Malware Analysis Report

2025-01-18 21:39

Sample ID 240415-qmz98shf8t
Target with-editor.exe
SHA256 5e0ccd493f01f7cde38bd8b42ad3ab0fadd00b1970f9f1b7e8204dfdc000436f
Tags
discovery adware evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

5e0ccd493f01f7cde38bd8b42ad3ab0fadd00b1970f9f1b7e8204dfdc000436f

Threat Level: Likely malicious

The file with-editor.exe was found to be: Likely malicious.

Malicious Activity Summary

discovery adware evasion persistence stealer trojan

Downloads MZ/PE file

Modifies Installed Components in the registry

Sets file execution options in registry

Registers COM server for autorun

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Installs/modifies Browser Helper Object

Adds Run key to start application

Checks whether UAC is enabled

Checks installed software on the system

AutoIT Executable

Checks system information in the registry

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Suspicious use of UnmapMainImage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: AddClipboardFormatListener

System policy modification

Enumerates system info in registry

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-15 13:23

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-15 13:23

Reported

2024-04-15 13:30

Platform

win7-20240215-en

Max time kernel

122s

Max time network

417s

Command Line

"C:\Users\Admin\AppData\Local\Temp\with-editor.exe"

Signatures

Checks installed software on the system

discovery

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\FloatingPointProcessor C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Contexts = "1" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar\ShowDiscussionButton = "Yes" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\COMMAND C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\COMMAND C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\Contexts = "55" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ = "res://C:\\PROGRA~2\\MICROS~1\\Office14\\ONBttnIE.dll/105" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default HTML Editor\shell\edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Default MHTML Editor\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ = "res://C:\\PROGRA~2\\MICROS~1\\Office14\\EXCEL.EXE/3000" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\rmsfile\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Roaming\\AutomaticSolution Software\\ReMouse Standard\\conf\\ext\\filetype.ico\"" C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Excel\shell\edit\ddeexec\application C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\rmsfile\DefaultIcon C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\14\ = "C:\\Program Files (x86)\\Microsoft Office\\Office14\\msohtmed.exe" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\ddeexec\topic\ = "system" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\WinWord.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\ShellEx C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\MSPub.exe\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shell\Edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\ShellEx C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\ddeexec\topic C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\EXCEL.EXE\" /dde" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ddeexec C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ddeexec\application C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\MSPub.exe\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0057004f0052004400460069006c00650073003e00620069002400540021005600210030005a003d007b0050006b00300076006d007e0041005a00750020002f006e002000220025003100220000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\ddeexec\application C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\WinWord.exe\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\DefaultIcon\ = "\"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Word\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Word\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Word\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ddeexec\ = "[open(\"%1\")]" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Publisher\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Publisher\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\EXCEL.EXE\" /dde" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\14 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Print C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Word\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\WINWORD.EXE\" /n \"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSPUB.EXE\" %1" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ddeexec\topic C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\DefaultIcon\ = "\"%1\"" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\htmlfile\shellex\IconHandler C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Excel\shell\edit\ = "&Open" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Edit\ = "&Edit" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Edit\command\ = "\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\msohtmed.exe\" %1" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\rmsfile\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Roaming\\AutomaticSolution Software\\ReMouse Standard\\conf\\ext\\filetype.ico" C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-2248906074-2862704502-246302768-1000_CLASSES\rmsfile\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Excel C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Excel\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b0045005800430045004c00460069006c00650073003e00560069006a00710042006f006600280059003800270077002100460049006400310067004c00510020002f0064006400650000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Excel.exe\shell\edit\ddeexec\application\ = "Excel" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\Microsoft Publisher\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b005000750062005000720069006d006100720079003e00520024006e0075006a0053005700460065003f007d0061004c00720052007000390078004000570020002500310000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\ddeexec\ = "[open(\"%1\")]" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithList\WinWord.exe\shell\edit\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Excel.exe\shell\edit\ddeexec\application\ = "Excel" C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\MSPub.exe\shell\edit C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\.htm\OpenWithList\Microsoft Publisher\shell\edit\command\command = 7800620027004200560035002100210021002100210021002100210021004d004b004b0053006b005000750062005000720069006d006100720079003e00520024006e0075006a0053005700460065003f007d0061004c00720052007000390078004000570020002500310000000000 C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\mhtmlfile\shell\Print\command C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
N/A N/A C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 2256 wrote to memory of 1832 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp
PID 1832 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe
PID 1832 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe
PID 1832 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe
PID 1832 wrote to memory of 2452 N/A C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe
PID 2460 wrote to memory of 840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 840 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 2792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2460 wrote to memory of 1708 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\with-editor.exe

"C:\Users\Admin\AppData\Local\Temp\with-editor.exe"

C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp

"C:\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp" /SL5="$400F4,5359530,57856,C:\Users\Admin\AppData\Local\Temp\with-editor.exe"

C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe

"C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe"

C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE

"C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7329758,0x7fef7329768,0x7fef7329778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1072 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1512 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1604 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2252 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2260 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1260 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3156 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3392 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3452 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3448 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3508 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3604 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3700 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3652 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2380 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3380 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1544 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2668 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3888 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3944 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3932 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4056 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3440 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1032 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3364 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4200 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=1036 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4204 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=1136 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=2780 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=1856 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=2484 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=2052 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=540 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3148 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=1036 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4256 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1748 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1856 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=2340 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=4508 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=1092 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=2456 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=1236 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=3524 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4220 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4264 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=3564 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3424 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=1856 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5032 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=3376 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3156 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=4420 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5260 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1092 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2256 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=4388 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=3168 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=1544 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=2040 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=4532 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=2696 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=2296 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=3812 --field-trial-handle=1228,i,1985654498268963739,1600302517307869866,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.201.110:443 apis.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 youareanidiot.cc udp
US 104.21.95.69:443 youareanidiot.cc tcp
US 104.21.95.69:443 youareanidiot.cc tcp
US 104.21.95.69:443 youareanidiot.cc udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 archive.org udp
US 207.241.224.2:443 archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 8.8.8.8:53 polyfill.archive.org udp
US 207.241.239.241:443 polyfill.archive.org tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 analytics.archive.org udp
US 207.241.225.195:443 analytics.archive.org tcp
US 207.241.225.195:443 analytics.archive.org tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 207.241.225.195:443 analytics.archive.org tcp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 142.250.180.17:443 csp.withgoogle.com tcp
GB 142.250.180.17:443 csp.withgoogle.com udp
US 8.8.8.8:53 uareanidion.org udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 youareanidion.org udp
US 8.8.8.8:53 youareaidion.org udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 207.241.224.2:443 archive.org tcp
US 207.241.225.195:443 analytics.archive.org tcp
US 207.241.225.195:443 analytics.archive.org tcp
US 207.241.225.195:443 analytics.archive.org tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 www.reddit.com udp
US 151.101.1.140:443 www.reddit.com tcp
US 151.101.1.140:443 www.reddit.com tcp
US 8.8.8.8:53 www.redditstatic.com udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 youareanidiot.org udp
US 50.28.56.190:443 youareanidiot.org tcp
US 50.28.56.190:443 youareanidiot.org tcp
US 8.8.8.8:53 ww12.youareanidiot.org udp
US 75.2.81.221:80 ww12.youareanidiot.org tcp
US 8.8.8.8:53 parking.parklogic.com udp
US 67.225.218.50:80 parking.parklogic.com tcp
US 67.225.218.50:80 parking.parklogic.com tcp
US 8.8.8.8:53 d38psrni17bvxu.cloudfront.net udp
IT 99.86.153.171:80 d38psrni17bvxu.cloudfront.net tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 172.217.16.226:443 partner.googleadservices.com tcp
GB 172.217.16.238:443 www.adsensecustomsearchads.com udp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 142.250.200.46:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 afs.googleusercontent.com udp
GB 142.250.200.33:443 afs.googleusercontent.com tcp
GB 142.250.200.33:443 afs.googleusercontent.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 trkpc.net udp
US 75.2.81.221:80 ww12.youareanidiot.org tcp
US 75.2.81.221:80 ww12.youareanidiot.org tcp
US 67.225.218.50:80 parking.parklogic.com tcp
DE 185.53.179.31:443 trkpc.net tcp
US 67.225.218.50:80 parking.parklogic.com tcp
GB 142.250.200.46:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
US 151.101.1.140:443 w3-reporting-nel.reddit.com tcp
DE 185.53.179.31:443 trkpc.net tcp
US 8.8.8.8:53 www.carislifesciences.com udp
US 192.0.66.176:443 www.carislifesciences.com tcp
US 8.8.8.8:53 stats.wp.com udp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
US 8.8.8.8:53 static.hotjar.com udp
NL 104.97.14.240:443 snap.licdn.com tcp
GB 199.232.56.157:443 static.ads-twitter.com tcp
IT 108.139.243.30:443 static.hotjar.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 pixel.wp.com udp
BE 64.233.167.157:443 stats.g.doubleclick.net tcp
GB 142.250.178.14:443 analytics.google.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
BE 64.233.167.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 script.hotjar.com udp
IT 108.156.2.20:443 script.hotjar.com tcp
US 8.8.8.8:53 vc.hotjar.io udp
IT 3.160.212.126:443 vc.hotjar.io tcp
DE 185.53.179.31:443 trkpc.net tcp
GB 199.232.56.157:443 static.ads-twitter.com tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp
US 192.0.76.3:443 pixel.wp.com udp
GB 142.250.178.14:443 analytics.google.com udp
US 75.2.81.221:80 ww12.youareanidiot.org tcp
DE 185.53.179.31:443 trkpc.net tcp
US 75.2.81.221:80 ww12.youareanidiot.org tcp
US 67.225.218.50:80 parking.parklogic.com tcp
US 67.225.218.50:80 parking.parklogic.com tcp
GB 142.250.200.46:443 syndicatedsearch.goog tcp
DE 185.53.179.31:443 trkpc.net tcp
US 192.0.66.176:443 www.carislifesciences.com tcp
US 8.8.8.8:53 www.theoutnet.com udp
NL 72.246.173.33:443 www.theoutnet.com tcp
US 8.8.8.8:53 p11.techlab-cdn.com udp
US 8.8.8.8:53 s.go-mpulse.net udp
US 8.8.8.8:53 api.pushio.com udp
US 8.8.8.8:53 cdn.trustcommander.net udp
BE 23.55.96.141:443 s.go-mpulse.net tcp
US 192.229.233.55:443 cdn.trustcommander.net tcp
US 8.8.8.8:53 se.monetate.net udp
US 8.8.8.8:53 cdn.raygun.io udp
US 8.8.8.8:53 lcx-widgets.bambuser.com udp
BE 23.55.97.29:443 api.pushio.com tcp
NO 104.110.13.48:443 se.monetate.net tcp
IT 108.139.243.41:443 lcx-widgets.bambuser.com tcp
IT 108.156.2.12:443 cdn.raygun.io tcp
US 8.8.8.8:53 c.go-mpulse.net udp
NL 72.246.172.149:443 c.go-mpulse.net tcp
NL 23.62.61.137:443 p11.techlab-cdn.com tcp
NL 23.62.61.137:443 p11.techlab-cdn.com tcp
NL 23.62.61.137:443 p11.techlab-cdn.com tcp
NL 23.62.61.137:443 p11.techlab-cdn.com tcp
NL 23.62.61.137:443 p11.techlab-cdn.com tcp
US 8.8.8.8:53 lptag.liveperson.net udp
US 8.8.8.8:53 cdn.optimizely.com udp
NL 72.246.172.167:443 cdn.optimizely.com tcp
GB 178.249.97.23:443 lptag.liveperson.net tcp
GB 178.249.97.23:443 lptag.liveperson.net tcp
US 8.8.8.8:53 lcx-embed.bambuser.com udp
US 8.8.8.8:53 cdn-pci.optimizely.com udp
BE 104.68.67.171:443 cdn-pci.optimizely.com tcp
IT 108.139.243.65:443 lcx-embed.bambuser.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.171:80 apps.identrust.com tcp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 dynamic.criteo.com udp
US 8.8.8.8:53 analytics.tiktok.com udp
US 8.8.8.8:53 t.contentsquare.net udp
US 8.8.8.8:53 collector-25116.tvsquared.com udp
US 8.8.8.8:53 c.oracleinfinity.io udp
US 131.253.33.237:443 bat.bing.com tcp
US 8.8.8.8:53 hplovst0.micpn-eu.com udp
GB 2.16.76.80:443 analytics.tiktok.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 tags.creativecdn.com udp
IT 143.204.9.12:443 t.contentsquare.net tcp
US 3.143.167.246:443 collector-25116.tvsquared.com tcp
NL 178.250.1.13:443 dynamic.criteo.com tcp
NL 23.62.61.162:443 c.oracleinfinity.io tcp
US 8.8.8.8:53 f.monetate.net udp
IT 18.66.218.105:443 hplovst0.micpn-eu.com tcp
GB 195.181.164.21:443 tags.creativecdn.com tcp
IE 99.80.96.190:443 f.monetate.net tcp
IE 99.80.96.190:443 f.monetate.net tcp
US 8.8.8.8:53 sb.monetate.net udp
US 8.8.8.8:53 svc-prod-us.liveshopping.bambuser.com udp
US 8.8.8.8:53 us.creativecdn.com udp
US 8.8.8.8:53 dpm.demdex.net udp
IT 108.156.2.8:443 svc-prod-us.liveshopping.bambuser.com tcp
US 8.8.8.8:53 app.adjust.com udp
US 185.184.10.30:443 us.creativecdn.com tcp
IE 52.208.77.120:443 dpm.demdex.net tcp
DE 185.151.204.14:443 app.adjust.com tcp
US 8.8.8.8:53 a3533800155.cdn-pci.optimizely.com udp
BE 104.68.65.165:443 a3533800155.cdn-pci.optimizely.com tcp
BE 64.233.167.157:443 stats.g.doubleclick.net udp
NL 23.62.61.162:443 c.oracleinfinity.io tcp
US 8.8.8.8:53 logx.optimizely.com udp
US 34.111.140.246:443 logx.optimizely.com tcp
US 8.8.8.8:53 c.az.contentsquare.net udp
IE 51.104.148.203:443 c.az.contentsquare.net tcp
US 75.2.81.221:80 ww12.youareanidiot.org tcp
US 67.225.218.50:80 parking.parklogic.com tcp
US 8.8.8.8:53 id.google.com udp
BR 142.250.219.3:443 id.google.com tcp
BR 142.250.219.3:443 id.google.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.200.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.213.14:443 www.youtube.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.179.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
BR 142.250.219.3:443 id.google.com udp
GB 142.250.200.14:443 www.youtube.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn2.gstatic.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 142.250.200.14:443 encrypted-tbn1.gstatic.com udp
BR 142.250.219.3:443 id.google.com udp
GB 142.250.180.22:443 i.ytimg.com udp
BR 142.250.219.3:443 id.google.com tcp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 downloadmoreram.com udp
US 104.21.73.238:443 downloadmoreram.com tcp
US 104.21.73.238:443 downloadmoreram.com tcp
US 104.21.73.238:443 downloadmoreram.com tcp
US 104.21.73.238:443 downloadmoreram.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 rlv.zcache.com udp
US 8.8.8.8:53 platform.twitter.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 151.101.0.241:443 rlv.zcache.com tcp
US 151.101.0.241:443 rlv.zcache.com tcp
GB 199.232.56.157:443 platform.twitter.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 ssl.google-analytics.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
GB 142.250.187.232:443 ssl.google-analytics.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 199.232.56.157:443 platform.twitter.com tcp
GB 157.240.221.35:443 www.facebook.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
GB 142.250.178.4:443 www.google.com udp
BR 142.250.219.3:443 id.google.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
BR 142.250.219.3:443 id.google.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.213.14:443 www.youtube.com udp
GB 216.58.213.14:443 www.youtube.com tcp
GB 142.250.180.22:443 i.ytimg.com udp
GB 142.250.187.194:443 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 142.250.200.14:443 www.youtube.com tcp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
GB 142.250.178.14:443 www.youtube.com udp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
US 8.8.8.8:53 e2c28.gcp.gvt2.com udp
US 34.94.232.12:443 e2c28.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 192.178.48.227:443 beacons.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
BG 172.217.20.67:443 beacons2.gvt2.com tcp
US 192.178.48.227:443 beacons.gvt2.com tcp
BG 172.217.20.67:443 beacons2.gvt2.com udp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com udp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 142.250.200.33:443 lh5.googleusercontent.com udp
US 8.8.8.8:53 www.google.com udp
US 192.178.48.227:443 beacons.gvt2.com udp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp

Files

memory/2256-0-0x0000000000400000-0x0000000000415000-memory.dmp

memory/2256-2-0x0000000000400000-0x0000000000415000-memory.dmp

\Users\Admin\AppData\Local\Temp\is-FQASU.tmp\with-editor.tmp

MD5 832dab307e54aa08f4b6cdd9b9720361
SHA1 ebd007fb7482040ecf34339e4bf917209c1018df
SHA256 cc783a04ccbca4edd06564f8ec88fe5a15f1e3bb26cec7de5e090313520d98f3
SHA512 358d43522fd460eb1511708e4df22ea454a95e5bc3c4841931027b5fa3fb1dda05d496d8ad0a8b9279b99e6be74220fe243db8f08ef49845e9fb35c350ef4b49

memory/1832-8-0x0000000000240000-0x0000000000241000-memory.dmp

\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\ReMouse.exe

MD5 f3b864b4fc3e090e8ad3ead18a2c20f3
SHA1 a3f627b76d6f5cbf6d3b4d559a9aea89241f6130
SHA256 b5dfb4e59f1764bad01615d94ace06b7c45d4d51d36bbc0f9cbafc2762e47906
SHA512 629ce00bdca3975b9f396915106397ca58a3117e566af902c1aaa4ab7f6f19f66cdd513879ac3543dfa589b3060d8a8b96bdb20e8a0c1049d1abb1f6e1ab1960

\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\unins000.exe

MD5 95edcb135fd8ae184ff9b604beb77f13
SHA1 44ec750786b4b1ef782942ed49db1cff14a368f6
SHA256 4c62259f8797612fd58e154ff9e5ba7fe114bcbf5fd310f2c9b2a013f2b84013
SHA512 03e513a1aac3e1f171155e89dfce5eeaf5c303aac86068a360a4ebb4465a9078b8a2e0eff41e0966d6737fdea16faea30747c3c90c5557f64ee62efe165f5e1e

C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\conf\ext\mskbcodes.ini

MD5 137eb2bae98810f3c549813e3832b3e4
SHA1 556f2983410fc22502c29e612003013051766486
SHA256 629fbdca845cb530c5335675f85ce6b517d4c2b961874e317b869ae4c706699b
SHA512 80539c43730d56c02df9a8fd229395e648b9f35faf24c9044b801884d9b29a7fa0df0b8a66851fb4cc8319eaf70c726ebef7f4ca4ac8b318cf1dc5cfaa502344

C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\conf\ext\icons.dll

MD5 32ee6173f137080755bb5127e39ace9e
SHA1 e9c2bc7f5388ce262e2e2ada5637cc2884b7bcbc
SHA256 fe1ea3f712f6883025ecd8cd9553ff0e26189110bdc059a304305b14278d1726
SHA512 191201f067ecb39f8d0e9aa0c4e8a312b660039132d7354448794498cea405ee4f2e691398443717fb35ca32aa88ea628c583a10cb55e698b2bf0097995265e8

C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\conf\ext\app_ico.ico

MD5 61a64215a9f924a636c6518e04514391
SHA1 40448fdbb261e29db28cc3a4732f88e8802a72cc
SHA256 43cb0559c6f67133c9f43ffbfc9e0ec20bd2ee16fc6a4cc21be26cbc15c6dd20
SHA512 fe1224aedffa7907e6c9c903bee74d194cf04bce2f61f630c174c80aa626474c9c90bd564fdc2814ffa1b46e463c8e564b1081b3ff2b13d740c0b46e1d19c56b

C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\conf\rms_conf.ini

MD5 f9107282ad3e82b1160e1ace323f358e
SHA1 b0a5ee7380d7d70b4ca307313d1b093b858312fd
SHA256 649ccfa8a0d93c02fd5d6b1cf2db4a0fa4b828810540823a68f6a7c6dd286ac4
SHA512 3a068f39cd42f1049e9b19cada95124d7d936f90068ddafc1999fd6c5c40ba25fe458fcf19eafe0cd6d601d973b76a0a82e0a97d8ae525c0accab0581f456e23

memory/1832-78-0x0000000000400000-0x00000000004BE000-memory.dmp

memory/2256-79-0x0000000000400000-0x0000000000415000-memory.dmp

memory/2452-82-0x0000000000EE0000-0x0000000000EE1000-memory.dmp

memory/300-83-0x000000005FFF0000-0x0000000060000000-memory.dmp

memory/300-84-0x000000007245D000-0x0000000072468000-memory.dmp

C:\Users\Admin\AppData\Roaming\AutomaticSolution Software\ReMouse Standard\conf\rms_conf.ini

MD5 233e5c8b7abe25dc6ae2b963cfa5b868
SHA1 85f42a5f790cdb7b71f400dfd637a6877e31cc9e
SHA256 5ab617392ad9e4ba72ea11a16dcf9932c8ea6bdcb02736371911bb7070cab244
SHA512 212e9fecec21f444ee25493c5e9000bbff6d49c2980c455199b5637637f297dba22e878f4a9a4fda601bb48e626b2736be6721e6509c018b943f3a769771905a

memory/300-106-0x000000005FFF0000-0x0000000060000000-memory.dmp

memory/300-107-0x000000007245D000-0x0000000072468000-memory.dmp

\??\pipe\crashpad_2460_CVWKBDCSPEDPWUCD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\CURRENT

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13f78945bf292c76b11d61f7275d30c5
SHA1 231725ba46a826576054e99a1c460a17daa1da9b
SHA256 1a4485e7737dbd3e324bcac6be7697c86d12f20355da3f7431bdc976f52a3c24
SHA512 c72348a633a3365c2c9e734724ad052ec7e6a9d723a382f374ae9f551075c70d77706014df0b77a8810eca3a3d7d05a083c2b830e71c646ca888f5ba1f37231e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1553757d3d1dc0082337aeb531f1a905
SHA1 3cb38a1dbc09bbd162da0ce0526ab03ad29f7048
SHA256 94306035d7133114ef8a30ebc2d66085d39ac150427839a4702774ade428a039
SHA512 71ed05981b537a3049ec80450c38064d964b67403c9eb7501f61a64770dc45ca31daa57a293160ff3b8b6d929297a823bacb51666686781bbe8a186086da353d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 9901c48297a339c554e405b4fefe7407
SHA1 5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e
SHA256 9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2
SHA512 b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 98839058218839f994b8e103bad863ad
SHA1 231dc87642c3cdf4a41f4c21233c120f87e7b076
SHA256 236861e6339353e02901dcf56d40d9b09ea1070f1363b4a76f2c9fde294028dd
SHA512 399ecd3a4654a815e9f5275a9c59282bbc3b096809d2d322a6aa04f932924a10a15d0f1fb3b3944193c4d6a88f0724e11faab8ec21bc57d09ebfe9cdbfb34775

