Malware Analysis Report

2025-01-18 21:45

Sample ID 240414-fb2c2seb78
Target showcaptcha
SHA256 5c80665b30d324d3d06046ea4b7aa73bb8356f839c94c2e246eafd6f878d26c4
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

5c80665b30d324d3d06046ea4b7aa73bb8356f839c94c2e246eafd6f878d26c4

Threat Level: Likely malicious

The file showcaptcha was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Modifies Installed Components in the registry

Sets file execution options in registry

Downloads MZ/PE file

Registers COM server for autorun

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Installs/modifies Browser Helper Object

Legitimate hosting services abused for malware hosting/C2

Checks whether UAC is enabled

Adds Run key to start application

Drops file in System32 directory

Suspicious use of NtCreateThreadExHideFromDebugger

Suspicious use of NtSetInformationThreadHideFromDebugger

Checks system information in the registry

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

NTFS ADS

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Modifies Internet Explorer settings

Enumerates system info in registry

Suspicious use of SetWindowsHookEx

Suspicious use of UnmapMainImage

System policy modification

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-14 04:42

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-14 04:42

Reported

2024-04-14 05:12

Platform

win11-20240412-en

Max time kernel

1799s

Max time network

1800s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\showcaptcha.html

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BD476F98-A58F-46C7-B54F-A7ED4348C9EE}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B499C9C-27B4-4C8A-8E4A-DFC578F5F4D8}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=7A128214742A47C6A24E4D4AA9C8417F" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B499C9C-27B4-4C8A-8E4A-DFC578F5F4D8}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\AvatarContextMenu_Arrow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VirtualCursor\cursorPressed.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\fonts\NotoSansCJKjp-Regular.otf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChatV2\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\GameSettings\copy.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\PS5\ButtonOptions.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\ExternalSite\youtube.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\copilot_provider_msix\package_metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Scroll\scroll-middle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\resources.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\heads\headP.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarEditorImages\circle_blue.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarEditorImages\Stretch\bar-empty-mid.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\PS5\ButtonTouchpad.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InspectMenu\gr-item-selector-triangle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerLauncher.exe C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\fr-CA.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\configs\DateTimeLocaleConfigs\zh-hk.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\msedgeupdateres_sr-Latn-RS.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BD476F98-A58F-46C7-B54F-A7ED4348C9EE}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\sv.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\sky\clouds.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\LayeredClothingEditor\Default_Preview_Clothing.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Slider_dn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\water\normal_13.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\identity_proxy\win11\identity_helper.Sparse.Beta.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioSharedUI\KebabMenu.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\Gallery.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\ca-Es-VALENCIA.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\MaterialManager\chevrons-left.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\msedgeupdateres_af.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BD476F98-A58F-46C7-B54F-A7ED4348C9EE}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\identity_proxy\win11\identity_helper.Sparse.Beta.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\VisualElements\Logo.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\RoactStudioWidgets\toggle_on_disable_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\xboxView.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\LeaveGame\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VirtualCursor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\9-slice\tag-bubble.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\btn_greyTransp.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\terrain\reflection.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\lo.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\mtrl_asphalt.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Trust Protection Lists\Mu\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\lv.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\identity_proxy\beta.identity_helper.exe.manifest C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Notifications\SoftLandingAssetDark.gif C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\es-419.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\zh-CN.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Trust Protection Lists\Mu\TransparentAdvertisers C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Trust Protection Lists\Mu\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioSharedUI\grid.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-801765966-3955847401-2235691403-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WebExperienceHostApp.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133575433722274248" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WebExperienceHostApp.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateBroker.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\ = "Microsoft Edge Update Process Launcher Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\CLSID\ = "{5F6A18BB-6231-424B-8242-19E5BB94F8ED}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xml\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\ = "PDF Preview Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgeMHT C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\ie_to_edge_bho.dll\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\ = "Microsoft Edge HTML Document" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\EnablePreviewHandler = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\shell\open\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --single-argument %1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\ = "Microsoft Edge Update Process Launcher Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1736 wrote to memory of 5096 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 5096 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 5008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 5008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1736 wrote to memory of 3228 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe N/A

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\showcaptcha.html

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaba0cab58,0x7ffaba0cab68,0x7ffaba0cab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2168 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3040 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4328 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4492 --field-trial-handle=1824,i,14095694267402840495,6939845906797778127,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaba0cab58,0x7ffaba0cab68,0x7ffaba0cab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3092 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3760 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4384 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4392 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4352 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WebExperienceHostApp.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WebExperienceHostApp.exe" -ServerName:WebExperienceHost.AppXpahb3h9jz84zbzgmz4ndmjv3nas4ah73.mca

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2788 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3088 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3164 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3168 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3216 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3228 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1720 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4736 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:2

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004C0 0x00000000000004CC

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4848 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4548 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5164 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5308 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3244 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3376 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4104 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4468 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4672 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3452 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4220 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3464 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5504 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5560 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5596 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5620 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU5BE3.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzQyRTY1QzItMERBNy00RjMyLTgwMzYtQkY1RjYwNjUyODYwfSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1MzlFODYwNi1ENTg5LTQ5Q0YtODRBQi0yRjJBMEMxMzE2Qjl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc4Mzg1OTA0MDkiIGluc3RhbGxfdGltZV9tcz0iNTgyIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{C42E65C2-0DA7-4F32-8036-BF5F60652860}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzQyRTY1QzItMERBNy00RjMyLTgwMzYtQkY1RjYwNjUyODYwfSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyRkJEQkNCQS1FRDkyLTQyRDktOUEwQS00NTU4QzhDNzhBODZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbmV4dHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzg0MzA4MDI3NyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6F49FCD0-5DE3-4F24-A20D-65DE2A619366}\EDGEMITMP_AD98B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6ec29baf8,0x7ff6ec29bb04,0x7ff6ec29bb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzQyRTY1QzItMERBNy00RjMyLTgwMzYtQkY1RjYwNjUyODYwfSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InswRDQxMzI2QS0zQjJGLTQ3NUItQkYzNi1GMUM0RjM3MkRCRkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3ODU5MDQwNDU5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzg1OTEwMDU0OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwNDc0NDY3NzQiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzFjMWZjOGZlLWYyNTAtNGEzYS05MWVjLTlmOTBlMzFiODI2NT9QMT0xNzEzNjc0OTA3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVVRaWdTbjV6TnNNdVFKMnRjVktCeWcxdiUyZjFsUTBrZXRyUXhISjJjJTJmYW1PR0lTN05yemlhdkxFM3NsZXBQaWNNVThZb0xYQWZsR0YxbGNMNCUyZnQ3WWJBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBkb3dubG9hZF90aW1lX21zPSIxMjY5NCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwNDc0NDY3NzQiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MDYxNDgxMzg0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NDk4NjA3MTkwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTA0MyIgZG93bmxvYWRfdGltZV9tcz0iMTg4MDQiIGRvd25sb2FkZWQ9IjE3MjA3NjA4OCIgdG90YWw9IjE3MjA3NjA4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDM3MTMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=4104 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1788,i,9520064006413899397,18288949543287235540,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:xqkhRfXkKKM_FN1KS8qd0cyxPkUV6t2FMwVLVyqZIXu_cdzVnX0i9abgvmY0pH0Gb2T3-zbmtmRGm1QL95hikVfuepWBWfhPJZnPpe__umtI1Mey3aM0UMtLFswRiRS0y1i2s-DtLtde-lnpy3VfSn8u5iGFoQgWYfLXsutWkz3ifQ88A3XArz8QluZwLktk6XU1yUUUHH4xP-CjBX-bYd3yQDKDFelf6t8IS2VrGD8+launchtime:1713070237848+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713069990802007%26placeId%3D142823291%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D56823b54-69ef-4c3e-9d3e-c0e615be3ac1%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713069990802007+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BD476F98-A58F-46C7-B54F-A7ED4348C9EE}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BD476F98-A58F-46C7-B54F-A7ED4348C9EE}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{865627E0-5E1F-4004-9119-E15300085655}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODY1NjI3RTAtNUUxRi00MDA0LTkxMTktRTE1MzAwMDg1NjU1fSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGQzg1QzkzMC0yOEY2LTRFMkQtOEMzMi1BNkQ5QTE2QkY1OTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODk0NjIyNTEyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODk0Nzc4ODQzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjk3MjI3ODY1NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzNjc1MjEwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWRHQyUyZjY0RG92NSUyZiUyZjdqNDcybzJLb1FKMiUyZjJ1a2dwZEU5b1VGVWZJMk5uTjM5N2tqcWFLc2U1RWJzSnRyRW53Y0ROSVQyN0RMcEFoNGZ1SXdsQSUyYnhDZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTcyMjc4NjU2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxMzY3NTIxMCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1kR0MlMmY2NERvdjUlMmYlMmY3ajQ3Mm8yS29RSjIlMmYydWtncGRFOW9VRlVmSTJObk4zOTdranFhS3NlNUVic0p0ckVud2NETklUMjdETHBBaDRmdUl3bEElMmJ4Q2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iMjAzNTE2Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTcyNDM0ODU0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTc3NjQxMjEzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1NzQwNjU4MzA5ODQ0MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyMy4wLjI0MjAuOTciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiB1cGRhdGVfY291bnQ9IjEiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9IntBOUVGRjdCMi1CNkZBLTREMzYtQTdCRi01NEFDM0FBODZFOTZ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU36FF.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{865627E0-5E1F-4004-9119-E15300085655}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODY1NjI3RTAtNUUxRi00MDA0LTkxMTktRTE1MzAwMDg1NjU1fSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7QzQzRURGMzAtREEwOS00OTRFLTgwNzEtODYwN0YxMkEyOTU2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTMwNzAxMDMiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyOTg2ODA1OTY3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEY3MkU4RUMtMkVBNC00Qjk5LUFDNUUtMENEM0JDMDk3MjZBfSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NjAwOTVGQjMtNkM5Qi00QThCLUE2QjUtQUFFQjk1MkZCQzZFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7KzBqVW1ZZUt0WkFGNUMzZzIycEJCNUYwUnlkdGYxU0g3Ym53c25vVStmaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjEiIGluc3RhbGxkYXRldGltZT0iMTcxMjkzMTA2NiIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU3NDI5MDA4NDI5NzMwOCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1OTg3MjgwMzAxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B499C9C-27B4-4C8A-8E4A-DFC578F5F4D8}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B499C9C-27B4-4C8A-8E4A-DFC578F5F4D8}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEY3MkU4RUMtMkVBNC00Qjk5LUFDNUUtMENEM0JDMDk3MjZBfSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFOTZENjk2MS05MTMzLTQ5REMtQkM0QS0zQjVFMDUyNURFQTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zMyIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1OTk1NzIyNTcxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTU5OTU4NzQwNTIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY0NjU3MDQ1OTIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9kYTAxN2RlYS0zNGY4LTRhOWYtYTNmZC0yN2YxYjk1Mzg2MDA_UDE9MTcxMzY3NTcyMCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1ac2VtYkdsaGh2V01DanBEVXZOQmNjRmI1eThWSElRRlF5eXoxYWolMmZkeXpTY2ZMalU5Q1VPVGQ2dDFkbjFNSUZzSU91MElCODBzZ2JUMXVEbVM3bEhRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjE2Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY0NjU3MDQ1OTIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2RhMDE3ZGVhLTM0ZjgtNGE5Zi1hM2ZkLTI3ZjFiOTUzODYwMD9QMT0xNzEzNjc1NzIwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVpzZW1iR2xoaHZXTUNqcERVdk5CY2NGYjV5OFZISVFGUXl5ejFhaiUyZmR5elNjZkxqVTlDVU9UZDZ0MWRuMU1JRnNJT3UwSUI4MHNnYlQxdURtUzdsSFElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NzAwOCIgdG90YWw9IjE4MDQ3MDA4IiBkb3dubG9hZF90aW1lX21zPSI0MjU2MyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NDY1ODYwNTMwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY0NzE3OTgzMDEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNjQ3MzY3MzA4MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjM5MSIgZG93bmxvYWRfdGltZV9tcz0iNDY5NTIiIGRvd25sb2FkZWQ9IjE4MDQ3MDA4IiB0b3RhbD0iMTgwNDcwMDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjE3MiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff73a28baf8,0x7ff73a28bb04,0x7ff73a28bb10

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=3 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff73a28baf8,0x7ff73a28bb04,0x7ff73a28bb10

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff70cb6baf8,0x7ff70cb6bb04,0x7ff70cb6bb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NURGQzM5MDMtRURGRi00QjE0LTlGRTAtMjdDMzM3QzU2OUMzfSIgdXNlcmlkPSJ7M0U0Mzk1MDMtQUQ4NC00MkU5LTkyNDAtMTdEQ0E1N0JFRjVDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntEMjlBNjYwMS04OUM5LTRFNzktQjc1Qi01MUJDQjFGQTMxQ0F9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDsrMGpVbVllS3RaQUY1QzNnMjJwQkI1RjBSeWR0ZjFTSDdibndzbm9VK2ZrPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg1LjI5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjQ5Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzEzIiBwaW5nX2ZyZXNobmVzcz0iezJEOUU0QjRGLUE1N0EtNDY2Qi04QTUyLUFDMkQxQjlFOTRFQ30iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1NzQwNjU4MzA5ODQ0MDAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NzU1Mzk5NDY3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NzU1NTU0OTk4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NzgxNDg0OTcyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2Nzk0NjEwMTgzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzE3OTE1NDA5MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjM3NSIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzODQyNCIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzMTMiIHBpbmdfZnJlc2huZXNzPSJ7MTE1NENBM0UtOEJBRC00MEE1LTkwQTMtRDZFNDUwRUJCODVDfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgY29ob3J0PSJycmZAMC4xNSIgdXBkYXRlX2NvdW50PSIxIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzEzIiBwaW5nX2ZyZXNobmVzcz0iezc1MkI5ODQ1LTJGNjEtNDhFNS1BMDhFLTI0NzIyMzg2MUQ2N30iLz48L2FwcD48L3JlcXVlc3Q-

