Malware Analysis Report

2025-08-05 21:12

Sample ID 240410-tdv6psdc87
Target https://github.com/7humb/bug-free-adventure/releases/download/test1/Win_Installer.x32-x64.exe
Tags
redline zgrat discovery infostealer rat spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com/7humb/bug-free-adventure/releases/download/test1/Win_Installer.x32-x64.exe was found to be: Known bad.

Malicious Activity Summary

redline zgrat discovery infostealer rat spyware stealer

ZGRat

Detect ZGRat V1

RedLine payload

RedLine

Reads user/profile data of web browsers

Checks installed software on the system

Legitimate hosting services abused for malware hosting/C2

Accesses cryptocurrency files/wallets, possible credential harvesting

Suspicious use of SetThreadContext

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Checks processor information in registry

Checks SCSI registry key(s)

Enumerates system info in registry

Opens file in notepad (likely ransom note)

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Modifies registry class

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-10 15:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-10 15:56

Reported

2024-04-10 16:03

Platform

win10v2004-20240226-en

Max time kernel

394s

Max time network

382s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/7humb/bug-free-adventure/releases/download/test1/Win_Installer.x32-x64.exe

Signatures

Detect ZGRat V1

Description Indicator Process Target
N/A N/A N/A N/A

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

ZGRat

rat zgrat

Reads user/profile data of web browsers

spyware stealer

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Checks installed software on the system

discovery

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: 33 N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4672 wrote to memory of 2680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 2680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 864 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 864 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4672 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/7humb/bug-free-adventure/releases/download/test1/Win_Installer.x32-x64.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdb45046f8,0x7ffdb4504708,0x7ffdb4504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5504 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5640 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe

"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffdb45046f8,0x7ffdb4504708,0x7ffdb4504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3008 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1

C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe

"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\key.txt

C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe

"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe

"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 16.43.107.13.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 217.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 repository-images.githubusercontent.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 tinyurl.com udp
US 104.20.138.65:443 tinyurl.com tcp
US 104.20.138.65:443 tinyurl.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.170:80 apps.identrust.com tcp
US 8.8.8.8:53 65.138.20.104.in-addr.arpa udp
US 8.8.8.8:53 170.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
RU 147.45.47.64:11837 tcp
US 8.8.8.8:53 64.47.45.147.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.114.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 22.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 30.73.42.20.in-addr.arpa udp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 185.199.111.133:443 objects.githubusercontent.com tcp
US 185.199.111.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
RU 147.45.47.64:11837 tcp
RU 147.45.47.64:11837 tcp
RU 147.45.47.64:11837 tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1eb86108cb8f5a956fdf48efbd5d06fe
SHA1 7b2b299f753798e4891df2d9cbf30f94b39ef924
SHA256 1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40
SHA512 e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d

\??\pipe\LOCAL\crashpad_4672_LCFHNXEKSHNYNUQQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f35bb0615bb9816f562b83304e456294
SHA1 1049e2bd3e1bbb4cea572467d7c4a96648659cb4
SHA256 05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71
SHA512 db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a3486c7c0742e8c82c8331d92477a0ee
SHA1 0a195149f61b2931bfe328df75a3d2b6d5c8221d
SHA256 167ce3f68075351aa2109bb9c9ea2df880b48cd2def3a0b21af60bce82db8676
SHA512 9b06fb381b0556ccf9cf05bbe6ca8e3479bee427c3c65190f87bb3342ac2f0d5c9e7c55fe3010765c65dd751c03846cca3fff34ba8bf4bd30853a7983a011429

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9280204935258ae1d74ac8a52f61e521
SHA1 e4a55f868c8151bb4ce6f47a4211499c4b2591b8
SHA256 2e55df3ae754954e730ec80c3b05d85218434f79959ffd09dadcb34dc4fbed77
SHA512 2b0325ec13dea93ad51f78e3f5f88e1b7f2289c03c4d1cb89d9949fc45d0fa414c24c19d9d42d133441ac00593413c5e803374fd0c765b1c048c411f8763f4b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 11a362a08e97fe670a0b10957e7cf478
SHA1 8a6775ea06b291df58e263dd4b55618639d4a46c
SHA256 3e705cf7896aae903ee87867444e448e5ed53e3532a2d410ec0d328756b30a20
SHA512 390aa0354bd9887ec70c9c05b506123f66f6e850da8c903cbea17d3488b9f24d5a8a2964849416f150657c16a1e6571a6630839a4e0b290269acb5af5a970376

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c85a3f894194050abbe30b4299cdf37b
SHA1 a8ab8c9b81ee12ccee580d21a350d9109a4e3b52
SHA256 b79e924b98f966d73248404611f7e9bb3c30340999dd18cdff7ac2c63b480baa
SHA512 6c4de7ecc51aafb03d409f5182e6acb036936c0478f577dfe6b5bbda299aadc4c2afecfa3aeadcebf9047f826996e53e47dd9dfb59a624f18f057866fa2b5075

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579858.TMP

MD5 6fa3b1c89296301ed4659697f4aa7357
SHA1 dc643d84a87715dcc581afb6df79c347ab511376
SHA256 a2fc84243b8561dba32d40e1638911a634a27c7bd54099801bf92c2ac75d0c1a
SHA512 13684ab70fc0cd41f1b0b84700a407e4794bb2f8697858ded3255d77fb7a2c11f0912a382686f59fe8e27d72fb2882d254c3753eff39dbdbc5592485ab0e4256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d9f3b8b1cf6ba03db1661aee86089760
SHA1 56abfd8deadb68226d66aa73cb0d583bd7a01652
SHA256 bb4bc63317840876bcddc6eee289c38a754368792c2b58ba016f0e1e60806ff3
SHA512 433af67992793832b077430137b2730f12a44670bfc49658a54afef363a28cf4c50e4fde522bf83f3ddee7dab015509434bbcb6d2e5d3b68904c971e633c7428

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 14a3adf62193a038d89ed5b268a62a9c
SHA1 ef78f64d30956ef7fb404fab93c0b22400d0df94
SHA256 d55e006bc45032b1940e1bd7cf1b0509cebc18440e5841bda797a57ea7431e0f
SHA512 0d7b754016368a2ca92447e1023b888ae01b87db03bf927bfe4a06062ba20fbab52a48dcd613ad8afd79c24ff4059a76ac6fcd8c6cc704458e9ef2ffd7c16904