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 98921c69bf4fe376a78df4d8466a188b
SHA1 60bd8f38e6667f849fa2ce4c3198b2a9cd31cbfb
SHA256 0f371a2253ad8f693619ef9d768c8973c99cb53af0b609a8b9dfce0e986fbb62
SHA512 cfb33de04737d9a91a313a1481cadccae65945d579e213aff8e959717afae97e7a67efe7dc20122b2e404d46e564a9e03e9ee6e6920e0a2558771d886edb1499

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e4f6d38371ba184a666b2810c126928c
SHA1 6fb039fe572f57e22dcea5c7d7c561924f7d77a8
SHA256 1fa57aa761d996d5435747f34ccaf7be1a57511904f5ad229c3438594325a797
SHA512 d5cf0790fb90d8e84d6e35d1f26faba0ff0a2fd9e6afde033f67fbae09772633692dd5ce7958cf5fc6082b195118c6a72428ce9e194039d1df84e62dcdb8931e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e985422489f803d3f8d63d030baefd4a
SHA1 7bcb69be59bc062b68b8380a4a5b8a48b69bf426
SHA256 8f9ffdd5b18780d6bdacff523f88fc0958e7a0cdf08aef2bafdc1c61c77e3142
SHA512 ca3a9ea43e9b1fefb317f72ea147ca4e529e2836f6013f9ff8525627b301e2fb7dea2b52aa3bcfc4be98aa6b80c771fa03acf5ae9f9cfe4548aa80ed49953a61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c86d4a0194ca25d9e19aae1bca17ae29
SHA1 b056ea00a50497d85702d4e2a5e213706fc9fe52
SHA256 96e2d7895e48af362a55907665c95b9893848dc5bf6eff332217548bc64d91e6
SHA512 908940dfb8172ffe102e85c0886c61bb516fe4d3a5415f72b011c33b1418e55e6213f7bd3caa242424fc19603eed5098dd6bdd5883e22a6c44646ea19008b957

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\966dca4c-14f8-42f4-b11b-c7801a227539.tmp

MD5 23e7b7cd371ee105ffe0bd47a8ca03e4
SHA1 dad678f543d94f8e284ed7704850bb1091389cba
SHA256 c867bef4889f84ec3c326d055be56b170b51c7b6c56cd897ac0669003d7e354c
SHA512 eb93e382e4d686e14491193713f724e9af0e6026f0b95b7ee4605015a3930ac07d04d77028a938a215cf50da28d16872cea16d3d7ee73402e0a26f48d7b1b1f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c538f0a122c01167d2117950cea6b83
SHA1 0f758c5d2110c7a257935eb4eeca6c1fb99266f7
SHA256 c40d0fab24282ab80dc9b1396f0ec854458140cfeb9f235658218afbf13177cc
SHA512 47ddfbf4e2e813f106c58307555be2fc2ae5c56774fba6a78285c4fcc02e16ddd59ec2e9cac72adcbe00051cc031324aec303721c8b7ca1ad2a76b1e684e4d4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4dc1a74a8911f910c6f1ca8027099da2
SHA1 77fb22b65d211b2193e23745a50bc9dddcf558ce
SHA256 34869e6d23ddcc5c9ae8a308e19da71412b2b658f853cbc2f599d52613912819
SHA512 391b2e8f3b513a669bf74fbea028ab6564e9236f0f312de92b8fa9faa16bc7067138b4c02739a9479bff42165bb9b400cbd06877294b7f0ab0261b4f0d327e5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1337648e354db689acc6e2633a2c2d9
SHA1 4b1b6df9b477f465a8e8aae1a4ffc54a41e41d73
SHA256 7b4275ecba5328a3e335a6f1217aab7376fb9351e7a6cc9481f4b0f26f30abbc
SHA512 315877c03b6748246b66b422c7972169fe7c1111fa502d021a05636a603c1ea7097ad6b7da98cf2fb3965680b08c21952e05580caa7c5e047ff25111d0fd72bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eff6d451e8208ec5754df70d59b74bb4
SHA1 70c951a07333a07bf1c1749c4196b44762944d49
SHA256 860b2033afb9cc7b912847ed52d51e311133dee697474ae81e5d999428cd9ecf
SHA512 4531af1c60a72240d69c5b1e54c3f62964e6ad0ab6f01a65d012421973c52c0285e75c8f35adc0a6dae6ddcc8fc94e1f5ef467a65bad3db7ec571b68ebb9de22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fb9c6ce6513ec7d98127cfd6f3af5f81
SHA1 1607a9f49ac6f25ead735f574c75948773b5e1e1
SHA256 851f82990223443e6381afae58fcad94f249ce1c43a8e5dadf480de5475ad318
SHA512 826eb7f6bbcad25169febc5f1aeb8add6e5ce30ba22a7b1e010bc3e16be97fe962a31943d09e60044951876a04c47c3b9c9d4805897ba9e70d94cc9f709a79e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 22666d333540cf8aff6fecd675a94b0e
SHA1 8eba7f8d5640abbc9f4e0c1fc4a005d1e08e8ffb
SHA256 3021873e3019f869e5e2660d967df0ba8db08ce55ab628f2e9d787c2d224b7c5
SHA512 05e626199079596974950b4fc96df33bf245adb4ce304e21d39b172098e621d8b01194031464981b735a1e2dffe32a789df96139ca2712a78dbeae978e06802b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 958f3cdb087891d28368acad27714150
SHA1 2f517b30df297027aa56e5c3dea0fd05471b452a
SHA256 86ff9015c5c9014766113ca52111db855308b064565a70a30d7ad69c08760809
SHA512 04a99e30a0842654ec8bb161f4ef96642e26c7fa5adfe8a72765b94d61b652bf0ecae53517d3d4eabfe4113ee06bca5342455a0b5d337497da08e1092f3f53a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 6e802165991f1776b43c9e91851ffb94
SHA1 f9e0018db3292d7f4d33ddd9a326931acab62d11
SHA256 6ab5163cda6cb3883035d4f9fc85de1b4abe397025493c64febe46a428e335d6
SHA512 4417ec601068f7f5bad6ad2cfb554c7d48f8a6acf3b5b3133e481be4fdaa253dded60d050274ec1b0e009df020c8550eeee5c8ba196d74c5ce5a32da118869e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 5981b3e7bda3ebcf43ba247f1e5d2f2c
SHA1 a9dcb0b9e81304e57a64b8f7382fc8790dac1a06
SHA256 60b776623c5d84b6c7d160f5ae71f9dc95c203ba65cfe45f47a31d75ac00c151
SHA512 bc7d7fd7ec6cec532ccd7de70eee83656456d8e18a712159645619f03bdeaf82ebab437de20455619c1927cf5e15bb068f217598f0c18044f897dda0cd20c76c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 642263dc5662e031e6d41a465a4cc26e
SHA1 b5e2bbba12ed663f2ec605c7319186146b1f3e25
SHA256 b704cb1241730aea432f58699a593691889405ea208b795ae85ea59f66c83301
SHA512 02f6c0ea5877a1462617d966ab82597bf7bbd91702a796f3ba9de32469f44ca079c2ec42bfd199b022fe6b555e8ee7193b30edad49a52996a5fa6e92afa98268

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 5b7278252b3ee9a03ab582a45bef2fd6
SHA1 18ba6bf09ecf09ba8b278edf9875dc29a1e257ec
SHA256 dfb726b60bde0380eb83e0f041dd9f33b233b27380ad017966775d0ec6a51369
SHA512 3e1da60e4655b181648e4882e7959f698e690deb02712a9686f2169c6e705a2e06b2f5916417dc7e854e09aa716970a263778a0e6cf775c85f84f123f9b44505

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 a6cc98d944b23b5a002cfec4734c8ec5
SHA1 e61e32c610927962a3074ce97e63c75c870afbdc
SHA256 4e25e0ff5eb12d5c64601a82738c1d5da9135bec4a1122a4230d8f63b4622b36
SHA512 ed4e05f2acb33072290b5cae7a35545a93828d36e016a80a701fe61f1545efc5ae58f951fec17df151b5ab8f4510c69c9a8ca71e52bdaad5d8d9cbaa4054b4c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 ac5cfc452bcdbe06d7773d99a3374069
SHA1 76bb4cf4d9d453e08051459936f225373f1ae203
SHA256 62fa9ea9ca8240352e35b2b16c7a90099b5969066d016cfe59b87f48958e9c07
SHA512 58ed7a95ef725175298fc4a6043eed66a9a9b069e486d28fd09d0e585d466632315da3f8d244308153f01d238b89dad3b4f69a7cd73b0c21948bbc25864fe846

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 052e30e026a4eee75550b922c53dad52
SHA1 0557332c266feca4bbe4f64bd675ef0185f727b9
SHA256 0b3d0e5240c28468b7f9043d499c9edb0cbc699a95af89398bc2d2b7be7de650
SHA512 269ffa81a2a6552641f96587e6305c726c1f7a296450559dd1b5228e4a196a379d5574aaf96ddb40c6cf216be36bd4ebf2f68ee809f885cb7ec274454357a9c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f5ce5171a85ddabddb9c5d63e8e22d8
SHA1 84a68b299a6cb55f2022adea36dc2ff99fd0e5e3
SHA256 24fb9a83f6aa2c68cae754fca544028c4cb736021a694f1ff0d41514e344d675
SHA512 2ea54126dfb80310be75f8ccb8d69190ea13aee7772f0733325a41d42f82f4f620892396984327c6c6c20ed5b631142b743926360f4bbc5decea767d4659b303

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\Local\Temp\Tar5799.tmp

MD5 435a9ac180383f9fa094131b173a2f7b
SHA1 76944ea657a9db94f9a4bef38f88c46ed4166983
SHA256 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA512 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f7d8feb2686e242d3b8250e4b3b625bf
SHA1 be338407dcd37287571aaac4c3abd6f3d836095d
SHA256 f5a09e7c21e9c0616bfb8185f23c08f7dd07b875ce0f7a9852849d25169d8510
SHA512 b470a98b7f9c360307bb32182b261c7e45608f2041d8f38af41ac7ba1859355d95ad6477f8729726c7a0699dcf7376e2d0c741ac8b62e6dc0fa3c7cd819f21a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0572607c9005127b0ff504a873973bea
SHA1 857c1ffc5030c388a7c1dad2ada5c1654ba8e521
SHA256 57d6472c9efc3d624909ab9d4409c50e6bcf62ddb98bf07f60e4218f795509a5
SHA512 e791e9eb7aa4abb6b7690e3ea2309e834e28b782c0a9a531a195022cc273f60ee603142c2d065b43a8e9eb8129663d0d2c7aa4db815b07ca32f0dd768a487236

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d25344b744957df8e6fff97a0312021f
SHA1 d94d31cd49484ad4a448ae9b642effaa580e08b4
SHA256 e8f6fd005a3c9b7a9c3e03ce80308d97677ccf0795f45eefa1d800516bd7445b
SHA512 635b9cb9d5ea5dd8697028505a23edf3369406f62d7b7d41251b92c645ca42b3568aa8e75d049d7b6faa3dcd03205a7bddc835b13815461a3ab2ec543a48e664

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eda7efa3481bd1eaa762b8787ffa5a22
SHA1 ac74a612b36953e0f7c50502de45f2dde12924da
SHA256 00262e3983ccbf8c437c7f84c0f61745ade2721a36456dce0516f8e9024b9470
SHA512 4841c19ac552d6436e4c10f4b34eb416157cf8934d09940cdecef287fc20c54d8271037bd5b83316f4bdbaa5011fa450fd3cdfc2e6109ee19be0189525015924

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 da1d36a3fa7af4c1446a34f24f6b2a8c
SHA1 b9e3e3433582b7df8d0b4cd30cd48d10ec45637c
SHA256 4b2d598eef7c2a2f1bc8dcd1d19ee0559815dd5d4005c96116c3032ac0220767
SHA512 d3b1bb9969f9edf5ec79346ffe2618e6ebfef166e969a79021959be5ffdd288118ed26af6f438e964a2bd3030c8418d95e2548b77299203a0f0d7bcc54dc7698

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8a24aa761f8f2df36161d40a5fc739fb
SHA1 c4513f52ef922a77d11297406cd80b4755c8e3a9
SHA256 0ac5b9baf6c4bf11ca4d3cf1934023e2d96fb524bcafe27765e04b6c05a7252e
SHA512 050f9cb9c5aa72faebfe1c1846adbfc1f4fd8305a09180f10e5c931d795f137b76d54e2957e1242022514d05161fb0aba9a3de55d074233ab051a990580f7f56

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f836521a254491468357d4943475a82d
SHA1 107a7911b1b8672275f962197726901b3b683b93
SHA256 45ac0da45305e1348735996c5f3fc58e0fba82594a43f3f8d734a45f82f7b510
SHA512 38ab668b72a48a631577b1bfb480d78f4dac3f1ff79311a7255a15590f4b94f4eee5d9a6b38784d4042e4ce91f436f25a58b275c28e82d7beb22b5a65a438d77

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 871877508b87b7aa6a1b72e43d25d06d
SHA1 f14d7d65485a1b8a7fa7dba857c4c920101e7e11
SHA256 eb57a9bdc2818a2eb5f3e02c8f5158665de3fc2147f0948e2cd74a39b1780c44
SHA512 5292c025180162b4a273a57da0bed53777c781f64837c36f9614ca8c0ab9c648fcc9d9fcefa7f8cd40540c90e7fb9cd57bff6ae8edde912d872c19bf2fe5552a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2915d66cc0b346e5f1fafe641e21b459
SHA1 f2976e9e09a11ff54536bf91f501f689bae7187b
SHA256 c001b78800499d13bf0faf0937d6d19852adf0d0cbdcc8fb319e8bb96f3069af
SHA512 c6d1d16980285cb34c022a3ff00333c445b5f0563dae4ced2ff98f237e995eb19bc03195b45bc43676e118c3f41da325df8b6597c85b6cd926d8a5c60b339c41

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 894ce548beef54e26a8f86b33e22bcd2
SHA1 449aaf5a71e89e26516302be4394a7ca092b4253
SHA256 9393e221068e6e062fb512c7be5fdb5066be6ecdd2424b1fdc7d49ff5f6971f8
SHA512 1d5ee1fa00af8762c59a77bb9cc96851872a444590e763e00112f8a78a0efaa10dab9c49d691918240f16821aad3398f7ffb8e80f9a3ec5aa5c80c8494585a9e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb99f326f301b48b95d4b799546786da
SHA1 3ebd8f306eb1bebe016f34d8109d605ec5b0da03
SHA256 066159b01539b5fc87e28b31f7209b4ae32ada18f18ca931bf966f1f4610cb71
SHA512 e94b791e94a557f3124b026029687eb84de0c9649e3ee4e535fb8b7ec68af3aa72375bf2e3f4809132979a253a67fe9b4e225a6118c2b8851a1ae60739c5ecbc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 19033a89434ff9e89e594d12e4490819
SHA1 3f64ccc2237f188cf66de721762dbec517b66b0a
SHA256 f2320df0cd1308172cd59b41f4ca3ecfa3d9990739986be336f6b05e8f7409ef
SHA512 a41285734a653f312612a55d308309e90d56803179ff080670d6afa74dee3b831a891f85d2d3dc9cc93bf6ace18bcd15479da8d65f00c05b65d024a8f9847ece

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fe600267ce210580466346bff3c907f3
SHA1 07e12e771233a6497680b8230083f00556576951
SHA256 3d8f60171def324ba4c7240e1e39ca426b9d3aa1a3d7af1d933145f13b3a70e9
SHA512 31f1dab330f2bf38072c85be485183e1abe49ca8629f1d14f4ecea7dfc34bc6fc0c75d36077162a1cded73c8d70c3ab15d9a9c9870e496a88f8b8e9f330155c4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e8ed2164308b377ef711418f119acb0b
SHA1 220e60099bb75c25087fbff876f38244d9857bf9
SHA256 ce8386bcbc5ce3522a5a75cda2a78fa9430dd9f25420772fa5b778bd7e7a785f
SHA512 d2445b061813667325392dc4cfbe5b7292fbb7a48ad5b209760c73eb3753315dfeca372fddec37301f2d3df485bf488145d0daab4781a8e83561be2b916e50fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

MD5 319e0c36436ee0bf24476acbcc83565c
SHA1 fb2658d5791fe5b37424119557ab8cee30acdc54
SHA256 f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1
SHA512 ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

MD5 b82ca47ee5d42100e589bdd94e57936e
SHA1 0dad0cd7d0472248b9b409b02122d13bab513b4c
SHA256 d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d
SHA512 58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99c49fbda80fccd8731b96f72c15e2ce
SHA1 4c1338629a1d865c094c6b90e30cc5f1140f2331
SHA256 f5767095375d8cdc854551118848fe3cad5e71d9b06b3875edf8353f9187645d
SHA512 7e5451af7fbbfd899edbc54e523fe561ef96324e0bf3050db810f272f023c425e129128f616db3fce15f20c54503925ec46c0799d34be3741738ed9665755f55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e8c41bddc087d66406e572acaf2c9a45
SHA1 e05309914f1c42a5858f720c6e118f078aa450d4
SHA256 0dfb0776db68498941719ab8f7686d5c3f3a1459bafcef4a33dd4da736d302bd
SHA512 dfca7d04e3cc1ecc2d2297b2e42a0ae3632f70af21271252acdc024ce47978c0fa4412f18e2894a42a30c91f3c7bcec877ec73959b8278962056879122456669

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 36a581af0f808bb2fd86b3106cd2a9ed
SHA1 02f51ae12b50aab821d8a95fa6865e46f6e0e14f
SHA256 b56f5df62784946eed023215a420fb3d78132da4d01270847db7742632cfed9c
SHA512 0fcbd547c3f4e166c982868c25f316e1c2a2a191e7dfaee567d450b1f695ac142d95f89ef851ac4199683e55a6f6990651b9afba2151c54e992456495daaeb58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f495bc507ce28719e240fb9be6ea96c3
SHA1 e0a1d2ecf87134dd0c7295338d2cfb5a8861e1c6
SHA256 a4871b7eb9f8a939d9edfe662b9937d42671db9fdb632c52b71c81899139b59f
SHA512 4c2f22e3b32b82a6c57745484473a57ce36cbc5772c743badfa27fb4a1c12065a36d168d03051958d155b0d9a33116469d7b24397d7e07446fb2b289231854e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.theoutnet.com_0.indexeddb.leveldb\CURRENT~RFf7913fe.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 47416b02b1a1a3d8472085649632c476
SHA1 b314ff023e973d686c793b260450c04946a172a1
SHA256 2274ad9daa4fc04096c94c1326b1c4878dfabcd02f002acdabe55a8f798f45b8
SHA512 7bcfbfaca8a506dd0ac807ad5095691092a3019b568bdfb59282ec25313905145cb832625d1ac472fd8f32a7ae4e2f6a408715b9506ba0aff6d95b8a5704efa4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 948c633054179f586e9cd075e32042e5
SHA1 2f3fe19bd60b0522862dc526027cc64b0d5c76aa
SHA256 4f1caa7cbfcdcbf8f297181fa31d006c2309453881db4f72818ca40bbe210743
SHA512 9cf4fde759561db9049ca630be2ca16b3458abe0e7a1c8654294cf22b767e311e9e1e9e44583ebc1c9408cfd6048fa28341783bddfdb0f0f2f19166ab675ab11

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5c3b6a481fc5eab9ce0e27cb1ae443e4
SHA1 b3df737a7b284c70a7708d7ecb887c9e706e1699
SHA256 bef680054f80cc6c66536333f70b59af5cc7bb49bf6003b196182f7912438f17
SHA512 ca52100b8538bd84f050a4d7b12a61f0664c64a31550dbd55dbe0beae053b267352dfd6c4a1bc2df2292e207b09597b51439e9f22fb059adade130e03ec46d49

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c70fa9fc571eef778a0b0c2d6a6f7989
SHA1 82870ca85eeb34ecd59f2271a20ad36a4be1d68f
SHA256 86868cbc024d990c9deb29108e6fbe3ec3459bfba7b0b4b34cca287d28e9dfce
SHA512 873008f4ec3a21bfc76e8f4111168ea3b1f67dc1e5828c66789951b9a114b2a436e8994146e1d407a7478e657f2aa6ea3320dff6867822fe864a8f617413ff4d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d4e9a1da4499ce6c37766d2f91a93895
SHA1 deca16f952b0c10abf4845e180ee338d3bd3470e
SHA256 39afeab27ccde245d416b8b588a1061f1ad3e1bcfa60d5bbd8c708d50d2f4b9e
SHA512 e7d7338d7aa8b828cd4678f73dc045282b88f78674134b7e8fde2861cb0f5260c2caaf0030a88236365693d3ffb79918a196fc0cec2ce40e96ea3c367c02595f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 343bae5cd31de7eebd2afe24b73539d2
SHA1 3d57caf1437816df9d8e57cd5daa5959b43f52da
SHA256 8b40e5d90e698be270245f24b6c44dac1bdd34c61377d828491b29c1da40e807
SHA512 e35f9fb96df665dff58b869bfcfa4a67fcc5a3a00c22b8016fba7bbd666a58b210e6516c9b5dca24ad3d8b8f5d33a73c39049bfe9ca3647a1e18b8607fc76ca6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9e625f2a41dbed4a12964c020a5f4ccd
SHA1 123846f5774c05f993b58101192df371f71f08cd
SHA256 7ae4703a5e0262b5d2ceba0ded1408392b7bcbcf1a20993f51af86296b93e8a8
SHA512 1026cd8e73117e9b794a8e2728697a74d2007c18475a1e21c6ded9ac1f50fc081ae7dcc669c06c1e723a1d7d2aba61cb076b0919bc5afb250247a6240898da93