Network

Country Destination Domain Proto
US 8.8.8.8:53 adfstat.yandex.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 captcha-backgrounds.s3.yandex.net udp
RU 87.250.251.119:443 mc.yandex.ru tcp
RU 87.250.250.145:443 adfstat.yandex.ru tcp
RU 93.158.134.158:443 captcha-backgrounds.s3.yandex.net tcp
US 8.8.8.8:53 119.251.250.87.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
GB 92.123.128.146:443 tcp
US 104.208.16.92:443 browser.pipe.aria.microsoft.com tcp
NL 23.62.61.155:443 r.bing.com tcp
NL 23.62.61.155:443 r.bing.com tcp
NL 23.62.61.155:443 r.bing.com tcp
NL 23.62.61.155:443 r.bing.com tcp
NL 23.62.61.155:443 r.bing.com tcp
NL 23.62.61.155:443 r.bing.com tcp
BE 104.68.70.154:443 sdx.microsoft.com tcp
GB 20.58.112.186:443 nav.smartscreen.microsoft.com tcp
GB 20.58.112.186:443 nav.smartscreen.microsoft.com tcp
GB 20.58.112.186:443 nav.smartscreen.microsoft.com tcp
GB 20.58.112.186:443 nav.smartscreen.microsoft.com tcp
GB 142.250.178.4:443 www.google.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 162.159.137.232:443 status.discord.com tcp
US 162.159.137.232:443 status.discord.com tcp
US 162.159.137.232:443 status.discord.com udp
GB 142.250.180.10:443 ajax.googleapis.com tcp
GB 142.250.180.10:443 ajax.googleapis.com tcp
NL 18.239.69.66:443 assets-global.website-files.com tcp
US 104.18.5.175:443 global.localizecdn.com tcp
NL 108.156.61.222:443 d3e54v103j8qbb.cloudfront.net tcp
NL 18.239.50.35:443 assets.website-files.com tcp
NL 18.239.50.35:443 assets.website-files.com tcp
NL 18.239.50.35:443 assets.website-files.com tcp
NL 18.239.50.35:443 assets.website-files.com tcp
NL 18.239.50.35:443 assets.website-files.com tcp
NL 18.239.50.35:443 assets.website-files.com tcp
US 8.8.8.8:53 222.61.156.108.in-addr.arpa udp
US 8.8.8.8:53 35.50.239.18.in-addr.arpa udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 162.159.136.234:443 gateway.discord.gg tcp
US 104.18.125.91:443 js.hcaptcha.com tcp
US 104.18.125.91:443 js.hcaptcha.com udp
US 104.18.124.91:443 js.hcaptcha.com tcp
US 104.18.124.91:443 js.hcaptcha.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
BE 35.210.214.151:443 e2c40.gcp.gvt2.com tcp
US 162.159.137.232:443 status.discord.com udp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 104.18.125.91:443 js.hcaptcha.com udp
IT 35.219.224.178:443 e2c57.gcp.gvt2.com tcp
US 104.18.124.91:443 js.hcaptcha.com udp
IE 209.85.202.94:443 beacons2.gvt2.com tcp
US 162.159.134.234:443 gateway.discord.gg tcp
US 162.159.128.233:443 status.discord.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 233.133.159.162.in-addr.arpa udp
US 162.159.133.233:443 cdn.discordapp.com udp
US 162.159.133.233:443 cdn.discordapp.com udp
US 162.159.128.233:443 status.discord.com udp
US 8.8.8.8:53 images-ext-1.discordapp.net udp
US 162.159.129.232:443 images-ext-1.discordapp.net tcp
US 162.159.134.232:443 images-ext-1.discordapp.net tcp
US 8.8.8.8:53 232.129.159.162.in-addr.arpa udp
US 8.8.8.8:53 232.134.159.162.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 216.58.212.227:443 id.google.com tcp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.18.116:443 static.rbxcdn.com tcp
NL 18.65.39.82:443 js.rbxcdn.com tcp
NL 18.65.39.82:443 js.rbxcdn.com tcp
NL 18.65.39.82:443 js.rbxcdn.com tcp
NL 18.65.39.82:443 js.rbxcdn.com tcp
NL 18.65.39.82:443 js.rbxcdn.com tcp
NL 18.65.39.82:443 js.rbxcdn.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 2.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 116.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 82.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 128.116.101.4:443 roblox.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
GB 128.116.119.4:443 metrics.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
BE 104.117.77.144:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
NL 18.239.83.2:443 css.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
NL 18.239.94.43:443 images.rbxcdn.com tcp
NL 18.239.94.43:443 images.rbxcdn.com tcp
NL 18.239.94.43:443 images.rbxcdn.com tcp
NL 18.239.94.43:443 images.rbxcdn.com tcp
NL 18.239.94.43:443 images.rbxcdn.com tcp
NL 18.239.94.43:443 images.rbxcdn.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 4.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 23.73.139.17:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-1a-lms.rbx.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 52.9.12.2:443 aws-us-west-1a-lms.rbx.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 3.134.168.96:443 aws-us-east-2b-lms.rbx.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
NL 108.156.60.91:443 c0aws.rbxcdn.com tcp
BE 23.14.90.99:443 c0ak.rbxcdn.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
NL 18.239.18.116:443 static.rbxcdn.com tcp
BE 23.14.90.96:443 t3.rbxcdn.com tcp
NL 18.239.36.64:443 t6.rbxcdn.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
US 3.134.168.96:443 aws-us-east-2b-lms.rbx.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
BE 23.14.90.99:443 c0ak.rbxcdn.com tcp
NL 108.156.60.91:443 c0aws.rbxcdn.com tcp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2b-lms.rbx.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
GB 18.132.88.108:443 aws-eu-west-2b-lms.rbx.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 54.219.83.59:443 aws-us-west-1c-lms.rbx.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 8.8.8.8:53 59.83.219.54.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.50.116.128.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.network udp
US 44.237.49.162:443 m.stripe.com tcp
NL 18.239.94.116:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 116.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:51887 tcp
N/A 127.0.0.1:51891 tcp
N/A 127.0.0.1:51894 tcp
BE 2.17.107.18:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
BE 2.17.107.18:443 setup.rbxcdn.com tcp
BE 2.17.107.18:443 setup.rbxcdn.com tcp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
GB 23.73.139.35:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 35.139.73.23.in-addr.arpa udp
N/A 127.0.0.1:52332 tcp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 152.199.19.161:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
NL 23.62.61.97:443 www.bing.com tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 54.120.234.20.in-addr.arpa udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp

Files

\??\pipe\crashpad_1736_IMMWOSTAVZWNVOBZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc47da30ea8ac30f4b04610681dc0e62
SHA1 3f286e2dabbf62938c82e18bcb277d6c7b267cb7
SHA256 9163145f058f902cb6e36268474399966a980f869fcf5fca96af1520b30ee663
SHA512 a7e5056015f7d687b3a54c8a5451d3c341281b30a76a5b71bf6f029e1907c50e59ba123004b91654a68fa1e93decb901a316d67c413168a875662889f91d47eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7b7fe995a0523a5b7899d7c4bf6975f9
SHA1 e17808e6f6d5cfe6c430c65b4c5d853ac465af54
SHA256 869fb5eb2f46cee48cf97d2ba6d676799d35d2a5ac1e42687786618c790829c1
SHA512 fbac33fe98e3f194800cbd27ae96d7351bd680fe693b902232c37c3779ad07760c48ff4aa55337f378ae3ab668ce7953308b28611790a74ec5211b88790184e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f12ccbc5a5df7a50c84caedaea300671
SHA1 2af1fa9a90a2f106931c38cf97a0be3c62ea067a
SHA256 c9bf3c8b7e32321e99b2ae463fe5f369314a164588bac27065a58b458dfe1319
SHA512 c7e495c29f2581c0efcd858689dbc258d755716819604fb6f0c52f765d4fca6ffb60eb8d6e2ebb3e7083425b291f1b6fc0ccffa9f7a6163a74ec1ab1a1dcb031

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b0bb60c6771d539265279927ec8da011
SHA1 09cda894b18aadf3ee4eacab3572574719aad864
SHA256 9ef028e40561ba7b63bf6d24004177a2d7b2b49404501cd57441311415abacbc
SHA512 9ee9433bc296d577e544c051358f617dee71139245397892eb4b5952929956a87ccad012a53120753f01856d5bfb5ed3fd2d20cef75c18270e5c1b554529e082

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\Desktop\RestartFormat.xps

MD5 eafc061358eea00328c95b8696d6bb7c
SHA1 3f4c6312c2f6a07ea0c0fe7a78233a1a4c988b38
SHA256 52297c775c595a7d21235c8d747a35c1ffcd6ba47b15a860add1600f9961bc76
SHA512 8720b8579cde0fc428e2e2750492151ed50511ea3774d6f523f40959403799b528ac426c66e1a038c61c2c98b0389e0c96bdae4ef46710af4795d4ba2328a2a2

C:\Users\Admin\Desktop\SelectShow.edrwx

MD5 094bafb183f09c9f4fe964d46bc3d9fd
SHA1 0fd63cf04c5f6b24bb4c9e944b7f24825795983c
SHA256 cb2063c8aec5c5d2c655ee40343d8522ceb404260dc5ff60b0dfb6c865fad973
SHA512 ed2c98509c5834843fd6a63dfdf4de24edef444f8dc525cc667a81e2e83f5d13022a270734b04b3c840b215efd6b45f45e618c5bfad3764d115a9b1468007714

C:\Users\Admin\Desktop\SetRename.vsdx

MD5 efc5c3b1606294939c0a0f3d8de119e9
SHA1 c3c805d90eede219d72e13adf534e7007d97e22e
SHA256 c466c86ff3ffdc00f8681703bf61fd686f7ea5e5de1238e84497381f0be86c50
SHA512 742d6be7f34064890dc73b6033aa8034014190ac9f5065737cafa22c441018ce9bf17db515a84d7e49a14d1420c43c0d3e5807ab2950ebcdea33a728bfde2426

C:\Users\Admin\Desktop\UnpublishCompare.ps1

MD5 eea7b7641a08d1b6a2d6e9df9df3c144
SHA1 0a2882584607f8cbfde8e64b8dd0ea738207d7d2
SHA256 abc7c0300faa6d392b2e526c5e78b87ddbe683bf6b61010e18640518e095d0a1
SHA512 2fe547e3b26bfdb35d8fa2e9514355366ac613dd58745903a0877d9db5064f7413c592aa9fb08e71dc2491a7cdd55ec86b8479fb302e0828ee757ee7f9d2539f

C:\Users\Admin\Desktop\TraceUnlock.emf

MD5 23ffd91219f300c99dcace0ebc1515da
SHA1 b30fe890b8bfc016984caa9fde28fdef373a3827
SHA256 ce99631291457272a544ffccf4445eec8876ec789de6d00f8529b5fce727c611
SHA512 2ab5956903bd134ca94a371f3ce134196734047c51b8b48af2a715ff3f0cb90de1c4a2764cdb277e2d025c863039e8b3992687ce49239b719da79efe15155a9b

C:\Users\Admin\Desktop\SkipUse.mpeg

MD5 585f85397348d80addf848399e157519
SHA1 37cdba9df4b9d233b7a6174b0c4bf2460e8a656d
SHA256 a794ace01401bf597d7242ba8ed08397972e8b5a18d5313b846b2201b5974fe5
SHA512 823e10e4c7bff06c5de6e0f14b023fb410bd6d9e276804e94e2b781d06a7018e8335f56f864cbdc78b7e4adc8999978ca802a197103fc5da0e2a648b9b98e5bb

C:\Users\Admin\Desktop\UpdateImport.xht

MD5 a74b7586a2881b7faa11761fb676c39e
SHA1 58e894ff378424e935bd45cd984b556ff5e4f93e
SHA256 8e18d0b47965396004baee0ee181d02e3a37835702505c94046f7d1ae21aba42
SHA512 cd432ae3f9a0cef3dc1297fc1a592400e66c9d166efd86f39a83a2afa734020cc0aa0add260127aab515980b5090106367869b343caf9f1791f5b296cd44b4b9

C:\Users\Admin\Desktop\OutMount.jpg

MD5 45ebe38469aeaea157ee18dd27f2e0ed
SHA1 18506249e56ddab32289acc11a1ec16145f8dd95
SHA256 31f954adc39a1ba91b9a04a64c8a4616a93f428649599b7f9a8e54f057451932
SHA512 3834652d9eb3ff91a54dbd130794cfdf030167e3f61badbd7402ad46099ff6d3d512a66ce77e33d80a698ce3959d0aaac3d36b90ede96c992ab2329031c81669

C:\Users\Admin\Desktop\HideGet.vdx

MD5 63c6682d436ae8ef5772e294b8b4d559
SHA1 c68990b415bd1d8bb1bd46b07c1f64ba9db88e65
SHA256 93044cacce622434a3259441b1f57d6a8508e9ddc42e71cdb63d3c4a075c849b
SHA512 8fd29125ac658cd8e2bf94e881ce53eebfd4556763a9a595502473dbd5da9f26092f62f5f862cbbe5ce4a14c766c0dfb1e07bbc7bbafd1d52a8e881b8dea3e21

C:\Users\Admin\Desktop\DenyExport.bmp

MD5 413a4e659519ba18ef48d659794e1ff0
SHA1 a58c5fa523818a1619365f254dd76d113557d390
SHA256 3ed30b42810e64dd8604a25d83c915559e81dc60a3a00e21df9ef250e729c170
SHA512 6196caeb54e1cf3c4f347de527d98d2bdfe1b7d210a49d76ae6ed45feb2cc413f1ccb0557ef2a05b201164037ef9d747a4a81e6b6f29bc7f61584b8179981906

C:\Users\Admin\Desktop\DebugOptimize.dot

MD5 a1e9104f93469adeadc8ec398a9cbae7
SHA1 1095fe8009824d41741215b478460eb2ebc91543
SHA256 a6cc1610ff0f12e75a17a74d7991999b275a6938a669d789fa33439c1a915da0
SHA512 d90f5305c09652fc61e57eeaaf351cc9752bd91e8f46cf5fc6e322a661143903de61609f2939bbdcc36ba6705a8298985a8e0dce73bf3c8cf77eee7938cb97d4

C:\Users\Admin\Desktop\ResetPush.html

MD5 69ebcfd214197847341323296fafa38f
SHA1 ed01c65977f09eb8c178f08424684953c255cea7
SHA256 7e37dda3db1b42464cde6e110b4a780308945cbe78a776b380528a2b380069a3
SHA512 236e7ae7afa413b92d27a3767e799afbd1ba1954d8d436dec6852f5dd00e80950433c9decc09d8915ae0eae82aec63c209266f5e2c7292f4307f0e319810badb

C:\Users\Admin\Desktop\RemoveTrace.mpg

MD5 58c1d804a052329686062e78d5a57091
SHA1 56790991dd2e0ec8220842e3cd8efd60194bb783
SHA256 b652be3bb6f0881fa622aa4076f8ce0b7adec334d8f76059d22b65936cedb001
SHA512 3b5b40b015e1a6f7eaa95d439b8e58099237a2a3acc3afc5004a4225a7018d45a784f8239e82320a0997be45e4deb039d923772e30386484b8ed5f9e8312daaa

C:\Users\Admin\Desktop\RemoveCompress.cab

MD5 708403d27b3859c99d7200a9cf2e6edb
SHA1 8d787abc7f1b2535e731f4a5c3551379c835449f
SHA256 e14e88f5f5da671453017c1809213ff479b476c8ee5ace374459e74e0fc96638
SHA512 27c0382c14c4d816169fa305a06c9a0da35ccdb5528db3b7070b5b21e6a7d7755d3ff4052cb5ccec0b35e6c3ffa0c6410be11fd66802d27fe373e04894fb9c39

C:\Users\Admin\Desktop\RedoSet.ods

MD5 b1746250e7d4f2130a4363105657b6fb
SHA1 fc513a4e11f9e88488dad2353cd8481ebd853762
SHA256 6bf7d69c7caf79213519b56495f92414584c0c09767b8041944b1b4079a81b18
SHA512 53a333c897f770c406333ada0c0311f97d881b90a25498e4227a39331cc433412f8ec651a44664fb497d876d7ffba3c01378163e43d2645eb4456d55c1fd404f

C:\Users\Admin\Desktop\ConvertToResume.pptx

MD5 b5e451503a5ed3cb803a8aa5b0a8ebb0
SHA1 08b627d75f1ecbaa918f0d8d6ec0fc634f4a92b0
SHA256 a65740de8ae7b30f3d39755076b58f4a0e506d6f015bf613454d44f403f67ace
SHA512 ff9b5e2c4db8e6a802d8bf8967644cc6e9e51bc1e3ee1e4621334929edbcee37af264356cfd9a24264e927f657491f4c2843373c3578334e671502c7c7fdeb91

C:\Users\Admin\Desktop\CompleteNew.eps

MD5 f17cee6a3d015bb263b4f26c10afc04a
SHA1 dc20bf1f4b9b2f8bad79e9f91e22f0c8cb88300e
SHA256 8931083070abc5940f93ec53908ddb6f229e5cc3c74907ff07f0b6688617370c
SHA512 ccad80725011f3e91ed12febe47319eb62342b2460cdf7126eb580aab18451e079624c4d1e8aa2c2102dd41723d262333eec23061211ffa6f4a54be8269595ab

C:\Users\Admin\Desktop\AssertRedo.odp

MD5 91e3673d7e4c9db8c9e837dcc0e35264
SHA1 d03baff92a5986cdf54975f32e9aef720b08734a
SHA256 2ede715e528148afc3152ff0ffaab628f822b97dd726a35ef2a4e911129a26ff
SHA512 bd45109e453260704a55c4dac3ada8fedf3c65ba0ecd94c9e69f66d43933bf3855562920efe5afc954a020eaa2ea27153d5e5e8cd0a894626e95abfd451e0305

C:\Users\Admin\Desktop\ApproveSync.doc

MD5 488fdfa5608a9c8c5d49d539d86beee8
SHA1 8fcf12b9f4b14cbc9dc6d9bfa10f8a54aa696460
SHA256 76786ccb5f1248a05a50304bafa129c0afad37a6d1830513e448acb8fcc59e11
SHA512 a936651c58317cfaa7e999528f1051d181c3e99647d21527b04c088447ed3e2ed249c98340fad3ccc65632a4cf9ba8d652cf64d135084d6166ff78e96b5bbc51

C:\Users\Admin\Desktop\ApproveReset.jpeg

MD5 be79b801d090c0e207d75cf92a3efc6e
SHA1 0b66d5bda7c6189e4bfce759c092143f3b0edca6
SHA256 3ff68e0a3dad9d73cb1c1de4a6e814c46efb740a44bc9577aeef54dd2d129f27
SHA512 009001394b10a3b249c7f1626e7551bdd544ca9a141a0b1be16d44ce4913dd0e203af627ef83d4c1e99492bfcfbd9353625e9e5b6f3333716a0d136fae02b9f3