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 8b2813296f6e3577e9ac2eb518ac437e
SHA1 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86
SHA256 befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d
SHA512 a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 96ce40750efb03a4ba1d1e48f811caec
SHA1 7f2bb9201e59595b8a8bce8c666f4d037554a6d6
SHA256 a06c7e802d9052e2d720e93213165ef3c96706e3b713dc1af274c5dba69e5a90
SHA512 f677afe8f5b407c68ba96406531b361102d412a40ac598d54828bd22fc1f89ca3923e6382af5c100de8e93718db347ffcdfcf3067060da33a78b299c3f71864e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 646c7112aeb6caf64723341c6ecf3381
SHA1 363ac729dd6ae7f3de12e2cc8c8434e174b98151
SHA256 90c517159291bbff2bff7aa7011c9c1d85aaf22cf7743c9a41c699f1715927fe
SHA512 1e1cd3a5efb06fd0aed414ef6a72a514d015e7a9f3e615852356d39677bd104b50cc7a7ca356cdfa5fb28d94b614138c57c21002bedae4f291126661c377a8b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 e1831f8fadccd3ffa076214089522cea
SHA1 10acd26c218ff1bbbe6ac785eab5485045f61881
SHA256 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac
SHA512 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 e1f8c1a199ca38a7811716335fb94d43
SHA1 e35ea248cba54eb9830c06268004848400461164
SHA256 78f0f79cdd0e79a9fba9b367697255425b78da4364dc522bc59a3ce65fe95a6c
SHA512 12310f32ee77701c1e3491325a843d938c792f42bfdbbc599fe4b2f6703f5fe6588fbcd58a6a2d519050fc9ef53619e2e35dfadcbda4b218df8a912a59a5381a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 c1acd3bc96b5b12bd203624c0c92ec68
SHA1 2b17fb5a5583eb9ea161114ae7744f902e9e7413
SHA256 178730516d150c1aa8ac9573727e47c042b6980dd772fb038b2621831073f97e
SHA512 0ccbd4edfa4c34326f5408551337a44a50c3183fcdb52962cf2ff390cddbafd10f61535b710443d20998848286479e244fac4ccaa96c04efb166c7a5daca048e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 b69307c2bc631da8616b0d189248d185
SHA1 afba1d1fe2f2a9271f53e38da03f4d9a018f067a
SHA256 4df1a514d9a08cada98b794c918b17c257b673310e5308a084c47f328217fc3c
SHA512 7c4db73a4ec41c384416291296a06cb9af69ab66c3f7d3e0028f41ffba34ff1cb72740182633cca2ab82b8f6ce5e50de2404affa6c50a707e9902d8445dd2bcf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 efe81e4daef615b00dbe73ce495ca572
SHA1 efa6284b26573a32770851c3ccfc54de3d6642d2
SHA256 8a2115d91ed4df1f74c0bff1d7800c6c776fed3addf7e6ce4637a1bd0c9f81be
SHA512 a561f8475dc2ec744dad499bfdb45b5c113a216d93c3873321e9fbbf22dfdde932af4dedd5819f4f4e0c8bd614efb77e68825561aaf05ec69c19df6eb7271b06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 655912fc08403bb0b205b0a48382ade7
SHA1 bb2b8c7a0b3dc0a51e89e2ff44c489d6fbe71f4e
SHA256 57f0f6b614af04aea62ee92d11636aa0a77adf6ed45a4247775280b7ba1286cf
SHA512 923aeea7be66a052421376b3981a473ddabe1781cdbb4e85a8e24b18426a91e9a41c78cf8f4261d526f3fda18576518abce6a53a3f94a2ad48a8571fd8b6385d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dfdb7f574251d342cd841750915d860f
SHA1 5e38fefa78ce95df485ed11378e570f218355762
SHA256 4a7841496637a410a541c377f50299fe5e7c732820cd55e01055019153b432c8
SHA512 5debf02092eb523d3d4bc933fc40a8e2b435970e7008e689b6317218f09560e77036c0fe7c895e52d848703554c34f9dbae3e1a83037cc01f2c8caa5276b663b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d2baad9a9788dcf60633805a2f2fa707
SHA1 699d626965b8bcff666b6752d894f758297de84c
SHA256 04bbb08d57448cb1f1e553a3a0f28c3df54b9d29ddbb8ae56207b58d41a8a1bc
SHA512 168f4cddbbcb50c5a0030450b73a5b915bd68cc11201c821d4226c7ac5acb632d7bc399be2f581b8bb4acc522a613ebd93f40fa78c47ebc96397cb2745e6c514

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 8afc0b779211c04de66abb7d3a425b6e
SHA1 cfa3994bff79c945aa3552852aa75801f7029782
SHA256 74fd2a65c888063313021b081707991510bfa53e9869626a05c2f4610e006daa
SHA512 9a9c44507d3810789fb4dc3332d327666f05ae67f8a5fa5d91c8e3d03e91801bf0be550d226824167419d26649d65e684cf41fd0bcca7dcdebf85d518faa211e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 e1bcbcbff08ad26b8ccc9c0a82c5b703
SHA1 de44d9ba23492404a7663ace05f82147af193268
SHA256 8701fd45aabbacc8605d62ec6f64ea910c1bb844b0975f2e78f6e795a122a1d7
SHA512 f4a011fb066bebe222213462e2fc691ff109da417e1f1909ad16c6a561cb09fc0fdf9a1991d2b748b304701d6b04c903958212c83dd67f890f891f22ea194406

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 047e72b446be4e90386aa7920a4c51b2
SHA1 68236cd2b8414d4ba94541904daec688ae87a417
SHA256 decbf87b75893e31fbc089554eb39f2ec1fb2b05867f63144e2a694e3ab350e6
SHA512 8c2c18ff5a45a92c27b14fd48757164e41311eb34294eccb85809bfb67ad31a16ff8673ddf860e1ca4cc4121865c26b2d8caaed413fe059ee26fe856950e0791

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 803ba8a012805c1b8c4df3a265bbb996
SHA1 fea976034077c789a0e55309f5ba52bb7f7e834b
SHA256 c0c8b0d0b295db445517328e3b9d044900c32c365bb135b010c2b782df80204e
SHA512 a0978de8a00fc5c2461c41ebc4459c36a2b4f3bbe0c2514106afc40396f5b74b45ed499407638fb9031679c8ef61b0625412e132650aaee61b7cf851a7fd756f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 49e66c048d3a6607832056d821ad09f9
SHA1 3ce46b6f13966919c0c6c29ba02d9b5fe27a4fab
SHA256 0db0212aa80fa62b4e51c498b8a379d6cef0efe5d12cff4da22318d628988748
SHA512 5135537e703125111b389f8c16e659d4b01fb184c3ae6cb395363b495794532d9368d50b2d2b4ab94552889f5c47634ed0b5c5abf3a76684e4575c77d6fda52f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9ae6ca1c322ab179c012340165eade4e
SHA1 9f25e23cb41ba651bd223952238ff93678649b1d
SHA256 335b473c2be038d8fbce16ab18eb579bdadfb26f9087d655b63743a85aaa2c4b
SHA512 235dbbe5010f18222256386d4fe9d732c3f5461c43c5e89266d1f79b06a208895922c426699b28d4fa75940ed1d73a1404eaf8f73d1e4fb3bedeb90541b5f6a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9eb185d496340387fd3c1f6c14b77ceb
SHA1 fea5c52729e99803e162c56ae7747e1ed443da11
SHA256 da43eed69d16c18ca5597b64a8a9835a865665e6211fde4ba688e9667f1cca9b
SHA512 c99f94c68e289f81771021928080725ea97493ee8ce18f854bd2c0074515a8e011fea31d73aee9f4739ceda228d1ffe76b0ce8986a047b6a3c200478e057909a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c602567ecb7c521fab39d929143aaa27
SHA1 70bed39db1f82b9f0c88bdd6043c5f9bb09d3429
SHA256 875c6649d16fe765964a8bc5d0a088cc61591104bdba39c49b76c1b3b7b9bb49
SHA512 60ab1a82ef9ca090708b3ebb579474742a8c3f6fdbe0d732651707f449a4aecc15dda61a358f98d4f3ddbe8ce46a40158230b663ff63d8283f3da3b8c80f7683