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 427e46b527e45707d73cffa029458abc
SHA1 850582863fdb61a49451a288fdeea7ff82494c02
SHA256 68e962992d6db3fa614387b1f38b21cc3ce18a0c94b0355ad7e2f4dca9937b4f
SHA512 e23ece61bd019c749c4ec1d86d7f8232409cb25892fedd07d1e33e0b42bd4fb46006d5d212e57967fad722215494e1a7f34671ac01c42b837acf9f2395a3ad72

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 252273980fa554b337107156a9e060a5
SHA1 d476b93e69a3101208c43e79b314e0443a5b7ce5
SHA256 43835c69df86911c05729014e6863886dc6ad609f2dd3d64007d567cbf1a3305
SHA512 0300bb3122954005f3e600e765e6016fecf9f57ac8fa2575341476aaac7cd5ee7e31edf7aa18059e12c8992a867eb3652130e12aaea4e36f83301102eba19b1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9519edcd99126c3c5a87c590b2725171
SHA1 7f40aaee4f007bb1bc577565cf5029d1aa508be9
SHA256 0cb321ff439414d4df38b2277dfc8bb478ecd9e61e4cc510b1917be59ccb9e88
SHA512 2537f906f116bfc8e2e39b41deb98c6cccc712e2eef9576e28b3b62d57eb3e76b3142770cf1a7dd6505af71c6cbaa37dd2b6afa85017e6c240b19e8720826f57

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RFf792684.TMP

MD5 7cea905ec38c09c4bdf5188e2de9d65b
SHA1 936a262925c23195ed7e108d67143fd9b918344c
SHA256 d6d2f05ee0000ac1a9d17e92fa80944205b1742474f937d54c16fe6bbf3bfcf2
SHA512 8e4e0b275144aa187453144c71502764eb46f2a2ed7a9a99e45d0b312480cd799e26feefb50b4532717210579624f81958b00037264be8392070b476f7e68162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5a78b5af8aa47eb8b4cb02c89df74801
SHA1 529745b7dc0da442efec83b101258b067a21b578
SHA256 e26d516f64626251d2156da93e3bd491ed13c775882bd4f10ad6122b01c1489b
SHA512 bbd541f644907c6f961f17ee589a55cea30ab3f488dce22a44e2d3ecf337cb0a3ec90b60e3223a32369ab7fbd307506f0351ad725c4600c8468994c1d6813d0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d13358b9e10a1880d72a4d1c9500c51f
SHA1 74f4ab640d7bf2f4e75359a9a63893e0bc895438
SHA256 a32bec2d4941ffb1f901ecc809c442ad4f35750e666655512981be2579c4f1fe
SHA512 e7427084e90b9624305f15c677e2e9eb7cf741114302af6b8fdacc8caaea245d68e102163858965488d7a9a0befcabc51aecefd2df3cf79c526410aa702db511

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 16b93d7fb476bd1bf74841697c429dec
SHA1 20a59f9c96a930a0a66bbb1b691edea81e3ab190
SHA256 0dc14dd2167dc771b906fd90f517af3d5611b5af042538963631644ba46dbdc2
SHA512 a5280c721fed4fed0c577a97c2d15d15587a71e9e04780fe3184e9f1fdc884d0252ed86d291bfffbc228f11051f75ca6b9a6f43b8a8cb1796120763b3d86e877

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 3c82f91fd547e9782a38c86a251b64eb
SHA1 439df5b072b42167dc82283cd70dbc88348c8c42
SHA256 39810fa4b2c4b70a7549d12603e55a1f501f652bad937ad2fbb9e5b387ebc39e
SHA512 149d8c9e95a405d56ebbb2dccac93ac402a298da159647ccf9d82d4cae88eba3582418d5a9c71c7418689052a7b4b839322855caf21062cfc96aac2b6bc6f6f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 07aed71557ba5e7e67c1e955093cd200
SHA1 added99a1d4ca742e536e351309d6302f5823773
SHA256 767e38bf8d440a0d42aae3a041704ce63bf307cb34f54a72f5a6c6f1d5239c69
SHA512 f0128ee66899cb0bd68af64fc3aa660c11cc2d49c4744655590e430273bcfdacc8786e78ae860d936866e15b9099049ff4be8bea803da14141825d8b519a95ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 0f81b6d61de3f11df96afa46fb362f45
SHA1 b73925c797fcb5e23b0e0495ebdfb629d16f26e4
SHA256 7171337d694e449b8c4923733effa4185a3eddb330b96e9fd0e4e3497faf5364
SHA512 1c97e4e7357d385613f05f7a16439c25614d553cafdbd18a197c4a369726ec28b372ec6bed8b87a968d74a2585e3c999da9799e6cf558fa9ce25f87010d0e617

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 60b39ef81daf4c9604001c15b3e80bb5
SHA1 2b975384870b8340b026052f0be59f30a1bcd709
SHA256 0486331a0aebeedfff6df9232b26f7530feb7593cd6a575c7fe6d6b439e3ab96
SHA512 f2a2686c50dc3dba1c2c497ff925e3f6c9da2ce967716642c2e8a9409521a0eb1cfffef345bd8af65b28ddc1f2700a127056447a753078d34a92b9054d7d7573

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 52f6a9edfbb5428a1bbf19c9f747294a
SHA1 cd5bc2343e10e1cfbe319261a7faadd2f0d9786a
SHA256 06bbe87b08b213741d31a283b17afeb5d2a796e24770d91f08c0d7f832f30b00
SHA512 c8b51fbf69af617eede0c5f918010406107d0fef4f4a3b7dc8e70650d5abd95c09f966d2f8e6b116b22a7f69203d4ef27cf1761b76d7df81b0d4ac3dc7abc209

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 464d57f0155a76d074e04b911aee434c
SHA1 238afc3ec6d7c99e19a6604ff7298ad9aa0df7ca
SHA256 2db2a039c409d4b0f79307b43138fcf74983fa78c06816fe759bc25d422cdd01
SHA512 b1498e8291df1df5c30a8df9734a2fb1459424da83e8fd9d25ddb2a2572cec2c97fff62b2e0016015883db0ae6729be2fce5102f835df911048e925a8d6b4a78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c42ff5ba699e984e890ba4e34ee300c96760ee87\index.txt

MD5 c9cb0ed21c8a1a69affafd45b9e44f14
SHA1 c3be6ee3fb4891a379afe51d0626f593f3b12fec
SHA256 57296bfc00f1fce5a925e7bb5a6c3b8781998b333e62824ef54d9c469f8f4c17
SHA512 5ea94ed9d4a9c89ff6ca3c0a267d6d4eca70af3121981eb8cb3affc065948bbe0b597a3c92212d43c19284f3e8f1f73de7433897301e780bd60ed99cb6e7a28b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 94275bde03760c160b707ba8806ef545
SHA1 aad8d87b0796de7baca00ab000b2b12a26427859
SHA256 c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA512 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e08890e1c8f8a2e79ff5dd26c227d202
SHA1 bedf7aa1685dbc1efdabe44a42aecef6ed42b972
SHA256 51edeb38d78aa91dfd4f3f5c4f4fd80e20262dd1ae1d9b502c6db03b332a45fc
SHA512 ee3e23721b3897f434461aef2a6b375747baf47acce40ad74043d2988987fad06e5b0e864cf0431019c2d6b673c5c31dce8a13c54d645775f30fb14fc12a67e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d04bfac11b454c16fbb98c1ef8133798
SHA1 fcfefb6019fbe24240861afd26c6ab61cc9d1d04
SHA256 067a8eae0acfa5de3423031b353c817e5ae3f93b91f08a5ec4ce61178aa65f19
SHA512 db5c1a3c6e7b567394a41098f768f51874581f92ca08c85be02c3e18833ed4c3b310607ae4dd56f36b2b5a57666cc2bf93d6a55ed52ad12742f148092d3c873b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fa5f2b34097764a4f405868cc382d98c
SHA1 e9e57d2f99f48c15fdf46c64f952999288edfab3
SHA256 b5233edda16d56a7a5248b68dd6988f44a55699978f5f89cb20bd2f07d850385
SHA512 9f4d36cb5887f1b785bb1dd0f204ed74181bfee622faf260992e29e422b17c83500a09094ce179070648cde0dffd2845c1aba9f0f9dc2a2349042201f13066d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2f1d7c0921ef4ccbe1318eb0f793a9a2
SHA1 4ab4c26e57a187ed24da1df8d2e345d786603c1a
SHA256 3e8aac45c7aea29668c7631cdea7c7393c8af1ec60c7790670a984bbb8d67548
SHA512 ed6c43d32cfbd2338480a5114564eac0ee8f7c17aaa26c8d95e9eab45bcae19a7e78481442bf574fde03dd77a2d726b5d97c21522156857842b49a565dd2bd90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4152c5dd1b177740a8d6471572896f90
SHA1 9937fba7156c4fc729256483cf54fa457211c3c9
SHA256 20e96c29a0eb75a8e352fc593661844c438fe7a7e968c9904f1c026a2113a144
SHA512 aec282cf5b2dc5ff8cba379bfe400c8df6c63ecfc0fd834484b2cd53d26a1a941a0448878125e08a02b5ff6d4724680bb29e60ee134ca57a89e9c0d515d2587a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9ab4e2a2586e8950c8ecfca71daba2cb
SHA1 6fa19a99ac5bb53422fa1f0ec5378a2d4d2f1bcd
SHA256 fae3b81deaca7ba8904c6f9b180213708eb3f924697ef4779efb426e65e6f1d5
SHA512 c8387e8935593c90ae31b5b50922136e59c304cb44502d6dae2c6be43d764026ffeb16b69359837dd17bb6d9ea34fc44d37eaca99462e4b5d7b8a61a83307644

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a76200e9b1f52604_0

MD5 2bb6b55d973ef94a6d3dd7bc6b515fc4
SHA1 cc2afe50ef9e840ef02c4970df839df4274e0277
SHA256 ac851a063bbf44d860062940dd8325569399ec58c1e45eaa03c26663455afc9e
SHA512 f7059cf62db62f52786036ca3fe62fb06ea1ea8e230cb0fc023cc5d27bd8174d4b16238ce862c383076d7e709a051a632d1510c16fab460eaa798a66a38e8d5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9541d0b01e4c3c5b_0

MD5 f234786d6962fd682905e4c1423c032d
SHA1 03915b56820d149cbf0ac3ba8fa46524071b6eae
SHA256 a80e1f16c44c805f30835ec5cb58cfaf8a58c36142efae93bdd9ff9820ee1570
SHA512 c2b86bbad81483f4f14a6c80cfdeebb7d870fc6e96d06a934f9393255dc1ef32d4bedd5da4c022874dc0381e20c05e587940d63c6dbb5b535c407f00d5bbf3a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5bace28279234a25_0

MD5 0a973367682a34ec16c3dd3011945e41
SHA1 6c9725ebe3b71913aaf41ad9ba76024a620eb1af
SHA256 caa8d223399bc1e5320baf067a9fa853d441ca84dba800a427e98b58d6acb9eb
SHA512 6bf8e0dcde037aa0dddb355bc268f530a69ed7752ce34d537e32bd8d8f4a33d22bcfc9fed1dc326627d5f348c7ef80a11d107eb87be0d6b55b8bd486c834cc58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7677f91109b62ea_0

MD5 fc985fe59b252331476e22d66140952d
SHA1 dbf243a26fb5d6f75e25eeb45680b4ce145c6744
SHA256 ec7bb82f4ed865fc1213609f1db4b8842ff77e22f88655a39ee7f90c77d42127
SHA512 c7d2fbc5aa0c7744967165c7787458bbdf30d353d9a9b2557a1678a505182ce325ad254fc12029ef7f55d3800b9de60f0daabd23739adcba5df3d294957dec29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13e1bf49159103e1_0

MD5 87f016d0e64192dbf0c7d43d86d8235d
SHA1 c1fab2c7ff4571ec1b33576b77253303a4913f91
SHA256 f9633b2b81f11e24371a4d169194b6da79720ae99e2c928c65639f3eaabbeb3d
SHA512 419b0db4cd2e48796a6f4730287af1b1d435f940bcebf9e750ab06ab0bfcc2b854f30e594de7899c27405d88463d4caae502dbf5e3cf908fed2585694bdaff05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071

MD5 1e3866fae78400e2271411d54c132160
SHA1 15ce0b2c130b987ffe9376c47b6c246dd44c32d1
SHA256 00a918386aea10ee2c25d529038843c9f4d70e61a7e2578c3aceafd81673968a
SHA512 e50bbcada0323759e3a6a796a6455d5a6e8bb613a1f7d5e0b86ccec95df44139ab9d3c5fdc5649853532695fe7135037b0ddfa4757d742bd94d93da4303cb4d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076

MD5 0fc830d06ac3635b8f24773df1b87b2c
SHA1 b9d82949f40c63ccae4395650095430bc6863cae
SHA256 f996cb602fc30f7dd054c83ba995833ba398706946eab563a2d987b859fe383d
SHA512 a2d7f3473cc6cc43465c2bb01c85da64dbd367868e79a76b58f2b8756fb656675ee61ab460cd023959251cef7f8cf2acdfc233b5a2137c7c08347f8175b86a72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000074

MD5 045937268a2acced894a9996af39f816
SHA1 dfbdbd744565fdc5722a2e5a96a55c881b659ed4
SHA256 cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf
SHA512 71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000075

MD5 9d4cf01f846a0613c620463794b1a31c
SHA1 0b4a8dfdf83967af3380d3693c34cf264dfb8c27
SHA256 89f76dcc3cd90019066409a4bc6ece01d9fcf5ebdf193de83ca5b518f8428ea4
SHA512 53ec47a27c937f62006e4631a762e842cfc608489b40dc3f0bd35af963e8ff79292e8ae52152c728e1dcb7638e350d826806cacfdb8dadae3d4b6dd4b17070cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000077

MD5 0f49bb1b91100dfca4aa9527f09cb7fd
SHA1 1a9d1c5eeda4abcaa18694e5f0694e69ed13d147
SHA256 a8fc1cc23aaf6985814a81e2dc22ceb156cdaefc038374fafac1969b24e73c78
SHA512 7315d44ab0de3824fc228a9cc9b5249a548782872cc563db561a9a818d52a5f38293cd351f536984a2170cdcefafe8a0d6969ed1b6a8e3fbafd20c6bd363b628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000078

MD5 b54a39d6949bfe6bae0d402cd2d80dc5
SHA1 9ac1ce7c7c0caec4e371059ac428068ce8376339
SHA256 6d26dfbcb723f0af3c891e9e45186deccb0f7e710106a379464c6f153792f792
SHA512 d86ac61ccc0a23d18594a8a7e8e444de4838fe1b7cfeea01ace66c91da139bedf811f5d1d5732c7da88a352af6b845f25bb87fc5a130ddf7450fd6d6b4146b6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\9f9a3158-86b0-41d1-b6dd-7b7d9fbd0746\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 49023e6aa12db1976127c8e4ed119b98
SHA1 a72d08d76474d6ab08f169876099d9ab550baf41
SHA256 0faf271c097d081a365f14eecf7871b6933325e503012d1ea14ceef4b183f10f
SHA512 59b038bba2f9d5831a90b92c1bdcd3c85ed20023afacc766c9ddce038a389ddc2604a482ac5b8140626ad612ff7bdf49efebd15aed6aed1dce530df2a708adce

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d403bf742578e07dba26f99016685a8d
SHA1 fa2d777765d24950143d728cd84dd8dfe82101fa
SHA256 700155f536d96128321cb7b15f40473fb755f6976c50b72db0ecbdd945bcb4af
SHA512 f23879a2910e255d27afd4549587f5a99cec0a26d444c2433f8e50f593fc041aa900b00ebf46c20c8407122476651862cda2a7d195a8394f9cf06428f84c23bc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b707dbf8c07048299498e2f1f205f424
SHA1 e91ec95aacd16ac05aa95bc00d8f6ad3f93ce666
SHA256 d89b3cfd2004206a14664951abf1436acc6d660267098680e4e94576e22ca8ad
SHA512 b23ea536a2e472126376821cd99e8f29e5e3505b48e6d45c3fac9c019fb910e64bc862fe51e49f010870b055e14d5fe40c17f4bb73899f07de6b61cf73042172

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b48674da7a810677b17a0e726a51cfc5
SHA1 3cd96054ac3918a74fc5b5fb8cc7622e550d58b2
SHA256 96252829e784712ad120fcdf864cbd8bfa43d56520fcf3bb9faaf3da1dba6418
SHA512 d1b1009b37fe2a9f53db92e6a472cf1f0158268f6d28c6ca823e1fa2b15e8cfa4df9b72ca2502e4b554a46a77a931c3aa83a70c0682564ef38e2f788b0837be7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0ba6131a7258fd3986404d26e0bebf3f
SHA1 f0fd4f717d5f70097cc2677d2ff3bd99e081d9aa
SHA256 6d53e9bbecea09c6b88bf6dfe7fefb50f5b574a6633793abee3aeb686bfee1e4
SHA512 c3c1b5b335bbfadc6ee1c491370f95e262a378e1d5a9f230f67a0b1e0a384afea2e1d9d79b14244c6ed765fd2e8c0268a9eb294ecd778c79fd074147bf950754

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c509f0535b99e27f04575182af58fbb4
SHA1 07e31dcae58e71f110f2ef3e40ca0390c3118686
SHA256 b404e9ba9c4e2c3c068fb813f7f16a31ba6d4f0bbf324c5071f2711158afe088
SHA512 0f536e6e31d9df4f67a0c46db42e644db1afbb110e9a391d2092adb6cad70f3d22ec94a74aa69c12afcdbb4483fb5342d1fb7016d5666f48270682e70e6e23c7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 552493cddf91d07bdbeb72f9c51fb015
SHA1 d55236b19cd1f7eff31f95dedc90d9bea416e8fd
SHA256 d1934f6a39a6e80ff85bbdafe23e9db2e5ef1fd0650e405c7a395a56d41a1b54
SHA512 0e9baf2336078d9471fc4a3214a30b1d29167008526f68c7d54030ea6e59fc6532aaac4c6eb2ab9ebcdcb4c5f5a0f714c93071e733067a66e14b15ee1df01179

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c6f7afc3f00e044f7fb3f8f613ac1a0b
SHA1 42285f8f9aed87c0df8eea4df7addda1eb28a5c4
SHA256 7c7d9dd4b781863447e0955985dd9fad1439ecbbf630a620510d9152d0ebcd5d
SHA512 3ef6eb18ebf64ce2d23c07ffa202e3c6c2f602269a9fb07cde6dd8c78f721ec332dc74f05beb4abddd1e2a853e267ca6db09c05ee783cf5f13c7dbed6d03917c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 68474db21f53effe5696697dff9a5b2f
SHA1 84365c91eb38176597ade8f0f67be1981e02f97f
SHA256 c1b03a5fb80f8708942bc22ca7eec679a94fd46cfba6e5b586e7afb7a57fb4fa
SHA512 0b92e586aed346611f3770bfafe2e4f04b899647d8950708e9977ba00b8d8a98e28db4399d43bdd17f87402242ec61a47af9d266f21485632850c97bdb185bf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19d58a6d7e6e52e2d1c35d6dfd09275e
SHA1 e520dc8466e676177078bc007e0bca48e4d5913d
SHA256 637647022b5d2f4fdbaf1f71a35964983cf2099a77f4a8658a0c66a6812406d2
SHA512 9b841d7d7568c4bf60ce1d3ed59c731fcb6c2abaf8c7b59a45d2ee9a16a915febb78406672f88cd21943abfe7f4ee3f5616d2e0eed4ae8f79ce55af2a8007d44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2082627dc1f4dbe2244fd7a7f31358a4
SHA1 1fda3c9a45997c76df19e13659c78821b68a1a92
SHA256 9e96fe08a9513508650e14b479ac05e7365dd05d0e1828a8fcc2855a5c04f614
SHA512 36892beffe70d0df429ec7c69ff35d4fe86cae6eb1c46822ad6d28588eb150b2293adb784f786fa70f5088876664592c089978177006be003cbec3e2c7e6496f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19a13e8b0a9f4c64c973f1555cf31d96
SHA1 83f175aa88ee583b810d4cb2858787ffc95d102f
SHA256 46c10acdd12075d9bedbcf8d6a1e722951541e1b9926a206c7a6d46e6ca8913e
SHA512 45be64409574eca3ff5dd8b53863c1b1450551aabbb9850cb774a2aef0681018ab826506f8f5bc8bff831630c049aaa405fc6caef0efb1f99535d2b345be3bf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b0ba1a66a04154fa9c87c449560dbbfe
SHA1 2f878e7e20db06af6b7bc956415dc1fde51d9a7d
SHA256 d88bc090862d35d74347f01a8ef60ed1baea1d4c07f955323e6bceeecf0baa01
SHA512 5ac6a4418a204db3de03ec23006c372bf4e6cc309e8b71f509641e60135be2584cb3961b6f3ceb7ef73a732fb0f6095fa9cee3bb66e8860099d90c2ba83f5809

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2d06e5c69dc6c62c20611e2c40b422cc
SHA1 31fa10ec5025f4221a948bd50bbb1edcfba67894
SHA256 b5a40de1068d91a370221133b00a6f3014f73625dd86e228c562effc5277b36d
SHA512 861caf8296829c5db0b10324751044a8473fdc9d538294bb4ccc5bef15875328648b24ded535785c2af4b19f03047a15adbb1b0a26a8114ca6a692bf45a54cec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbc7b3c70b5b4bd2725238a6d4494b98
SHA1 1873764441b0ed4fce7999c223c4fa1eea376d71
SHA256 1d8586bf2714c0c1958723b63cec732988bd5f8a5e0ee8c0c4d0b0a07d52307e
SHA512 b99060ba40efc2043ac451dddbc8f33610617d0c896b8abd7d2770915cdf803ad07c03cc249b1801dad43d59579a05a216a3631e93f0bf5ba1bde12a33e9bd86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\7688e9e9-6e07-4fee-b3b1-148ee144b0bf.tmp