C:\Users\Admin\Desktop\ApproveGrant.vdx

MD5 db7266dba073c1384b3cdc133b412f9f
SHA1 43dbc98215fd9663e24e98a88f960439546f3ce2
SHA256 3a0112f33369a822c18ba56a22234212c9628727ab09b1b6da0ac55f64a8ea0b
SHA512 070f37f7416fde7bcf2ddca4924e4254c2c29d2cd09741a6ae8a918a5d4fa5f2bf639b067a84e174a4ec5793c10f835840da6b52f4026eb0a9fdf0660fa4f65a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 9a3b62aac03b5c3df7a45492fd4296a8
SHA1 7986bd88e4f156d2826edbd9217d39b7bc601c0d
SHA256 7b0f82db3f65b358c42f24eb6cf480c73fdde593b7381257c35d8342939b6d15
SHA512 64fbc53e8b7dd059955b66650d7b5db476f8086503247cc5f929b25ece6ad6a03f7e4a7444c5bf606d21b7c115bca1cf6ab01fafa979408adf36504f66a7b07e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 c884df35216083fc04e6e858edcb9702
SHA1 67a33e18c89e848dc56e769aea12abfd153c4fcd
SHA256 e31c368c8174ac2893b1a887fec58cfa698ee09dc35c1e8a08610ebfe33b6fe9
SHA512 54582af1f6b9d7a4fe8ce7a807f2629adb5941626e53bcd0eeb5143409b144f9b1d1e737bbfe784cdd0adbf172436ac97ebb1d8cd0c937bd31d828e51a4dc3b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 52d6ceb92efef5aa86329111599364b0
SHA1 49cd1b46beee462a5a83d2a620780d26f1b1ca67
SHA256 ad167724d28262eb556c89167cc8c6ac12c1459c84827434631535c0f19d5a9a
SHA512 a6da8c78e6bbb69e48dcbbbbedd6e0a7988ebd35d7a2f67e72d49ae024c59885c91f4e987f006e043a58a1cf01fbd72d1c46558c90ad4ecb4e81bf1b078bf5bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 57aaa8488f1c316efd370eb14d545664
SHA1 d8309338c964c9c518068861bb1d2ca1f62dd7fc
SHA256 ff53774113dd19f483f1433a030557bc722e3644ab64e6b2d03044c2d51c29d0
SHA512 3c68f94b8ea2444f3d43a59bf89d3c1a647a0eaeaa818bcff5a3b18eddc11acb4eaf157c21d905ff60549775b0052959d45d10152032f3157e0ceb54b87e8c87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 c157c4f6d259f2036fec6a2970ef6b1e
SHA1 362a7712b0e8b87236e997fbe4e47c3e56660c34
SHA256 f9bd702ab2378da3d6801ffba16137b63b8dffb35472ebc9ed0bf5b8ebf87e46
SHA512 a408ea8b48cfc1a71b0e3c0f9ce3a645937288a73ba09f1deb919c01a4d6f92925998abc573f03a720287f9d5317c3b09eb29e82e98ee4f557e441a2dc0df0f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 4b6d45173623e354603575d9b7c2912a
SHA1 1ed98b10e4996333b5cf6ff1d736ebf543aa08d4
SHA256 61aafc5a989173c32ba20f550185fdc19a491dd3fb54e64d49c7011971a9dffb
SHA512 f99f84cc894f8ad74ceaabf791c8318444112e3c4d34a1681ffffd8468ca14821d0c7fcb7375e96157aeb734c77645fb18c1946cf0a58d4e608cd254df8f732c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 8674ddfe5449a8e252d25e1a85451cf1
SHA1 29c76306f9cbd6f3d0f4ead06c51018b98788cff
SHA256 8a7db92ce7ba6761b8f91c1e11e0eac14103bdc806ca04fc2dd7b1de09fc4235
SHA512 5f9360e17e2c0763832a70e5821d122d24a5125b12c545fe3cfb529fa6076a0b59b4eb78b8de6e6fc244d2d820663ca55af67f94ae631a61ccc5c609bcb98892

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 07fbdde450dec2f7ebf2f569cb3c7f29
SHA1 27db07d1d8e0e69c40fcfdc4d9c3d7a692cf3c94
SHA256 b4ad68c5199b0075461b7fa1a0e7378d7bbeff5727c32259b43734ed74fa7d66
SHA512 86e64b82381e9351d9c88cc134c66e0ff6c3ed60d87d0e4653bff005b9c3130cfe5e230c9f1e185232da2ba6c9f830b80fad969bab2fddfacd737d3957af35ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13357543372458701

MD5 4154f7f7e915adc615e45b5331c6c725
SHA1 e22cf1cba8bb7e76dcc289476951585d86699556
SHA256 7d7e08548272585b56d8854599d28dfb5a78f616acd3ebd6179e3b459b6b5f9f
SHA512 bb61eed3643a8fef14575691c075eac2b126c21daca612ea22fffff349bbb0d930a1f4f68a9f0e57b8ffb57f0fca6d512b74cc577ad2df87cf0595ff8df200fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

MD5 a982807f3614a229a5c03ee2c0bdb4d2
SHA1 4e206480b42ad9cd0b5ef2e98d0f3270a3119e8a
SHA256 ee1054419c99350be5499273ee8bc9a0241a3c57287fa24d230cd36225393513
SHA512 83ad75e7f9e221129bfbccd15ac430fb9a5bcbb796758782b3c826f2363f21d878641113ea8c5b2bb9e2c7413d1c0ab0b65c9311b0418a95bd79960effe45ffc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 1f5042fceeeacb5448ff38b523f2c18d
SHA1 0d0a0edc3c4bd315dd720dc34c5fd61b5457111e
SHA256 10ce732b6921fadbec03523099ca9c478335bc0ca5f16e43c9b58f6e2bfa1a52
SHA512 22a4daa6e1466eff4715be8eb8e894bc3ebef0eb779723173a9137bdfa1d516f98e00687fe10d48113e081e3d95374742334dbf9b7fb4ea2838497a765e6d5c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 81f0b8e3626c1434b1e3b6f5776113f5
SHA1 087e131634831ec01cecd662ce2d7bb542ffa904
SHA256 2f12d1550fe9436414cc08f3a6301ec3a3f567df66dff5abf1407b746ab15e2d
SHA512 c9adfbb4dd92ed5a60d1fc13ab2648065ccf7e7733b40cbd38bc326ad66a06ed85c333caf543d44424bbfabe5bbf37cfb3228082acd4ac4258a607aed9890ad9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 666f1e08b172a7c9b019fe98fdd80196
SHA1 67a483747577fb2f48219353c0b36b392d5f5493
SHA256 074b7dd3d562ff29c1b54867ac573f425b4916ae5121952a0c64212ba0484207
SHA512 792748e037573d4eaa80c964f96244b2917e50a5de45dd919747c10b363d1831597243f6d7e149c8f378606d13f6e5c03a561d61cf964a0268e3898b4ddf1526

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 9a15f958aa050d078027643a943b7500
SHA1 0a84a5ae9de2f681f7aa03b608b97a82b26e9cfb
SHA256 771697a3a45a4fb47d332d6d0dd59fc673e7d74dc689630f94357841f87323f1
SHA512 4c2048b9c946ff23d4ce062719987b2ed575e95340e416517b65f6c41623c148b76d1319ca771d584527ceed29504ef725a8935529a69f84bbcc0f66e065563e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 e13b184a38a4a790f522628b88d2b6c7
SHA1 05a7433670e7bc60d0d763e9e0ed01575ff849fc
SHA256 7262df776c0a9168b1a2fe8ac4a9ffe672bfc60422edd6a70d6579a0b90c232e
SHA512 df04e5a22777ccd2faa6eb5d41bc4dbd49c086139ac64bc851411a38c15b684bb06b7b603dc7ce5b755458e6274fdca853f303b86f4523848f5d59cb000653d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 fd9d293a9b94a3f7cdf41294d0c02ba4
SHA1 64517255c79b09d1e00ff67828eaa2a53692bd9f
SHA256 bf3b52d295c249ee5ce199e5d4c4e6095fbbc27d95c1c4c7d65a4b4936d40b41
SHA512 2629ade4306d3e748048a1df9e4e9b9f47f6a484272f167be57f2f14f6d00041780ac3e0725b7e506570afc2d8b313bc8f9aa9c2e095938015f08a8b25a3ad56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 bf8b1ea1155799f9cf17421d557273ff
SHA1 07ba9c76179ab122a948fd47ce5b8f012bb02faa
SHA256 a6c5fc3969b2e336678a38b5631be0df6f2cf16b45942e9193152b5adddaea2e
SHA512 48004de3c88862ef3592cdbba6b8afb3211e97daf8961647a8211b555f85e86792067a0c6704ed19b8c03445e2a640f12cbdf461e7e7234512b98218930c09fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 ab0e4c675a7aaa40ac05ad0a7ef880d3
SHA1 e84aa9899faf8a459acb4959d957cf829b8cedca
SHA256 35b37b56507b05f76632b87d45b4125fb74b79ddb205df1c99e0865199ad6708
SHA512 c739c68290d8c145b16eda47015752ca841cf1d1f3ba7925f004e073f4711c09d85124a3007faabdc3ffc51998e9ae5dae27f9fba495af98fdd02791c4546d92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 e2a8a1a1874fe06cc0cbe2eb1211eaa7
SHA1 7fee88ab2003868219c070370826d61606466e8c
SHA256 b335fae71e6fd82260b31c334bf535e0f455cf76021b05ee3aa5f39a0cd0f066
SHA512 44de81cc7371876bba829ada2c7651e3d88f847de58dfddeb56d822c21fcb81f421f52d7f0ee77458d35c80a513b60b545c20d5a60160bcde05bb128e82eb8cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 4649e2833cf60fe5c524a0a396ce07e9
SHA1 157c4d116219850003ccfeca29a68c2c5925b69d
SHA256 bc2761d6b89b23a3d9b159ea0b7a08ddeec44b4d15ff780969659e8b582438fa
SHA512 afc4252133767ca730da463096bb9499560c905fcbc6e7155a1a761269fe21cdd979112e9dbd56cabefa26d8c8d822a441285fbd420dd26ffbf5696212bfbc39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 3a15d758cee4dadbbf58ef0925ce6684
SHA1 15bfa09ca2bc64f96726a160bc0da621443692cb
SHA256 254bc269e42617991e51deca1129668f24ad6172a000d52e9f82e12cbdecba2f
SHA512 486dbd44b301e8ecbfb06026f246e0db9f88bfdb20c51ec156b37c5864fddb66afb8a978cb887579aff3e260960aef3ccecd967d353ed62c8f2dcc2d83e4c787

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4e5f28790b0ad849664cb267bc2575fc
SHA1 02736bdafa32557ff8fc51ead9bdce8ea2773589
SHA256 b57041eb8b83c1a789d29f8c8a30c373fe0912dcbc8990002eeb3a086ac01168
SHA512 a88f3a80f3e1a154e9827562b4c76f98abc377d93169b958a91d1b67bcb499cf107b963b8aeb0d375bdb2c5ed24ca9060dd6191ba834ba55b7e68e9854c474da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab7a4d8d6a7ef5575a195e955747179e
SHA1 6f6f255687cda0e3330f414c7e0170fddc997673
SHA256 995b2d1e01c62ad6f22121114800e0a540958b0f3fab225a91bad5a91fc38683
SHA512 b48516eebfcbac9c46f308455043d8dec1b3e52162743424311365eb9a636bfcb12ab40d04a610a5af151d1b8a64c19c7d20077406b1334f8b80b59a42125d99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7636ada72f19f3095d1d2b6784f8ad85
SHA1 4eaabe171d3a61da89e41e193fe9477973376803
SHA256 7de43a3c5dcb4760746b04f80b7c7ca88806e6412cb1ebb042a3b0607ab66a8b
SHA512 d3fea6b60b7ad988ee1f51309626a1b89c1420a91403f8d8f59ebb7e228343a040000b0d5d84dbcf4568ecdf544495f9e2266ddbe3b86bcb6e2daf78b35f4a14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 5b1e64f24c5077ec6c66fd61258e0ffa
SHA1 30a81e55d4e9845bed2ec0a0d4f8ba5b39cffde0
SHA256 b540cc94285452251e4759ba0ab0b8cc10c5af565bfb855e019c60462f3fee0c
SHA512 a45337627e1d67e81a68659c79e0937cf68b7136730b7b21cc7d0f37320c4439e1f18806c313868330cae409644dbde34c1b2cc169e506affae09d2ba59a5bba

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 e23e7738a77157383b36aac373c94c3d
SHA1 3267e2189c3c333359cfa01fa683c1660020f8e3
SHA256 7792fd4bed6991f5096eefe2c6931e987a660a4739cd88fdcee38b2d4874d034
SHA512 c3eeb483ab01b2bb3614c0294dc8a0324ed82ffd46edd8da4f6e5e522b974c2b0b4da30326e9b614cc32c039a137ea90501278ba8186a96f98e569bc6e4e5b67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6943fe980c70d7f7ad044aef49f8f68d
SHA1 c54a833099a3de76cfeed8e7c1f14b8d890d2d6e
SHA256 031914b55d1995218e86609de50b0bb72016f59f4b1ad7f479bd38d4615e471a
SHA512 c3ecccbfedd9131666d137f1904e208c69d6fa3b85b91ce993ae7d5c05f638bffecf2b652645175237a327ab6d7a0daf41665807638b128687aebacfaada185e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d8142419e8928ab30fb196f20f6b0b4
SHA1 199da6affb5ae775cc43087f783f09f918e82657
SHA256 c9344a0a6e9eb1ae5aaf936fa453f4ab895d8f236761112891ebff3ca4805c49
SHA512 4086729e34270f9a1ac57f117d008e2309cb363c6a79f2c1a93cd68474032dc24af5de5d7f9e9ad78f797a710433ab45294b042afeeeccf51cfb9ce7bdedcacc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e7325670fe0aa5ce7894c1209d50edcf
SHA1 9b7718ac4fb08e0d62ec656c99adcb231268571d
SHA256 d2455cae3d716fb1aae2bc5c6f70d94263cf5e659c71d61866a65dd3409dd545
SHA512 0b9ddf8c7f29041ccdb96ca18483a04baf7eb57b65722a8cedb5f230f2000092a60cca149a6877da5a5d1f9a88cf2819019cf96a89be27999b1990a468af4730

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe589805.TMP

MD5 d80038e9fe6cc7de65d2df5c0364d4a3
SHA1 f06543c07a8e260c11468807ff4f44f8617efebc
SHA256 6015c02cab2dc2c8960d48224a173baa158f98bd4e90f9830de84daa716892b1
SHA512 14041dbc262711940d8d258435812bbead9e4eb8a0213004ee2d105eca33179fc885d217b3361803948b87a9c3fdf2070856ef508fa721a13397575b9b6fd6c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 8d96138af9ac2ce33d40a8b6ad6d8bf6
SHA1 d273fa331020f826d7221cf79a0039cf3d0f7937
SHA256 b31fea396a375865062223f5d738af5d1f6155cb99d8245001cd56769177c4f9
SHA512 ace4538499ea6096797cef00231c7aedb689d93283e86673740b8ddc0ca4a49a8361899d8fecbd3eb81c2265408b614fb80c3ac75adb7cabfb470bd2fcf3f9eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a004db6da09fc4b2817e61442c4dd796
SHA1 81837736b105af6931b24c00be91acaa05722af4
SHA256 fd437593b5f0b82e372075391976dbc8241a85914683592e36fc3e4dca020848
SHA512 86e8d8ecb9613d3e67e98ec2e703502ac1145f79d2b100e68c349441f27035d78618ab5fe752165dd863de0d27103cddbb4aa756e9921ae3f729cf1d932d94d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f9434116f272b4eebf64ea915ce1b2f8
SHA1 93598efc134db7145ada04ad60715b7d8f69238f
SHA256 c960c2166e56a803a0ea60b57815093e0f73c5e5593f375db9f25a9a22acd575
SHA512 d3caf82f081687bc2c189e3557730a298b39623a14c1c111aabac5d3168751be15c1d02b0777b57f6c3316ebfec4c9451bb69b9f9a622bfb43662b20373d9290