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3ada570a68cdfbae9a3a8fbe0d39f2ef
SHA1 7b8e9a4cf0c3cf380806df6fd503ecae53af9287
SHA256 295b4b9d1d69f2e98d18d2bc1264b6592c603104ae403e3391c5d2b374038e87
SHA512 65491295e1cc16ddf0a7d25a29b2eb493039204fb81dcd7350b69faae65b7232e87e4d157831a81cb9167beab1436015eede47881fbff773647e625aa05ffbe2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\286a1787eb6b73cf_0

MD5 a29728031e1982670814f02c39d1b203
SHA1 ced67bb34def39e4982d1b0a12f5480399306c02
SHA256 16981ddc34433a2f771d72ab08e45833893e98db865f1bf4a71fa3f76ded1237
SHA512 98450e2eb3ce3e80b0fbe097dd188805c2fb9b75c50df89390efba8d43cc9361982299805b1ba78c246f52ab0abd28d33efaf561a2d0ee002d14082a56914ff8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bdab77cef9a22778_0

MD5 6a501201787e1da9d37a28865095fc28
SHA1 2bef84ba6eacb7fee61c9c9cd6f86866b519ce94
SHA256 2eede2e4bffce7352ac418936612f3536f09c80aeffa69208d9e7a3a86e5fb41
SHA512 30e5ac54888502965fc3db582f2239344aa188af4eaf72559b1de9babcea76bf7f6a6e647424130c4298b1ce9028309189ef1b5bc3bd943c8f75171aa51d5b73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bc9e1fd4409420f7_0

MD5 66956bd8f379eb6b25d916c1bc6d09d0
SHA1 27d914b1ff02e099e4cdbfa7e02138a5f9b181c6
SHA256 ad2de96e9e170f6a51cf105f85dc949c881c49c9abd1f508715b6c4a868191a6
SHA512 90efb5b5cdff34a9f983e419657160092b61a899d1e28f294f31c9e100ec8ca0232a2b6b11feea84f4d6f83e0954ad5316ec64bfaa3456a07890ee6a5ba350ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fff913c37041386a_0

MD5 fbb32b1d51a8c755852e92e27fb8a949
SHA1 10e517b6a0df445a93dc2dbc35e42ba3cf4bf60c
SHA256 3e2d13ae6dc0a3885cbd1a1ab39d5c85222efba247ba72ce9c1b40acc9d722c3
SHA512 9f7eb032d5118b03fae1e2efd76792c5d9d3bf132cd3a21b59d0634046ea60297cbc96f6731b85cc60c3f3883a49995517d4898562535e849bbd1cf5f066abc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1fe295f4588fc91a_0

MD5 f1f70ac977a6602e7fbe908ee11cd411
SHA1 874526f1be6f49ce2b3d78cbc1025907268cae68
SHA256 93692ebf217d14e883aa2b9aaacc0558a5bb35be1992c6ef02eb16113d6819ea
SHA512 f3849608f8ce02fef5ed0573e4b9148f341e747705fe6732ed736064359d44e48947df9fe91b0f4aa06b410214bce04302b42a7e78c3554cf2599d54290b3469

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f225281f7d549f5_0

MD5 c52c244346f2f07542178a744651f1d1
SHA1 b200ecbdf6629a606d97af857fe28d3806988fdf
SHA256 6c06f5f912b3820a9ec631073d5305c329f082bb1c793db9630294fffe084fa6
SHA512 bb03ead32e42ffe7037f0be8b1689cecdd9ee505365d1a66b7dc769a9b26498c3e72fdfd7e0aafe52e238cfeaca0cad05b1a1cdb3880f0cbc8d230c33110651c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ebe10eab84535fd9_0

MD5 104eef3447864ad4b3fd7078b1341545
SHA1 2353a324578c5de03193b313fbd5cc384ecbd44d
SHA256 0e487be1c17f5bd4f554bb14e1b18fd4bba61091eea6740b0a275874488e1ccc
SHA512 bafadce547e18b0b2c34c0717e185fb85aee8600e23d41e5b907ad1aec667fc3f768324bf0579327d68e5466b9589f6fb42dcc2bf86d1e739a5d440b9401f51f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\89911cb6f335fb55_0

MD5 66991388a66f17c40bb33f6d81b947b9
SHA1 6faaeeeb5c4a366d64f8d6413a9181961797f2f7
SHA256 cee573da5d55032f0f07dd9bf02a415050b12622d8a6cb1ee211525dc6f01ad7
SHA512 432030523f1def653865396d13ab7a3b8367be91aa0357fb6f474b96a8596125fd692014030826851230e1b678e341c67ea9b12dd801c47d82401807c5bbdca6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29ee49a9e002c15f_0

MD5 75862a7d8baddc26e14419ed3e84901d
SHA1 a44047d1995d31cc8171654c2522104283b4105e
SHA256 1fd0400ae83ccd55352fcf312af29bb593acc32e1bcbb62f46f10f202acff006
SHA512 efcac692b8017dfdff96f67dae3bfcc46544da5a3608a99b1831d3917152a188ed120b6170ad307e8028ba1331ec7067f9ab0571498ea75f678e156df4057fcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd070b7ac1484603_0

MD5 c17d7d3e81027b10afa8187d0e0bd7e7
SHA1 2775d1f6715ede878c205e16335e72927159770e
SHA256 d25be226be2de82e67f3d8652b9f24cd16f082537c8b1edd1deb544b8c60304f
SHA512 5e86b8ea9602628d2766b3a37cfd1dfb218627a29497733e7db29f6e2b5594ca79addb7fcbd8fbbf3fd4b54137fdee35fb4a6fbdfc20acc25ad1cad3de5772b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f66233e72c393c10_0

MD5 03019923be7b9e4b1599befeec950fa7
SHA1 3b875cd30a5633efcf0f8de07c0307ffc3641b4a
SHA256 a8cd55ca66f1f6bde6a1dff5085a38aa3333fcaacbd5febe50672fecab12be85
SHA512 c15717dcf3e559bf1f841929239287978c2f6edd965819c03ddbc86923e0bb64d9284e727cdcabec4d60944d44a66ec9998001ef376ba3d1dcc160d6542f1884