MD5 3d16360f7c5bdc30bd3766afa735a29a
SHA1 1e099182ba2f47d9421388c14ecca66a79dbcc0a
SHA256 407ad1c8da3fe764efbb5e22329d1b2645d8d8fb5acd25976954a5b07778a039
SHA512 b54e3612349f01cf841da03c9c21005d564332ef861f057a1f9f7c818b78e3e1c329cccb8c777e32e86f48e6244b5e8603965b4f5cd9135aeb82578ab887312b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 37a33f621b168d8793ba5d1fe7f0988d
SHA1 80091f8adbb5604646748cb11a0e9d86771be5cb
SHA256 a893cac4e0e7adc5d382943809a364a9e2758e38a243ac5ebf3962742acf557d
SHA512 89bff4ba56d39a239a803743f15155aec44f5fad21fbb6aa224513acab89259e63eab5f7b3e5e80eee2588c788ce1c82111b8c40f8891bbe861daed5c2044f4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ccb1978d1c07f458c7464e7c21b38a2c
SHA1 f9287ba8c098f5f7a3b77d735b383098db2f5734
SHA256 e80a9cfaefd55a0e5e038401dccdf3206a48d87f67f04fd2551ef7154c9de513
SHA512 2dfd0fa584770a20386a1f1155e3734fafa6f3947cc7937f3b2fd81028a8bcb851efd98ea00fcbd9819d2a3afe2565e84abae831222c0d069612aef72646f990

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 296f79fc0435df507d31612bf79ba46c
SHA1 b2a656f057debcfd1a3945a64a4f93327920f6a8
SHA256 33c6c4abf3533e8713dddb64b67f35315048ec9c118925fee904162e5425a73b
SHA512 bf6e97f494c38158786f429052956aa7d5e2f90ab99e270b30ac367944cedce04010782bb76882dda766c2d04761c463802218403346b0b38ef4118509dfecde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f

MD5 72805ae7f71abfaec92d626c15339ccc
SHA1 a4c6aaa006f0e7d79a3fcb8bf5540407334b73e0
SHA256 b447855139ff5ee266c300bf35d0d571b4cc06b4bca80960da8973e1e7c677b8
SHA512 0f2d1130eb52a3daa04a5bdd34e53328b67703ab32b0c72b56e71cc823c882a62b963f383933c241c3fb3386aa2afa0c07c9d6d7aa39fb98843c0d5f33d7caed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070

MD5 b73947fdf5c00a67f9b335f61ce1fd18
SHA1 5d8b3bad9169b72e48608f477d8e45188c8c8260
SHA256 f1fc18151c988f4d2f775d9d920bccc1f669923bffd65f8f2c1bb1cdc1a326da
SHA512 c957068242baf52071472ee30a296f9da31f84445351dd574885f098f77fdd466e5928c793cafec12e03e7fa87963c6966db2cd7ebcddedc6a055324ebed3753

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073

MD5 42d74ce329ff04bf03c10c6cba3e653c
SHA1 6508eb5c9894d0466b5412aa7802aee3a1265b71
SHA256 c79e1fa5ccec708122f13424efaccf978834fc62b00556217c8bc5a0aaecdd52
SHA512 96c875ae662fc6b9ac86918ccf767ddb2691674b19f8caab92735d048d8fdf755a42063a6b127602c166105ee7d59f671ba426a7739a490011624d5455fa1608

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000072

MD5 1728b08ff3b8c2f99aa96607fbd78a2a
SHA1 81a18d07ecab2cb1a0d5ec22fca0253fb1a9b86e
SHA256 1004aab3c66fe3a9f18d12938a40cfac1a674a576420a5c4a2a20d639e4fa28b
SHA512 81a165ea3d209d8c9a66c95acb5f9f1db1831f6feef7b81761ddcc95885a6b5cde65a3fea9570c7c06015d2d4e584ee8359e5a8c184cdfabf6dcf65309511eef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3ac5e7f4e9743cf16c595b04a23b526
SHA1 540985171bbefc78e086aae3d19d31098e4f4eaf
SHA256 85415c5e3f99c36c1820b2a3435d90814c957fdfecd729c427826a3c40e16ebc
SHA512 0376b68ce3f8307a783cbcfa8040698aaa16ffd06c4bc0ccf6744359a4dd6666a73fa513ad072c0132ae3fc2c88b14ab0cd54da8fc5e1d01a3cde7b26e1554f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eb4a1ea40f1c389c344253ccc21d3e89
SHA1 98fc0f2b8e5a972583644f768e3e1bc5ec7d69ff
SHA256 a458788a8046eb523ad67936c490e4bfc432b3197daa49ac56fee391abbd0fb4
SHA512 44a20556af5c178c0fc3150be38d073300900d2aceae1677f4189306cd4d44c42e6142a0321b4ce33c01db9265e4b61908fbeac5cebc8e2a730c31a2401388cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3f285c896874984c1568fadd52b1ff4a
SHA1 c6fcf5fa613cf47d8770b5fdb79776477148a626
SHA256 8acff386229d980046b3b0a9bc10c9ac63f7c4a9fa12f181d8d95ec9d6160ecb
SHA512 40f17c336ae6d39bce6ac8b18e2cf8ae69bc721ad70edd38569ab6bf2158db47932ac7c6858f3afe3c457c5f8c30ee9656457ceb679fe5b529e75b9fc83ce6bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa5f00c39eced74d_0

MD5 aa2f12db2a80ae68bb6fc8d942c63cf7
SHA1 45670cf7bdb730a1a9a9b8035129eac621037510
SHA256 d95900f466db0c72c5253dc7313e9bfc4e3b5da656ced196b4ba9dfa5b9f8325
SHA512 118598f6c0439f202b114d6e916fed02394750b7052c254a78f08c57d9f28b0564b2c987fc5c15477cca368fab9c9d520fbbc903e586c97d58eda1162033c346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\efbf5bc4a6a449ad_0

MD5 7c8edcc52330839b51ecd7db8af576e4
SHA1 92761e27da7e3776b667600b00fbc53601683314
SHA256 1cb1530a486e5cedfcb73eb8bdbfa3028ef9196a46eee14a1194518301bd3c51
SHA512 c2f203c3a0a91b0ec269cec7f0ce54436431c897e7ea3ba859e3e68f6bf9de0a9424d2426e3c6714dac08505319cd91e83f38d99c0389e606aa023a102d6dd2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\23d009606827a332_0

MD5 1825970bfc2797145e369f3c7b680342
SHA1 1629b9a5f564092ab9c1a55d9ca9018bc8598598
SHA256 66f98737bfb9061d8a1e2f84945fc02e80c2833a87bdd4b627c31efc379a6ffe
SHA512 1a3a93788050c15467ddb0130b1fcaa5aee2b9f3aed99ff388e5c2243125b319cf1181637ec3734e825c999994f134e4ade5eac4d8584afe6a40757798112066

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31a7de853b936b876be8b339896cda61
SHA1 324e0468976819a5c2c60df2ea5656fb25de41d0
SHA256 2b49c63220a5dcc7ea5c74e53e299290c96229bead0a4b5cf6e1be88e47e8487
SHA512 39a4c7101767e525bb06bfe4e448b3bbcb69cbe796405a5acc7eafa92550b35517ad6a278fda65c85247eb5e4bdbbaf972527949e52b9d96b679e93d359cb7ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f76436ecfcb2aea0c001a55b92239e7f
SHA1 116b1403105420181beb84e2e906c780e8517f7f
SHA256 0f49cb63aae8c64a38f0805f7c55d64f9d542507818eb679982f64b0cd3c6ec3
SHA512 504e9bc717bffb26073c4c050e169fa32f94552eaaa1308364cd308b9725e5bbbcb2c93e38d2d0ba0a8a9b9501b70506b23b0924d2c1912f3a313980c68670f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 924d1629cb55cc6217c17f3310a83cac
SHA1 71b1eae6727a343c9306303c9664282fe36f8108
SHA256 e669646c0bd32149dfd16a46db54b26c2dcd26813e24c3697f90b2cd737fa73b
SHA512 5bc504850cc400fa788bec81503ecd841b32d0ad2cad99ebebd46c7d867008b4a4acf4da8a8be6362d3088784927d4215e693a78d69222d48b09e2d85a5ec016

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6a80361d052df4f7c87e737637560fb7
SHA1 de78c5fa4947f0829eaeaec816997ef190a3b91d
SHA256 747698e36bc289b7a062a13965074cb62d89a98abe78d4ebfbf7fb559aeb3261
SHA512 e19da96c9534c655350e0e0ede303afb7aa214948f76b6a4d6d5da42182cf8970233d0d734e4a56752b476e75ab5ce95c7b4318f1ae3940be78a53f8ccbceb5c

Analysis: behavioral2

Detonation Overview

Submitted

2024-04-15 13:23

Reported

2024-04-15 13:53

Platform

win10v2004-20240412-en

Max time kernel

1801s

Max time network

1807s

Command Line

"C:\Users\Admin\AppData\Local\Temp\with-editor.exe"

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-553605503-2331009851-2137262461-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6AFEC92-802B-4661-9AE6-A9ECB405A951}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{904E875C-CC57-43E8-A398-ABE0C08E41D3}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\PdfPreview\\PdfPreviewHandler.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=95F407B579A549BF8339B4E902B484DD" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6AFEC92-802B-4661-9AE6-A9ECB405A951}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarEditorImages\Stretch\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VR\recenterFrame.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\sky\sky512_lf.tex C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Trust Protection Lists\Sigma\LICENSE C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\zh-CN.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\compositing\CompositShirtTemplate.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Emotes\Large\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\configs\DateTimeLocaleConfigs\fr-ca.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\transformOneDegree.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\GuiImagePlaceholder.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\PurchasePrompt\RightButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\pwahelper.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\LayeredClothingEditor\Icon_AddMore_Dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\navigation_pushBack.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\msedge_200_percent.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\translateIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\webview2_integration.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\compositing\CompositLeftLegBase.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\AvatarContextMenu_Arrow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\common\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\bs.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\sr-Latn-RS.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\meshes\leftleg.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\SelfView\SelfView_icon_faceToggle_on.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\SpeakerLight\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\models\Licenses\Licenses.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-ingame.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\button_loop.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperInspector\Record.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetPreview\star_stroke.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\ButtonR1.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\gr-profile-border-48x48-dotted.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\sounds\action_falling.mp3 C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\dialog_white.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Settings\MenuBarIcons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\icon_picker_enable.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\radio_button_bullet.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LoadingBKG.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\return.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\msedgeupdateres_mi.dll C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\is.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\avatar\unification\humanoidAnimateR6WithFace.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChatV2\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\sr-Cyrl-BA.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\MaterialGenerator\Materials\LeafyGrass.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\Unmuted0.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\friendmask.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\onramp.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\TouchControlsSheet.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\ButtonB.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\ErrorPrompt\PrimaryButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\water\normal_09.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\GameSettings\search.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-ingame-10x10.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\ic-close-gray2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-553605503-2331009851-2137262461-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-553605503-2331009851-2137262461-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133576614627044090" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0\CLSID\ = "{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\AppID = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-553605503-2331009851-2137262461-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftofficehub_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CacheLimit = "1" C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\CurVer\ = "MicrosoftEdgeUpdate.CoreMachineClass.1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO\CurVer\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xml\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\shell\open C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FCBE96C-1697-43AF-9140-2897C7C69767}\AppID = "{1FCBE96C-1697-43AF-9140-2897C7C69767}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\Application C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ELEVATION C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO\\ie_to_edge_bho.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Windows\system32\wwahost.exe N/A
N/A N/A C:\Windows\system32\wwahost.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\wwahost.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2664 wrote to memory of 1100 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp
PID 2664 wrote to memory of 1100 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp
PID 2664 wrote to memory of 1100 N/A C:\Users\Admin\AppData\Local\Temp\with-editor.exe C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 2780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 5100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 1340 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2572 wrote to memory of 4284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\with-editor.exe

"C:\Users\Admin\AppData\Local\Temp\with-editor.exe"

C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp

"C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp" /SL5="$B0030,5359530,57856,C:\Users\Admin\AppData\Local\Temp\with-editor.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff98c63ab58,0x7ff98c63ab68,0x7ff98c63ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1872 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3548 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4428 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4292 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4724 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4912 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4108 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4116 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3352 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x240 0x4a0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4904 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4504 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5200 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5316 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5480 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5508 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3816 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4116 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5776 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5228 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5528 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5896 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5928 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6068 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=3812 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5712 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=872 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4812 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5068 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5904 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5076 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5660 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5992 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5972 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5016 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6168 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6244 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6268 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5812 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6516 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5896 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=4576 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5856 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6408 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6324 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6084 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=5228 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=5724 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5176 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=4176 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5216 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6236 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4120 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=6120 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=4888 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=6444 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5416 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=3532 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=3012 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=4704 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4348 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5212 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3116 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3032 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5096 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUD716.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDJDNkI1OUMtMDUyQy00MjVGLTg0NjItNjMxQjk3Mzc2N0REfSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5OThEMkRDRi00NjU0LTRFRUQtQTk3MS01NTQzRjQxNUFGN0J9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7KzBqVW1ZZUt0WkFGNUMzZzIycEJCNUYwUnlkdGYxU0g3Ym53c25vVStmaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNTEwODI5NDQ1IiBpbnN0YWxsX3RpbWVfbXM9IjEzMTYiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{42C6B59C-052C-425F-8462-631B973767DD}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDJDNkI1OUMtMDUyQy00MjVGLTg0NjItNjMxQjk3Mzc2N0REfSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGNDRGOTYwRi00RUZBLTRBMzQtQTNBRC03Q0YzRDBDMzY5RTd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNTI1OTc5NjUwIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=1844 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{287B84BA-95B0-4E33-A91A-46309E26E95A}\EDGEMITMP_3B146.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6e1e9baf8,0x7ff6e1e9bb04,0x7ff6e1e9bb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDJDNkI1OUMtMDUyQy00MjVGLTg0NjItNjMxQjk3Mzc2N0REfSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDNzc3NkM1OC01OTJELTRBOUMtQjRFNC00RUM0QTFFMTY0OUV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE1NDY2MDg5ODYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTU0Njc1OTM5NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODIxMTE5MzQwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xYzFmYzhmZS1mMjUwLTRhM2EtOTFlYy05ZjkwZTMxYjgyNjU_UDE9MTcxMzc5MjkxOSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1WMmVsTEhRSlpGYW5BdUc0TFk2dGNSZGlkd05rQ0Y0TzROTFh2NnlaQ2NncVQlMmZrVW00ZlMlMmJSMloyUkJ5RDBrZ1hmWW9vb3J3Z3ZhZHNzWVFPWW54enclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIGRvd25sb2FkX3RpbWVfbXM9IjE3NTg4Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4MjE2NjkzMzgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTg0MzM5MDU1MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI0OTUzMDk2NzkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMjI1IiBkb3dubG9hZF90aW1lX21zPSIyNzQ0NSIgZG93bmxvYWRlZD0iMTcyMDc2MDg4IiB0b3RhbD0iMTcyMDc2MDg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2NTE5MiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=1840 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2928 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:RnUxFfr2q4cJ_XdSrvwDmbbFkL7JT5BOk6eGknmNROUHET48NPTZGaPhBAGTgTSMuqX9Sow2C9QMM8Z9BYVNhiaAjolaVpBEU7KITLQQfiHB2bBwUJrn8KvDDxp3dGsvh0mDRi-2cSRT-wGmSopgfiElebW8X28TYnjTqCqGzsDtRBTt98rtpltqYwiBRFdTNurSuKO9s2UEcTunzd68jFPDXttYh2bim3HV8TJ6YgI+launchtime:1713188242254+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713188024601010%26placeId%3D10449761463%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D248612a5-8ad3-4d09-b028-06d55b38d9ab%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713188024601010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=4364 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:i81hUHd3GAQb5vHj8AOwI8ikDS0ut-TjH67t_Vq71DJlrjBimDyqomKn-J8QePEokswv2bMwnNljg6xY28JY8gUd1Lc3T9rG6owhn_vemKm_2BNX-kgogaqXSD97dNa6feIBmicnqtKvKWReeORQEg2gfcWM2Z5wCiaTxlssFuRWO5-DIemOn_WkyPGir5fhwhGEAbhBMfxB0_qZu-XdXIlQknmjjMlqG6lqRWwgN74+launchtime:1713188297770+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1713188024601010%26placeId%3D10449761463%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D8491ebe4-f579-425d-8d31-283a5252ce9c%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1713188024601010+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=6060 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6468 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=6420 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5064 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6552 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6692 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=6616 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=6636 --field-trial-handle=1868,i,3464754839545541511,2618213381883350162,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6AFEC92-802B-4661-9AE6-A9ECB405A951}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E6AFEC92-802B-4661-9AE6-A9ECB405A951}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTA4RkI4MjktMjJEOS00M0QzLUE2RDEtNTBBNDFCQzlFMTlGfSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGOTE0QzMxMy0zMzI1LTQwRTgtQjYxRS0yN0ZBOEYwODg4OTJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzMiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDUyMTE4NzY3OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NTIxNTA2NjE1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2Mzk5MDQ0NjQyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZGEwMTdkZWEtMzRmOC00YTlmLWEzZmQtMjdmMWI5NTM4NjAwP1AxPTE3MTM3OTMyMTYmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9bnIzWjh4Wnh2eEd1aWhnTmNpeWY0SUp3dDdQJTJmYmd1R1hjUHpMOHVBcEhObXc2WmJvaXQ3d0N4QmVkWWNPRjd6ckNZVExCNmNKZlNidm4lMmJGMjVHWWRRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjE4Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTYzOTkwNDQ2NDIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2RhMDE3ZGVhLTM0ZjgtNGE5Zi1hM2ZkLTI3ZjFiOTUzODYwMD9QMT0xNzEzNzkzMjE2JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PW5yM1o4eFp4dnhHdWloZ05jaXlmNElKd3Q3UCUyZmJndUdYY1B6TDh1QXBITm13Nlpib2l0N3dDeEJlZFljT0Y3enJDWVRMQjZjSmZTYnZuJTJiRjI1R1lkUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ3MDA4IiB0b3RhbD0iMTgwNDcwMDgiIGRvd25sb2FkX3RpbWVfbXM9IjE4Mjc2NiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2Mzk5MjAwNTkwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY0MDYwNzY4ODciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNjQxMzg4ODMwMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEyMDMiIGRvd25sb2FkX3RpbWVfbXM9IjE4NzY4MiIgZG93bmxvYWRlZD0iMTgwNDcwMDgiIHRvdGFsPSIxODA0NzAwOCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNzY2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{904E875C-CC57-43E8-A398-ABE0C08E41D3}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{904E875C-CC57-43E8-A398-ABE0C08E41D3}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{8F31515A-32CA-4E86-8006-8EB18EFAB3C1}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OEYzMTUxNUEtMzJDQS00RTg2LTgwMDYtOEVCMThFRkFCM0MxfSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntBN0RGQTE5Ni1GMTU1LTQxRTAtOTk4QS01RDRFNjBEOEYwMzd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjIiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NTA0Nzg3MzE4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE2NTA0ODY2ODkzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNjUxMTM4NDc0OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzNzkzNDE1JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWdkemY0TDJzRTlvdWMxU0ZYUVN3ZU1uRGdPQVg3eFlhQ0dveWk2MHBOR1JCY2VicTN3U3J5ZDhoZ2dVMXJkWWJyTCUyZlRlbTUwNUNVOXZybmJrN0NpU2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMiIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNjUxMTM4NDc0OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTM3OTM0MTUmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9Z2R6ZjRMMnNFOW91YzFTRlhRU3dlTW5EZ09BWDd4WWFDR295aTYwcE5HUkJjZWJxM3dTcnlkOGhnZ1UxcmRZYnJMJTJmVGVtNTA1Q1U5dnJuYms3Q2lTZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzA3OTIiIHRvdGFsPSIxNjMwNzkyIiBkb3dubG9hZF90aW1lX21zPSI0MDYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY1MTE1NDE0MTMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTY1MTc0Nzc0MTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSIzIiByZD0iNjMxMSIgcGluZ19mcmVzaG5lc3M9Ins2N0JCQzRBQS03NUFELTRGNzEtQTkyRS1ENjYwMzhCREQ5Qzh9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjIiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU3Mzk3OTMwNTk4NjU4MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSIzIiBhZD0iLTEiIHJkPSI2MzExIiBwaW5nX2ZyZXNobmVzcz0iezU1Rjk1QUY2LTIyMjYtNDhBNi1BRkEyLTk2MEZBMjIzMTU0Qn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzE0Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NDMwMEVBRjMtQkQ3RC00NTc1LThCQjQtODUwRjREODhGNTYzfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU86AD.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{8F31515A-32CA-4E86-8006-8EB18EFAB3C1}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OEYzMTUxNUEtMzJDQS00RTg2LTgwMDYtOEVCMThFRkFCM0MxfSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MDZBMjU4RTQtMjMxRi00NEMyLTk2RkMtNzBCODdFMjJGODJFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMiIgaW5zdGFsbGRhdGV0aW1lPSIxNzEyOTQ2NzYwIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNjU0MjMyMTMxNCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUUzQThDNkMtOEFBQi00MzI5LUFGMEQtREJBRkUwRUFCNTA1fSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MjI1NzdCQ0UtQjFBQS00OUM2LTk3RjUtMzRCRjAzNTcyMzAwfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90OyswalVtWWVLdFpBRjVDM2cyMnBCQjVGMFJ5ZHRmMVNIN2Jud3Nub1UrZms9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTI5MjI5NjMiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1NzQyMDM2MDAwMDAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MDY4IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxOTYxNjI4MjM0NCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6c9fbbaf8,0x7ff6c9fbbb04,0x7ff6c9fbbb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6c9fbbaf8,0x7ff6c9fbbb04,0x7ff6c9fbbb10

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7e4febaf8,0x7ff7e4febb04,0x7ff7e4febb10

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe

"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe" /InvokerPRAID: Microsoft.MicrosoftOfficeHub prelaunch

C:\Windows\system32\wwahost.exe

"C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.wwa

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUUzQThDNkMtOEFBQi00MzI5LUFGMEQtREJBRkUwRUFCNTA1fSIgdXNlcmlkPSJ7MjEwNzU0QTUtNjEzNy00REY2LTk1NkEtREY5QjJEQ0E1OEM5fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2M0YyMzE1MS1GQTFELTQ2QjQtQjM1QS05MDkyMDNCQkVFMDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMiIgY29ob3J0PSJycmZAMC4xNSI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMxNCIgcGluZ19mcmVzaG5lc3M9IntBQTJEMkE1OC0yMjYyLTQwQkEtOTYyQi0zM0IwQUZEOEE4QTl9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIyIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTczOTc5MzA1OTg2NTgwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxOTYzNTAwNDUwNCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxOTYzNTE2MDg2OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxOTY3MzkxMDQ5MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxOTY5MjM2MzA0OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMjAwOTc3OTg2NjkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI5NjYiIGRvd25sb2FkZWQ9IjE3MjA3NjA4OCIgdG90YWw9IjE3MjA3NjA4OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iNDA1NDEiLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzE0IiBwaW5nX2ZyZXNobmVzcz0iezFEOTMxRkQ4LUE5RTMtNDNCRS1BQUFDLTc4NTc1RTY4MTY0M30iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzE0IiBjb2hvcnQ9InJyZkAxLjAwIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzE0IiBwaW5nX2ZyZXNobmVzcz0iezExOUVBQ0IxLTcwNjEtNDEzMS1CRjdBLUQxNDA5RDNDNDlDNX0iLz48L2FwcD48L3JlcXVlc3Q-