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 01f12c1b270b9e710e6a150571fce7d3
SHA1 825a87f6fbf76a6c6a2b7b16ee1199932dd0302d
SHA256 cd8900c203c28a858e9ff7e28ccca50aee8f245755869a45ecc667cc6dec6f94
SHA512 d4d66c41cf7180bf35e278d8190858da6f7b00b22d11b2e5e07ad6655d8968214c895b95494b99e8bf7612fc33b8010447acdb8886c287e6917dbcd0090fd0c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ade3d82922be60f801dbbe6d35f8e1a
SHA1 d7c2d9ad4660834a9740db1e1b6403c2cce865a7
SHA256 21cd247b9933a791e7da95eb94fb16fd95b1da48351babad2fd4d3ca407c7107
SHA512 93ed38c5eb50f853f460549c40abd888056591f095062efef220bb3f24a7cfff311a3716b6fefb231532ed5648b78c3927f95482885be2894701cc6d5f419cd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 928654fa1ea3ce238b0d0f1bf41a0031
SHA1 f90acaf51031c713f24be9817bc021a5d4e7d7c6
SHA256 e1250e1138db928f6841be09ae2dbb7c7e6673c19f1c2242df1d940befc84521
SHA512 c19c7ae9dbbcd9a9ea4feca96079066c76b693b6244877dd7b317aa22c5ef273e593d4ab3ccb04a3754d2f6a605a038e5dc9eaaac17cbe85a0faaadf6c5905fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

MD5 c32068cc5af65c3041ba5d1169c21877
SHA1 4916b1ecb06fc8dae881723edce23c15f992c425
SHA256 d2236b94ac1e28588be6609b6320fd429146a70e97f37e2a4d70410cb15990ff
SHA512 f6ee1f788ea0ab74538c9661df557b9f1f81465f098a9021d73703a7fb5fa81e849b89ce6a4af8377972b3a39179860483eed32cf7277c414aa96b48344ce3e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7821e51b50e2bb9b43bc3a99167bee78
SHA1 c23d3defcf7bac50983b36a7bed87a870781612c
SHA256 f6b2e9069906ac214f615af3cc7c304c6c928b6b85b36330b527c991cb87c80a
SHA512 7ebf02b419c2cc50eb2684663dbe8c9e6ef79e55fd210d629a45469f0317ceec26392aad4d7ce904c5b55a54add6d897f3495f489cdd8a7aa94710dfbda589ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cc7b3dbdfb768c96897aa20601a84e6e
SHA1 69ea688aa01e2554ec46e7544015c0c0027ee6c3
SHA256 d17bfe4c1d82b3424a0821d8e82a42b398b2bda50d4284c93435faa0802af725
SHA512 2f86fc6ff71f667270b948ef3ff17307fa76c78f4da8fc7bbf8667bc2cc8c845d62c1411df7346ab1a3581b3138f87ec013dc722d86f1c06719ed6a0189b5539

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 84a8823d8b834bd99fa53e7bfdd5b5f5
SHA1 826bae92852f4e38dab24ad94c3db6020aa118be
SHA256 6bed906e69d9c8e2685da751a463612d92706817c7046b716a945e2cb3b18efa
SHA512 c48e70ef13a89bcaf3ebbd2a6dfc1bcd208013682ecb9ce26d3d4bf6d5da7170ce43280db189b8db6174302fa43dc93b2b73fc9e57f8e482697ae8816daa59bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b2eee692d3e6f8ac71fdf0e9750f6a17
SHA1 49ce718dbf1c93c0256b4a5a1218fa705d893bde
SHA256 6caa6987797ccb9c766253895d598aadf1c1acd23ad6db4dcfdddd586418f6c1
SHA512 de1fe644e5cc867a470e22da4294964184c8dbd1feb1bb3bfae6ee823c4a0ccdd08a392a63229a7bdf25f3e93b4f49889d41bbf8009f8fe25cf4c680596ac3fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a2876b85e047bb8cda425ef446dbaa0
SHA1 2050a053b802f059367e67f2caa7a4e2c15e7029
SHA256 65f1963766de7d8dc930b626eaa0f938ed8da2772b17ec0f92c5f09cdacd171f
SHA512 b3af2f2e9fd1cad115b6f36f2435480eb08e625f4f26c3057e4e7572bab0403b02249cdaac70de6f8e04dfbf610090dcd030c76ea4b591cb6d51b87554930b22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 828384e8a483bf9dc2ae9b15d655bc6c
SHA1 bfdd0cb636d957f871c9a7ec6cfac9716bdf2298
SHA256 cee588aeb6530b80b4a37e8c65311c2f929c7fd92b679e267570a78b2cd91fb9
SHA512 ee4e19104dd98116827e76e0b9b21fad323fdd201d12289f9cf8578484be21f5e270e4d026a9852764eb85b4fd4d020db75a7bccebdf54156e4130e359dae422

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa1cee9575f818ffec534f539ba75c19
SHA1 a7b6b0f0b37d93f9d70b7f1b21b7f13042fea68a
SHA256 db3c60f5025921115284bc7f73ad6f8513926327fd7714874485f739735c2448
SHA512 7ed068a4289fd82fa234a5cf0318f01115a206fdf59e9745d9318a93349581b55a9c469e12a77e2a625d9d5aab795639ff4361203472c42593ff1bb4dd1ee8a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ead67988be36bc67857888169657b50
SHA1 f8fa2b5158ed5dde14c54b4b9b844a217e7b1a88
SHA256 864a8e908f6ff334e5e3d59005f1dd42ad2629a6aa4ac59e94e04ca8bd13fff4
SHA512 e97d200b22099874e9ce0b6979657e54e57fc35cac77d01510710657f6b5f17826a9f7d59bf3c0f8dda7056d3062fb805b529a530b8c499425a033cceccb62f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 de0cd1061647d229bbd7ed028203d9ac
SHA1 8c7138e06d4106cc208a4495a1163cb5030d04ce
SHA256 514f9851808b0bd5e9abf2e7a45f8f74a762c691c8ecc4003a4678a2d1149af0
SHA512 b4f64a89988e9c2a376f8e017ac53d1d273db31bc2d15aac802e5494cf2d3c2195a5cf4f9733d468e53bfa9dd9485136eb5c01350f2e260b6fd2f66ec9a1c5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b72ec97816235d864d677978e644c603
SHA1 f8fa1443ffa0f042aef3f59282c1e35df0c74f3b
SHA256 f25478cff20abeb31375190fa032867684f321daa30de3f8cc7ad6ee669d411f
SHA512 922efb97416b1bf3af59812058f605f3105987f0effb845baa988e36c8cb99af07cc37745923df47e8a2f361d1639002e29693e584dddbd6760fbe0404a758f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d2c98c22c28a96362e5cdc13fc5d697d
SHA1 4153a7a5987dbb18d94e6a184af9658fc5a41a65
SHA256 bd473c796ac0752106c1fcc4d9d091e00e13cc05f39409d5dbb3c330a77733b5
SHA512 b07f7b5311cb3554294298c84a11b66ef7de41e36630af630b0cf11fb707a1c13e5d5cddd6d5dad22b136578665fca440259e9bff1b4ed435fdf7eaccd7a8720

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9de2a74f4a58db977405ee698293601e
SHA1 e14495abc73fcde5d4b187d3056a56ef49afd3a5
SHA256 77168da1811caffa421914125eb153987f50f78264a970f47edc8cceef16f92d
SHA512 72e5ef85fe763005944c5cdf099b512bb99a16a247adb49e5fd47343903de79a6bc425cbd698c46ed125be2863777243cdf7d20dd7142c5f6be4a0279827da11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fe1be2e91e15d770becb99aad3a13a51
SHA1 8348cb0186437542abcf6adfb0e37441e04573ad
SHA256 800265f6aeb1735ee94f17c531f366268a971fcb0c3dd221a735a746371139f7
SHA512 9d9b1dd4e528ed8a0db738d887fffb950ede4be689e41abddfb90b7e1e6d3e46c55ee4f1a3c27cf1b50b6a22fccd07a18da3163eb0fb3eb0f065f20a7970d84e

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 33ea928e5b2a575158b41171adbb88e6
SHA1 3567bfc4e1fd824c4f62044c65ef7e8886c531fe
SHA256 c32eb9a8d83104023d9f54f7af961ebaaaa3e70fd53fdc72ad22f06b9848b02a
SHA512 84547b3b1dd5240b00d1c76b2cffc76f8996cb6db17a21b7e728e1b2107d114c51789a0d548a35181a9a51b6b374db7cbb931740b953873c9b742412720bf09d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a61bcde0d63541288c20a74962c8663
SHA1 ed83d18c34b414236390fa0e4e2941976a4bd798
SHA256 bcdc5bf7ad7e47624050812b9e4a2a5e7f12b3ac3b3f80b9725919e4b19e9b51
SHA512 dea9ac06574090aaa1efa33a7e3c215030d169ee969df32a156d2a752ff6a247efbf1bec2e92681031ee668fcf16728e21ebf3076a8264e515a400eea9befeb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 b3e96988afe3e5a86cf873ca6f1b37c0
SHA1 a30850fd1fdace5b6860fc94ae262d1df5d2f4d6
SHA256 a7a0ffe966c170ac6206d249576ebe18b7915eb125e2038bb31dc59ae6b7890a
SHA512 d4f9ddbc4842c412184b0eb8bee6ad61dce6804bb147234afcd36aecdf17cfe15b585114a1dc2d1db7c1fcea4bf3d778566fd22bd613eaa66272363db72691ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a2f27d0816fd83ccb64ac6f76b49aa4
SHA1 11a6d7f534b3e5d6368e496db57b8f3eba3ac6ec
SHA256 d92270c61b0de70d3e2ca3e45780545f87ed8c0879b507d15a6042021aa018ec
SHA512 682af31d21f43ac7538f084b8d14eaea9e8d4a7039284f7cab2bbe6a8bd342e68335283dc5f735f321c08472b550f56a6ac3b0538708ba2c401cc67c47b47f92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 525394eba694bc66427c5f2a146344cc
SHA1 52736b8e2590f45dbcb2f4001109de530b413ba8
SHA256 804f49a8e04161757fded3c9ab87daf421b3b00050e6bd8bd1b5aa9a5cce3db7
SHA512 0400ab15c5bab0629707c1f90a1aa2b43b7ac9b7d2aabd20207da8b13915b31dcbb999782d293b2c375bf90ced51a6ac91fbeaa286f1ee173b63716e1b387db1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 19204327517945941dfa43fe5c9c3ff7
SHA1 edfdf7ec2659b6071e3d3b32618fed91c620b3e5
SHA256 0254e2dfc43b165924c265bb506371833ebe7befb53de271793e3da78bbc754b
SHA512 a7766f2889156191bacedb78d9fc0df01a76b1140c56ecb41cc8fe5401413419e44bad7cb5262dfdf68b202f35efaee9e613a42b0fc8ccf4cc6247a5ec517385

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7b4f5eb5de5d05ff5d0b930e81ef5a2a
SHA1 8893096db785b1d6b6315d7c171284742c8c55b4
SHA256 7d1bfd10d6e8d53c5ec3b7dcea6efd4c602c83e9f93386c357abb65b47f99355
SHA512 6ef2a2dc113f337b242d60d8325e2a89207740709c2ac9723a1cc8c03407e42e999e6dec82939715467674e042d05408a6c406ecd2897f95d192455bb31bb998

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 91005d9fb7128411198dcd6bf20b882e
SHA1 44213e082167880f921a386c5c3fbdd476bb33e6
SHA256 7c4e0242786e99d19521ec725e75806d7fab4d2983ac906bcdc567be13aa730a
SHA512 d41ec27a19e936e927039a4097e8eb4c823e3b8e4e98d0570ecb529eab5e06992ddb964c861a09f4e3476fed69f80e5b0d2bd4594ac984859206c4fe5271bb83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1a0c9038c9c6bead69f94413379470bd
SHA1 6bd39015ba9fbe58c011b30159a6ac3a3f97ba95
SHA256 ba013aad3faa9ae01a4ec785ff627a039ef71b9ca810d3174777b60fa6be8297
SHA512 52e4141f55dd73d72116db34090f17b6bb623271788d394937b24cf0b10a07a3145f2fdd19c1aa7323829a75e08959f834671f3cad1cfb818caf084d5a7ba142

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

MD5 d170269951b86f585f899d21ae50e782
SHA1 e981cf3277587be2e230a211eeb4a64a77aaaf97
SHA256 ca08d2665294fd7036d1c5260dc3c7a280961e4097651ddf2cf950925a1f988f
SHA512 a1769e21b012fb39d9b625ce8d8173d306af510a05c3a377f9d6b7a4894ee53933a191aeda48a7850e7d057ab3d97a49854045f514aa75584da5a5fdaa5d670e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009a

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c60bc0706884d0c283fa1244b390fcf
SHA1 e1d884a5987ba88177c309df00081ec9aecdc80e
SHA256 0d193739f6040639e08651244ba06baec6ad5e4dc9a4ad17c37d1aa5404003a7
SHA512 9fabf67a1f4962858280321b18c6e31bce4aa8a9fd4d46ce316653e8771c9b7f5f5640ca0af40a5d85bb09a89573c4bf21466191ce29874a3f019ded89dd2b0b

C:\Users\Admin\Downloads\Unconfirmed 224662.crdownload

MD5 9fb66ffa1e1f4dedfd16eb3a8170bafd
SHA1 69b5d57ddda6b97adde820b9ceaddae9c33d53bd
SHA256 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa
SHA512 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 79813d6e3924d66db955d622cd00b771
SHA1 c0d0205615bc17d4bd6d742a6070ded25b444ba5
SHA256 b640a79670b1cd1c63d3471c8f8f164ec9a65b78ccd9781e233194e4c3a7b206
SHA512 148a127ff0fb3cda65c68bc54098e68aecd680b509e40a2cf83ed95797d428f31b05fccb0614020ddcd02af560fa3702b34482632b246cfe1f316c8781481d0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9d0fdc692597cda3757eea470ddbd490
SHA1 19012d715cd987f1776ec430ef05b5b858234507
SHA256 53e1fd1c071e761a81a98c6735e68173bd0c47790846bb322587d98c534a3711
SHA512 307feda6d193eead7d3f84324c49c00ce0b4c22653a383ab598aaf0eb9112b1c287c297762af8793b137be3fea25322f195f84bd9a5d67c46f60bb390d07a955

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 4f9d28edc0c431adbfcc19d8fa47702f
SHA1 37a6e145fec66acce633199ea7261bf5dd3d855b
SHA256 17e5cfe0cd5e01c1cf679b2fb7da7f3eae6cac2481c41f355c23df375ee0b48d
SHA512 bb7a5f33e2ef384347f8ffa09381aee5609a5b4997a205c972e7d431effa8c89f47e065b41f3acd86c2a395e0fdcd2fa656b57c84c3b94bb2fbde52ed2284dc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10239ea77e87148587a6b4272f666a01
SHA1 a43b27aa08fba6832d3f73b9b0aaf6d1fcea8078
SHA256 8b0f56b382793d1491e01a6f6e83bd92843050ef4122584c6eff16ecb0f25419
SHA512 a82b3f0ceafc0366c4d1c03eda34e721e1b7dfa34c792e7db1fdfd688c33697d7786a80947618104b910c5dd98240e8dc6577742085a7a97e2962e1b976a248a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4838edd65bed957c4a9b5527f6f3a45e
SHA1 dc5f52e5916a108ac07aee63fef838dc5f70b521
SHA256 68efb33dcaea7e62fb2b33a74d8a9ab36516334894951e92fcdbebaa271f36ec
SHA512 759aca34bff7f7c2f05ebeec526e737cdfb53269eef2c610ebd31bd41ef9256b50baa89f47b7dbad4bfae7645295ed5b6f11d95a563192475e5307411960f99c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 31fc1c147287f086c8afc50cfcf71801
SHA1 119bad943e212ea5985f5656d98ea6822904a399
SHA256 49d7939f8a0ecd1248ebf45421199792248ccdaa0a9db5ad90b489b3d8ad8518
SHA512 4f22d5bfb086e05500b691cdc065cdb99fa462eaa91449f805d89f27e51faf9ba1331be844ff5c8cd1402aace960d3ea64cb17d797a379fcbd00a7dd828e6d8f

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\f3b8e82c20c4bb3f94a2d7bcd2a82cd1

MD5 f3b8e82c20c4bb3f94a2d7bcd2a82cd1
SHA1 89618596be7cb90317eaaf2d09b05d522d008260
SHA256 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07
SHA512 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fff180b7b0ad98766680d209341ce886
SHA1 3266b3444ec1b1c666d1128778f355bdd4e41ffe
SHA256 450fe3dc7505777386eb34ab7c8f64486c7868827d99662d733585d2ed48cee0
SHA512 8e6e7c64580a129ed0ea83d6d390d1134c1789051b6dfecb8522839036001f3e1d0b59457b61476f268babd134e256f0e004c34424445444c5be44bba9c6f1e4