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\84ef792e97c5476a_0

MD5 e7da1646fd18a5ab35b321e42d73ac74
SHA1 005f2df2a2200dd2cf9d0bdb590dcbd263f934c2
SHA256 625db887a9eada171b747684ff02432f03070dedd6fcbb73e5cd0a0d787439f2
SHA512 54d224b2620a9b58712d959b7d7a7ab797382e63f12861e1d6ad720ab7a10dee199ce640588e9024f4d56d5d4917b37e034745a6a2463483acd2d275b16188ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 29c8b4a6398de6b30c334b7c85eb5f91
SHA1 cb4730325eab53ab645faa031dba7c1134a54651
SHA256 a09cf842e858a6ed1bf526d76940eb63d773b6572bf8929221d867c49d49f55e
SHA512 c12de805911fabc1ee5aa8274f86f69bdf6cbe4a05b22e41bcb573bafc24d81e2be7aa2d9198776b627f0440a40fb628c6b19ba79637a0a6d3bb6cc9b682df1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d63a51d556dc5f46a5e52cd20fb915d5
SHA1 4f91f251461d538e94a5f80da0538eb9079bb973
SHA256 e733f492f2ec3a74d070dc918497e8d609d6bba3d336c7e381beedd5fe32552a
SHA512 39d407d80133135fd262ca6b366cffdb0fa4e86e54eca5c8256fedac9e76687a084b15e7f81fbeb9050b7385b167a4b1d802285b7a1f7dd1e8ed3e90b308766d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6ae52cf7c0166b75_0

MD5 4d8ba5c402859fd0c1cee46277072c09
SHA1 bd2ad692bc0e90c07784ced802694e43d85b188f
SHA256 f93692217d6b78f4fdcb4a60fbdc5e14aef38bd3509ea2e73da85547c7f2c521
SHA512 45a1f290adcad6b27291b73f42a49cffe34ecc06e87b1091f9e5515ae13b26ddbfa4148ee55bb40ad1aff3fa0fbc7bd4750b51bb8a80cde23b3661ff54cf9692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ccee849de80019d2c89ee84cb3675ea7
SHA1 bb42040bd32baed4919708da5dee2fa5d0d4be31
SHA256 02f9d062db40cbd0047b459010842219dde29ec9a2a7ac789debde7cf030111f
SHA512 b97ef303fab3a23bb36a7e50b2ab2c6a848b273f94c93bc499f2b45981c8fe6edb32aa84a07d142db1b438c5dda8d350432bc2e006a629c06665237689f3400e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 194b3ad46118e8e4e7194412ca6f1ddc
SHA1 b0f3b35128e03db88733567cad6a94ed12d2dff2
SHA256 e8d28ae95d1ae254c2c32fe8332fccef97c580aca89b0b47c96d3e795102029c
SHA512 e2d8bf92ef731894a51b13e0da9b6abbfa8040ae4ee9f2af362d5348d1fc6743e34f6e1b2ae9cb83bc6b53cadf50e41b7fcfc058654924bfb6081a4d336904c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 405b22841f2917076d21d2a1d3832f9f
SHA1 466ffb915604df28b3c51964aba1880812dc171d
SHA256 4a77f74890e47b35d959544dc5febdd29c621fb0b13f00efe10ce562332911bb
SHA512 e0b380d63430e19788a67ee5aac63453b8ad7f0e62da7d10334082d45e50849dad9db74b7db5f4d9cff516a26d2c7bb6dde61090bc0ce49000aa4c20b8fca917

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e3b36a45ca134b264d5d543f2b04397b
SHA1 72071906e658cde48aa23320a3760fa848472ed6
SHA256 fde9a1639fa677d728aff8660960773d724535645d6b65dc9a7987ca344abcb3
SHA512 e9771152592bf86519cfb3765270fc54487468537608d1e2c4b744fb1bde3bbbea85da6548c33fb439d7f8c57c650a863832008aa77d77538a4bd7b04f13c6d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d6333a73b9f682700ae027d30c723b86
SHA1 54ff3014a79c5924cd88764aa9046699cf02bae4
SHA256 39c19fdc9f85c739a6a1ce19ba7b05116c9b0ddaa508eb5bedeaaee3d2ec34ea
SHA512 e59fb4cc6200037d5c3bf2541d8b25fda99c5b7592706b8588cda47c2e8549612fdf5f0cd47eed54e50427d6c309d87a843c705dafc0edaac9cd122a32d3e2ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 939b17598242605d4cda089e4c40e52a
SHA1 cb7e96bbb89879ab97002ef7764e868d8536fdbd
SHA256 14d0a9ba41b036d7702963b2f0048a670f138372fbc3644ec4f009cd3184e041
SHA512 d62140ff22453508964a7fc40602adc68b2ceea883eb7e77206a84569b2cb6ffad4b0796371ca28ce1a7110adf58786b374854d5fb1dc53a42588d61c79143e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 0f8092bcce67b0b6b4a308c8887cf0ed
SHA1 a12fd75c93ef65aa7d0b6140bd515334e384beff
SHA256 c410d812fc6eeb6e0f02c719f2d26fe81b0b9d931a3aa29838ca1c29ad43413a
SHA512 435c6bfd39ddfdcc47c80d396eaa557843083d00223f576e4de3dfde9ebd64c507678ffb994ad0d9c18b17a0b9edf69238f3976554ffd0118c3ab7c9190917af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 063fe934b18300c766e7279114db4b67
SHA1 d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd
SHA256 8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e
SHA512 9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 da800376add972af643bd5ff723c99a5
SHA1 44fe56009c6740ec7e25e33e83a169acff4c6b6c
SHA256 bf252b560c9cc78dfa63abe0ae5caa03b83e99b1ca5fae3c9515483c57aaae3f
SHA512 292819ce339d4546d478fc0aca22ae63f4b7231f6a0aca3fbe1069d53ad09e1e3c936205cdbeb53bbedbfcbc33f3b6077f84364a150f7627f87ac091de08952d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb5a38eb6d74971f_0

MD5 96f17643e5caa4a32b9ddc3b2ec037e0
SHA1 b86dcdead39914e451ecf7d0382072bf788834f2
SHA256 dd131442274f721bee602ca26b30372dc7447ff68c51b3568d8b0e14f20d489d
SHA512 4a7415f2c338313552547cd9c23cb182f2b4b044f36e3f7cb042dc498827bf7e0e2d64e4dc93127693ff4ead222a8a4b9b0e0d8d8b08d5ec0c3576e7127862a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20f6bd3fa48d5b7a_0

MD5 b6a8b9fbaf457cf0e04f95258559dfc7
SHA1 f134a356e21084e41ee632914e88758a32993b3f
SHA256 0b4451f68199bc8bf0d1fff0b083a6388fac3542298c9cd3e4628fec63606054
SHA512 2bde108e9fbdec8886b06d4c7120caedaedd9b6df7a930c563a19c118ecd1932a5e6291e5bf14ee95ca820cf85ff77d180e9ebcea05126964bf062bdc813ee21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d8ec1bc548746d5_0