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 21.114.53.23.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 151.143.109.104.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 52.111.229.43:443 tcp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 168.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.hosthelp.net udp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
US 8.8.8.8:53 translate.google.com udp
GB 172.217.16.238:443 translate.google.com tcp
US 8.8.8.8:53 227.29.151.185.in-addr.arpa udp
US 8.8.8.8:53 8.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 code.tidio.co udp
US 8.8.8.8:53 hhrealtime.com udp
US 8.8.8.8:53 secure.gravatar.com udp
US 8.8.8.8:53 invitejs.trustpilot.com udp
US 8.8.8.8:53 translate.googleapis.com udp
US 104.26.8.183:443 code.tidio.co tcp
GB 185.151.30.122:443 hhrealtime.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
GB 142.250.187.234:443 translate.googleapis.com tcp
IT 108.156.2.69:443 invitejs.trustpilot.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 183.8.26.104.in-addr.arpa udp
US 8.8.8.8:53 122.30.151.185.in-addr.arpa udp
US 8.8.8.8:53 2.73.0.192.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 69.2.156.108.in-addr.arpa udp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 185.151.30.122:443 hhrealtime.com tcp
GB 142.250.178.14:443 analytics.google.com tcp
BE 64.233.167.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.167.233.64.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
GB 185.151.29.227:443 www.hosthelp.net tcp
GB 185.151.29.227:443 www.hosthelp.net tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 216.58.213.10:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 widget-v4.tidiochat.com udp
US 172.67.71.3:443 widget-v4.tidiochat.com tcp
US 172.67.71.3:443 widget-v4.tidiochat.com tcp
US 8.8.8.8:53 socket.tidio.co udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
IE 34.250.113.112:443 socket.tidio.co tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
IE 34.250.113.112:443 socket.tidio.co tcp
US 8.8.8.8:53 3.71.67.172.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 112.113.250.34.in-addr.arpa udp
GB 142.250.187.234:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 pronline.ru udp
RU 176.67.240.34:443 pronline.ru tcp
RU 176.67.240.34:443 pronline.ru tcp
US 8.8.8.8:53 www.pronline.ru udp
RU 176.67.240.34:443 www.pronline.ru tcp
US 8.8.8.8:53 34.240.67.176.in-addr.arpa udp
RU 176.67.240.34:443 www.pronline.ru tcp
RU 176.67.240.34:443 www.pronline.ru tcp
US 8.8.8.8:53 counter.rambler.ru udp
RU 81.19.89.16:443 counter.rambler.ru tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 code.jivosite.com udp
RU 176.67.240.34:443 www.pronline.ru tcp
RU 176.67.240.34:443 www.pronline.ru tcp
RU 176.67.240.34:443 www.pronline.ru tcp
US 8.8.8.8:53 top-fwz1.mail.ru udp
GB 216.58.201.106:443 ajax.googleapis.com tcp
US 8.8.8.8:53 counter.yadro.ru udp
AM 5.101.37.37:443 code.jivosite.com tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 95.163.52.67:443 top-fwz1.mail.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
RU 88.212.201.204:443 counter.yadro.ru tcp
AM 5.101.37.37:443 code.jivosite.com tcp
GB 142.250.178.14:443 analytics.google.com udp
BE 64.233.167.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 node-sber1-az3-21.jivo.ru udp
US 8.8.8.8:53 privacy-cs.mail.ru udp
RU 95.163.52.89:443 privacy-cs.mail.ru tcp
RU 94.139.252.101:443 node-sber1-az3-21.jivo.ru tcp
US 8.8.8.8:53 16.89.19.81.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 37.37.101.5.in-addr.arpa udp
US 8.8.8.8:53 67.52.163.95.in-addr.arpa udp
US 8.8.8.8:53 204.201.212.88.in-addr.arpa udp
US 8.8.8.8:53 kraken.rambler.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 89.52.163.95.in-addr.arpa udp
US 8.8.8.8:53 101.252.139.94.in-addr.arpa udp
US 8.8.8.8:53 119.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 mc.yandex.com udp
US 8.8.8.8:53 code.jivo.ru udp
AM 5.101.37.37:443 code.jivo.ru tcp
US 8.8.8.8:53 vi-sber1-21.jivo.ru udp
RU 178.170.242.120:443 vi-sber1-21.jivo.ru tcp
US 8.8.8.8:53 120.242.170.178.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 telemetry.jivosite.com udp
GB 198.244.165.101:443 telemetry.jivosite.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 101.165.244.198.in-addr.arpa udp
US 8.8.8.8:53 22.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
RU 178.170.242.120:443 vi-sber1-21.jivo.ru tcp
US 8.8.8.8:53 kingfamilyphotoalbum.com udp
DE 185.53.178.54:443 kingfamilyphotoalbum.com tcp
DE 185.53.178.54:443 kingfamilyphotoalbum.com tcp
US 8.8.8.8:53 d38psrni17bvxu.cloudfront.net udp
IT 99.86.153.171:443 d38psrni17bvxu.cloudfront.net tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
GB 172.217.16.238:443 www.adsensecustomsearchads.com udp
US 8.8.8.8:53 54.178.53.185.in-addr.arpa udp
US 8.8.8.8:53 171.153.86.99.in-addr.arpa udp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 142.250.200.46:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 afs.googleusercontent.com udp
GB 142.250.200.33:443 afs.googleusercontent.com udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 33.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 e2c49.gcp.gvt2.com udp
US 35.211.148.231:443 e2c49.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 8.8.8.8:53 231.148.211.35.in-addr.arpa udp
US 8.8.8.8:53 227.48.178.192.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.avg.com udp
BE 104.68.90.189:443 www.avg.com tcp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 102.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 static2.avg.com udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
BE 104.68.90.189:443 static2.avg.com tcp
BE 104.68.90.189:443 static2.avg.com tcp
BE 104.68.90.189:443 static2.avg.com tcp
BE 104.68.90.189:443 static2.avg.com tcp
BE 104.68.90.189:443 static2.avg.com tcp
BE 104.68.90.189:443 static2.avg.com tcp
US 8.8.8.8:53 189.90.68.104.in-addr.arpa udp
US 8.8.8.8:53 52.177.19.104.in-addr.arpa udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 8.8.8.8:53 s.go-mpulse.net udp
US 8.8.8.8:53 assets.adobedtm.com udp
BE 23.55.96.141:443 s.go-mpulse.net tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 23.53.113.19:443 assets.adobedtm.com tcp
BE 104.68.90.189:443 static2.avg.com tcp
US 8.8.8.8:53 widget.trustpilot.com udp
IT 108.138.189.50:443 widget.trustpilot.com tcp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 mstatic.avg.com udp
IT 108.139.243.112:443 static.hotjar.com tcp
NL 20.50.2.58:443 mstatic.avg.com tcp
US 8.8.8.8:53 141.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 19.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 50.189.138.108.in-addr.arpa udp
GB 172.217.16.226:443 partner.googleadservices.com udp
US 8.8.8.8:53 dpm.demdex.net udp
US 8.8.8.8:53 www.nortonlifelock.com udp
IE 52.31.53.125:443 dpm.demdex.net tcp
NL 72.246.172.137:443 www.nortonlifelock.com tcp
US 8.8.8.8:53 script.hotjar.com udp
IT 108.156.2.69:443 script.hotjar.com tcp
US 8.8.8.8:53 symantec.demdex.net udp
US 8.8.8.8:53 cm.everesttech.net udp
IE 34.246.138.132:443 symantec.demdex.net tcp
IE 99.81.63.100:443 cm.everesttech.net tcp
US 8.8.8.8:53 oms.avg.com udp
US 8.8.8.8:53 c.go-mpulse.net udp
IE 66.235.152.221:443 oms.avg.com tcp
NL 72.246.172.149:443 c.go-mpulse.net tcp
US 8.8.8.8:53 58.2.50.20.in-addr.arpa udp
US 8.8.8.8:53 112.243.139.108.in-addr.arpa udp
US 8.8.8.8:53 137.172.246.72.in-addr.arpa udp
US 8.8.8.8:53 125.53.31.52.in-addr.arpa udp
US 8.8.8.8:53 132.138.246.34.in-addr.arpa udp
US 8.8.8.8:53 100.63.81.99.in-addr.arpa udp
US 8.8.8.8:53 zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com udp
US 104.17.209.240:443 zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com tcp
US 8.8.8.8:53 siteintercept.qualtrics.com udp
US 8.8.8.8:53 trial-eum-clienttons-s.akamaihd.net udp
US 8.8.8.8:53 trial-eum-clientnsv4-s.akamaihd.net udp
BE 2.17.107.41:443 trial-eum-clienttons-s.akamaihd.net tcp
BE 104.117.77.114:443 trial-eum-clientnsv4-s.akamaihd.net tcp
US 8.8.8.8:53 191-101-209-39_s-2-17-107-41_ts-1713187948-clienttons-s.akamaihd.net udp
US 8.8.8.8:53 x5s5cj3iovgxezq5frwa-p8747l-d48360f4e-clientnsv4-s.akamaihd.net udp
BE 2.17.107.41:443 191-101-209-39_s-2-17-107-41_ts-1713187948-clienttons-s.akamaihd.net tcp
BE 104.117.77.147:443 x5s5cj3iovgxezq5frwa-p8747l-d48360f4e-clientnsv4-s.akamaihd.net tcp
US 8.8.8.8:53 02179912.akstat.io udp
US 8.8.8.8:53 149.172.246.72.in-addr.arpa udp
US 8.8.8.8:53 221.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 240.209.17.104.in-addr.arpa udp
US 8.8.8.8:53 41.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 114.77.117.104.in-addr.arpa udp
US 8.8.8.8:53 147.77.117.104.in-addr.arpa udp
US 8.8.8.8:53 privacyportal-de.onetrust.com udp
BE 23.55.96.141:443 02179912.akstat.io udp
US 104.18.32.137:443 privacyportal-de.onetrust.com tcp
US 8.8.8.8:53 id.google.com udp
GB 216.58.204.67:443 id.google.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
GB 142.250.180.22:443 i.ytimg.com udp
GB 216.58.213.14:443 www.youtube.com udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-q4fl6n6d.googlevideo.com udp
US 173.194.57.201:443 rr4---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.201:443 rr4---sn-q4fl6n6d.googlevideo.com tcp
US 8.8.8.8:53 201.57.194.173.in-addr.arpa udp
US 173.194.57.201:443 rr4---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.201:443 rr4---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.201:443 rr4---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.201:443 rr4---sn-q4fl6n6d.googlevideo.com tcp
US 8.8.8.8:53 consent.youtube.com udp
GB 142.250.180.14:443 consent.youtube.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-q4fzen7r.googlevideo.com udp
US 173.194.141.73:443 rr4---sn-q4fzen7r.googlevideo.com tcp
US 173.194.141.73:443 rr4---sn-q4fzen7r.googlevideo.com tcp
US 173.194.141.73:443 rr4---sn-q4fzen7r.googlevideo.com tcp
US 173.194.141.73:443 rr4---sn-q4fzen7r.googlevideo.com tcp
US 173.194.141.73:443 rr4---sn-q4fzen7r.googlevideo.com tcp
US 173.194.141.73:443 rr4---sn-q4fzen7r.googlevideo.com tcp
GB 142.250.179.230:443 static.doubleclick.net udp
US 8.8.8.8:53 73.141.194.173.in-addr.arpa udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com tcp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com udp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 youtube.com udp
GB 216.58.204.78:443 youtube.com tcp
GB 142.250.187.225:443 yt3.ggpht.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
GB 142.250.200.33:443 lh5.googleusercontent.com udp
US 8.8.8.8:53 lh6.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 rr2---sn-5hnekn7d.googlevideo.com udp
NL 209.85.226.39:443 rr2---sn-5hnekn7d.googlevideo.com tcp
US 8.8.8.8:53 39.226.85.209.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hne6n6l.googlevideo.com udp
NL 74.125.8.168:443 rr3---sn-5hne6n6l.googlevideo.com tcp
US 8.8.8.8:53 rr1---sn-5hne6nz6.googlevideo.com udp
NL 74.125.100.198:443 rr1---sn-5hne6nz6.googlevideo.com tcp
US 8.8.8.8:53 168.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 198.100.125.74.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 google.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
BG 172.217.20.67:443 beacons2.gvt2.com tcp
BG 172.217.20.67:443 beacons2.gvt2.com udp
US 8.8.8.8:53 67.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.freewarefiles.com udp
US 144.202.57.63:443 www.freewarefiles.com tcp
US 144.202.57.63:443 www.freewarefiles.com tcp
US 8.8.8.8:53 stats.wp.com udp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 63.57.202.144.in-addr.arpa udp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 8.8.8.8:53 pixel.wp.com udp
US 8.8.8.8:53 faves.grow.me udp
US 151.101.2.49:443 faves.grow.me tcp
US 8.8.8.8:53 api.grow.me udp
US 151.101.2.49:443 api.grow.me tcp
US 151.101.2.49:443 api.grow.me tcp
US 151.101.2.49:443 api.grow.me tcp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 192.0.76.3:443 pixel.wp.com udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 216.58.204.67:443 id.google.com udp
GB 142.250.178.14:443 www.youtube.com udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.96:443 static.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
BE 2.17.107.35:443 js.rbxcdn.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 112.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 96.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 35.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
BE 104.117.77.96:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
BE 23.14.90.112:443 css.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 96.77.117.104.in-addr.arpa udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.200.14:443 google.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 192.178.48.227:443 beacons.gvt2.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
NL 104.109.143.29:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 29.143.109.104.in-addr.arpa udp
BE 23.14.90.96:443 static.rbxcdn.com tcp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1c-lms.rbx.com udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
GB 128.116.119.3:443 gold.roblox.com tcp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2a-lms.rbx.com udp
US 8.8.8.8:53 c0cfly.rbxcdn.com udp
US 8.8.8.8:53 aws-us-west-2c-lms.rbx.com udp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
JP 52.192.8.211:443 aws-ap-northeast-1c-lms.rbx.com tcp
HK 18.166.181.229:443 aws-ap-east-1b-lms.rbx.com tcp
BE 23.14.90.99:443 c0ak.rbxcdn.com tcp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
JP 52.192.8.211:443 aws-ap-northeast-1c-lms.rbx.com tcp
HK 18.166.181.229:443 aws-ap-east-1b-lms.rbx.com tcp
GB 18.133.14.21:443 aws-eu-west-2a-lms.rbx.com tcp
US 18.246.201.186:443 aws-us-west-2c-lms.rbx.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
GB 18.133.14.21:443 aws-eu-west-2a-lms.rbx.com tcp
US 18.246.201.186:443 aws-us-west-2c-lms.rbx.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 99.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 21.14.133.18.in-addr.arpa udp
US 8.8.8.8:53 211.8.192.52.in-addr.arpa udp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 229.181.166.18.in-addr.arpa udp
US 8.8.8.8:53 186.201.246.18.in-addr.arpa udp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 3.20.8.167:443 aws-us-east-2b-lms.rbx.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
IT 108.138.189.32:443 c0aws.rbxcdn.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 8.8.8.8:53 badges.roblox.com udp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 8.8.8.8:53 32.189.138.108.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 167.8.20.3.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.network udp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 m.stripe.com udp
US 54.68.143.41:443 m.stripe.com tcp
US 8.8.8.8:53 41.143.68.54.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
BE 2.17.107.82:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 82.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.3:443 ecsv2.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
BE 2.17.107.18:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:58599 tcp
N/A 127.0.0.1:58603 tcp
N/A 127.0.0.1:58615 tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
BE 2.17.107.18:443 setup.rbxcdn.com tcp
BE 2.17.107.18:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 18.107.17.2.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
GB 172.217.16.238:443 www.adsensecustomsearchads.com udp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.114.58.89:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 89.58.114.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
NL 104.109.143.5:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 5.143.109.104.in-addr.arpa udp
US 192.178.48.227:443 beacons.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 44.242.123.52.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:59109 tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 tria.ge udp
NL 154.61.71.12:443 tria.ge tcp
NL 154.61.71.12:443 tria.ge tcp
NL 154.61.71.12:443 tria.ge tcp
NL 154.61.71.12:443 tria.ge tcp
NL 154.61.71.12:443 tria.ge tcp
NL 154.61.71.12:443 tria.ge tcp
US 8.8.8.8:53 12.71.61.154.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
NL 104.109.143.13:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 13.143.109.104.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 191.2.166.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 135.47.7.20.in-addr.arpa udp
US 8.8.8.8:53 159.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 178.223.142.52.in-addr.arpa udp
US 8.8.8.8:53 www.office.com udp
US 13.107.9.156:443 www.office.com tcp
US 8.8.8.8:53 84.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 156.9.107.13.in-addr.arpa udp
US 8.8.8.8:53 res.cdn.office.net udp
DE 2.16.6.15:443 res.cdn.office.net tcp
DE 2.16.6.15:443 res.cdn.office.net tcp
DE 2.16.6.15:443 res.cdn.office.net tcp
DE 2.16.6.15:443 res.cdn.office.net tcp
DE 2.16.6.15:443 res.cdn.office.net tcp
DE 2.16.6.15:443 res.cdn.office.net tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 20.162.145.158:443 nav.smartscreen.microsoft.com tcp
GB 20.162.145.158:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 smartscreen.microsoft.com udp
GB 20.162.145.158:443 smartscreen.microsoft.com tcp
GB 20.162.145.158:443 smartscreen.microsoft.com tcp
GB 20.162.145.158:443 smartscreen.microsoft.com tcp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 15.6.16.2.in-addr.arpa udp
US 8.8.8.8:53 158.145.162.20.in-addr.arpa udp
GB 20.162.145.158:443 smartscreen.microsoft.com tcp

Files

memory/2664-0-0x0000000000400000-0x0000000000415000-memory.dmp

memory/2664-2-0x0000000000400000-0x0000000000415000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-EJFTL.tmp\with-editor.tmp

MD5 832dab307e54aa08f4b6cdd9b9720361
SHA1 ebd007fb7482040ecf34339e4bf917209c1018df
SHA256 cc783a04ccbca4edd06564f8ec88fe5a15f1e3bb26cec7de5e090313520d98f3
SHA512 358d43522fd460eb1511708e4df22ea454a95e5bc3c4841931027b5fa3fb1dda05d496d8ad0a8b9279b99e6be74220fe243db8f08ef49845e9fb35c350ef4b49

memory/1100-6-0x0000000000770000-0x0000000000771000-memory.dmp

memory/2664-8-0x0000000000400000-0x0000000000415000-memory.dmp

memory/1100-9-0x0000000000400000-0x00000000004BE000-memory.dmp

memory/1100-12-0x0000000000770000-0x0000000000771000-memory.dmp

memory/2664-99-0x0000000000400000-0x0000000000415000-memory.dmp

\??\pipe\crashpad_2572_KJPUGWBKRXFYNOKB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2b3fb5377972a104015d599a2b012884
SHA1 f55d94c89606de9aec5cef8de0542c410b31e636
SHA256 7e4e9c06c2bb91ed805c9dc4769967003a878123228032ca7006bc07ed172ef2
SHA512 fc683c03448014f5f1bb977deedcde60c40484895b31cab0184c9441ac6e170be07eb6db7401ab64b3689c0ccafbeaf65a110de4cea4a89f6abac150f4314ba8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f03cae53b807d69c247d1d72deb13ee0
SHA1 15e6a7cadfe8201732d7addb818699bbfb05a817
SHA256 63f9268a0527d5beaf0d15f94b1767dcb4e39fb1ef195e07a76f50ad9d15a302
SHA512 7f036c89869a69b04fc95b9fc137971871c6bb98b8cd4184b3b72308637598bac5256d373a3e6f17a5b7752aa68cc437d37d39b462914cb46629cfb1c77c3d2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 85e9f541314688bf9a81feaf2dfa0063
SHA1 5477dc2022588456d5ae6cdcbdc955d15b04a346
SHA256 1b3db1831b2bc4f8219223b9e528f47672d906d10c7b7f16f0ae8e7ec157ae86
SHA512 b45fe098488adf03783f70f6185160132b2ff73c9a2ae7abe8d05007ba5ec87dfd0fc536b52af7c90f36cc40f7084d6ca6667d91929f292440592a89c668bd45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 236015a29c92dbd64869b2fb89dff3f2
SHA1 ec8be8adf661b36ee6a9c1b51d87b0fcb2819899
SHA256 d759b698a89f6f6cba9b87714cf8891438c46520199884f64db46f5d18d75609
SHA512 9725d796867b094ba6a2c1dd0cdb3438f7d1117b94ee11199e62a74f5b727c3d50b351913a83639d89650ebf3ead9563e95ff39d1d9fbe475973ed9c3c2586f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a39e0c6ceedc4e4207f886183dddfb62
SHA1 785f54e57aa04dbb95f52654df5d0de454a7d8fd
SHA256 939fddae78f8763c8786ff2279413199bf116d35694cf006fb07822f2063b5e5
SHA512 3bea80c1d34e51dd8a9a392f81faf26595a047a81fbbb1c9ae005160d593f41c33e138378a9864b5e1995ba0c46819475983c18816ed8736b54b4de088c520f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 319e0c36436ee0bf24476acbcc83565c
SHA1 fb2658d5791fe5b37424119557ab8cee30acdc54
SHA256 f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1
SHA512 ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 92673da26354e5bd5fc8ab718f55411f
SHA1 807dfc3517ffd3a40a17d19daa471a0851048c68
SHA256 f33ba7c469b5dcafc3d7f33142ba7e2bc897a2a1c4ffcbf2559d5b97c58a5209
SHA512 7764df996e9544a37f8ae27c02bf7f47a084a5e06d41cca303406db0aa8b6713719e20c98ce06e9f16eba659e1b635ab17375c223a0b8dfdd794d36a36e48e2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed2a8d6b474467a93fd11029fddd6873
SHA1 e39f7f08dc3ea41406431f16a065a9d4808666cf
SHA256 6bc3e73a83ab6bf8fcae5a25f9cbc38932e5e77e5354b55bd46137be1178949c
SHA512 3372bf9733936a3cd9965a0d3b310bea375b334df9cd8ea2c71bab54f2f337ee3de0349a047b96c6ef4436a90073be6f2132da7e6cd1cda83adfe4bc470966d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 55d2d41bd06808862df197c590805283
SHA1 eff4f5d9f86a26f053376a9e8097210ccdce1935
SHA256 04ad9763b0fa1ccf4b04aa377a011480ad4422c36b9aa070db1c7f3a6f73882c
SHA512 73fc87874f991c15e36b582f87661e3ab2d1b4d529b200449191e63a483d901d39b89ae810537c506c5dff17b78ff46709319c74a35280a87cb98184220f1825