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 5fabf7dfd287ddc577a1d59669e62392
SHA1 d666f8e06366a76bc37f53a9b8a38a6decf7319e
SHA256 8f0cd2b813fe622dda1590d7044fe5f7b414da08f9826d6b87e7d0cc98af8996
SHA512 8dfa475e1e7b4abe71d2c1b6c6cd350eb7e639bdd429ca75bce8ad057f2b320118b1b474a36e23052adb4e38026704e0892d39da1d4c68319e9d272f70bf5ecb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a8059cec2ca44ae658bfefbc853c8aa1
SHA1 f73f41aab521083ac91ab228d72371f6c49a602f
SHA256 cde91389d5aefda6f570833e435235df2eec9ace41820c36228e0cec033650ad
SHA512 1029b7864b95795cb857821dbe4145a889de18537729e3bb5c50ab158786b8efabf0ec73c5091d219d6e3f866feecd3750edcc2c7f730b3b1cadace85370bbe1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f6d8bbe6606b62c2a356286304d426e1
SHA1 22f9755883ac9967aa69794b108a2576f462214e
SHA256 d644a1f7424139b1b249d7ed7ba317cba83d44cce6e8bd5dcaad31fa8346d688
SHA512 429252fc75a851389f3b36ae63ece128d4cc53a50123f511d869ea567f06bc02b5bd63450ead9ce2a9c956db194a2007f62e9568b3e640d2f3aaf6b2c1d91b49

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe

MD5 300df46436ba5d076b227c32967ada91
SHA1 de9d47ef0c61fb04b7309875e2f03c8fa37d19f4
SHA256 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b
SHA512 ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 fe8761c2a08979d43b6457d3233fe921
SHA1 01e0a65cb0868893e85f0d8d3efd9f0bf386af9f
SHA256 938e8f9223e127ba82cf7a2dd39fc3941f7789e7e3910b1269d3b6758146b4a0
SHA512 c621a437babd75144bcdd2c129fa47a7011838d1e30ba88b58abf5996c9740168433753c3ca376a65ac395de604a8c5085815a1aa1f7c325b2fb45c3834a61f9

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe

MD5 31ddc9e1c11a44b88cf96c45b3551ffb
SHA1 811ccb9706f656e29d089e30a2ee1650302394e2
SHA256 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da
SHA512 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 75279034c67457fb17a4ed39f688eed9
SHA1 8cece6c2bb349ce5331f48e0b76dec6412423f13
SHA256 15791979529f6c7fe7e2507cbc2df4a90c911d845dad7c1e9186469e4f0be7b4
SHA512 306f699f760f310b015e5cae8581599547aafd8431593635acd32c71e6f4eb2d0fe6432b4ae3fb72014fca9ae4495ff962fa9c66f91dbbe0f7f3e5dbd158fa04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f35b6571e4ba7a6b3745cb2de32df7b1
SHA1 bf5ff10308ce60387c1b709e625a06cb3ee36681
SHA256 0c6cd9cdd0203f61ab0dc243a5a01a6b4f92976165687f0444ea3357f40eb0cc
SHA512 8b57f4bea18710099ee7ecf90dad3e6f94589ae353b80dea1e709caba0391f5366637f9ff2ef23b1af6d3a19e9d743184f48f58ff4b5022824383909d045d024

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 99aa1469109e851b90569514b088fadb
SHA1 02997310059fb8ad8ff08c87f9ad5d55b06bbf7b
SHA256 9c73c8e6e871b716fd66ef8cbad2e9b3c5bd11b4eede7832a769065570aded64
SHA512 c70b99602032dc1a1345332681a3b5dd1da237636ee403003e56a358c7f63e027228606ca3564b88b74a28847e006753986a3a06d3e1667c4cbd50737a7342e5

memory/4872-2345-0x000002478D260000-0x000002478D261000-memory.dmp

memory/4872-2346-0x00007FFACA340000-0x00007FFACA350000-memory.dmp

memory/4872-2347-0x00007FFACA340000-0x00007FFACA350000-memory.dmp

memory/4872-2348-0x00007FFACA460000-0x00007FFACA470000-memory.dmp

memory/4872-2350-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

memory/4872-2349-0x00007FFACA460000-0x00007FFACA470000-memory.dmp

memory/4872-2351-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

memory/4872-2352-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

memory/4872-2353-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

memory/4872-2355-0x00007FFACA540000-0x00007FFACA549000-memory.dmp

memory/4872-2354-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

memory/4872-2356-0x00007FFAC89E0000-0x00007FFAC89F0000-memory.dmp

memory/4872-2358-0x00007FFAC8A70000-0x00007FFAC8A80000-memory.dmp

memory/4872-2360-0x00007FFAC8A90000-0x00007FFAC8AB0000-memory.dmp

memory/4872-2359-0x00007FFAC8A70000-0x00007FFAC8A80000-memory.dmp

memory/4872-2361-0x00007FFAC8A90000-0x00007FFAC8AB0000-memory.dmp

memory/4872-2362-0x00007FFAC8A90000-0x00007FFAC8AB0000-memory.dmp

memory/4872-2363-0x00007FFAC8A90000-0x00007FFAC8AB0000-memory.dmp

memory/4872-2364-0x00007FFAC8A90000-0x00007FFAC8AB0000-memory.dmp

memory/4872-2357-0x00007FFAC89E0000-0x00007FFAC89F0000-memory.dmp

memory/4872-2365-0x00007FFAC8B80000-0x00007FFAC8B8C000-memory.dmp

memory/4872-2366-0x00007FFACA330000-0x00007FFACA331000-memory.dmp

memory/4872-2368-0x00007FFAC7830000-0x00007FFAC7840000-memory.dmp

memory/4872-2367-0x00007FFAC7830000-0x00007FFAC7840000-memory.dmp

memory/4872-2370-0x00007FFAC79A0000-0x00007FFAC79B0000-memory.dmp

memory/4872-2369-0x00007FFAC79A0000-0x00007FFAC79B0000-memory.dmp

memory/4872-2372-0x00007FFAC7B50000-0x00007FFAC7B60000-memory.dmp

memory/4872-2373-0x00007FFAC7B50000-0x00007FFAC7B60000-memory.dmp

memory/4872-2374-0x00007FFAC7B70000-0x00007FFAC7B80000-memory.dmp

memory/4872-2371-0x00007FFAC7B50000-0x00007FFAC7B60000-memory.dmp

memory/4872-2376-0x00007FFAC7B70000-0x00007FFAC7B80000-memory.dmp

memory/4872-2375-0x00007FFAC7B70000-0x00007FFAC7B80000-memory.dmp

memory/4872-2377-0x00007FFAC93A0000-0x00007FFAC93B0000-memory.dmp

memory/4872-2379-0x00007FFAC9410000-0x00007FFAC9420000-memory.dmp

memory/4872-2378-0x00007FFAC93A0000-0x00007FFAC93B0000-memory.dmp

memory/4872-2380-0x00007FFAC9410000-0x00007FFAC9420000-memory.dmp

memory/4872-2381-0x00007FFAC9450000-0x00007FFAC945D000-memory.dmp

memory/4872-2382-0x00007FFAC9450000-0x00007FFAC945D000-memory.dmp

memory/4872-2383-0x00007FFAC9450000-0x00007FFAC945D000-memory.dmp

memory/4872-2385-0x00007FFAC9450000-0x00007FFAC945D000-memory.dmp

memory/4872-2384-0x00007FFAC9450000-0x00007FFAC945D000-memory.dmp

memory/4872-2387-0x00007FFAC92D0000-0x00007FFAC92E0000-memory.dmp

memory/4872-2386-0x00007FFAC92D0000-0x00007FFAC92E0000-memory.dmp

memory/4872-2389-0x00007FFAC92F0000-0x00007FFAC92F9000-memory.dmp

memory/4872-2388-0x00007FFAC92D0000-0x00007FFAC92E0000-memory.dmp

memory/4872-2391-0x00007FFAC92F0000-0x00007FFAC92F9000-memory.dmp

memory/4872-2390-0x00007FFAC92F0000-0x00007FFAC92F9000-memory.dmp

memory/4872-2392-0x00007FFAC92F0000-0x00007FFAC92F9000-memory.dmp

memory/4872-2393-0x00007FFAC92F0000-0x00007FFAC92F9000-memory.dmp

memory/4872-2395-0x00007FFAC7C20000-0x00007FFAC7C30000-memory.dmp

memory/4872-2394-0x00007FFAC7C20000-0x00007FFAC7C30000-memory.dmp

memory/4872-2397-0x00007FFAC7D30000-0x00007FFAC7D40000-memory.dmp

memory/4872-2396-0x00007FFAC7D30000-0x00007FFAC7D40000-memory.dmp

memory/4872-2399-0x00007FFAC7D60000-0x00007FFAC7D80000-memory.dmp

memory/4872-2398-0x00007FFAC7D60000-0x00007FFAC7D80000-memory.dmp

memory/4872-2401-0x00007FFAC7D60000-0x00007FFAC7D80000-memory.dmp

memory/4872-2403-0x00007FFAC8050000-0x00007FFAC8076000-memory.dmp

memory/4872-2400-0x00007FFAC7D60000-0x00007FFAC7D80000-memory.dmp

memory/4872-2404-0x00007FFAC8050000-0x00007FFAC8076000-memory.dmp

memory/4872-2402-0x00007FFAC7D60000-0x00007FFAC7D80000-memory.dmp

memory/4872-2405-0x00007FFAC8050000-0x00007FFAC8076000-memory.dmp

memory/4872-2406-0x00007FFAC8050000-0x00007FFAC8076000-memory.dmp

memory/4872-2407-0x00007FFAC8050000-0x00007FFAC8076000-memory.dmp

memory/4872-2408-0x00007FFACA330000-0x00007FFACA331000-memory.dmp

memory/4872-2410-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

memory/4872-2409-0x00007FFACA4B0000-0x00007FFACA4E0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 669d6c351fb0f7d41ae5c89b8423aa0c
SHA1 94ae8a61be60eefe5166e7277829c351cf443451
SHA256 1fa32dca83cceeab2cf48700ea680ca57ed8fa5f8f30000a97388ab9d5ea2286
SHA512 384d9db9c77a9bddc7bfd2e38d8b4d86c987253e95d01fff6fd16a0232dee38116bba4560d7a8f1a8efa9ba745e779c227f77648453aa63b2dd1f0d4ced2727e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 586b18c1835a3c63daf4fa924f89ffd9
SHA1 602113b89b82daaff02d2827f2101af9d64bed24
SHA256 9ebec11bc883faead99710c7356cccb8e3932926128fe2a5e35f0d615316aa31
SHA512 052e93566bcf2e032985dcbc64492bf0cd2d260cf98d46376069d04544ed3bc15f2b1a974f92cc3a7bd5b3ce2410f2b0fc754627b4a9ed893288aaf717ec177b

memory/4872-2443-0x000002478D260000-0x000002478D261000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cec8356ad84d5e055729148e405ea3d7
SHA1 694fd4edbc6679732acdc8bbb6b1ccd0e22b2ff1
SHA256 bfd8fa7febbaec0ae6dbb691a3cca126a4573cea47a9c5c9767f433d74658f73
SHA512 8c4a2e006bc586cb0e8a4b2921ac5da3db6c062d176edd8279bf82b237c9517ff1f114fcf7fc6a10e33bf66fcd4be67ff732758c121f3bc304fa7a8bb4933664

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 415acb1148c27cd3b1bf82e8dc81b70e
SHA1 6017251d1b7a47e983e04362b59f01a51a6fe443
SHA256 e8dd0a1c180cb3561affcbd05e1920d5e115ac0a2e7ad66f00d5c14ef5a64a22
SHA512 7e632e9afee25908491b009058956faade25e510715d48cd1d2bb6b1449809d1ed32945f37735421140b395273836f6a302f988669a513ae7712b682dd9ad748

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9710c95a5f5af049324170f9d29bbcd2
SHA1 dbf20f3de756a37b5a6a9546b915da4f100a332a
SHA256 8800ca8159160a2ba83ffabae289b979ea30d8775a06a19f744bfb3adbc017c4
SHA512 7bf76ffcd1b7c509f94f2461f481283f685b2ff8bb2eb1df551cbccc56adbe134d9fb7e85fba89173ed4a06019f56c0de912d3cd438c859e1b3e9397b4649a7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4bda05cc899fb6851c0e0ed9589f503a
SHA1 66ab1975ea66c6a5f342e711f4511baf1ca8cc5a
SHA256 14fe1f59c17f54da56dbfb5f79f0d05b7222371642d9ad5a9d15238e079ecfb9
SHA512 835d0db0461d604c0369d98845479215c1edf705654a1df8bd836e43349c1714cd285eddf349363ef06793e37d740a585871fefc9a00738761edbb847aeb989c

memory/3840-2504-0x00007FFACA330000-0x00007FFACA331000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 69afdfe2a88c9736fc64d1e820ae9948
SHA1 818f30858a9977f3b91566a538d94668eadd0bf7
SHA256 1b127d0ff2b56ea5ffc3bf22760add51decca156bfb98dca7b95e714d565a94b
SHA512 755ea1f05635b2e930b307fa75e704dd245d1620b925d4bfc380d15b67b56f5986ec134da4e70e813b609242d2dd52a4e7de4fe4a463bef036d74513dcef904a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d76636893f5552fe11052ce6e60bee9a
SHA1 0a2b5c2acc4bcd527a580bec759f5e117f307036
SHA256 1a3cb9f26d20358e977756f4a92c774e19481e8760c306489ebedbfd4c152d9a
SHA512 9b3a29d5df6668952296f50fb414750976712ab4239c0237fcf989da18c1e4c6575c30a39ebae7e72a60be8c4553eebf79f987c286101f248749e2d7bba46098

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3d00e98acea31d1d9240de132e1cec8
SHA1 99bf80976b81762c495485300b45ec1ff9d001a3
SHA256 b6133072a7584fecb972e1cc3b2538a9669cb7f19c36325a90b3c6c18fe3bfd0
SHA512 ce41b7a21552eee36e08f3d6f8cdeceab059ea0fcc85d0fa3cd2767752a72908d17206b99efe52f8a1ad744e6eeaae5783e95ee79fb01ba1224ae221f6b15803

memory/3840-2591-0x00007FFACA330000-0x00007FFACA331000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 25256ce148076a1e2e7ec2161b68f271
SHA1 78459f489c7b26ebca679b882a5398ddfa18e308
SHA256 3f000f5fbaa5b6da408b2644777152034f4284bc82fb262046cd74e430e90f73
SHA512 c1d74c86d1327d025f3e100119f5ac78b6df7d948a6dcf9a1c1633140379ca0b5707ae45c5698b6ff2b045fb4c9bf0c748584ecd442bd4a834b73ce44da054cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0440bb7acb72518098f9120e4b7eab0c
SHA1 839ea5458704a82a6fc0250b11eea6627bd0430e
SHA256 2313e6858198e8d0eac233ec4453977cd694e0f99f510195e35091544c5f7542
SHA512 0e41502eac7f9aad229fe71a79660f7e38783f094f87b14c1ffdc518beeefbc9d1a7d080004735e067cd065bc69a04f01688b23ede52f9745f1d9abf245b3cd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4b01d0420cd5460de9f33b0398155c92
SHA1 70ece69472d4aa3044a382a80dde93d3c18fb942
SHA256 ec6a046fe678d767bf9e30b8f85b674223ba989ad0c060f97ab349e86053d791
SHA512 7b48695e490d31c3f0940d1a4f67246ac491fc0c778c35af75ef4acde4c57317e6fcdef4e77437781adcfbcab5124e6267bdcbcde3e4e2472c0696fe7dc1491b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 61f1d17192f4cc6a885127c1a0b6b541
SHA1 18fc44756fde07ff4a27300c067ca78ecdc119fe
SHA256 b25bceae2326e38e8950925ed344c993c46e52a12ed64ce8e2216f14ef3c0a47
SHA512 51f4df7c402c0121ab4693d713bb94a82c9ee35eb8484ab9c0c18b797ae2e7601c99c571f96d3338f702abc42a0cce8ce031e30975aa964ae9aba9c91ccfac2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ec47b87be7657ffc0e65448990886fe4
SHA1 446886441cd5aeeded91c83f9b4641b8ba9c687d
SHA256 06ecd9d11b1a154246c517baa1f9e302914d79434f0656a7047ec45bc024c785
SHA512 a68a2dc10d38de6692e37522fb548a96020d2ee9ed65da5b8259313a7afc785ecf0cc135327330fc61f7e313e3f7bc1e777be23d3c043dade42187336d3f566b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 efc57bf93d9532ede6dcbdc8853c7c23
SHA1 774339ccd5a57a9caae997322fa95d6e312782f8
SHA256 7a910a7a6ee5eb8ccfd4e5f2934150810fed204c79a0ee8588b473d5eefc8ce2
SHA512 adff0a557e70f7fbb81da5ac52b9dcec0cec0fa797878f4ac232acfee783703b0e0cfbcb96c9cdc3a70ac0148500677f674e6422720b83705910c708b1681184