MD5 1fbde3875c68dd412ca2b43c71611681
SHA1 dc2227f4bbabeb6926cccddf32cfdb8e3925e859
SHA256 10fd13355583d81a67a63b6812ed013479a96618b884d9ac5a27a86ff628cda8
SHA512 0808664daa89aaa4ef4a418331b561a81f9c6412f35d140859ab8bbbff78d0acb8760861cb2a88725652d03d09d5a3d9d316f4e3e162aeab8b8dffc891294b43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffe62a08b235c1d9_0

MD5 0bcd93b6d5c6a1c72eee7469295ba3b3
SHA1 700400b858ccaccfc33a52841855872095a86a86
SHA256 6cce73fd1dbbef29a9bde1445b22b4c58a8030e4e191e82ef5fe21a757b7d62b
SHA512 cca64bc3b0ba5461631c7422263f8211373539de3292da51c56d5c2d2da6fdfe373b6484bb661365d126d6b4b865ae3e293e862b97615be0a93a542fde184fba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2501308e6cfb93d6_0

MD5 ebe4be532b822f48707190dfa310c0e5
SHA1 b4fb8f367ff98f3721ac8b8c80ef9b3623dd6121
SHA256 35b0f2d4cabd7aeb006d060d2240431295edad70d1260bf2a0ebadf8238d329a
SHA512 b2e1dab1e59f94fd1f6d33858956ee968f028960be32d72b596498d804ca2ef986ba194444025551dcb02a3987d1e976d8525ab6f6365e4c4c544463fc652d1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a298935a5fbcd1d21bf890c05313933d
SHA1 655c21f9989f02d30d7fade1195c65f362369e2d
SHA256 f9d41aa597f46025fb8ad3234de1b8f96cb6e2378de522c8a029c505fd51f0e6
SHA512 741f17642398b10b7c5c7e517cc251838323b62d4b27c70c0c8ef194281ac9cc8171859342dea4368888e6ffff13f7fd068205e2dbb255ec77c12f5382188c97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cfc192dd7b8d0227f429069d00092fe4
SHA1 9dcf8ee14da94dfdefc12da8ea1a371c7e7ef5ec
SHA256 53196f3f88a564a2ed0bfc137a72dba441a117905689302060ebe40bf91ad806
SHA512 d45f72b7d2ca44755f479862f74dd3d81707be15ddf6b1b4fbfe6b30f662a919c1954e9b72973a20cb2ddac284c4d72618a14808d6b1e49459fa9272deb2f582

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 92e7398d87f30b109dc1c4a2cc9454ef
SHA1 72354b1a62c4ff70b55b5e6ed0d7888edf6e86cb
SHA256 784981288145486e71cea7ea2d7fa2263de5167cb033af0f704b4c04ee825114
SHA512 40c0f024d1bc97518ba9fb085f013af2f5d48263af61d7031254a375326ca50b8272e80bcb1f11756192ace7f031dc921883d55c9c6d66cf8b4d5fcfc97f5b4a

C:\Users\Admin\Downloads\Unconfirmed 1100.crdownload

MD5 167e75be8de8a818800e0c26b43aa339
SHA1 20ec66ab186b3384575c410fe7914958e0599140
SHA256 8a6215bea8008a711c57772bdec4b4fc50d526f3f92768605261fd855a26f544
SHA512 349ae918e7ac71bca4bf95bffcf8490e179353a32f7c127d9526cc4fbc9b7b0d3f6a482e79ecd0d7cca18924cfc512c1b8b54f7d68c05770a4debf9e528dbbb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 25311e5edacec8db871945327dedfdb5
SHA1 6c10992f2cf9f704d2e91b08f097dc6c1a2351ef
SHA256 b2a54bc96c35fa2f0a80ebc422d765fb437c84fe3897bbc1600f599fa1464b14
SHA512 33bbb2268f18709ce26dca9180585ba27282568d8cc27633460d2531a5a9e4c0f10f64b90798959d031f3be95d5ff16a91d83aa5778e965c051acdd4fbf218e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 110c9a61dfac8326c47b7ad12dd33d61
SHA1 8b09296e5cdf56ccdacd894ce58d752eece34444
SHA256 44a2d0d8b170befb89d2c57da046ad60de283530f41e65d93ffe5d932187e66d
SHA512 343c9695f7b0035df03eaa25e25fb1c7df955b05c61c77231402e58d45334aade7efff65b4258c3e7d80373ea63cf8f1011589f3851389f7a7c475af91128a3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 431a7717ef9900180efa69c69a04d9c4
SHA1 3ab803dd48d39ecdea06cf102ad9482922a5f2bd
SHA256 186c61aa7c43cd87d425e4ae893674a633693bb5650755ca66e9086bdaf230b3
SHA512 22c9c3430aca38348bb4c909c1e3057b3d5b9bed381550765535a6dd4eaeed1ef120675cc7e8418852dc778c8316eb7d30d2b68b19ba4e8ed76e0c8aab420645

memory/3252-1138-0x00000000009B0000-0x0000000000A0C000-memory.dmp

memory/3252-1139-0x0000000074640000-0x0000000074DF0000-memory.dmp

memory/3252-1140-0x0000000005540000-0x0000000005550000-memory.dmp

memory/3252-1142-0x0000000005310000-0x0000000005311000-memory.dmp

memory/972-1144-0x0000000000400000-0x000000000044A000-memory.dmp

memory/3252-1147-0x0000000074640000-0x0000000074DF0000-memory.dmp

memory/972-1148-0x0000000005580000-0x0000000005B24000-memory.dmp

memory/972-1150-0x00000000050B0000-0x0000000005142000-memory.dmp

memory/3252-1149-0x0000000002DB0000-0x0000000004DB0000-memory.dmp

memory/972-1151-0x0000000005070000-0x000000000507A000-memory.dmp

memory/972-1152-0x0000000074640000-0x0000000074DF0000-memory.dmp

memory/972-1153-0x0000000005270000-0x0000000005280000-memory.dmp

memory/972-1154-0x00000000066A0000-0x0000000006CB8000-memory.dmp

memory/972-1155-0x00000000061F0000-0x00000000062FA000-memory.dmp

memory/972-1157-0x0000000006180000-0x00000000061BC000-memory.dmp

memory/972-1156-0x0000000006120000-0x0000000006132000-memory.dmp

memory/972-1158-0x0000000006300000-0x000000000634C000-memory.dmp

memory/972-1159-0x0000000006480000-0x00000000064E6000-memory.dmp

memory/972-1160-0x0000000006E40000-0x0000000006EB6000-memory.dmp

memory/972-1161-0x0000000006660000-0x000000000667E000-memory.dmp

memory/972-1162-0x0000000008520000-0x00000000086E2000-memory.dmp

memory/972-1163-0x0000000008C20000-0x000000000914C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