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c598312c773bdafe0bf759ddd37e18df
SHA1 95c82bc06d5ae6ff67067bf9b96a57e53b981921
SHA256 52d27d3a90b00d4e81d7c1d59c779209f99ef55c2d03f21f6983c260df50c264
SHA512 fece85ae47aa5cc80815126d7779986ad69ebf609aa9ff2e862efc5cb19bf46634b44db6963975eb31e49aaea17cb1facef520f5fe2be619c3955f5298976cb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 94275bde03760c160b707ba8806ef545
SHA1 aad8d87b0796de7baca00ab000b2b12a26427859
SHA256 c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA512 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5edffe.TMP

MD5 68e21f642552f1ed9a85605ad0b83777
SHA1 35f4671ec8c4717aec1ccb3ad36afd5a8b1cd014
SHA256 5bdb04e11f694a7a6ed5a7390f62615ab749f672eb4d6b26c00d17f5423ea347
SHA512 9cda052727c05a7b22bf6f4ffb3a7a7342b9f4f2d02ab485c605f472518844a4f74361c6093e0ca9e6aa9d304fa36adfa23eae4712639e560d26d81dbdbe55c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4606e901eac7f9fd2f04090a1886558e
SHA1 125ff7fc79a40a3a31bf25628549452af513aa31
SHA256 ed6874d4bc1ca570d8dcb787996020bc5585b221e7bcfb3a79c19454ad333031
SHA512 35881a2d943f337edaf48ef7fa7b64024a14ae247a436347f5128bc08c867f4edc12f3d8e6294de2655ee4fb5746265d20fb437e9abba86e8531f83c83bf432e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd8bcd53e5061077925ea8a4c013b8f1
SHA1 ec24f8b436444e54cadd5037c0104c5ccbc22adc
SHA256 67bf07b32ded0005d7579e222dcd8bdedf74d7d52ca01ec39bc7ca63214f194e
SHA512 e561bd9bf657b368da6f843a09ab394c04f9975a25d437db2e047ce4c4dc86718bc8ec61f82d87d5b4353b68db7a9119dde75af2d75ed46f2ccadfb3e0eefe35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f82f24da36c686d5ac00fd4cb288ed68
SHA1 d79a6f1895335007ccf80390787d7f84637dc7c2
SHA256 ad660b7816111c7aec614a4fa3983330780b02c36ab245c4ddf511d6dff0c0e7
SHA512 727ec5912383a428f616e174453028bb5540377303de2c2a5cb05dc095d426bba72bef400688684c9ae060a3dc055023b2d668c2402c703b1184994e58eb0eda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4a3d9bdad5f48be120e27b8b283e044e
SHA1 df4214df555e98f5316d79074857667cd64f981a
SHA256 ba59d38b645e1fb9c34f5aba769ceeee1d4b68fd7ef0407ac365402a7adb6eb0
SHA512 27947483c96be4d7d9fc3124b0f0294eb82c91ef456475faaffb455c767a29395b9a10456d79a3844fae542e6291947d6098474e4d820fc1c023ae31c3bdb46a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88113d133120c5f653a61485443cc168
SHA1 8df67d640835750c4a44559d7f3dc6c60e376a75
SHA256 33cc4b94ed99f19acc336917e533b988a0ad18d6adbb5f9850dcbcf68c36b17b
SHA512 b0691e1a96960b42464f24e1da601a6500cd914351bc862d6170643b23b10ca0a32875b7fbc9ec288f77f233f7741b038ba161e0984610c572500c08fb5a2b7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8501da7b10484fc092553cef82b11383
SHA1 28fbde81238dbe236a10ce63d03f3176f1d796e9
SHA256 a277ab410f8a3a63f348ce285a62f6f9d1169f85965c7803af4b4d39e20c5c01
SHA512 c2113a633d0b561186439b6b9e7ba041689bfa2ac767b47b0649cb9d8018929798eeb7b7c265240acaea96b5dde9b492f97787350b1580a1f843d3482b429137

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\cd903548-3bf9-4d83-b857-d61b470c7c8d.tmp

MD5 aa0bf1b448380c723b0889e4162af177
SHA1 291eb28d72a0356a773508f838e9f88dd9deb3ae
SHA256 12644d828e9c3e6c50b229d2c6866870da170029d0dc166dab2af43bd79027e0
SHA512 1759f5b9112b8480a7abc6f82198e0bfac0c419047e3a6660c16f3a657b0697c70a79468068c34b70ce3c15db1165fb86d9745c531a1bf46bc443d213d348bc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ada33a50920765a4e95977dd884f9d6
SHA1 392d07ff84557cd783c4c05528eee3782a3551ac
SHA256 4ed5272343f0069148b38559a5709f52dc43fbb13b6e99646b848749a663709d
SHA512 8c621f768a06676f198393e76ab8bae3b3e5a6e9d6bc37c13a22870cd3a608f69060ab651384f71f973204035d620a1c34c4d5d01b247867417f68365e4686c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0360d02be00cd38c9c9b84bfdd6ca067
SHA1 7cfa6a8560c132c1d8b8d43c752c9b2f20838e3e
SHA256 0ef27f427bb667dd06b4b0bc3654d9eb8a7f5fffe49f9850c656973c264f1ea8
SHA512 4c0abb899cf00d0a766f91a77aa36d52162a071552c9fd2b8b567473998fd4d20ba17c42ce2c3e72756cf049a18d6a9c22fd375ab15ff63ff77286c101c1f531

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 144afdb9fab01be9c31dc71c02e9673f
SHA1 64212204a324cc14a48c45a585006dca1f4e022a
SHA256 66651344a8197cb4837e735c9f38027278122c5711e653bf2ab159835fcd8f6b
SHA512 244746e9042da6cefb324b30d5610c04a7ab320a62cc1e09d36741b0cb1595e9ae38043abf1d1427bbd7123b3e8f18a75dae3af9aae0f1a3d65b0f6e0d4cda53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e10f03428ebfec3e96afbef4fc5ac8b8
SHA1 27c5bd819a83da5df318e7e7810de37d38bd7b16
SHA256 aa54ec69d5367e5ad04b2f615d99571f01af41c4fd5f62799980e9abc026f2af
SHA512 05c8ef4ee71807582c102404b1b9595e381d19031c8202653ba9ce881dd4de4eeb624743c250209cc4a5314a293780b830c9a284cd8c66b5eefbd302ca58ef8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ffff4819fdb879392d5b1bbf5d821dd8
SHA1 5e066482101fcf30d9321499b34ba144b6d8f32d
SHA256 70135dc571688a1e9f41af4847b991b52f221f9f75bf33d7e43c5a05de9a1ddf
SHA512 c68a71f3a50ade83aa0b566e84ae3953bce7559b19bc14cb4a5d4dfd7d1e0b77b4781a25127e9ab03638ecc76e45b498fbbaf8adb2af720ad82221b3b07131d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2572_1286828735\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 37e6c9fbaa409401a5aac0f98eff9630
SHA1 3c24c2fff4a5166e780b4cf3df70c9409b7ceb46
SHA256 e0fa8c2dad41a1c50d083cf0d559cb0d687fd1034bf85ebb912bb45ee77b9cc4
SHA512 122453958e1abe3e99ae7fafac6bc188eae378f16148adc6c5297f08cd15a19aac6a0fcf4f89c1a39ba176ced82d8839e734c47e11d4e6169f57fe230dd80173

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 b2bd33e47908890a213c5a1209940272
SHA1 40243ac7c4d8bfe65ec8544417b667992dece15a
SHA256 35f898b61a231dc01bd84bf143caaf566ab87fd49cf9da80706347e3943cb50e
SHA512 6f6a51f5e2a04662d6ef86ea9f66eac0bf8fc43d23a1762961b9fca3a07d837c97992db6e7af4d13e28c402348c94911f30ac971e1efab2b981f153851ba9ff2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 128af7f60f24fe3a6f2cf4fdc93bc6e3
SHA1 07a1903f29be4e710bb2a34d354e179ea68dfd71
SHA256 556fb4dfe0be8cc64b67b4d79468c1fa5e4b49313b8b1aca51ba0e74e00faa7b
SHA512 331ca1400a4cdd735063efc48e802be8e5d663e906d5fdc7646effed93b5379e22f06ca6731983c0a057a8a20b60cdd66368d80b4d9addf8b029301fde74f911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 11967fab56a77ac3b04a7d5853c1aec7
SHA1 d47127f1fa29c49229ace47663a036f3a9ddf324
SHA256 712a8e55be3b9c211e222c6c8877471d76b8717831bde5973ada7d0027dab9a0
SHA512 629feec6f014ebd0fe8a2563fa72799a2e147520aee74e1a8014d9c55ec604c971477d2901191b624d97b24297c4d2dc41b48236757ad85a9ce4db5c99e2f230

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5f8f87.TMP

MD5 334bc6ba84601a43316046d86c1723d2
SHA1 6971c2153176060f89df656cd9b735234f478245
SHA256 621590d5d24983706b8909bdd9a01188477e9e9315a6e0b6589b9865a4abc418
SHA512 868ceeaf5300076cc88dcf9945f9d6bdaf045c3bdbc0cb245b95831ef24d2b5397d651a3ca62e9d12ac8bf28d1673f701df90a48f41afc719f969488d81e5a44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\abbff7f4-a740-4f7d-95b8-27214e9f306b\index-dir\the-real-index

MD5 c1ec5ae28ca009fa0effeaae407334c8
SHA1 8aff896cf7ac2bcc58230286f0db548fb82427cd
SHA256 47e275f79a481fd770f451855214323e7d01077a35ec1e035df687888d10b41d
SHA512 8d8d284dc21668ccfcde394aee7d716f008e74c6d98de30b6d1e878258c4e0333bda29e64df1f6f721be28c8891454b8033c803d8dee836de39f57a03d34cc7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\abbff7f4-a740-4f7d-95b8-27214e9f306b\index-dir\the-real-index~RFe5f940b.TMP

MD5 e62063935ff6cd64e305eaa7da23adb8
SHA1 b831afce8085136d5818858e889e4e2019cdc8cb
SHA256 34e089206e23afbe02430765fdf5b00408ee750a1acc48eaad9b0864d699f367
SHA512 877684bab743e529a18fdc38552cd9f9abc4d7378ca0048e46bca4623b5d2135c920d3968fe4db65d46fdad2fd56020b9b56f37511342ea480316cad17751fe6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c471f25d896442e4e2413e9519289b8
SHA1 6c9a9ba8e7d0ed6ae14427c22bb77c1f2f788854
SHA256 5bd91e935456990b007cbcbeaff36daac6cafcaf453c28afb5b1e27119091998
SHA512 28a751d3328de44abf5a9e6c5a66a6ef66a718403f1ec6a057de7dbe4d5a75bc51678074430f301c35d31525c95a9b843dae830fc7bec60108ecbf53defa6f78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\abbff7f4-a740-4f7d-95b8-27214e9f306b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1ecf9e4e1971434e2f97c04d3b2536ad
SHA1 9c63b19b6cb9542aca103f3962d260a8f4dc3689
SHA256 e867438aa2e8ce65d2002643a603579d7c0d17b6e81a3cb2c7f6ae6722968571
SHA512 1ff371185b7a6aeb89ee5446611ca663fa17031ac1edba1e69eb91f8af72c000bb13c5fd98d9f9f9fc279eb821cfe5fb5461e83f95df2762ac8d1f7ac434a4d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 74774ddf358816e6618f7e00e0196045
SHA1 92946bc6e42fe93a4b363fb2893c64756257ea7b
SHA256 9d2ebdf50e1bd19a6eacfcb3f03b28402caad2806c81f54479b31061fddaf8bd
SHA512 1a33414b26d244634350fa7c03719eb31a1bdf07d6d62552377af02ee09802b960f8e03a0bdacae9ebae615db6360189f86763a5902e8b947407304049ba17c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087

MD5 045937268a2acced894a9996af39f816
SHA1 dfbdbd744565fdc5722a2e5a96a55c881b659ed4
SHA256 cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf
SHA512 71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b8bec81caff3247164d1f0537e179ed7
SHA1 97ba9070db385ab2d5054a904fb9aad0c05bf485
SHA256 f424b2032d43ff498e3476e876cb8f968ae68f69ad38c8af0659ecd755cb04d6
SHA512 ed5032e6ffe3e6f1fc573f72037791ff0a7326f104b51df4ab80579a2ed466618c44ebf9513f9dda3893b23d4ecea23e581da9456a8722a2229eebf245206541

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000088

MD5 0f49bb1b91100dfca4aa9527f09cb7fd
SHA1 1a9d1c5eeda4abcaa18694e5f0694e69ed13d147
SHA256 a8fc1cc23aaf6985814a81e2dc22ceb156cdaefc038374fafac1969b24e73c78
SHA512 7315d44ab0de3824fc228a9cc9b5249a548782872cc563db561a9a818d52a5f38293cd351f536984a2170cdcefafe8a0d6969ed1b6a8e3fbafd20c6bd363b628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000084

MD5 569ab4f5fbe65f007412c549824c349c
SHA1 8bd03b107feaa81907594389f6ae7204b95dfc6d
SHA256 4bcb2a08d891fc35d61507bea50084d902738f979479f4d930b1c3bfdea81c05
SHA512 cab41ea0c6edff2e583aaa108fd9751d73d9d86b18524db4663e239ce8e09471998c914a6aa3563303783850042979ba344c4a00fba975acac9fba6ac01b4c56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a

MD5 b54a39d6949bfe6bae0d402cd2d80dc5
SHA1 9ac1ce7c7c0caec4e371059ac428068ce8376339
SHA256 6d26dfbcb723f0af3c891e9e45186deccb0f7e710106a379464c6f153792f792
SHA512 d86ac61ccc0a23d18594a8a7e8e444de4838fe1b7cfeea01ace66c91da139bedf811f5d1d5732c7da88a352af6b845f25bb87fc5a130ddf7450fd6d6b4146b6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008b

MD5 7935707a64566dedf3a156cb29f6c7f8
SHA1 5b2d2f276d5325b7d28de0b01601f82140ad2f64
SHA256 66d6de7c560116a1aa3335ea65b2cff97f1297fedd2e6af1bbe70ebc613dbe3d
SHA512 18991c88c5e54d69bd0efa6fefbfe906350adc1de8067f09a6a527e13d914bd7a19ef1c395fd3172a2f4b7638d83c32b5561a98ccf4c8fe7f33c79f8f47a35bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8f14ff13bc1eead03ff73bd1b8d06e41
SHA1 4ec5e0adc341ff5f68fddd0cf6af267c2fe860c2
SHA256 b0fee39ad3ab6fb64eea0e9c98d1ba2e141d92d7c056a104021e5cf79f125a0d
SHA512 f7e19692474d9b21b04c3d37db5dc0891e8018411295c3b47f43a13d30c4a067d9707e8678864b76070e87a7666e4702385b60e3700e08931fb12e23182c00b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

MD5 551ade422b4afa7edad7ba0bc04f1dc6
SHA1 c32ae39cedb7e9e32f22c50b324a75fda421782b
SHA256 5b6abbd8e50b39c120fdaa80ee860e7a60170d9879a0438ade6a590da7493f63
SHA512 cbca8af71ad839c482ab0ff29eb9e2f0f67dba13af46023aeed9c81f0831eba342a8f026eac92665310c9b73d21c266be79f2c8b00cbe895cac33c6dc65f411e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1c786877e9fbd9a464463dddb7d3d7e
SHA1 566c82bd6607efd268e5202df022f7251d2246d6
SHA256 a95ff2a73a8c197222eb70144c74513eb98eaf289cbd10327fb3c8e5ddfe31ce
SHA512 6f34c464f96d38750833ad95eb026d3851a950b3d51c3ea54100b0d0b57b3fd326b28b7a577af9dd2f91b7bef65258522af250781e1b381d0d73ea8de476f92a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d74560989b7ee9979a3c31d1edb448db
SHA1 686154d72832ff670b04c0ec70cf28e32e909be7
SHA256 ec61de5eb342bdd323a7c2ee79b7c894814aa071cee32f2de6b07e372ff754d2
SHA512 792ce98e0fb8c7406c700dc1ad2addb2645d59135fb16070c29d83de0af7fb644df99aeae91b7225c7550d1673dcb3a31a414db2a5635ca17d15bc0e562ed0d5

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 edde93533fb18a1ebd6924a49d0961d0
SHA1 0ae39bf6d750e09d88e971c4a493a8751ff62c20
SHA256 042070e8756d925baae272ec9a717e82058da5d2ddc8aa3ea40044f54f082f2d
SHA512 f6468907611e2f76c06235fe96f40d45c541ec6662685ab42f45f7d3318f81eb365b69214ad77e6879f099a947197558ad0b955e08969d6227008d66fd620154

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 da9e1eefe35ff02696549013658421d8
SHA1 8e04de2839de780d3f371f05ed79f6e91b1cf72d
SHA256 634be82a9f5535ea9f748d15ec801d2c8bc5df1220ad6ee86c14daffb24f9a27
SHA512 f144ebfa3a20a99396987e90832fa49622e303e17f38b2b5ff9710d2e98a24e9a48a2cafb293a934ca05c47567555c6174957058a5ba102f5c2c45dae324c8c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5feb72.TMP

MD5 39d7687690b16e04980b8dd627c94967
SHA1 765934505029e2b6bb602eeac3046fcdc3b84f6d
SHA256 27b01bae84abb59fd9f2531652188f7e138ed5d9f39449e71b32e0948bb45c8a
SHA512 caa9af07f1c0ab97b0407925fc480de95ba34adbbbcdfee77806d8f59f73478e976a82e52c8007efd99885cf4e02ba780f56e93354893fe95e92462f3044e6fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d7fcde2489e74110eef6a784d40a858a
SHA1 c0e1c5cfd6224ff1a6655b00dfbbdaff0e241023
SHA256 63f65911a18258b9c16133d97982f5c914e7417c4085c4e33f63995ce4d85151
SHA512 87cfd971835d96bdd416aa999bf237176bdeff7cc04569139c9f037a4556790299ecc68d27c2f5602711b4f9dd0c46157c062649f6dc4f4524b707f7a86c2e5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\24563d05-b9d9-4945-a934-d15f99044bac\index-dir\the-real-index~RFe5ff67e.TMP

MD5 c42d43a7ebea96302b08ee87c79c0cd2
SHA1 ec92059953be090709b5cf5972ec7a903c165d1c
SHA256 b12aef6754d0446f9e64ad0ffa2e2b46976c65f6c9e491393b71db2973adcf3c
SHA512 4d871fc9253e9554a11a10d17f81a5c99c8aaecf505b3efb35bfdfd4cc73057a9e348f5176c7b454160c497edbe6cc8d7c763d7c0f89c9274fc3b493d10c6eda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\24563d05-b9d9-4945-a934-d15f99044bac\index-dir\the-real-index

MD5 6afaf17c0374de96b47f12605975db9a
SHA1 c0aba8949fc2eb0ce2092d712bfc48325d2628d4
SHA256 58dc03ab493c5a9f5f810addef1fee85028b00954e8861afd59938a82bc8c5e6
SHA512 57a1d2dacd6a0e4032f192c56132de95183c15e1181de56ac49fca7096583a63b413d2e448f49d5d22493c9d22d74a9d766d26144f2f3b61db365ca6cb5907dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 02363c6d07de043d47fb0f39457055ba
SHA1 1fad494e1984627dd1b1d2d6d67e075df4f79054
SHA256 2840316a1435a5aa70a1debfd74a5ccfc0796e67e6838abc8bd9eb61ffd42106
SHA512 205e66bad50644cc9db345c0c48a2cb0f20b69437daa07c5e7bdba072b5041cfdf04014cd7e5203bdc79a3be0e52812de60cc669874d8793215da227f73ef492

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\dark_logo

MD5 f1e4c5ddf9b3f3a8102b86ec62188b93
SHA1 97d00135cd1a67c8ea26a2883f195e47b5cd4349
SHA256 f7f7f812aeb9e4892cf53b5bac9975e7e77b0083ec9d2161b7942c94b68693bc
SHA512 27556eed18cc55137f969918e84c9ff62b450326dec3b11d1bb1ab7893b80402248f3d49cb1390f44a368979a832efee5d94c3afb2a3e308eddbec03da46ce8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\logo

MD5 b972c4e3bcd3f1ab4f2b640a9473f21f
SHA1 6343dab820a4520f9b6dab1a66a572c20b80dbd9
SHA256 4d277bb569f65de179226f8fe0dd4b976b001eafc535f5024fcd074f605048b5
SHA512 9c73b71e6a8688d2f998b0887431aa1941de1a9f9d0799c6c35636a02df0e05c9a77a85ff24f3b59b6529cff33b4ff44b8d3587d1f13c13aac6b2e6a87dd1c2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\abbff7f4-a740-4f7d-95b8-27214e9f306b\index-dir\the-real-index