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c81acf63f237a050da0c1037f032652
SHA1 9d6067dfd56484da81677d6e631e7a91bb9fde88
SHA256 ae78498acbb46f0f66240e93d9cdae097fbfded92143197ceb48b5671c46311c
SHA512 de2d4492455fffd83559d780d6dc72d67662211d583b289533bc9cb91ffc95411d56102eaaaf0a8c1d8da8c65977865daec34a15608669a3cb06155efd0b73a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20f7a074c5703b9e7161a425e8f1da9a
SHA1 ffdd50f2a4c8bad128be5c0928e9c89841d30e79
SHA256 3174cb96679d4695e730ac41891d2f98b590da2941a7709a21061cd9045ce88e
SHA512 989c6d0f335619972cb4a6b5eb912f3c99b67e0d1d889e2a74a2dbdcf0d84dab0845f7501d806d5c1d003e575cb7d7528045fd0a9894d5fd28c478bb0d967855

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 96bbe6445413792a1f0ec19230e6528c
SHA1 05cdcfac46c4e70b336ec7104a10bff74aa8eba8
SHA256 51c23da00e9c755361c090ed6dc39fa6a9080cf962e618076075620431d98b5e
SHA512 e22a4b859f7789a16ce05c21a1e8d56f0887e5f9517271d56a24f5f3623e65ddd4e21f7939e517999da4489150b4790195ebb0cd9a46a46c954f6c4b17ef534d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b6728d15b0b3b041317d34d2f80d1f12
SHA1 602d6f8cb8918bc270c9f230af38c6377abf8afb
SHA256 de9a3699f8d9b1aa361e6bf5dbf55a2946ec5ac85cccf44b5ca39d70916eaa44
SHA512 daff099f3a4d5032ba29c28bd860359ab019dceb01409ef011c2568989ca214f8bb088f5f348566ba6e613e785989d905ba806a2cd94a9c1ab07e7b8c3325913

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc39ddca41b88b8f3c9fb0a777364376
SHA1 c2a9655d5fd4716e88f0141d8afb4740f15af965
SHA256 9d6de17dd19641bbdaf8268e4d41361407d722c4f24770fb711708d08c53cd7f
SHA512 7509e136fc8b7bab5fce6c3962e06924f39d02b81f480fe0b51c0caf4d13bc05bb02503777f725fbb6e62e874d49a1780dfabfe0f7be839e19eaad9cded670ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 623b08e6774261fc72913bf728cc76a5
SHA1 65edf6aaa07aa7982239630f3d6fe83eadc72866
SHA256 1ad19958e5d57034c1f0a77caa1ec963deec9160e8a464ffd9a79b05849124bf
SHA512 61788bcf774f94da2f176beb837f5d041415b6a51b680dbcba0dbb7cdaca789229bca0cadbe0595039d6a966a385da0ccad2fee4420cee8db602292f8579f677

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9191e8a98e6a248ca04aaa34d61bed3e
SHA1 cc8b83017a170ef3e9bf1ed3ce6efd5556a257cb
SHA256 db4a417b43233351b56d1c4170bb7d2f4c006b4540d7da76c1ddef097ca7d436
SHA512 f6e583e53754d8efcf3ad2cf7ce8d63755ea002e120c8a7d98aa61accf299229ac7424c135800cf8248d1a4c496cef1d569a7291a69f79e94125e5e13330bc46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 521c61dd76ce99498a711dfd91b03225
SHA1 86c4634df9e7212c0a966f554e83f50f2a9067c6
SHA256 40d6b8b16dfe5aeaa9e868f9faa50dd3830a3b440ebebd9b5f378d350a087f52
SHA512 c445791b630a3943a6ae62e5de8de9bc84ff0b44abf2ab856cd245b6d7efb115c4e9c9fae2b6f37e36765ebbe14b13c43892b070d992a50c4ec327855f8d5bfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 daa4ff79df428d7b4987ad69ddd765f6
SHA1 4f22bfb596ec48622b61e7c192265f93b9c99f53
SHA256 1be64540fbb37dd65a524dab888f17c12217eed72c9ddd7b41b8f5cf97b8478d
SHA512 55aab422339337e4d130461ef598e94db26cecb227c10a42d5ddae4056755ab83a08deb88427cb721fa237930e4c42b51dd91c88cbdd34d99f5ad0132187f471

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 39a11732da8c7a4207a2e127f7b99ff8
SHA1 d83cac8ac54ece175e118b2af8e9cac8762677aa
SHA256 902a3a7dbb8557c5599d371b3c565741899b911c43bd343bd859f70755e32610
SHA512 2f3a708656eab414b39396a61edacfbfb8eb027293ff5a18fdd53606355edd76fbf1f095bd3af26b7bbc597b4f78bc855acc855796d0997682c0fc78542a8bbf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 13abacb458221e797e1a489232559834
SHA1 068929a94c3e5fc3409883be2d6323b8c3c4f5ad
SHA256 425f585f727210bc1517d7dd39749a76d1030a2d753b8644292e723df7d3123c
SHA512 b0817b56b5b3dfb29827d03777fdcf3531acadea2108c41d03af8c2d4310678edc1a8ca7b6bde35897e10e711d297559c863730bfeeab21eaf2fc7d866345992

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d0763db484a91150780d614bbab0fcb7
SHA1 82cd76a50584ee9bd59a93cabec869556a66566b
SHA256 9390522c425fd43c4b419cc98d44a8743a54bea3f5d3b9adc10cc81fcdc37379
SHA512 65a1f2db39e5da1cb425c6ffff9a3bbd90d2d3efb181d76efde94f7c06362b18c2ab3043af407fc783b71823f6417e4daf98cdd7646a8179fbd6dc7c1165aef5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4f1025dbc7ed103e2293c3b280088ddb
SHA1 b9ca628724bf4d0508dbe738ed4f1a7f82abf757
SHA256 3e1d80af8b20400a20b18e292742ae8654a6270f26c5bbfde58b5c744ee59622
SHA512 23d1e86801a9e89257efd834ff5903920eb5484d4fc7fb382f4c98315fbfe3a2173d71c55e73b7c864590cac21b5a24535c58d995f9344b52850c3f40b9918f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d79d96071464bd81d0aa1abba17dcd1
SHA1 eeb5d0a83ac93cdb83852a1cd141f2b5b39c5f68
SHA256 ad42cd7272be056a43942ffeac95079a085da3897a07ad9232af6874fc394456
SHA512 228624b3586324947c344e130c7fe2c37593156b61738fe76f89f8a73b457a658a0fe86829c67cad8198d9e8824f8c8e5ee42865803e02f109883c3d5063fed7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9f47edb5ba71ecbc8fd7b814c8328bca
SHA1 f5a455e3a489ed4d5634241f6eb8115b8afdaa07
SHA256 b3c401b676835b75c187248c6d931339d575f68f12b539844c74c71dd4167eca
SHA512 6b2e4fadfd3d78d74d9f3b0947b4b68e99c07649049af03e72d0b9ebeadbc9022ebc347b30d49267229046f30789f0f66e047592178ebe5e2fe45d1fcac1afb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e5ebb52da96b76f9d42982eb61f66f78
SHA1 5616c4a10d6f8b2a28d219aec65d497eaafb1e4f
SHA256 b4a53c230b85653d7b446b93d88ab8fc30976e1365b32da3210c123c6fbd539e
SHA512 ace19d063208a889c8cbe4d3fa13963d908285d0a938039315ae41e3234d5209b04ecbe4305bcbba087c69aa9059377f44d481a184f20dc7cbcccc68dc61e4ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2f83f709a02f72418d3cab4f1c44280a
SHA1 34d7c1f547dc147fd153c05ae312d3f6ab0f8ac5
SHA256 75c41f3c0261889767e0e6291b328a9dba6f937bf9206240f4f05d1f727e09c5
SHA512 9afb8cf0e9d6dae61121cb9e94890b9abaaeb89c7874cf380eb614c416c2affc55be06dee08ddb86b8a1dcc6343a2e650dc7b8b227e28cbb21bb2858fd7d17ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1204a375e729697f057fe13b4bf76e9c
SHA1 f5d27ed8bdaeab3a79a2ce375c5a08cd0a7501dc
SHA256 77b564afee9fa3e417a6f1bf5612ca6a7db81b6eb307d21f938b58e0b80d786d
SHA512 5eeb1abbb17bf654036a4475b09270c63845fbf3e7b6ed2735395b3f3383cd83dd493a71d578c0e07856a97300b43d44c96697bab7424fdd339a9c697a72be15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7983a3ead162bf7d0faba385eb972190
SHA1 8ad0553cc8200f45f9efcc4ec36b555526f9049b
SHA256 5a710e106fa93a43118bfae161f237cf789ad3e0749d9ee145e618f1d2f340da
SHA512 fbf2d70b50f8b62e8a4f09925ccf68454d84c88c39e77219af70fe4d467c1035ab198f53c4dd493cd6bb84c8e5ad313590ad1597be4d8a214f1a0e4bbd6d2ddd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7c0af88c9e43351daa086239c0f3fdad
SHA1 03d18707dc002e14abbb3d1a4605adabf36bca9d
SHA256 d5b604c95cc9c5f7ed8165f0316fab43935baffa5b753a41d7f502915961a552
SHA512 83ae06372f9511d82ea27945c642ae691bdd0fb405e54d3b6f02fbd531989fd098156fbfe090848f258da98b84865f9023da78db09a12a01b267ff6491d8a3cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d7edb5f50b5710f5dacd5c36d9d2dd9
SHA1 e4ed148befc70178ae5ccf3b7db9a4c0003bba9b
SHA256 8f19c9810906db9d6bfbcf6807ce6a0af51eaec26432f7d3dfbbe31c7f44e9be
SHA512 7c975f962a4e938d9820135b1b87f34298b04fc28abdd47cb218c3cbd29d26cc3c4832a0e8abacdaa128fc81d49d41d5954db4532e294a822dfd5c7747219cc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 28c8f09d238351ce1c51d18e3f0876e8
SHA1 4684ca606fe58315a5c0dc6408932fbf6d051197
SHA256 ee86c8db985d848571565511d95668719e0c646e679cdb1fc5ad5bcdf52cf4f6
SHA512 693d43497424d2b6aabe3a20f2ffcf0de73589b38727a76b5eb0a6d4d1ba5db111c88258772157dd6ee77b9bf1f503c7b661f5a8526e9bb550b6ceddd5ece073

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b8750c46ed292dc3ccdead4327f98146
SHA1 69bbe5afff834a2ac0553de3c04b22fa22257b98
SHA256 aef5d74efb9a095b8e483a2906fa873232d953300b862ed655baca3940410b2e
SHA512 2e01a2402307317e5fc498a1d51c82d109f1b17e07c3b8296a17c07a6336a0136c7cf58e132824fab5ca8c85a7bf87485006ef7dc0d628e37b4a17d3856630cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd71a8b15ff945d9cade32dc4274bb30
SHA1 199e1bfae1de20d0cc989b119d297504fb8f145e
SHA256 ecdb6869049e6d6e5b5bb90ee89f2134bae9a7accb8db9cd8d938322ab0215be
SHA512 91f00036f9f36e7b653063c1d7a3b280738c0dbd1acc61a640042e47bdf3cb82f8d74fa60c4aa3c803acedf4a9c78903686a600aac5e70b18b83de0085527408

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a64e750ffa1b5c4527133c911c03ea08
SHA1 fcb5c6832a43e101e8591bd1eb4378721247f2e3
SHA256 ae746261f5063492b0a1914c349a6f283e52f4676f9d50a7cc94efdbeed14132
SHA512 58a6d3186d928617aabef491e40da08a4fb9f94d63f9f171da0626c7f5caa9204aefc99cb53cc96855e9482dc89a58933e7fe10db51b2d85d4d3425f46803feb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7bf744e0f787110c870d6165f8a8142b
SHA1 f3b29ebe07234f3ef61812f7589b8ccb35d3bc94
SHA256 7c8bad9869ea81a7f84a1096290948f0284d3d9bbf852ab39cd92aa756178cd5
SHA512 66a4220b154d529b5a3ecd7e45a582d37ae58f694e9faefbaaead4944bee677d921adffec8750cc17c11b3458fc373c0b544f5a2ca78d52d7ae4b544140e0dfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4cc76be480788ea3dcfd84e4d12e1ada
SHA1 27cda60ed5ec65a2d8f7d13f1901b1c55535b1e5
SHA256 cd82e5bef981d4c000fbb180e4a0d0dc4f1cfb027a506132bd5a64578e5ea406
SHA512 c25d35a965e2f5457a28751818c21070040f31c993dcd201574b6b6233b55d1c4b296097da476c85ffb9049e51ab330f19b75e103545cfe83ca6df08aaed1796

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60ef781a2bc3c67f707f9302d83695d5
SHA1 00ea64597129990256b00d443f647d45b5e4d60a
SHA256 eab1306e23f21cfc60d7767030ecbc8a6f3e3a2b05bd34fa128f5ec2a3e3b07e
SHA512 eaa5db541cc62f00c00706ef5c12acdd4e32eddbc284b2314151087eb8ea8f550d4b41a8efbaf5183a0a6b10e5ff311e8d0d5ae3285f5c6941b01269dc9760b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 308bb735b4b83acea4c9d024d875a329
SHA1 aa63e2c5c02046c020e770a5c2bccc0cc8b47b43
SHA256 99334e373d02451aab4fd33aa17e645bf0ee1ab6bf66a9e8a779735193b7bff3
SHA512 28693d65bc35f4a89870ad9d9c2266abe80fb05acc73e70f1034c5dd2151f8c324d1ed63a0674158fcfb640403712ee0da1efc6d5a9eb4d8c64e2376930c64e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5e723c5170257141632c0204f5a4178b
SHA1 84968fd698bf7f867f41ed0039397b9efe1411b8
SHA256 d9205bcd4d57dcfe4e7fd12217d822062e9776119e32e893294a024c8b4c8202
SHA512 9227014e84b7b2b7f164a22944f36e6c5f645258e39a6139526d281891cb1a30281a3b77d0ed942dc4ceaf410c6919f416233e8b8e6b543f48f165c428bbd356

