000-0x00007FFDD4981000-memory.dmp
memory/5448-9131-0x00007FFDD2410000-0x00007FFDD2420000-memory.dmp
memory/5448-9132-0x00007FFDD2520000-0x00007FFDD2530000-memory.dmp
memory/5448-9133-0x00007FFDD2520000-0x00007FFDD2530000-memory.dmp
memory/5448-9134-0x00007FFDD2690000-0x00007FFDD26C0000-memory.dmp
memory/5448-9135-0x00007FFDD2690000-0x00007FFDD26C0000-memory.dmp
memory/5448-9137-0x00007FFDD2690000-0x00007FFDD26C0000-memory.dmp
memory/5448-9136-0x00007FFDD2690000-0x00007FFDD26C0000-memory.dmp
memory/5448-9138-0x00007FFDD2690000-0x00007FFDD26C0000-memory.dmp
memory/5448-9139-0x00007FFDD32A0000-0x00007FFDD32B0000-memory.dmp
memory/5448-9140-0x00007FFDD32A0000-0x00007FFDD32B0000-memory.dmp
memory/5448-9141-0x00007FFDD3350000-0x00007FFDD335E000-memory.dmp
memory/5448-9142-0x00007FFDD3350000-0x00007FFDD335E000-memory.dmp
memory/5448-9144-0x00007FFDD3350000-0x00007FFDD335E000-memory.dmp
memory/5448-9145-0x00007FFDD3350000-0x00007FFDD335E000-memory.dmp
memory/5448-9143-0x00007FFDD3350000-0x00007FFDD335E000-memory.dmp
memory/5448-9146-0x00007FFDD3270000-0x00007FFDD3280000-memory.dmp
memory/5448-9147-0x00007FFDD3270000-0x00007FFDD3280000-memory.dmp
memory/5448-9149-0x00007FFDD3290000-0x00007FFDD329B000-memory.dmp
memory/5448-9150-0x00007FFDD3290000-0x00007FFDD329B000-memory.dmp
memory/5448-9148-0x00007FFDD3290000-0x00007FFDD329B000-memory.dmp
memory/5448-9151-0x00007FFDD3290000-0x00007FFDD329B000-memory.dmp
memory/5448-9152-0x00007FFDD3290000-0x00007FFDD329B000-memory.dmp
memory/5448-9153-0x00007FFDD20B0000-0x00007FFDD20C0000-memory.dmp
memory/5448-9154-0x00007FFDD20B0000-0x00007FFDD20C0000-memory.dmp
memory/5448-9155-0x00007FFDD21B0000-0x00007FFDD21C0000-memory.dmp
memory/5448-9156-0x00007FFDD21B0000-0x00007FFDD21C0000-memory.dmp
memory/5448-9158-0x00007FFDD21E0000-0x00007FFDD2206000-memory.dmp
memory/5448-9159-0x00007FFDD21E0000-0x00007FFDD2206000-memory.dmp
memory/5448-9160-0x00007FFDD21E0000-0x00007FFDD2206000-memory.dmp
memory/5448-9157-0x00007FFDD21E0000-0x00007FFDD2206000-memory.dmp
memory/5448-9161-0x00007FFDD21E0000-0x00007FFDD2206000-memory.dmp
memory/5448-9162-0x00007FFDD2240000-0x00007FFDD2267000-memory.dmp
memory/5448-9163-0x00007FFDD2240000-0x00007FFDD2267000-memory.dmp
memory/2644-9191-0x0000018CA6AA0000-0x0000018CA6AB0000-memory.dmp
memory/2644-9190-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/2644-9192-0x0000018CC0F10000-0x0000018CC10D1000-memory.dmp
memory/2644-9193-0x0000018CC11E0000-0x0000018CC1292000-memory.dmp
memory/2644-9194-0x0000018CC0D60000-0x0000018CC0D82000-memory.dmp
memory/2644-9198-0x0000018CC3290000-0x0000018CC32DA000-memory.dmp
memory/6572-9202-0x000001EF742E0000-0x000001EF742E6000-memory.dmp
memory/6572-9203-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/6572-9204-0x000001EF76070000-0x000001EF7618E000-memory.dmp
memory/7276-9220-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/7276-9221-0x00000198FB160000-0x00000198FB170000-memory.dmp
memory/456-9222-0x00007FFDB3890000-0x00007FFDB3D8E000-memory.dmp
memory/2644-9224-0x0000018CA6AA0000-0x0000018CA6AB0000-memory.dmp
memory/2644-9225-0x0000018CC51A0000-0x0000018CC5216000-memory.dmp
memory/2644-9226-0x0000018CC5140000-0x0000018CC515E000-memory.dmp
memory/2644-9227-0x0000018CC5320000-0x0000018CC53C2000-memory.dmp
memory/2644-9228-0x0000018CC5180000-0x0000018CC519A000-memory.dmp
memory/2644-9229-0x0000018CC5270000-0x0000018CC528E000-memory.dmp
memory/2644-9230-0x0000018CC5480000-0x0000018CC5522000-memory.dmp
memory/2644-9231-0x0000018CC5160000-0x0000018CC516C000-memory.dmp
memory/2644-9232-0x0000018CC53D0000-0x0000018CC5436000-memory.dmp
memory/2644-9233-0x0000018CC5170000-0x0000018CC517A000-memory.dmp
memory/2644-9234-0x0000018CC52C0000-0x0000018CC52E6000-memory.dmp
memory/2644-9235-0x0000018CC5530000-0x0000018CC5562000-memory.dmp
memory/2644-9236-0x0000018CA6AA0000-0x0000018CA6AB0000-memory.dmp