MD5 3979163c5821ad455c35dc475cf65ec4
SHA1 ad1f675c6b3fd1fdb9d6532a56f8604e2a90e062
SHA256 f34cd26ac536f6549a060a8f8c204cd876dc4ecf95946c06f9c9a03eef65718e
SHA512 2ba74e82fcdcb9f278aa84f53b528c5c375df85fb2d406cbbb4fee63f275c0c907719e877fc417fc1ab0bdff062b361322c310b92239ca4013e11e9bf42f04c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0416e9c4e7a921ae9383fb6978d3d847
SHA1 b02f22482b8104808d9d1cb5f85594cc09911ebd
SHA256 693726944bd0ca046bc0286334b8f9f5cc94ffe0f45c99c7695235959c6fb02d
SHA512 45a9c037f7cdf728b484d8dc828b3eb30305e12c9b09b4672c9324504af545c8a3ecbc5d297df4227548151b88697cd1d07cc8b46f85184e8681c4581790191e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e2de1303b6469ddd0ad717b523f7c43d
SHA1 f82dd9db6183621f329f2bab08116486d538bd11
SHA256 34846174f3285016348ef4a569dcf3b16f3ec5f84be40a826b1e23d8c1ef1bf1
SHA512 519b0fdb51e70d64354bfd2ffa8669e5381838b4b71d7fff30ff98a6cc442d79082f742f2325fcd2b60b72b8a5e29d879fffbcf3472b29d09a9a1ef3f3384cfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a26dd5e251a4786ab9bd2434d7ea9f8c
SHA1 9a25f5082698bc19434e0f3ea8c1d1b56d4f84e8
SHA256 5b6e5b62c8876c10b12cc493023ecce477e66c6d373756e23e3ebc0b7b6e21a7
SHA512 a103a91584d1d015e04f61dc263d4de13fe839e5aff54bc1dc6f9e836c5c57fee0bdcf033b43918ed80dbdcc7b8a257fb640eff597303a8aa1061fcc7812c5a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51a36dccffbdbda01e3acbf2486546d4
SHA1 8b9ca7202b1c03b70beda690ca8d2397d217044a
SHA256 5e9847c6e12b0db5899b3b9e8284f813f66b6ab5810441082e32b6eefc566c50
SHA512 8decea0aa4bcb534e7a0152bb7f3287f8cd6b1da84ead706c9b67708e411ce55a6a4c55ee3558f98952fab5dc6b9880e786fb10b833632e65819fd01004f53f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5feab09b4d74e41b92c0caf2473e676a
SHA1 316aed8a9a243d97c3fc47ec9d0cc3789dfdd02d
SHA256 076e73e42f5f81c96807cba2dc0978c7a19c6fdb4a9b8df67f65db3b290db562
SHA512 f906058d8dc7db275872b72a8aece500cd20d20bf1d1dfd77447afd4b7be35400d3a35a8e36544e3a7af17732ca947496e2d07bc99bcfc78497bf4e898672a62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ad

MD5 246783feadb37b0f345d9c6cb78e94d8
SHA1 4c31e9c6232718bb5f5f12b2301eed904b8b3c69
SHA256 fde5cc1b22a5a1793600c8f3e258e152f435db2ed0ad75cc9b07a77269876b82
SHA512 a18904ba5d401ed80ff21b19783093ce918370cacc134df1a985956f4c59e9825cff5206049545659adaa26fff707d5deff4e00d6c73cfadb31a569805c42266

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ac

MD5 60c5f88c685bbb5ca04ab591f9445b35
SHA1 0aff76d426829187041e7f9c12a736eb4e20b00a
SHA256 8fcbaa0be802a5bc0a6abf2d222dac9f73aaf41c547077021f3134ec761ddfc5
SHA512 9c59a1a5f2c55a193ffc2cf41778fe7d0031c69394ed25b9d8721a73f1f3236f5f98fee6ed40f621a19fe2d17be4d4239ea13b0f5bf7e55c81b38371b4530c84

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 7997841cba7a3afe8d5609de59cd13a3
SHA1 aa69bcb4a498b38993c0904cf5d7954313f68837
SHA256 dbb4c92136775d95ee5da0d57c97ffadebdda100d093411f863d9b8eb3ea5803
SHA512 15008454f522375cde91e0989499bd86304406e391272b0c113d5e727569994a6a623f769bcd072bfac56beda1444bda6b058c16dc007a1596262c891d34c495

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb91d27e949fd449a8584ea78ab552fc
SHA1 7417126117602c7b892381d7476a62d72b2a906b
SHA256 a923e705bbe708dce709f3836d75fc55bca51ccd390b407b2b26f06b667a20bd
SHA512 002deb6cb9f56ccc262e5cacc1cd9a7296be8e96368add6f4a93199b17a9ffb01d468b9fd7d572cd8d019c7374b219da801d9bb5e061b4f713153b1ca028152b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 39e32f1c2d238bd26ffae65472134696
SHA1 c5221e1345bcbfe0a0ae510bd34293a0be2d54d7
SHA256 68872692500be29d4953b67963eb34a5709a1bc23457b1683caa1f00acc04a88
SHA512 98ca1d5b74eca514231058fa66337d3f06b5f401188d51ce9e8d761215a1ff819956f564a6ad9fc7932bf3f096f0ae2f1ba5aaa2d403eaa9f6a60e656f6f50ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 6e802165991f1776b43c9e91851ffb94
SHA1 f9e0018db3292d7f4d33ddd9a326931acab62d11
SHA256 6ab5163cda6cb3883035d4f9fc85de1b4abe397025493c64febe46a428e335d6
SHA512 4417ec601068f7f5bad6ad2cfb554c7d48f8a6acf3b5b3133e481be4fdaa253dded60d050274ec1b0e009df020c8550eeee5c8ba196d74c5ce5a32da118869e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 5981b3e7bda3ebcf43ba247f1e5d2f2c
SHA1 a9dcb0b9e81304e57a64b8f7382fc8790dac1a06
SHA256 60b776623c5d84b6c7d160f5ae71f9dc95c203ba65cfe45f47a31d75ac00c151
SHA512 bc7d7fd7ec6cec532ccd7de70eee83656456d8e18a712159645619f03bdeaf82ebab437de20455619c1927cf5e15bb068f217598f0c18044f897dda0cd20c76c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 8a9b23cc7fb0af162ec6e9d9c5febec9
SHA1 0d8e31f4ecce563dc4cdf7b9875de763a2c1bf18
SHA256 7b38afe64db5787f398afd366e84f3ae6ed42ede77c8dd6bc4436ad52ebab865
SHA512 83d2a56acf2623b8c291db8eb65f8bc52decf21c39b33faf726a8a665c67cf2e05b79d2202bbc74cc546b2e17184b0c43bd8d463112c4a2e5061c12337ffdf00

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 68724443149f0dec748569fe8711be63
SHA1 a0d56811f26abdf6fbacab3099d99983fa9dd98d
SHA256 b8fe698a70dff0938eedfb570b5f4c86fda45e93f6f13f8d27926d1f834f33a5
SHA512 4f7e81c30bbddc6e25497a38605f926ddbf48fd7ffe2aa21ddc13f8d6527538c3fa96066b9e8737595255e88846398a90e9561d54de281c916632378c624b7ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a10297e54ae6652f81ee09d8be0dfe16
SHA1 5b32b31aef1afd72cf8a69ae8a0ea1fc328e0b0e
SHA256 8257192644b7e2d7be829e6133608fb9821281b43dd1f1716c893fa9bebcbd29
SHA512 a7c8b7e99feb4d0800c77c1e41e6cfc3e9fe55f0408ebd4434a7653a7fefb55f6f037318232547ead3a0b44642f18167eeca270fe84710858fd91eb684fb1245

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 43a84e7de3bf53e82108d1dc6021f38e
SHA1 d80c9eae51300e92df7e870523254ce4e178a86c
SHA256 55ae4c9c37968f3ddb660862f212dd3a26bac72345b18dcdbc3cd48861fccc44
SHA512 2ca9e73648adfcc0105f74a9692a906e45158a6ffcb26e71af36d4d9461bdb8fb7eb7667c56304dd3250dd4be933da9e21f483bd57807a35a3cbae307475774f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d36a473de358d18a16f5ac83448115ca
SHA1 d58fafeff58d381b0faf6967cb11b82d46ecc63d
SHA256 3d5d3383f30490de57dbff62bd81b59bfeddaf1d5ed2f25abdc0a271379f0a2b
SHA512 948d34d80507ec076ca909d413c5e727a74df5c65c2a0156f08ac4fdbe3aaf9bbba5f7c5f5bfa3fa9a7205d38b2e83492a92ff3596ee7a475b0e0300f1d34cf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4fa60e2eb64b47d52554ad4808350674
SHA1 d6d53ffb673859031e892ba5a3f5baa4f4344882
SHA256 3d154eaa8daa382be78fee1879de66e8ab04e7cc4f82d8cf24d66f9eb8821632
SHA512 613e71f6c4ac33f7b64eb90bdfe4f681543690b83fbd8769863e932f070f8700225552a7e69281452e1c9e2c54cef6e0937bafe2dc4eb120bd32ac8265e77ac4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 d0f9616e49823b29e764828d1957f8c9
SHA1 7dce2d1bcc7b9a6f90afcebd81aa0e34efa556aa
SHA256 dfc4594a5a26d8e6ac90722e61e795a14809929d703c45b65cbf3473d07172fd
SHA512 aca779700089b0f3fb08973cb71d873732b5451ed892aa4256f767f5c3953c30db7e363b4b5caa39d026295d71986b39d68f594333ffec3cc8552926913a7a44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e7cd96c944c06297f34cf81dccfa1d7f
SHA1 80b76353af872c6a7d509620156748e28676720d
SHA256 53f88b2d4c8c462faedeb1363c60c4b7125ce1a56435ae734cd4a5133b85aa1a
SHA512 ddb2caa0681956ffcc368f19b7d9bea2e7d01b17e9e74ca7215be8c90c6e4a50805a1d5ccedbfe9a019adf2d2b3ff6c41468aaeaa9b64e119afb92730c684521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ae669c3f88e0f791712df673eb0ea2c5
SHA1 a85dbad8b03918cd4419d600acebf421386094f6
SHA256 5877e8274ae558c9fdd21ff243d416ce06b656b79ab83f1367b772ecce234d6a
SHA512 58171efc398a09711ecef4872fee5a235c70dd1a5ca81807a1b2485ed48ab10abea4c7c4f68e40cfcd2a3baab261a24f23c8a09f8c86a55de214dae2d61ed7ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4a8a36e9b1dd1501fe63fe52829c2354
SHA1 044122bbc145b171cc80dcf0ccfcc2dcc4b0de35
SHA256 30aeec2734421258c4f54d417d536d9c700761dc051debb087cfd0284c07c985
SHA512 3e0d02b15d7e2c6439aa68454c332d70409ee7489e9310cca07e03f4b1ec739e11cf2abe95837ff10c2d2cbb287d39d4e10998fe5da326ac8d662c6d69541163

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aec4e42b6c76b8c59bfb3f690b584162
SHA1 b7fa7bdec870dd1822731528db7dace7d9b275ef
SHA256 550f704759ae3784851832e38ceb320c017b50abe142e37ad5ebe497c226ce32
SHA512 603b757f575f55888a16a07ad53b61a3107df5a1bbe28836928255234f24ab2ccbed1cbb5782f984db17ce115e74df62b9bf40516f49a9cf447b8f48d1b41c39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bf

MD5 9026c1a039bfb1796b34eeb74a8a716a
SHA1 0fff9a37ca34aa4811e4e48f4022f1e3bb5f95d0
SHA256 4a3b444e966106bf9551108f259d543858a36d28acd8d2dd2f38e522ec922cca
SHA512 51704c92f1a4fdb55604faabae333157526fb93f3b669aeccdd04a9f728122cf81bc2c8ee0df2efa23661666a697e8f4daa491b25a64282aaf68a4420d341da8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 869523f940f95d2670cced7fa2c15483
SHA1 1443c45666a3e85fafbef945377020214841e031
SHA256 bfab9ac668e9be7d376b14574e685e80b3db1e039af4bfbea7dc22f81cd04dae
SHA512 82b257e8dc56eae6b0e4d4af946dacd5ee5ea8f589bc0e12fd5e0a4e5cc500bd981558706e151a95db9dba335c4a5109727280b96fba0a5dcd2c98d049327554

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe612fe9.TMP

MD5 cc9864249b6ef520779a3e946ee51c2b
SHA1 76edf0172885e2beea75c8ad07c27705d23b3a5f
SHA256 5a52798286f490f543aafcb20dbc7a7661ddf78bd2f34f0da26e54d31b72ae16
SHA512 84557a7cb03ac25fcaa9501bbe0853a0688fbd87c56ab51d344be058b8ed6836ab71473a0759beebb2470d08efb869f38592218cc9b798c1d29d9b565c8b4c5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019e

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1dc4fad93b5c17d745509c371d92e049
SHA1 ab9fda40bf1989ef29de68ebb7c685841978075d
SHA256 19bed97268af938fa3d168cab23482bfb549c8768bfb5f24f1d09f71dedeabcc
SHA512 30d339c4e5aebcbffe380087a9b7fb384c47882d85b29f9f7eed630780b17e59ce2be281b9edacc0a52aa73adeb5be7b14831b2b9b2e6b6695129a450b14d9cb

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

MD5 9fb66ffa1e1f4dedfd16eb3a8170bafd
SHA1 69b5d57ddda6b97adde820b9ceaddae9c33d53bd
SHA256 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa
SHA512 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 928365a53351822cf2b9c2f0f9d12d29
SHA1 078faadf2eea58180d18558a76143c919f2a7659
SHA256 c688fb48c8aa872af6eecd1e0397190a1d0ec71bb035753c9ba98288e2b3564b
SHA512 4c96acc33c1ccace87ab9985756ebc4e7986c67b70fc3b5311e54bc58e631f3ad9ee129d9ead3e801b496bd9230fb48907042e9b8c84efabb546d9436e4d5be8

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 4f9d28edc0c431adbfcc19d8fa47702f
SHA1 37a6e145fec66acce633199ea7261bf5dd3d855b
SHA256 17e5cfe0cd5e01c1cf679b2fb7da7f3eae6cac2481c41f355c23df375ee0b48d
SHA512 bb7a5f33e2ef384347f8ffa09381aee5609a5b4997a205c972e7d431effa8c89f47e065b41f3acd86c2a395e0fdcd2fa656b57c84c3b94bb2fbde52ed2284dc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 57f573248ab5ba02f4fee5089149e032
SHA1 1f797988d3bf9ee3214495a92676553e12e7e8f7
SHA256 431187849c20c31e96b6389ee38e249f81cd290b59d6c60e490ea2e545f65f4a
SHA512 2ad8d9b3f5dfe3fcff1581e05d06326c9ce460edfd1e3263b6aff96c732f41ff04d82a717c295dc1e0362aaf44687b5c06886687f6268ff0aaf4e4b3e6ddf6a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 966d84faae8f3ff0d268e7b518c7b595
SHA1 2a39e530604c36de10d1893f4b908fa4368c0bc1
SHA256 933dc1cf22196d1161b18d1cee39f0f4199d5ac48f59a6ca08cbf15544b79561
SHA512 61e011e704ac9b5fd9c8f74d97d395b5809f3ae10aaa44b0156f0d0a652feef13a478193c088dbe78e44755fc897be73994b16ca354ba7e348a2e9076b372e67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 5c349bf4369227796e3acd45b049f434
SHA1 5c571a7635bbab79f084cbd2056d53488be671fe
SHA256 210e94c9aa8ccc38eb7e5aeb757b6fb9422e0a69c60ff5f56b51dd6eb4fc09f5
SHA512 544a52d0dfacff93e579a04b291439c346f802a113fa08de4abb64558363307add00cb9b32e487930113b62fc8a63d77811b1a655947f4fae58e0a2edfe7f2e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8e6ba9c255b64ff2088fe7122e499802
SHA1 548e70d976c223fd2dfcb1d538d3dc7d2afec530
SHA256 0de51373d295cf9d2397d1db37f3511b26e5842071c0df8e217daebb00909541
SHA512 d00313d0f60022aab4468e69bc554b925b4490905aad6858713ed006971f14711aecaa1c30dc444a4262f17104065e3f351ed8309a3c061212c3316d1044fd2b

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\f3b8e82c20c4bb3f94a2d7bcd2a82cd1

MD5 f3b8e82c20c4bb3f94a2d7bcd2a82cd1
SHA1 89618596be7cb90317eaaf2d09b05d522d008260
SHA256 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07
SHA512 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5342086ac3b4725fa52f3a6755a32052
SHA1 367dab4eacf7c3c0c6e9e78f86b0a10f20a5997e
SHA256 d3562ea6dae787c204a0e19ef9034d67f932016d34851b54e4ee7ff1ae4ba0f5
SHA512 4a5619a5f6ce37687cb85fe027ba0dbfbab5ddac1f43a3427b91ef4d2dcfe95ef454b20c0329b606c1b0ea46d30fbde4355befe9215b176842694d7f0d560916

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 b6e7673bb39705493902028ce0e73602
SHA1 f9ba8320796fb6081ab13666541797e77c2af06f
SHA256 191fb7bb88cd43497437b4b1edad79db6e474f9afe5ac99f60dca54764d7c231
SHA512 7717320bacfcb8ce2f6c6f5555894bde7271e2e3782ab6e233f7f943bad1c2a379e29c4aab78b559a413a9d09314f48b5d2142ff400fe0c9588deee9ac9b0982

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1aae7620d23723328a54c8a066b2a82d
SHA1 e494f1ca78058b5757be1dce141ab817cd472960
SHA256 8c89426548ccc6773fe92f205d005fd68ac78614b1614c8f0a1416361fb18ba5
SHA512 5a1d3d656f18c05ea9089cf0cbebaed47ced1c62f5d191f3ff8f2614dddc86cbf23963e81c06fd6b10ac0c292ec7089e4e09514c7b4d51a2519e00459e7b48c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1666bf2666161c57a79a7a8016254e9c
SHA1 48b34344efb279ce2fbeeb08342dfee578ef9f2a
SHA256 8446d601ed7a07383e25c64b8c04b529a247e465066e292b19cffb55c0d4e63c
SHA512 bfbf2c83655a777010179573fda19cbbdf0a7ce42262658e6aa9a047340c3bc053000bc3475eaa8f07e3d63d927a8660027d8952cac53472e14f67f0455151f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 09b07e59c89a21f856a5978501dd7821
SHA1 7aa18b27f3dc52bceac98d3fca61eecaa240f7a9
SHA256 d32c27309e7641c629496f6794c954ebe49de72ba6165fba0bfaf93e1feb3980
SHA512 2ccfbc656b704feab75c2b520f96fd88e38ceea7def7b17a234f6dd9a3b9693cf49e28a4b4a732ff19b64262f41402223d73d9b7b32c9030a926566d19366ffc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3465f04407c30a4c093e6496ddc2ffe2
SHA1 c1bbbb2e831703783c7e84d69490ee0e7bc7d061
SHA256 2cbc738eab783599fb248945e1b1b4a2685c6959adf3541fcfa5e124473b0505
SHA512 a796ff79fee1b45ba3e9f525c2a1ef770732e8e7c9b1a71525a8c280c9a113951873c2565139106028bc365f579b6143798fa1499bffbebca3c4bf00f59721a5

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe

MD5 300df46436ba5d076b227c32967ada91
SHA1 de9d47ef0c61fb04b7309875e2f03c8fa37d19f4
SHA256 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b
SHA512 ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 eb3159fa4c9cb6f78965c6ef05ca16c5
SHA1 63c72e7f275e7f3766e8f2e59bff389bee96938b
SHA256 bda38bed23c076313d145d3b2a95fafc2a7d01c4bbb2ea4d3f1a677d376a7c3a
SHA512 d88fb3fa0b9883958ec1737fe47ee9a869366c28e4ef3c744f0ce1ed4e918a9add75478eea87ad5177e4d84cefb63960ab082ba8ec36dbe64c1ebb3bc4e12383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c339eeccd090a3b6905552434463635e
SHA1 ae26109a5f98ee5022e90c425204972637d408e9
SHA256 0a21a8e11f10cdb2e275ef99234b07e04232e155c3d2692248ba8528b7b959b1
SHA512 3a7df0f7e6b07e0cb27994c808c3cfc754baa5fbe4bed1f24beac56d80ce6421a3425defef58aad0b3fe854ec86d248c33675428b46cd07e0f4f1ca99170b30e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b6057f6efc896edaaf18a7bc0939b8cf
SHA1 94f19ec70779a47d6536b246165379e01c53628b
SHA256 65bac8ba9bc7998e3c913ff63b0d8d4d1352e02f12096e16d5d26f28501db788
SHA512 875c356a0d6070122bec3a8fa634f0cad35e912ab41c33550044280fe55962096374d69fd63b8c49da5d90be399e4acf9c91da3b1f74d3eb3571dd30d7aeb462

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe

MD5 31ddc9e1c11a44b88cf96c45b3551ffb
SHA1 811ccb9706f656e29d089e30a2ee1650302394e2
SHA256 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da
SHA512 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3603e66bc7c91459cf20ce8861cb2b0b
SHA1 ef2210656f16660c4e7f24f7edeb3eb46ede5709
SHA256 03f7abc7c066ca636f16fb285d47603e0d2673833c9a925cd08c5bd60ba580cc
SHA512 f189e0d1a6dd4da739d600a00b549cb9c2ec93b163777819415598f90a63f56ea11a4b01f66f343a9581ad7baa71cb0cc862b813aa81d3c484b237d4897d5943

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bbc0666335185b40eaddc430f174d5fe
SHA1 bb3b8abb8c1741587b74c95708434178ce067e2b
SHA256 f700f77944af7250f53e3217a7056b762a50262c08c9208d6c03ba6f6052e7e8
SHA512 bab795c05c65b9aa3d2cb0e129b1382a8f23125b3c714f5036903e5e7b29c0624a0ddaac77511ef9e5ea9b1cabd0b0a86b251c90274dc6ec2b75ca30216cb430