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 06a8086995ccb9262183d3d2bc42fe3f
SHA1 bbb6023948554fca3491f6a474265c274256b88c
SHA256 d26b3ef652b8c0840dfd4a8bdd740a35698a4f9a887f8f74b20e5f69d32b7a39
SHA512 008375b790fe412a15440079192e63dc0b403912e1adc85b037bd219297b8e5ba422eab27446ac5971df37f8ab737816076716d4a129836d62dd2b416cb9670c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 01a66eb1e1a02f0730d183a4fe184d98
SHA1 754810d361e8506fad93408c7a0dda73f9b162df
SHA256 ccdd51721ea05ee0c1377c8db5deeee14fc96280821c10d792d0595ca1929222
SHA512 892123b5bfb13e7706baa53ff440cb3c1a9eba456e46a2409dbe4815aeee6b4b779108fd4fbf529f933c3110809353714d2716d206c5f08fe175bf102666a4d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b31090524673be575316f3bbd79a1332
SHA1 5113f4e6bdfe4c33ba589d499df8a4b8285ef4fd
SHA256 7e4ea721ede61a864389ca25863f72e6d24c77d7edb5f608769ea71a3d1b6880
SHA512 1515a6f689aec8965db8ea0a92ba11cbefaee644078a61ba32a48dfa6ed1c27c2cd509911a39f6ec9fb0d6d3f7299225711feae3bc77fff437f396cbceebc2cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d72a49eefe41ddd0fe430096015efa86
SHA1 21592b6aea0e5f0094f8aa6efa544e7e0a42f68c
SHA256 20e3262aab49e52280ab353cdf8dce075628e417de5acce8331ebabc93ce31b1
SHA512 2a3dcd1bc1e211bb4291f27c69337d867a41db621c07e998fc28ea6ad323f59d3bb1e04d4e821c965235efecdb0c52c8c98025b257df0c2f795bd25286db8b4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6c42d0cddd2551c267c829b5bba99140
SHA1 fe7ac95c73d910216bbef96e9fba16c767a43c12
SHA256 63101100d32c66b049341ac4fba915696a59a5c378c3e0704419f9180579c84f
SHA512 026d600e7de9a88edc207187f3121d4c61cd860e0aa568de6f6565dc07866f33988bada93675979215d491e90abe4ebc0351c669d4591d70058e8c2f27befe1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f63a8c54e7165b6bc2f297137a033d13
SHA1 5b95df911e337642f610c836b60120cea82e8f12
SHA256 be35499f36dbeb60928ae8ff7b196cd3a1431e98b98c556265010409ffcc20dc
SHA512 48d00f2fdadfc22d059cb6c985d5cd25a4392dd570172cb00f53f08ad5bc0cbcc2647f2fe94d6903842df61028ce0e68121807bee15ebbc0e7f59d70ed841f5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f518df09fbdc263c3233c79079184c89
SHA1 5e23b3030bb0d33a7e55306acb79713df44d8cf8
SHA256 855f805e3b568df48bd0a756e7ade59d8c914553187340081fc186dc1cf47f6c
SHA512 6e72ed6de2a00d7546f8fabd249849d6bdbd88db2a774e7010ecf653a170696086f828a9f9e35d204ba10119745dbfd69c2b47d374c25e731b5d25b73b4b0864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9dd7ad62e563f52324cfca4fe20e7d67
SHA1 94a6e7e34c7a14656ce9bfbbc1ff116ab1e97785
SHA256 e15b0a98b380a8d4b4c8717ecdab5efceaf01c252afa42b2dc07fdbacad9f775
SHA512 6bf383a852ed4c75dd5ef9b1848c615427c0dc3f94ea3bb8ac64006963b252f3c5778996768a110555dd1f72365f8881924a1c73607ebdc8e3e827e04c97ac86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dd7239dd2e289663dbe55b479586796e
SHA1 411b64870ee88ff5d158a32cd15e61d96825f70b
SHA256 89c904c2f3f4d56e043100afbca008295e9d45458dafafbe41b54802647a6d07
SHA512 146280d0e8c390a3a0dde6514778094aa013801505b43e90013dc5fc56775bbe9e4075e1226313ec0ac0f976d8279f580b36eced9ff0ae818bc4d5163f12f2d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 898f1335d674f2a923f4644d88a09eea
SHA1 526105dec50a3febe64d1519d9fe92c323bc8b40
SHA256 59b8f0bc9e29091dfad67b60ab5efbbbc795d1ffd56860006852c3bc44d6c5f8
SHA512 6b57d3a1931298d4cad5d3a33913092b5296419c2fccb7baee877d1cdc23a40f7e88ea4768e6abac0fde4bc781330ff07c625e94776d5350268bb8773947f045

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bda67aab2b9a6c9ba97ae8b87665eda4
SHA1 7d96a1f17d2d312d56c9b94451c7cbd4cfe27166
SHA256 44df1e0671c0fd7c92f3e2d66bac546e7817f4eb97b3524887907a6c992b7970
SHA512 a5f1bca17d75a073123e1f2956a81b5b385ac513fddec6388f25834d65dfb9b0d23293d22840c46af4074e5a02ee70dcd9ea9227cd816aa162c9d1240445f554

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fc279f0eea7345ab95d3ac925a43bbf0
SHA1 1d7bdd5c9e206b209363db685d9837f1b14f7f13
SHA256 86b5ecb56ecf142a9dda59aa590c299655649a17026d5f1203fdfad95b77501e
SHA512 663725358432bfef222f74ce6b746e00b0ae6d11cbe3679ab057675c985554dc6db9ea1c0e1504349e37cb429f4133b3e8cb2d13a45962b8bc38c88bcb7be228

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 55c356cb580702a5107a8a0aa0a496e1
SHA1 7e20bc6cb4304711e584c494a2cb3e5854b29a2e
SHA256 04fd5462e9ee9f85da54a86d2ecee1657b58d8d89d828d59f0f4ebb452816399
SHA512 bb4899011fadb7bd99c1a7fc621abe74b2698d3321b61bb4f7f8d3db277092ccd52ea7756337f669c5d2b3a48e95b573bca65f1e70d065c6e063aaf693e78dd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59c2cd3f0980facd20dc35084408d2ff
SHA1 04a914984b94ee62a19dad1cbe814e9462ed84b3
SHA256 522550b0021a2c4a4568cb7b3439e0d0e4650966efb7326a64b9ec66f7ce0634
SHA512 d56444f3a722cf2cf2704d9b6afed6b9e35ac8764a371dbd67677237329da45a260d6d762b9da78afd4c0789f5bff01e9a7c648242f569abf0c22a12a65de395

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aa3e925c26619d067d1cbbecaeec2ac2
SHA1 75c85de84ba14961bb056653ee742d1fac0446b9
SHA256 d381c4266d89536f2649e16b7af1d110b5ee736407cd59dd464f6bbafa0dd36f
SHA512 f65aa6b8444c2901e5e0d0905217857e79e3ea779821ceecce4a3df7cfcb8cde7173f8b9e70c706ddc313520bf0c21c5aa2549c6279d75347b81a2ca4ff0d1e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4f3ef4a957b081197348daa1eb7ddb90
SHA1 8e35cc281b73a033bea0340422a5f763283c8337
SHA256 2f9d69e9af01325cea841a4b6a60c805102f795bb0cc690c2bbd1db8cfee64d6
SHA512 876b5dc433d59493ce24a0188cea1fe4a28e4a35787a12a5007180d71f5175e9c188e7c678f9a4e9720f9c07193d8f0e7463e587305f6ffccbc238dfc7aebf7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 538a06136463df4252e2ffb7df80607d
SHA1 e355ecb41bb51e60e950a5a9db61047da5af51cb
SHA256 39579e791a3c465757a04e59d0e3a3717288f1707294049e808ac091ca22e799
SHA512 ac6c7eff769f88d2257a1a5d61b72c7589528993f0fd04a3255f2a774099d3b88f7b8622f261b428a04aa2738818f45758da2c6b09686a05a6ae5f43dd75a630

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c859d8644ed05b06a9b56bbfec9b610c
SHA1 f732055e4a2f2dd27925068e20a032eef4b9ad2d
SHA256 d1927c85dfe785ed32f2edb4fcad72ac66f506d0c099ad7cfaf50efc9e269a9c
SHA512 73b038edbe40549a09a1db26c516da1f9abac1d1f10edc87ca88c0944a046714ad0f761042323340ecd116fc508910e5a43a4904be0689d5357894a51dee6212

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fed3036f0abbaf26ef26c86d58714aa7
SHA1 45f49b947067210a5b1b7c0a38454fd40eea1e92
SHA256 27bd558a5658b1fcb9edf04d2411728b1708bf0b61cc03c69723d728aa653a53
SHA512 687ffd54a69416b248e4d924b2e6bc0799b23b98eab0edb0e13e9383c52a2c3b5b2c89f7780d50e889fd98e6270659954440d01ea3bd4fffdc15e79081aa077e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d3877ab17af5a16125223d4bf4d225fd
SHA1 030e9371c85cf1022f987cc3f5e7d5f2c0b177be
SHA256 5ebc14a5c8a233bcfbda5070b96a72ba50d0e1a30d814a889cc6ec475ea5fa7d
SHA512 038a138f0cd984e8c03899ed683ecf4a9c9fa52ce5b91de7d1a607f607aa68981961741b690fa7f17a3f40905f7148989ae93339fab81d6de598679d70b20f6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 43e89279aa33b99bc28b96d3a6dc9b48
SHA1 97b2a0b7888038b81e679f05ddc19dd899e8507e
SHA256 4dbdbcd37de054f6172c50702b7080f4783fad92f7c367af4519d4b80b3431b5
SHA512 2bcb9625798dda3ae6a9c60ec6af371dc9b35174b91ad131759c2600a7186e256f1c844f7051a273d1ce7317b13d8ee151643733a7692cef840ff8d95e157615

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f8cd14422dc74f054b440fe4c52509b8
SHA1 c6fef8d6a26ed1cabec26266f2fb205cc71dc79f
SHA256 ce4cf088a1a59f02802e102156649504a912dcc9b5a206866f937377e22cb8dd
SHA512 e1bc8e3c8a301a7846bbcb1b60d4fc6c0ef5c720fe0438d6a548138722b7a11aa5e22296938e7143b9f0884536da4571d22fa1d260ef8f3265b2bf941e614864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a365cf01f16697e99da9350abb3f2dda
SHA1 1e499188f1e0a108d3d3c86b3410eaf2a75dfc29
SHA256 984cf42ff86442fd601408b4272c16abbaa9c93ec0ee0e722a2262dc5ca86e38
SHA512 1e6e74d9814f7a396e6d114786311a05a1b2144552b3f4861df733e5418a557915a0fe5f63b08901cd5e087965cbaddcc59c4ddaa66a821879bc90aa36bdce43

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.33\BGAUpdate.exe

MD5 09fc5490d32c867927e960f673911ebf
SHA1 2ecbee3518fb701959d2539a88892391250dc010
SHA256 9014827c68fd6a31ccd7ec1c8f182cfeeb60962760391446b45c264e062daad6
SHA512 cd295d344bba456cdb2394fbe736c7b52c8f20e2776bb6b37c0ecd7068c841a646208e4bd0ebb4cb7880fc15caa8b18da485340ac8f88154e61cf76fb16e8162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d6e09fe963c65661b037d47ffd98039d
SHA1 b37c1bab00d4acbe6a07559ef4c1ed95414357e7
SHA256 78aef154aa9b4f0181d6aa0e8c8f8b74da9e50cfe4865f3473955f815ca0a904
SHA512 8f886f3e126c72c3f9cc8aa9759bffb0555dcb15644a2655db405199caaa8356614daf0f6d1ec62ffbb47acf768f4e488534f96bd3c7c8eb4ae49c8b0025b7b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b5b0255d848159c10f3b711e5d3aa79
SHA1 54be5ee8da784af6f5231e63c55f2c66507b07e7
SHA256 24732389fc28e7f7e1c35472612422eaa43473263df68411a337cb46728de0b2
SHA512 103322f311c6d0bdc992e34db5106d99f112c80d398db0d821dce0da3e53a330b276229f1bd2538edca33d466a78b27d5d58944bca4e954aee354d90a873b318

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{64CA08CF-1A9E-4F4E-BBBE-6DE207A7A19E}\EDGEMITMP_6E9C3.tmp\SETUP.EX_

MD5 2415cb112f130a1382726afa58a0933e
SHA1 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c
SHA256 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179
SHA512 a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 48351c356bb6b4cb3e5ac63bad3fc11e
SHA1 ebe5017b4d8f2f02c5a56fa70506528099364d16
SHA256 f4a04eb8a2efc080e1ebf278d5f8606e4ec699c2c5faefea8856a0663571187c
SHA512 7df9a59ca0b06181d50f79e19ca7a6bad3287b5cd7cb329079ad7b169ddf110e19ba32fd86d126fa7230f0e38332948993e14373ee5ffb9d154ca7a4ff116420

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5ef754d2227d1846b067ee384b734025
SHA1 37e02ff9750702871c0da882f9ebafb1384a29a7
SHA256 0cdcf87d8404090fc8a61143b3360beb0cf6ad01a3e716568711fcec7dc443ed
SHA512 95df702157b212948a8d8e81a5dc5a62606b024b9bd6c40e8fb7e7cde24672250e5cf826432092b0f7e6bc97312229fd96dc9a49ea212a1b8e56b1c021b75d00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81dad8a2a0876f98e6e96a0018135305
SHA1 c4dea51a669ea71c868a6a70d606bbbb9cc47de5
SHA256 7b59f8a058c8b8ad6c0ff6f83c8ae9bd0ed2d79998d6be3f6ab5025115ea2f74
SHA512 66d3b99c50d4f1482ade40cd84e7d0e9f84f4e7ef4de1b0802d57a5bbd99aa08df5f10b2811f812e47eb16d6af4c8e57ada9714811afd372de6adfee90775dab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ffb5214d70cceb853791ea42dcdc72f
SHA1 f1fdfe54304d5bcc4910add105e09ccb801c3c66
SHA256 79268893f1340561c232871b846d842a85c165633e83f825cfdfcd225d56d72b
SHA512 77772b14855b16d732830c91b662b8d6198055e015b3368d73b2d063f40032231d1fa0536dcaa57389e25893f414a248ef6251c3bc29b301b7bb7b215853c6bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d7bc80166e4ad2f10b834fb943e23d62
SHA1 2dd43cdbc36c9d0c9cc4a357347293ae806c74f7
SHA256 2eb350b2e794ea5041ed2c12a492b4f4fc6d0c24d0ccaea95857854d4dca9b21
SHA512 8e0a9b632b8daaac520e6ed2e0be696653b4ef9d2bb06ea341cd31e58f9916f03b11c827960ea12add5ab1b741da9897fa6eaa94cc7b06180358c479751c0272