MD5 71bad10b51e2bc0bee97ed305d3cf58b
SHA1 58333165ccfa118d49fbb8aef764742a80199a67
SHA256 f4367237e9c07bb05ceec6e9b67ca7491506dca2b300927e40202b192b40899f
SHA512 ec6bd0de30572d97e935122e7d88ae24d0328579c787c9679fda5e04282c5991ada57ba024ffd169b68d9255ea5761cf598d2b8d354b1d953cd5d84d7d8c1eb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8392dd399e20e86c5b1591480e73525d
SHA1 6360880a9ed3af8e83baf2d5fb68dc2f389445b0
SHA256 68f68478d9eeb7b195f53bb04df017ad084045e3010eb47f01a54ec35ace1c28
SHA512 0e1b04522e12a8b891da59f0536100b798abe95c16f2a48b44d0a31484040163db4177c5ecc4ea700f63ba7dfeb83fe879c770fbedc680ea31a82f22f21cdf43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13357238228148032

MD5 b87f49351fd238a8db50ad87a458c708
SHA1 26532c2baad76e1465c55994ee6f442a70c01025
SHA256 b752cb0f173ed12c73f91a18f59e06b0eabe312a835c272dfcd588777514c3cd
SHA512 9c61d5f5b839e1fccbd6b0444a140cc0c07206727beecb57aa9a2cbddce9946a7034f6c9b6905201000c60d6c6fe3580da6585c5066e0c19e4ea2f4c36d97a39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13357238228258032

MD5 504d2f217b41201a0e67f0636729a2ef
SHA1 4d3b2db26bb6e19e6eff752d1d40a9d159183426
SHA256 bf2837250ac02c8f5fcab2fb973bc6b78984855b590f828f41b34e506794e01f
SHA512 05c7bdb38ea6f974af104372c3796bad0e2778d3fd3230dbb43a8b4b4e13576e84280141cac424de61d165a35d06965c946589c47a84e41795dac24b31d5caf1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3221e5d5bfcb4ec660879e2d5ab9218f
SHA1 6c796331afd906f834920f9199544932e95c60c7
SHA256 872b45bf00ebb92a14bee58752ea628dd0374a8d73deb1d146842a678419f82a
SHA512 70d5007c5130b5b95647315471c7f14bf033edd59115c2a29701587f78e8c373a4699b39c3776d97389e7d86c3a686932719a821f29127609ceeb0c7c5062fe0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

MD5 09440db094e5aa40b01d6761989889a2
SHA1 0ab2847e6ed104ec21d426adb5daf3a7f9818c11
SHA256 66deeba4db183772dfed8bee55aad92dd4add3a2f950dcafc990263de6b552a2
SHA512 4f0cad809888487f4370c82f8b7e581ae53af7a5125e00838575f633a3cd284f3f398f3fae352f3ba7e0a36f1dd33f7cc020c2479dd727baf0276825b16cce9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 80c79174d7ba1dd8a083232ea02435f2
SHA1 c00f6089f948d67467ee20b98b8f5b290030e557
SHA256 c8802cc093fdda5770f1ec410fc3afc6c907825c03f1bcd60339430a80ccc8aa
SHA512 1da7423c199b2a3d70160758f728b06b68e99cdd181fdbe71d18781fcd7e6cb55648fc8c918ea902123f4ae59aa467bb209f57a6fa4b28c4c1be52ecd2d410a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

MD5 8af6c61252b4273017821a434cfba7dc
SHA1 6836d10da5ace5265b2b21ea0aa0171f203ee6ee
SHA256 f6df391ee336d5065cab5307b35d93adf48cc988a55546cff879316df3a96085
SHA512 0896b8899ea548706a8f2d26fa2d9e9f78cf756ef89fb45f7858ecc5903b75696a70d536f6f597cb49fafb4261070287fdd421a75c814b60749fc75096c22068

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 f03e5e7f4c36f1fe1088b8287538462d
SHA1 e20550e6f43b0a9ab4b0838bdfc03b08ba52abec
SHA256 3caf072531ba8e50b6a5f9e2d6fd00758d59c7601266e81bfeb00089e994ea2f
SHA512 cbfa75ac52b6ef0a81f7e63e5da76e075415ccb4e7cf97b6c5cb5ba1756af15794e26a11e5391e44e0195012165a59eb639366aefcbdc94528fb566b369e599c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 e8d9708327f22ca915d0a5213468ddb2
SHA1 cd1f1775afe7abfdf5c76bdd7c141ba889043f6f
SHA256 8dc735d52264bebb6b38b5577077489aa181f6ae43520882211b7134b2e05b76
SHA512 c93ba5aa5d8fcf10ec80f5db1a82ff847d2193f1e1a998fb18811875b09af70b7935af0ff4273ca82f8e6ba347807b71a66d32b5a4cd9f879a0aef9f3021ab4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 1f7260545fba2e0ccbb1f65e00b74039
SHA1 24816dd1456d27addb765b93ffd748af34678bf4
SHA256 91e341e087c0a3b932991b797e492c103c74288dbbf8cf67d8e17cf4cbd15733
SHA512 d4278431dee449acc7cca4521c286457c871c474eff54a9025f754e7c41f4691d3e121e14b52f24bd12e59ae89a8c1a54a8361ebb166c0ee6bc105607c689aad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 338208e7524dd56bbb474fd5485fc9d2
SHA1 4693aefeee8b5fbfd5ba531dff6b3913b3fc733c
SHA256 d7ec042243f12f45d0db2968f17bbf52c6cbe38c38c8b8203c93a3a934061d68
SHA512 6f82226bd2a5d103c937ac45382a7ed6a6f70d7e649fa949e7c7cfe3af162e8f171d4cbcb32a9686cfa86fc7efd224aca281bd7357e83689ea2791400a441d6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

MD5 b53f5aae2227e7a0098af4b88793798f
SHA1 4e82450bdd012e05a158080519a33e21492b0bbf
SHA256 8efa68fcd23c08bc97264f211b56bed953b393fe1a2d9a5c786d637b8a3e9f82
SHA512 644b8040773a1d23762f8efe841fedcac7b658a408586b9912da362e72eacade13332356f982bcae69aa96853cde44194aee9c51bbdfa424815da3ba0177b091

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

MD5 aedd1c0f46075be99ba6fcaae78a5d9e
SHA1 c3f2ef92368679ea7a2b9cbdd82d63a7a92dc42e
SHA256 b3930dd2d2c3bc1d2d823e8698bb36b47e47aa206b2d3d86520170c635b54a51
SHA512 fe9d2de3fe448bd7e365022365a0ae6e97041ea9e73a936546645ad963a866cb3d5f4f41a6f57d54ce8919bdc446a1d1c1dffe619e312a63f26ab9ae02becb0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