memory/2644-9237-0x0000018CC5470000-0x0000018CC5478000-memory.dmp
memory/2644-9238-0x0000018CC7B40000-0x0000018CC7B78000-memory.dmp
memory/2644-9239-0x0000018CC7B10000-0x0000018CC7B1E000-memory.dmp
memory/2644-9240-0x0000018CC7BD0000-0x0000018CC7C14000-memory.dmp
C:\Users\Admin\Downloads\WaveTrial\data\settings.json
| MD5 | 801b80146dc98d71f1e858ecb80a0ffb |
| SHA1 | e81e181133354fd8c83a58230e71887dbe406219 |
| SHA256 | 6aca09ff0ab2488bd827b04d268f0be01427c4bd42b8e457bf1b67b2d968b388 |
| SHA512 | 72dbeea7f9200824e91d08d859b758a897803bc0d8aabf00e8de43bb743c38c2fff30a59402c0a905e5cff6a9a9d4da339b3280a1405770e2757beaf0e716f0c |
memory/10636-9252-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/10684-9253-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/10684-9255-0x000001FFB3FA0000-0x000001FFB3FB0000-memory.dmp
memory/2644-9256-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/2644-9257-0x0000018CC8EF0000-0x0000018CC9076000-memory.dmp
memory/10668-9258-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/2644-9260-0x0000018CA6AA0000-0x0000018CA6AB0000-memory.dmp
memory/10668-9261-0x00000149247A0000-0x00000149247B0000-memory.dmp
memory/2644-9262-0x0000018CCC570000-0x0000018CCCA98000-memory.dmp
memory/6572-9264-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/7276-9284-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/7276-9285-0x00000198FB160000-0x00000198FB170000-memory.dmp
memory/2644-9286-0x0000018CA6AA0000-0x0000018CA6AB0000-memory.dmp
memory/2644-9288-0x0000018CA6AA0000-0x0000018CA6AB0000-memory.dmp
memory/10684-9289-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/10636-9290-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/10684-9291-0x000001FFB3FA0000-0x000001FFB3FB0000-memory.dmp
memory/10668-9292-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
memory/10668-9293-0x00000149247A0000-0x00000149247B0000-memory.dmp
C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json~RFe5e2549.TMP
| MD5 | 3de4542b122dfb2fc5ddbcdec65b1e6a |
| SHA1 | bd78fcbe461e06d63b039a7aba45da45b7489aab |
| SHA256 | 97d0bd44a08ff5a5d76ac87c263fedb115af3fde4d55ac721c2b8312905e68d9 |
| SHA512 | 4ebbe421713a1bcbe9583974717ba08ef7b47a7e664055b6fec440e0a93192527aea0a50b1243cbc8c76bf5411e095c62e1846587d9fee6ca34afdb7edcf8918 |
C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
| MD5 | 8d0ef5149272058a3e68435d2563f32d |
| SHA1 | efbb7662d3833e82876be826a694800d6ef6986d |
| SHA256 | bf9df031df0eaa94eea8764dd5dd005e7fe97b2efe84dbe6db684c7d67d56f18 |
| SHA512 | 5c69ca2ab11dfd1201ecd3b005973576c663e7cd1100f04754a2869cb578d7cc5a23e6e0478d92e718723341b36533d6bc898ac4699add5e8e3fd55c0a09e45f |
memory/6304-9311-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
C:\Program Files\chrome_Unpacker_BeginUnzipping2644_158753865\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Program Files\chrome_Unpacker_BeginUnzipping2644_158753865\manifest.json
| MD5 | 2648d437c53db54b3ebd00e64852687e |
| SHA1 | 66cfe157f4c8e17bfda15325abfef40ec6d49608 |
| SHA256 | 68a3d7cb10f3001f40bc583b7fff0183895a61d3bd1b7a1c34e602df6f0f8806 |
| SHA512 | 86d5c3129bec156b17b8ebd5dec5a6258e10cb426b84dd3e4af85c9c2cd7ebf4faea01fd10dd906a18ea1042394c3f41a835eae2d83dc8146dfe4b6d71147828 |
memory/6304-9344-0x00007FFDA7F90000-0x00007FFDA8A51000-memory.dmp
C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
| MD5 | a85c55667f2036763303bceead52cc9c |
| SHA1 | f368aa8009b6b192d3b5f2449701e99107625b2a |
| SHA256 | ff063434edfb8180408e44d61ff67b39270763bcf5595592a376a0c4f93f1c46 |
| SHA512 | b053c22496d8050f2972d92607b74a8b4f2c082677ac9282b50d0021186f1f88abd159de11f3780867d22da8e6bd998b12c524bd3ebf906b8519a75f7d3bd05a |
memory/11676-9361-0x00007FFDB3710000-0x00007FFDB3C0E000-memory.dmp
memory/11876-9367-0x00000194E30A0000-0x00000194E30A1000-memory.dmp
memory/11876-9388-0x00007FFDD4980000-0x00007FFDD4981000-memory.dmp
memory/8232-9448-0x00007FF7EF270000-0x00007FF7EFBD0000-memory.dmp