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 263128e9d309f8c2d7500578ccbf6a07
SHA1 6daf2fb8968327c3396ff84949964008eda05c8d
SHA256 32adbfd2fa030636094734f574f53d4ff379d9b134ad39f15a2233ed585267fe
SHA512 bd5058cff086a429b126896aeb83c9fcca4a7f0212f6004a78f2acbf99d356eb4413a50c0988390af56537e0a52c445ca35a90bee8a97114ffaaf9f98574ca94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f85c969cffa5b52caa626b477d3a5762
SHA1 5372e45171b648c0c84556a08719603e7ef5a12f
SHA256 008723fb9f550a925781790721958f9fd556e335abe223e4f6ee3e054a1a3b4c
SHA512 3eac65c9f5e86a48567259565cc6b2d3bb80b6af5e4c5f9060bad06a12c6cc45adc3fbb1a2ff2a65aa2205470763e652df53a966462f0bc02e71139605f990b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c43a52b465fbbfa0221136b517ff7f03
SHA1 4f8ea0d30da4dc73c5a1794158ed98f102a8af64
SHA256 da7cdab51f967342a9dd43288e2beb775cf753aeab6790d7ccf54678eaf9fdf2
SHA512 0985696f23b7829d8c4307ef9342dd55b847d13d82c5f0ea953179fa0818496f929f9d18e22f2437462fdaaac74f7f49097e9c0b183c0df48361ff413360dbfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae0dc8dc3b0177e3bed3da79bf346232
SHA1 84dbd84a96512ad4e9b6a7faf7b72f7960a49408
SHA256 4626e8fc42e815f87821f7793873339dedbdcd3ea46b423e70e1542f37d7bcbf
SHA512 39215f2792deef04570f562f267c980364ae68357a3181c75a1683e424314d62b3ff5551a8c49a9de52f82ff00c117ccf39a4e4cc8d28504118d33bb862efc72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 40aed5341cd5cfde9f8e2ede0e5f1de1
SHA1 9596b5db0f6853997bcdfe5096fed347ca6ae94a
SHA256 da2cb585fc587c960c81b1cb8a7c69edb13ec6375f8c1021f11c7207a79985c6
SHA512 d7c6886098e3bed4d920583f74874f4062f1ff0309213df4b3341cf9fc621c17d28dd32c6fd7e435507b0a220d35a0dca822f2a85e257cfc9ecf552ce9bbcd42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c76453ab2136b783b396513b2d751642
SHA1 1fd3a73afbafa590cefab3aec41b6e2a49440b3c
SHA256 f8b54a169ba31d60510b0b7843720a4a4ed205e43a2953aaa8aaac18ef7b8381
SHA512 2a3caa26c21472cbf1ee92bd1fe078f9b2cb8ac292b93d2212313f1d3a2ed7ddadab4e9cbc8cbd7ce54781e82ec4ba5a0a8f2ec9697cb385841d7cfef47bf3c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 85b73ba816914b549ae01a38bf2fba5f
SHA1 9d1cc936dfd0b903d27d79a3639fe3cf94ebfbc5
SHA256 d9ebc976b67cbb81dd5c68ce5bf94177ce962de4bb5e5e3726c7934ba4656eba
SHA512 e04f3f781f0ef06e89384c30d27649a8b3752579f490da5cefe90fa9cf8e42be3b9ea89acd209ddad5f222414f3fe006b235017b6e4b1d5e0627e700346aa786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21a825b37670fa55e50b0c6fbb0bfe99
SHA1 95dfa2c1a5cd4d05dbe3b8b5ba603acff9c36fec
SHA256 6c3f465398dc9e02d3bd028a23ee3eafcfa7a880a080c8f4d146149586f2f016
SHA512 1469cd56e27323f7a9152471144a3c99a09c8da2775034ee89eccb05ab45147bdeba49e0160a6a0c0e9cc4f574743e71060c6b12597d7f9d2d989bb8141d52b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d09b5c6b42e5654838e1e8fd1f73df21
SHA1 5e831af0b3e012aa7f44a01bc8b1a9f0a9001822
SHA256 130da739283833358fec3783b319c39fb376c6b4051446b45734ce0f8cf033fe
SHA512 fd4b9b6a87b2ad5f00fa7f01dd8d5242162daaa66f76866ae4254a61f7046544fb8cabd2b7e4d16e0d793201ce25d5588ae33a1379abee38d8e124e2ef81e10c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 acd4ab46d0ae3b100a827dad0d7bdb52
SHA1 4a8e7a54438120fae91dc217e1916e5b970b551d
SHA256 f0e13d8c489522795caf56e6d8fce1e07f5feea4d7253513a279f8afee5e5bc8
SHA512 edb2caf8a205f818691df049bcdb365526f8790ba7befffbee55e75ef05750dd20b72eb71eb1f4ffcd53b5a6d898682002230f649b755efb7563080ba8014b99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae649f1fafc6faddba49cd9b3d651aef
SHA1 7c2a575091f374baa6b7e9e16ca094f054506689
SHA256 2764f90c4814ae1e59144c158b4a3a0de9d43518db747287f0d879827ac3714b
SHA512 f097b95e910f9ffd3a804ec6bac4b034f72d83a7874a612cd9a05a661aa86b5b27acc49a4beec1b276883a430fb0dcaa779165b45b2638911ab57b70ea4c294b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd68ee1f70494f7c2434f6a47c094870
SHA1 cce2509a0dd04a9b881dba7ebcc6687eea9d8c71
SHA256 060a3e35873c4cc56b216626077eff57148ad6ac40c6d6c600e57bebbe15ecce
SHA512 03c29528aaaf7de5dd18749ab1b94aeae2121d892e16c8db8762cab91275b708586b90c84d66f67d0c025e30e9464998de246b4183908e6e9f0ee055ceadf02d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a548473574d99be9b1efaf6dd39fdd01
SHA1 0ec69694daaba9022ebe3988fd5c34d4c4b81ff7
SHA256 48694f90b1af70fd38e6e4efa7f48c5e26830bb54dee41310f9bc05ba1c88d2c
SHA512 2fd475730a055eb34d52334e1804791effc8f3f8ec05c78a0064cce543a6d7cf857460f5079146c0a242318132501eb28f9df7f8b270920c406f77d2a5585c56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 025e8d17367790848d57a3d77f794443
SHA1 54e45010cc710a8fdf51f9558f61ba21237be1ea
SHA256 9331a0ace4791d6a7f0234034813bff8f6493716737aef038e843e6ed8852872
SHA512 01256ac1cd6b020e78a59a0a3e9eaf7300b8334f10df6b79317439988e7a00df99985b5c7a2f4df38ee8511731d6dac48ba62a7573293b6cc35c70d21a045d8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 356abbb14399cbce4038b417dbd3865d
SHA1 d501624f69e3301b9ce20d511096b4cdc3f401b5
SHA256 362058f6ca75ac3ba1587cff818e816afc5c605eeb961c179f055544d0eebcef
SHA512 04bc1e68067ac1469eba8d516c25a15f169a1818f46939e7fa4d3be64abbbe732bdd311df9e637af0f377d0a9713dcc788c058eb7ff447466b8ae2171ac5c71f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2cba578047571eab93c49b56fb8c8bdc
SHA1 0f71b8f81e8b028bb716cafae4ab5a5874a7b4e2
SHA256 e3d15341dc8bb3863fc72ee66bbcab9cbab695ad68c107de96adf8e76d48b4e0
SHA512 f7eed275dd278808ce804f4e9b5e33936d1ff0951affdb09cbf8ea0a2026f607981c9e3669aa84c18f342e371641e0d71286a68f51094c7d28422cd318ca02c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d0115f864561a3e0ed48570fee11a3b3
SHA1 52be285676ddec026e9376e6a588eeb633660688
SHA256 a35ab06c794ec3e5dc0a19e346b4bf89105d04bc2dda63f83fac3144bc659c3b
SHA512 f7a48a19c54e27474702c0ee0827d1e526e8e56a7a519970ae552cae38de27c827a1c0c1b0b7d620826d7e972945a3e7b257e9cd24ecc4ccda4211f3541d7cf2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b512d693ddbc9271f318906619156c3
SHA1 c06bbd036f7a5f28fff46b3e75d5dd6a6d1355d4
SHA256 95327d003dd91af7b81e85c9102f550aeff7cd59107645acc66bfd4fc772aa1d
SHA512 3246cdafe869404f98dd1a8a82284fe997c67aa7396dd6bc1992e605ca790603b3ceee511cfd5f26f039e54b0bca6f24069a4818aae939aa1ba011732e348ac5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e8f54df75f298fdad217ac902e584403
SHA1 a1e5bde71cadb5e99ea4c62252da73fbb12f1ce0
SHA256 7366b5ffaae2921a6e9301cc329a9ab95322c07fcc5c4d813ea77aad93daf134
SHA512 14949026383da54f5dc7ac02144109d759111d307565f54a89572d40155485a9d075a0d7d70577bdaba6ca0229657d9da5c4367dd5a1ac84a39e1cc3dcb96856

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c608b27b694daf672eae6ff7590a9385
SHA1 6d067620fa0b020d1dd1a553f912ec2a3cc605e5
SHA256 1e4ae95439c8f457be30f7a61e19196f14c7c18d82ee51a6725b5fc2dcf88c26
SHA512 3f34caa1698ca0a433896ae82a65d9b2ba166af956bf69f3180ddc2f2d1d819085eeb9eb2a1c2293f7b17e9d84b9e479a55982193dc446fd2bd6a91bebffb433

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fc54a007a3a4d4b4131e76c58382a5f6
SHA1 8f044cc431782d2543e452b763b4197f07e7cec5
SHA256 16f312fba9c520f6089de805a7794584abff62ff6f8c33d5636c1eb904b7cb2d
SHA512 fd8ae118ef4d6527d665f49c9e08b11a3745bcc36f20515a06fe1fa8a78e20d875b9dadd3f3113421c770c4341dd4f1dab275c22a5dd5ba86ed1c84f95f73b46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c97ec7597512e902ef88e85cb192816d
SHA1 9f9498edbaf401501c859c1c4bdca49d1da775fc
SHA256 6ca1ea3e4de0cded8b2d64a914b0c7122b633746e1e99cfd126b801ee0ffec43
SHA512 e26736a9b281bd283ca2b1280f64bd95dd513f1dc67e3f1212c09fd8b351f8505d4fbdb32e428b62f924f5efd3757df17839b67952c6bc853134fca4ef0d537a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e9980728-a06a-446a-ab0d-7abec2e8a6b6.tmp

MD5 c6d69171fdabf93c35db704ef8f684bf
SHA1 69ff34a156272fad59499b2ff2c95a228443f44d
SHA256 5c859c9e67647dcb838b29e8082792f7c2f1042f980502bc1246f91aa61f06cc
SHA512 c334ceac91d8270a67ca9cca8a35f6477918cc143988b43de042a76122b1202bf60c46a15c7717beb20a5b210f21af9f3dfb6e5a37b9bb6a347afe0e422ee225

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cc2d32b7476ba854c50b933c9b0d483c
SHA1 a405c9055be5f9d276f106a360d47bcc211aaaf9
SHA256 bda089fd0c55fd94489a30db9d786ba3e6baea9da59febc6c8a89d96cf6edffe
SHA512 e4f4df89865b485925609539fdf64c1e084412d7a23ebcc1b64fef805ef8eea0b01717e43bb74a099a70a6735f241d8ea1e0562ebfe1c10dab0361c73992faed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8438e501d636995afe6a4ffb93aa8a19
SHA1 1338269a20a501fb231ac9905574bb5b95e20906
SHA256 25822611a01d5521472091626bd2df47fc9b0139389895dfd855e8332b62917f
SHA512 d423890b2a6778900987d4be077f7fb41c20dd2d8ff0423e08a9e87de0a8be0c06006a0db3cd9fc934c70947eba03d91aaf7943e64ee77e63823fc32f1b1261b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2e5dd8e33db0366a2bd7735fc6d881b4
SHA1 32d5d0726a2f50e2bbdbd1f69b821921b391c450
SHA256 a8b20a0638033c6f01e2f187c6d7308eb4056bd90a8ef8fe3bfdb7c996ee2a78
SHA512 fe76dd6fd6d09606931dd216b48cd19df0752aad8c20bba5310895f5b563c09af0d596ef0c3692a5e46a2175737b2f5fbf350d598a9d8245b6d12a4ea80f165f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e1bf3659a0b608e11ffc9a10d20772ca
SHA1 4cb6f213a0a9e6ae2ffbad3fc5fa5615fea54d03
SHA256 653cfab23793819433bd3c78e6673a4c42a6344c94bf5298da54482d373e4fdf
SHA512 ea9b4fcc035fdd87e5c9c2653f6ca80be9dce77362c541420d9a502efa1e7d059e50b3578245cbb2bff1a0beef29bd950d83f8f8b04911d0ab15dc654a74ff53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e749aa446d6626984b725359205a684
SHA1 824fbf62925c97da22b1437cadc28a445a8df64e
SHA256 d956558476b18e579507ebcaf2b012b58c87416473124045e2ad9394e3dc82ca
SHA512 16c7551e44726981e06e87e78c1cbd00074183462094e5411ac792c97fbdfe0543cbe12e54be8bb7a0c0483198b57db4e237b37e8f5ee28f1731a90b9663fb51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2b418dba9ae0cb83646f78b1dc88b7ed
SHA1 203a1a04323864832f936835bf01fec34613f542
SHA256 244127db08946ebe455810b1a3e14056fd434d77c136f1c1a7e2a63d136ba529
SHA512 593bb198d506d5f8c800471175baa242768c582cb88fa969d36b355458591ad977553b44ccb92f8e744be15e13a4a8758451b7b5efb653558b49e03087387c56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b8d133e92faf1342fb68b898f0af778
SHA1 2d613c4375210e7430b9e020c75d3afac9feadb0
SHA256 5bb108e1c8fc1e5dd6d8b602d2a4f1577f72e0f2b2ee03bd09c2c4ed3def9020
SHA512 d1c9c62cb3e0e7cf4ee3b968e82ae0388fd174a5af495d35ad72cec44e95eb235ffa30594501ddcca43ad2837c4f4959129efa74a8e7047bdee9fff9f30507f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e425a89f83ff6bd38e640be128cddaf1
SHA1 3c3587200a978069831fd7cc20ee21a02df985b1
SHA256 2bd049939e76a2021c84e0922a316c1cc1a898a0229a6fe128284097a91236b0
SHA512 a1598b19f72272b465898a322814365ebd1c6a7ced7009bb40d4bfef54e02278c1fba26b014169fcd29a4a2a27dd396d1085ac0a0415475364fa031d9375d927

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20c189200dfeabe3ffe918c1fe85235a
SHA1 495a88b7d2248ba18271d4df24ce2d19a4393ccb
SHA256 6bd791a2511aa74d6e3f5d975fb3f4ab89673427adc39d48b4521e47b5174776
SHA512 e30945d640505fa392e2bc9eb84489df661c1481bea473e4e19c73ba872e3dd1c39c3d7419892c35bb89cc313d96b7eaf3ff58ec2fddffc2709eb576d655e29e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a5690324972d9dfdd78683b65f6143c6
SHA1 d280ac94cc9e82272ee3aefa5800d73185ed0139
SHA256 84c44fc4741a1afc07fa74bb34c714f8c0bcb84a60b02e744699ab8fc21c5831
SHA512 2b80a9192e122013e3b5f447ec733d0483357f7beae5d39e28f0ab89f9cebcf116ff9a40837ba9080ddd765a668786cdc99e2c2459bf35b7db73fc5b6db59ce8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 33ea10b396a4a7dea29cd0d68cd5642b
SHA1 0ba656ff2a1a1e608b63b447334647fb2a2fcf3f
SHA256 18ce5d34de3a7b83b8fd9983934726fab1e12de5c10e0eb737038257dac9226f
SHA512 9c06d34132c263266df45423b888ac9563b53ebdcc4d5285114a2ace15a6b0c733611b9db18a51c6281de82738d3ef77b282e186c5f810fad42dbad12298a953

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5bc45efe840fb8e4645e8ae5d795e024
SHA1 fb74b78caced2c8cd74ac6f9fb83cda9b4bea0bc
SHA256 1a460f364f326389823deeaa24b4017c1f887bd42ba90d282bb2d5a4eabf2264
SHA512 6b90d5ee63b48b77c93db713372dca56cc57820e2173e62418b7a3d14d70138ed4372442519fcef21af4ba97bad80192a7afbcfb425d778f45771c09f0685af2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dacfa50f007b391f974da75c0e5b1f2c
SHA1 e71ec92871eae8fc2a7b000ab65982fa9186ebc3
SHA256 89c47828c6ded6be7a5e3978a3529d5e24c925c44637d9d458baa09955d4158f
SHA512 ad2a573af20e46c8a5c617bfc56846754647f5478f000af8527431beca31ffc4bcfa119c3b8e2fb4f60ad99c7de31b2a2aed3a31b41d973e26b7f0ed3aa1bc8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 26722fb02b917c911cb3aba70dadc903
SHA1 786f63d5e3d7e12560b949dead72420313c72e5f
SHA256 1870584d1b653e8f30179160882d494c87bcd67c6263c2c0c8cd396aef42a41c
SHA512 40281427f1a6156dca6c29580c6c8cf6ac20d55b083f70d94dd709746fdb8d01e19faab935c29710c8fc48a3a86af41a108dde279fe156aa512943ac11a0c039

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aae4d5f8b933239cfe16c76cb868f85c
SHA1 e1cbce932659e77dcaebec318cc06b7faeea9c1c
SHA256 588f0287f3eff3a9cd3f0aa38f422c949e974703d57c31c885eb3c2c5b47e84c
SHA512 e9d657112252235cdb7489a96465c7648e190a5eb15720a3b693693e1d253b234f87b3f95ed6b8978a96266596ab72c693e7c5fa76373966d555032767fd9e6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 10cb1ccb22defa4bac6843943ee3de31
SHA1 45355a02954a10102adde6848e451e31b9d88cb8
SHA256 fdfe55ddb3b64866665b4ea7f55e3a44702ae064364c9fe8094100fc1ddef623
SHA512 f84f79d7d41014459cc6341d9632631530ce2f9027b4e6960efd349688665850f194929b53a0910c5e228c03cc668463b559a2c5d1a1d80f46a50b42866996cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ae150ff0298920f4bae0589e5960f93
SHA1 367e06c0eacf1cd7c14ec8c738828c19eb8827fa
SHA256 f73e702d479bb38f64206136e583d3476a05b18b9242ade9ed354057967353eb
SHA512 96b15b92397c5312e6146c6d6cf633bddb826e0a5c72368d301613bf5a606dcf5412e4c356999b3a7dde3eaeacd735a740bdb7cb8d4ad3659adfe7cb253bb743

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c4ce1cf409743b6e22e567bc1c891571
SHA1 fb0daab1c04632795caa450deb517edd47ef8f68
SHA256 3fcbdc224a7192efcbc5178a1f6431ff82447aa5ad9f729b651ebe1c571f5832
SHA512 3f6f584e6991806d5f6e32b88843380bdbed3a59a1ae6525070cb32a0adccb7e7e6e2ca22bf5e486e46620108a5b9477eb5b9c2b41f24f2d240579c8390c29fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e43ba48647659122d5ed28f71c6cccfa
SHA1 22d00e58432086a5ce27b894bbfacdc3e762c7d7
SHA256 b828fd45584acc394b846fa1d284b4192486ccc46182073b24f9346b8e01d49a
SHA512 7e6977c0f9bb9bec639df4767e0687631885e574595c385e825533280d0588159ee03924c4c6d785111e02f30028bd78d1a8fab8be0a02ae4bf031aae802eab8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c8574352fe5354e7256997e274de4231
SHA1 933d90a3cec5f4e9aa629320328a1f81105370f1
SHA256 8f38c5340df84a1265164b27dd06bc26c57a8c5fb1d2c6f2967ee2c9d00471f5
SHA512 20610f1e03516c5f4bd1c9f5caef54c1a6eb851176a33765e3f930d2621098b63122c26f566cba6e28136f3b3e0da920ac98eb3065ef33a69ea626db3e3ef93e