MD5 24b8a2fa9eddd8fd2e8c2a6857b1533e
SHA1 51837aa2b30f629215df830d0c577ce9b3b2dcfe
SHA256 9e162b5e1f41ab92ba7dd4a0e358dcebab2c2654f9fabaa0b6b917b88d4a0250
SHA512 b22259325f3d5904ceb922b331fab791feee4f3adefedc2e753905cfd5b83bf43dbe97bba503e629aef3bc2c5fdfbfbc58be8562a3dc3fbefbde64849e3a731b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

MD5 98b8030a8eeda09c413606fc46a8e527
SHA1 ad09689b557fa64a5b0b9084696a47a9ede4f727
SHA256 4b57f3b8673159804300b0532a2acaac9ea2424524ed63355efcb6053b9244f8
SHA512 e9c5c43cb3831734d40d2f03b6c911e549e1a77d2ccdc9468e47fafe2f85a46221da194129e54f40063be2a0077a9cf54aa21c615e08edb6378ff45c2cd1c299

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

MD5 ec85f53760f43e76783b7a16c9bbb3c3
SHA1 db111ee4acb4a324b737f9c0d32a6dec1b579666
SHA256 e619fa2a021560b86062fd0215f9bce49fc7291ecc8981efad5ea2aa1d268c68
SHA512 f74bf30af4549381b1a2fec0771439205181e33a24f3b26aa59c6220b287525460b5904d861cc580c7d2bc651802206dae78242364d25b2773af549a2848f4cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

MD5 38bcaa7fd5fd8c7f5be0fe9e20a831a4
SHA1 e33229c4bd8a0bdb035829b3c5cc84ab48014762
SHA256 d0b8e3bb4b6e319465d6438a343dd72f5211898bea99756a99ea88247a6b2f71
SHA512 11e13ec4b99060948b8747ad0d1fe4659836fb1d425efd25052899c88a26b5529816e605607a36e3383ce0803bd5b9007d4818019c88a9d13773cd5335be59dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

MD5 6bc4851424575eaf03ebe2efee6073ab
SHA1 2d014fe2feb929d03a46322645a94556ca5c9e96
SHA256 abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e
SHA512 af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

MD5 fc97b88a7ce0b008366cd0260b0321dc
SHA1 4eae02aecb04fa15f0bb62036151fa016e64f7a9
SHA256 6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e
SHA512 889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres

MD5 572e2d14a4d022bc65420f5e72daed47
SHA1 88c1080bf6980c7a3f43abc41158c28ce339c318
SHA256 bb9d0afab0b58026dbef998f4c4afd8cccae601e356146831a62b3a5be1e83e5
SHA512 5445b7a14a6c86a6e9bba2634221be371fc059effcd9098a3280ab156437f529d04b4eab09c26538b3425c5d52ce0590836019550c4624e5a58d2e5680bace62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

MD5 f55234db88c6538e3f4ad45c114435f1
SHA1 c4dba9a32f50f2d9a27ce81a1d62f7587751e6b6
SHA256 bf139ca7efd187c36f3ec33691f427205a63ca2707af18bc25430637928d713a
SHA512 8a621fa5044977bce987b8259dc850faf83f4e82f4df1a7a689dbbb0b9b065676842f7ac462b77f66c3ef892c3272960bf5de4c0dd4f02e85430b368867feda3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

MD5 d22cb8682c6c279a568ed39bdc634f0f
SHA1 677360e899085b1fe7af0098575842261a6d854a
SHA256 78b575d52c9342adcc7b89ee8545e0577169b0d520a9924c7d53bc3587b240e0
SHA512 2ad0f705556abae3edb620d4370c1e72c749935d6ec079a10272ba2cbfe42d06a67f6fa1c3d80755aef9419391f701e98d479e946708e26980497f438b154ce8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

MD5 edb017d3ed50ee867dc2363e57ca63d8
SHA1 15a77ce2c0185ecd13a51db2af95ceb2ce10657b
SHA256 949d11592c29da1016924b81ce6166b240b6e8b106c4056d89312361561288c9
SHA512 bf7445ec6d43db6ebc05600007054565e3b65bf48e58e78ea9c29f763ad29b37d7aaa81980c8c80a8bc80c885eb10bcd317104d100fddbb20f13169b477bf1bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

MD5 45886e389a6ed14e389372f3a055b47d
SHA1 191f83fb45ae8ef3078d96d86865f38d07005398
SHA256 06f2d38d51c31413faa2b37bd1b12bf75e4df1e9d78661b014e7134b1f545b24
SHA512 3fe5a714f442bca31c8771cb77ae02ed13527725d65ea685739abe23002c58bfcbcd0088791de425c553ff40351438d93c825164b4711b74964d8f12ab23869b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

MD5 30f6eac6674351d8561340e3c5baa1dd
SHA1 9f5303523d319a41b1e0941090a5542101de4342
SHA256 956e5f321685c32b9206a03f827f83a6c7e419af1a340dfdf3ac8ad90cf4d0cd
SHA512 a985caaf613b751549b3236c964fd55ed142523a86ea2becb96e7ddaa8bbf2146e7db3b8de72abd9cb714b87c69e85ab38ec7d8267e04b50341ba6bd7e11c210

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

MD5 8dee9e80e042b5b91b4d8b7e5465d393
SHA1 4252a0c20dac7e7456ecf86bcbc76607c0cae8c1
SHA256 9538b02ef0163a194e3487df75a8d526c95e3cfd475e7142d040319e46a7d50a
SHA512 d66779d7a48d5560dbce788b5cb3411c35fe1cf78fb30365373a2c91cda4b69f99ac8cdce9282713cbb3f22cc89491834aa98b94e160f22d775b6b7497130a93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

MD5 35405d6baa34c6eedf7e898385781583
SHA1 a10b10a89bd7406ee949238173019dbae258121d
SHA256 e2396d2f1de64acad16ee49f21b3e75931e9bb8b69f8d4cc9e0f17c596ab41d7
SHA512 d0f3d73f64af21273d48f0a998c477dffb62d780cf7791726164966ee68726b445a054b970fdad3242b243ca2614958dc010d29a2260a8fe6e7eda6a6ea204b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

MD5 78ca7e08fd4b077c73a4eb94de35e408
SHA1 3fb89012ba8035dcede59e17d4d6df50da1dd6b2
SHA256 f9a4e3fcef261b141492523103af4d14fefee28d2056c2e8241e952afd0eee6b
SHA512 eb51604e6959898f1b74287540db8f43e84830fe135b2ac7f4df49cc252abcf0f164d7e5346e89024bd8722e54dc150ff0d7e6a9f6c1fd4cf3af9b03d51fce01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

MD5 4a80d1d8a02af073c90f4cc673d39609
SHA1 fa9813d48fefc9ec72f00f2cde13185f0fec2ede
SHA256 6e7d91e6309c57897695d14a1ca667d8b1472b8523658b6590bcc17e7e91adf8
SHA512 cbf862636a3018e27d1e35454bc1ed9e3a539c8139cdab82c9e91659d2dcb5a1747c4a307f5ee4096ba91653db862c1f65b9e4f414a1cb2fc7c8c481e8a8f96b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 340240182920e82ea051d31c396cc814
SHA1 a8f68fdf6652182e3935a7f88226b78360bd3358
SHA256 0f3ffee0349f52a22ca8308fad906dfb520adee45ad1469032fe90ded0b3cdca
SHA512 9d98f2f42b3d4e940fe740cad68cc147eebf6d866a95904045ef0ddffd5e68e4db879823d04c0d2db38a4e9c8a82716668b9724e308ce09809e39221ed5e54df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

MD5 d43d1b4592d8ef45380ece4b689ae9ed
SHA1 1dfa6f081160debb77eb29db2a96a04131b52f58
SHA256 6ea5e35fbab2d9990f8f62865db08d752c80840f3bbd2252ce84996f93e880d7
SHA512 e5d4c92086c26cb4bdd0af402812e993214a061808e4959bb5d424cdeee39276d4f27cf8774da7947654c60f6354ecca150baa3aefbcdcc805a5c9d9c0360382

memory/3252-1225-0x0000000002DB0000-0x0000000004DB0000-memory.dmp

memory/972-1226-0x0000000074640000-0x0000000074DF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 3e1d3cc1ac470b790d35697d65bb3dad
SHA1 7960a6ddf32e256d007dbbffd39168e0bf0dfa53
SHA256 c161b27a7e20c7f3c569f8382702f4807f1b5d40e201ed23db061b02e162b1a9
SHA512 4d0242dbf62054785ee4ad5feac568c03dedb2a2f97382b70329961b13e1c1a491373b8347abfd4566364d8a8d365d2d56cf817fcd427489582dfbe69410351a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

MD5 b943baa0fcf5b89a4ca1a7a50c239422
SHA1 01ab675e9b196d7ca7af52859b19323008fb5be8
SHA256 07dcf48926a2d028b8b93b090dcb56de1338196cafea45907cbabba46d62607b
SHA512 86f4594e06dfaada4b53a1622289b5a9dbcd6755b6da0fe7df19883e1da5d45e19d3e720baf8c9cda4be9d71a8d31dd1099a33ae1586216290fd385cf933d46d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

MD5 4310a590b6fca41de854146097fa95c8
SHA1 9e873d011fa717d6d0c8a2e036b8b604531c7c59
SHA256 88a44be160e9401d195eade726042893f9ec5ef8dce12a7df8bf2a555bee3ef3
SHA512 7a21c02f4896b5c7fe99eefbe041353334c15ea7e09afbe28de72437a4ccc1f707f480d07ff21e5d65db0eb8ac3713d78ac7ac7eaf18b67ebaa05fdd132fd6de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

MD5 20d6bf61dd5df0c4482bcaafa831cdbf
SHA1 f9331a4a94a2ca31c534a836a0a2daf60e01e597
SHA256 3c72a0289c1a492e40c85c92b76ea57e050ab0b2268949fe116afd53bfaca026
SHA512 a38848be6ece0f00fc9b8b8bef579e738b93a82534c94a4dd388093f96b4be664b3369d2954bc2cf1b4474a41edc6e61f71aceb1112e8087f23e48c50ebd37de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

memory/972-1245-0x0000000005270000-0x0000000005280000-memory.dmp

memory/972-1247-0x0000000074640000-0x0000000074DF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 e3de96cad1ab827a302277d82de0d3af
SHA1 b673b5f2bd8f5823f5832fb4af7f106c29e76439
SHA256 bd924ca225da1739839ff1908e9172ae502b1b03c483099877070b2a79f68ff5
SHA512 da5f77c6c9605e332159f51657a2ad6af747cc2267c389deb4d2f37b5f1c3e51724ff4da5593f2c7118c50f611770e6c3cad029ec53656f5afda0cf351d99bbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 68f16c645a296b80d87ef7a0a2edc416
SHA1 d5aa4762aee7402490ee6a49cccc9c842a808d71
SHA256 80e1d2e94e135955ab084fc559f0b17a2777e35e9976ef59cf41069d4f858e0f
SHA512 422782e809fbc0dd11b032b63462f4ef09f53f2cde31ce3518b32a158a992fe0528f47fe176c21e48dcec2e9b9640863013ca7392d395e3d190b2522702b817b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 302efb1ceef3873d366242faee3596fc
SHA1 6f2c0101013de51ae1ba7ed978cc4a3bea3d6f95
SHA256 4939387e798aca388547da87d7d9fd13e8858a5f4e7c5901a0a7cf860cecd479
SHA512 bfe59e45864e48b57a6e8f0fbdec1e293a42f719529001c1d02bdd93632f1257db13f8debabb776bd5692b013704bbeb9005e24e5df43530fe6d3fa6f5224827

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 bc0763a9648b9fd70654a56c418ceef8
SHA1 2d6c63839314127f3875d762ec2c81b5377aa09d
SHA256 9de59421bb158b79ae89b9982549ef8f9fff1abd6789de45d3b92db9f8c4200b
SHA512 09e0a7454e26be0a42dfc5c092da4abb1c25eb1d3de7dbae886d556c36aa61253727f0b154370a4a635057d5a157377d616a3bfe8a074b209c3570e82b565287

memory/3916-1301-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/3916-1302-0x00000000051D0000-0x00000000051D1000-memory.dmp

memory/3916-1304-0x0000000005270000-0x0000000005280000-memory.dmp

memory/3916-1308-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/3916-1309-0x0000000002CE0000-0x0000000004CE0000-memory.dmp

memory/2384-1310-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/3916-1311-0x0000000002CE0000-0x0000000004CE0000-memory.dmp

memory/2384-1312-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/2384-1313-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/2400-1314-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/2400-1316-0x0000000000F70000-0x0000000000F71000-memory.dmp

memory/2400-1315-0x0000000005020000-0x0000000005030000-memory.dmp

memory/2400-1321-0x0000000002830000-0x0000000004830000-memory.dmp

memory/3320-1323-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/2400-1322-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/3320-1324-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/1852-1325-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1326-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1327-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1332-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1331-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1334-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1333-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1337-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1336-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/1852-1335-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp

memory/5040-1341-0x0000000003210000-0x0000000003211000-memory.dmp

memory/5040-1342-0x00000000057C0000-0x00000000057D0000-memory.dmp

memory/5040-1339-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/5040-1345-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/5040-1346-0x0000000003240000-0x0000000005240000-memory.dmp

memory/4848-1347-0x0000000005AD0000-0x0000000005AE0000-memory.dmp

memory/4848-1348-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/4848-1349-0x00000000746E0000-0x0000000074E90000-memory.dmp

memory/5040-1350-0x0000000003240000-0x0000000005240000-memory.dmp