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4486748c8c693904c3299df2372c2e5
SHA1 212ac5329d054152e69dc38583d258aa635305e6
SHA256 03d03a5a84f429eb9b8882f7b8c552da4a001c80e96967914cd51a1d07017547
SHA512 218b8b692c97f70fb4cd3070971d65a52a168002472a6f61919ebeb35886f432ad7e78c11dbd8419650b95b428b824d91896bb014d3b6af47b5440801c3fd9a7

memory/2772-3377-0x00000213149A0000-0x00000213149A1000-memory.dmp

memory/2772-3388-0x00007FF9A1B40000-0x00007FF9A1B41000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c1615fac3b7ddbcc393b5313acf716d5
SHA1 3e9393347cc4ef020bbac6e88020e560b1bd48ed
SHA256 59336357f482171a276db73f3c80179b73b88c08a16ab0ef8a5291bfa2bdd766
SHA512 d21f1a37213236d0e2b54af39bb54e5e617686a37be986fb4657a2bd3109dcb9cb96d7f721fdc28556b833c5afb7b0f6007c5028fa2b08a76a9061c3390d2f01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54eef6c0a94e92f7b189060d72121364
SHA1 d4ddaa3d4c2acc46433976df9210c46da7f7e31b
SHA256 8efeaeea2ca89eefe01dd4bd62b57627b38f888abd264d76808f6c84c166ba21
SHA512 5f9dedc1b84877004467418a5a4259b12eb4060a265a6f8881e2cf92efd737a2f5cba47b505a662665e7a4bb680c526d5c6267d16293fef3f77902dc8ddbee84

memory/2772-3477-0x00000213149A0000-0x00000213149A1000-memory.dmp

memory/2772-3478-0x00007FF9A1B40000-0x00007FF9A1B41000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 70c32dcc751594b873d7b5934bd8c1fc
SHA1 e4cb4ab21437864269ba76f683efe48aa616403c
SHA256 b414e93a3c5aa85b9960c0720e163b9f36a1c3aced9bde109955ad4373c09844
SHA512 09f6368713e0918ee3619018f69ed95deec8b90782b5727d72a3a4f4af2225bbe22a8fce90a52b9c7bfdf756ecb97700bdc61b680ad5edfcfb0873e2832867ca

memory/1852-3500-0x00007FF9A1B40000-0x00007FF9A1B41000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a9eac11b07d621b275eab1611cfe05e
SHA1 3e4333993fe59e7311e9631206ca1ca5856c0a76
SHA256 2ad204f42e95fe6c238593c0d9835722f503ad5a64ce816914ed4e345990e28d
SHA512 0d8d08980d34ffb3eb1612b77c55659ea6b29e69c033f04e73f7df82d4e558ad0531f4aa90667aba0ddf65f54c8cf9e25567a968b9502282521eaa7aebdb866e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 342df342add7ce37c0ee03150ac37100
SHA1 e851b96f36349f0d30ff62d2aa709a5454dd9a4a
SHA256 b3cc790239cbad0fa98a9dea3bf9cef6bfe3472a257a9ba520393aa84819c0a9
SHA512 e7d4f69b1e661366508b7617ec6dbbd299c27f951ca4baaa1f72f196a6c54f7ea019e9081d6742cf00087ee4f4695ad4b9b9d79eaf2876533710b260cfe23786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae5bf7dc2ea8642fde17fb07693b8692
SHA1 7b8f76df0794220281e0133e5ba23cd71d89e909
SHA256 1c6b89d599386520a94aeacc7d70e3a0dae6e504b1ee357757a2139061e0e07f
SHA512 74880e7e165db7248113a09f8e0ba5e7b0569d01970ec4146db8e5c9bf2813ace42fd7abd1ba855d299c4399ec82be41847c1008ee7edffdbe625e3502e42136

memory/1852-3614-0x00007FF9A1B40000-0x00007FF9A1B41000-memory.dmp

memory/1612-3634-0x00007FF9A1B40000-0x00007FF9A1B41000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1b4d382e55463fff55a9ccd0520c16c5
SHA1 6d36d5bf925aef03a90867d3eafd636d6116627b
SHA256 32669dea2ad53a40f854862429e1b995a87dfb0f40dcbf05494c06564d14fb6f
SHA512 c669df97fa27941768d96f1b75444e2b826f26209ef3e09e9de6b81daa02e0d9de33ca806f69bf66689ab12ba768f708c2696ad0c8ffcc00c450c3783681f54b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2044147aaa8f1f278ca4e83603a70bf1
SHA1 ea1f9a8196b4d93194d285477bea5e9343244d6b
SHA256 efa5605c6eac803389b1662580becd0fe56b1f54074fe9a880ae5562c3d68cd0
SHA512 05a1388cf23051a8c09c0e08bdea866eaca12df0d62bea22cae07da7ca4a91a27a0a18123b661f774433cbdebca391a9690ec57266efca28ed45bbb719dd5492

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5491e16ef912be01cc162090b6255fa2
SHA1 928ef89b63f46bb42710eb2c7ca992f5d1e7a515
SHA256 6fef187a64b5a9fdcae3adecca3d027eb259589f5d445d905bfac9c83e194f98
SHA512 3537e0cd2ce813749d30d1899b74fa4c52e409a9cd4b53c4a4eb03ce596ab7b5eac73b46c51bbb706fab37897699f0bf856069d21e6e2050c91d6e152393afcb

memory/1612-3733-0x00007FF9A1B40000-0x00007FF9A1B41000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a84c8f94d2f9c1624f4b0c97562adef5
SHA1 33b0f15d398d6af1e7a7640e5371847360b686a2
SHA256 de8eeeb43a98b39159fb96926e356aec3cca2d26bcbaf1457b6baad75d124656
SHA512 9fa5d2f80e22fa5608eb93dd1cb7de338ec61f09f84f9f91ff934969a7983f4745ebe7afc5c47296a435d5258fb72286ae229e9038b0c765eb3593b2dd3fb140

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bddce0f053cd4a31f53cbf46252da27e
SHA1 5f09f1908bc8749ab427bee7bcd71bafb3cec2d7
SHA256 a887ff77087f229c025a1ab3de582f4fc0f3ffb8efa1fd8ce8c0c33dd6f5aaed
SHA512 e06bb03ca439d01940c85101948a9edd3fcb8d3e62749a3d682d0d77094a05a85b0839f50375cc114f86fec8976d1b8368a59489b85addbca9d726aa6bfd0bc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73d059d2fffd6dada29e9ddc21585036
SHA1 558ad4edc6109d0f4e0bbb89b7ba8b538fbcbd42
SHA256 b8c32a09febff4e0ca33abb3feefe0e6a994793322b0c954f9a133c15573a759
SHA512 3f6123347482db3270053f5d1b292cbce40c1577ed4e9850ee58c3104f1c7efe4785df20fd95ee48672e3d60d9eb00d1ed12e2ebad6672d8dcf77515c0b708bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32559e656bec45cd76b4297004d5c912
SHA1 38e7cc507a138677a0c3cd0ecd678fdc69ec2c1b
SHA256 ef3332493c05e192b108adb506c79eb398a50747e39fc0676cd0119bc3da9a21
SHA512 89ec5d358dce1de9068ced44c530ffbd038361b1fdedfef946c6570647eb8479e13f7fbbbcc9ec1386413595b051888a20f838e75c0d8b42d1077486e1dd3ffa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ceafd3603314eb948c5d490a1886be19
SHA1 e30d11577c623c5c8bb1dce6ccd979729c439449
SHA256 958bfa29540d59fa937e35d8c905d52442048f2d1b16a1e95cd5ddb5c19d46b5
SHA512 354654e671ba3d3f473d39370d8f4c7c48c53db0b0fb3089aad242004b21fc82de29ed7486a1e3046567f4a652edc7aef9eefd80d0430a56c8b74755fcac9aca

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 6e2b1320341e6b48ef28288b26f9b938
SHA1 3a8f73af1d1b43bba42535830dbabb335119c84f
SHA256 2ab1fd98679b8bd86088b2eb96a2647796b5bb1f689a1ab1061fa7458ba34a47
SHA512 ab9b730701c074561b2767512d08ffddae13c279ca4334b681916837f64f88fcd9dfead7baf7e9637296cb05b18541f0c48bbb2332ca5309b72295613edb19cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd79fb1fc6a05e424abe004037642426
SHA1 0fe82d48cbf728dc24221447091a565d00e1127f
SHA256 b0f4aa4397f369d0b583d7e2ef8ed6e869bd833bcbf19f3d4ede65831487c553
SHA512 62b0c17c1903f55fe0f6b54891884e7093b075a3ecc0a9956843005f43de355d2a0019adbe43db0a762b139f50da68fc7dac29956bf984706f4a00ea4d4feffe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 60b82c5500b8317e10dec15241123eb4
SHA1 8618d6a291d7ef1a57bed9d06f4dce0a84ea737a
SHA256 25782a37753855cb955aefad36079b5d8e5c38b1160994217d47a29dab9735a0
SHA512 c6dcd7b01ac79047b3d3531ea8e7df49e4e95ff6022084d4302c5b585e54612c179218e27f9389c7b491d84e9e44f50d3c7b376f120c542f4fa6d3acca043e83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f77a658dd1f88b872358dbfd7f9823b2
SHA1 e2f34f112acb2e74b4884244bed2cd0815f7b550
SHA256 64575389d3a0c2df2ffa32ff50be78adf4fba3d88aba150edd9795d227bf3404
SHA512 3971e6163bd22ecff4f3739c0c30b9a97d6216472e3181a48b624078beae92ac21b4883dc31f11700b369f7c7810c14fc0a8f48de52dc20424551e70afd74909

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 53a4b471dc6659d07ce2e8a513da432a
SHA1 8869ab3b87690c5ec05b258a8d4a25767996bef2
SHA256 c75e38ec449776fb7e9faa69dbd4d7d262f3de62038c6357db4ed0631c6170ab
SHA512 fe3c609ca8eccc90642875fc241f2b12b89b58f706db42993f2ed7ad9ac9d9acdfca8e240bffba2ddeeec484439944dfc976918c6ed77365cf99368bc4b512d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 daef8a0d582d2b519ff5684be6e1f4f6
SHA1 f5a4795fc88648f1caa28c3fe378598de496cfbd
SHA256 ca09b4924e517aa7ec9d597edc8013da5547fa946e558ebacd034492b60dace1
SHA512 366ac9380e24172b76f0fabb8997af031fb38b4415d30dd61a6f48cf13585e885e4afb87119111b117a15dc4a7dd397874878a286eb3289d55366bb6f00e9e8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 70776b90fac53a3e8b2cfe6e59972fa5
SHA1 43c514f6667aac2ca7c8ad78c962609c5558a82c
SHA256 391c9f0acb6bad0f1e454262fd0b38004e267ee960a422d290f4a0568e3d6c9a
SHA512 c85f381155f8315dec67ec311f2bed62e0c8d716e2431cba94e11dfa58a4b85a368160e9ee8878d0d6e03f971fd60bef77f4574bb8a90b836dd658164af39628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 930c9b426e069d0fb965e1fb63e403d1
SHA1 45c986a9a11644e5d402283ead5afe3593036013
SHA256 095329dd60635c91b09be54487a680a84e61bf51ce79510aeea9b83620a08397
SHA512 9ec909de5a25dd68e912096761214d9b3402cbe9fad6f7db300fb6a56136fe6400160da7f5482ab3bfa95d506631ab04ce82ca00e7191aa5df85d5f475099e4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b2b1076a7148e69f2d8d37b63c701652
SHA1 82b52c81923dfc57ae223587003c5f9fd99aa058
SHA256 03b4a5d120368f216ec88ef8f493ed29577fff6ba59184b566e6af8844ef1bce
SHA512 1bd45297c70be9be07f2d3536b07db0abfea43f9abe510ae5a2553438da0dcfc1a31f4b760a3dc2666a14da7bc8b75b457b3bdc416469e09368ac6ac454f23f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0375efcea01158f71818c7c91cb75cfa
SHA1 f14ac5e3e99915e1c586e3a524bbbcd68f797f90
SHA256 f5e7f44dd05babe63b75ac3b68a4db9a63267cae04cbfea2ee69c8aab576b660
SHA512 94ffae45f223967bdf8aaae98e7fb18ebbf805ba86b55277fbfb207a47eac0a40184522fad7299da3124b3f226fc3e18fb9fbb350fb479ea740e697ce1fbc29f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0df893e3fa2c2fcb20d7a6d14718b3db
SHA1 c6d2a93527c41a03342809509d8ac0cb7424fb3a
SHA256 8398381bf83d9d8722aa52431bcd726ab0bd328efd46afdfaca8d7316cebf330
SHA512 97813f4305f3faad88ecb17eb600aa7e6cc6497440c68192133e2d8fb23487d3d07ce10dc6dfa1c4bb8e687ff985bf481882c5b153b6f0c7adf3d99838954352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9f709e42562e312e64069aed60978025
SHA1 1ed7e3194f25782cbe73a79625296b958ee31612
SHA256 40339558fffee27ccf09270f026e48bd42a4f7c7ee714d9d290aa6189cf9be7b
SHA512 988419b7f093621a2bee3c485cba5f640bf86c9e408687302ee7d543c94859de95e9563f88e2cf1271aea4693fe103255e65186e0f339cee09aa7cea540afa4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0ce90c42b16f3e86deb44d9d4f1190b1
SHA1 c882d70568ae8812917c168f6c388d8902408dc6
SHA256 1a6e7bd3855c3efb1bd06c32a4fbf42a58555ef41b81d2ace1e1e5e00c8d98f4
SHA512 fb242cfe5a1e9e11ff3e6fb5866acd0899db98b787f2541639de9f7646f121c6aaee59f86bd236c756e65bd4d069653ea4b8bd4a22c311b54dcde568c68cd669

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be3c43474391d9976ffdbb6974fdc21b
SHA1 57538e3d86bf8146d75448caf1c8555770878f52
SHA256 70ab29842ac7f52ea5c8f9a064f68fbaed147366e3a95070203b271fba578fa4
SHA512 2bf36346cdafab9aa8fba5685661266076b38b04b1658385a25ef75f5ee7ae4133d5d9edcc3fa97e8bd72c9d5d6c651c9318f2ee0a4807b53e220a22ae9b0de2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7df4a416c5ea1e627fe0757eb4e330fa
SHA1 16a9777946975fbf5a91f9a90632ef257af7fe9f
SHA256 a84418957b5c3f0eafb028e1efce170423f0c5944ef49f4ae5e19f8781b1cf14
SHA512 816ff87ee9eb3fa04cd5680bbfc1f733e5bb27fb319b54f7b5b119dad11b44888d0ef65f0b5675e6d0e5a95f8cb463d305f1b1d003defd4ef88142e6d637fe3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b9e14c8ad9ce3ead63bd8fe4c8e85023
SHA1 f23139451dd135911dae26a92fcb577ce81f0b12
SHA256 26961fe5057f46b15a4559ed7388f4a126f66d49a8c9269ba95675cdd88648a0
SHA512 901ac02676d53d6a3cdf79a03f909e8b1802634e8a2ac66da1cc7560e1f6005527db650a6133d660985daa28a1085149e0ea0466bea728760f4a04525a20b847

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a7da3fbc78f41af5892a69d71827c3b3
SHA1 ec7caa220f51fb347b1928743fe5688039fdcc63
SHA256 cbc805b1ac844413132856afbe75b85a0a0273bc40ae9be661685e4f13be7355
SHA512 a2b61b1e68df187c393c71b5a678e19c1a21c4c9e0b288b6b93188288ea8919e96317a13c8628ddade48e6dfe55834f32668ce0336ba64aa06535912feb19649

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 69a40c0d424921341d073a11210074c5
SHA1 bff82ad4c40780a72ea1442315f3aa8d7c657a74
SHA256 26fd6d9510fd30fad356db7d56379df86a88befcd775567ccbae1ae991e3f758
SHA512 168cbb1c62d78bd96f173ff81a341f2a24f5792a3f7dce06bf2ac45d93a83a25e8bc76e246d2ffcc9ca43843947bf6eb935df3d34247df37d6b67d8f039c23a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b296e04c13c12eb2bbdb396ae712d75d
SHA1 1d54f0e30d40f8de2cbe1055f258823e7bb5ea1e
SHA256 4149ff5d8b9bb4076870174cb5cd096f0f8f78792a402b1a0c7d00c24d165d3a
SHA512 4f04592a552232827c59198f296075036829c4985c1d443af68bf4e69415382d4d8ba699c215611703d1d4ec86f84e0fe1db8495f6cca4d4f43270109fa6ba00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cfa3b060facb115b5428ea8e29b9394f
SHA1 b9ee922f7fea89527c2ac226266a6bdaddb0ad85
SHA256 a668278eef5754c5d60e9a1e8ba7a98d6775e7a095e0cf7e93ab842dc2d9aea7
SHA512 ad17d74d8242aa3b5884ab3f89c978a9d19b3450ed756cea880c576f5ea51d2f96cce1a91bc56496132aa15750b71282a17e28163c290883200e86a6031a0be9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2add05abdf025e671f0039a39828ea4
SHA1 09922720c6259cd706ccce7a3a6036544b584faa
SHA256 86243d3a56fcb0a11c4843b82347d2bb777875b912679e7e44979924d3c1bf4c
SHA512 4b17a2157cb3f52b2e456397409cfb7180e033a1d29d2e3f09400699ade192f51be71ed5e5955d6d7406a98b4f16f52c50cd7f2da84258c2296d0c43b046dc5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c24bb320f8fdbf259f8e5a2cb5033a62
SHA1 0955a778ac447a4254b258ebbd27af1b94e07dd8
SHA256 7e3c98a845cd752542613f932c0f5d5cfeb9aee80f500ec3c120d75673296eb2
SHA512 529a164e434c9876353f539db11e35e905406e8b4e79bc06e76be792c49074cf73e0a16cac8566ae0fbc4c25ed1950e8012fb4411f6eef2b96989c8710844486

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88fd2a61b085bb7137167bd1eac48c24
SHA1 4157d40d6b44e1c6527a9eba4b11b24c91b1adca
SHA256 7ae03b01c0a6a36721fad6b4a2f1e9af3a5615c593b8531aa304a0a658ad3952
SHA512 c74a99a1987b4aab2f6256a6db5f64f3dc9bf757ba4c155e689d1b291ce5f77f06c379cd5a055ae66343c21ccba853166df4623c69135cf234aa156783342916

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 acd99b00408cf097e37c392408c31454
SHA1 ac52fcb0a6f156cb2aa97c4e0b723b9077074594
SHA256 48e4b023d37a4c0c0af90e34ef5c149214b3313fac1c1412b2da9ded7e776c48
SHA512 5682355f73657bff2d75b23d3a93944d57a02492d2f643f74d7a64e4d13b01fe5775a6f8a9dfd2c1e4e582dac7e766dbbca8b2db76d56c876ac10d9144030929

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 51fa44e8ac45f716ec8a654643b893fd
SHA1 606d65ff0a395904dd84d0fd20206ece0cd822b1
SHA256 d81e536ad8edd99fb995be677fc7e5bb7bc62956839f34c533055ef3dbcd7d68
SHA512 d86dc56026ffda1b574ca18c12740c66abcdb87156daf1eaad33ac4d66595feccaa3e11b97448609cadc6e7febac96e9e7e086e41f4e3d3aef7a300af4246910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c3fd325b4d3a94417107ec05f931ebc5
SHA1 fe72fdd165787dac5842025d7fe6adcd5d4390f8
SHA256 97367d6d49558cce2ae69853bea2a451d895ac7ec695fc0f2b9646b91c9993f3
SHA512 245f22734d994621abb62b05a225f665dbbd4ee135e72b70372b52194e822abefebaa81db208cb69e06bf02b69d23575698ae37442584c25dfa5694b9976a4b9

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.33\BGAUpdate.exe

MD5 09fc5490d32c867927e960f673911ebf
SHA1 2ecbee3518fb701959d2539a88892391250dc010
SHA256 9014827c68fd6a31ccd7ec1c8f182cfeeb60962760391446b45c264e062daad6
SHA512 cd295d344bba456cdb2394fbe736c7b52c8f20e2776bb6b37c0ecd7068c841a646208e4bd0ebb4cb7880fc15caa8b18da485340ac8f88154e61cf76fb16e8162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d45fc4ef1da02df67f8603c1ec1b6be
SHA1 a8e3327fb35642e8728b52dc94b0d5c80a5e76ac
SHA256 12089bc7dfe765289469ac8a981329e2840363175aabba841d286718f74b7461
SHA512 784bd4f87a746444e2316147a1b0f02068f040d886722ff8a3d88cd99e5ee3a708586de8389b64a17479296a46f4428efad2ccfeaf74eec9ae20e7a7a39969db

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1853e410bda15d0fce19257772d7f53e
SHA1 659b65e24b8a7d99568d0e7f0df861cd242d157f
SHA256 190206b01338dd09353f01be3069f9aea18103b125c0c8c2ff4cdbccdb47b294
SHA512 7477908109fdde2fa342d266c29f9632856064f84f2b2197dd1d1e5056fa06654f2ac410b25f4f7463668be48cd22f98c7a2f9de919facd53a767abc119b6331

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7f7390ecdde7b17bc2e25f28247c7d1f
SHA1 823736cb84400c3e6a0689ff7ea4747bbe6caeed
SHA256 c5342f5b4c71dd4f8abd43e994da69fefb05f39af49f83f4824ecf9e5c1378a1
SHA512 f90b144ead8bdf0055ff6b18a2967985cb24381b8785d80386eeca63354a7025517b55c1ef6f2d2c9e97da2e8a61e2cddefef8a4f8d60e8f31d51e724d9fd7f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9fc24049a1cd0d21518e19060eacd48c
SHA1 095f06acd130aca73fac93baf8d83acf010cc67e
SHA256 8a1063c9f45bf0bd9fe46bbee6ace310ab8e3867e0cd9a57f500bb478eef6ec3
SHA512 79693582787632312fd81182e6cd863384df176f6e2bfce465d4a709c66f1a66429684540965fdd9a18cc5efb91be162d3116a8af7bfac3e59d79309a352d99b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 339f1c7c9abb7cdb282e020d7c16bef5
SHA1 1b44a790bbcfd2a01e9df35f45f57abb1523a45a
SHA256 91d42bb7b58c654d4a5686725c8b99f225d595b3222e52ccc165dbbcde7251a4
SHA512 631fa0ebdf0e6067e6723db5738d25a0a22bfccf567f24095586e48dcdf8ae48a2bcc67662ea2b31c8d5c650ced042eaf547cd090eaf8cbd25e673adae25a681

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d60000994a06dd786241e7fd017f3533
SHA1 4d03cf89866f2b8090683b1fdb61cbda26758a4e
SHA256 cb896deaf6bd64ddd78a1e12c5d47a7b79667d81d207ac4ef57578563fd75e0b
SHA512 a1617c8888ca8c5e058da406ceaaa6b5396c4e1fe2de2e94310cdd6be5fdccd7bbefce106242ded81373b6c419db1605ad009577b79e54aec63be19f6d18091c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9540b0357476a00eb975c3e9de897500
SHA1 82e010207c92fb08f1065600e54c101de3ff90ab
SHA256 00e60ff5f9ea6b6d81dcc78cea1bd542affb7484f17e859123a76fcb6fbed634
SHA512 73232e547698320ada74354b71c82fd28ed75302626cf5e044751a602b368b92251c930f81e780046009e0b17be670a7bfe63701a7e62dbaf90525eeac80f0b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b1da056223ddd764bf77c126c4e439e
SHA1 345ceb03d44c490d6a05996de12bb2354ba10388
SHA256 6a516361ebccf61319fa2db5c2808705984f245f50de8ce72c4e7a4a130dc3f7
SHA512 753085691a9f1d23b1f7303edf6456326c3fbb2465c7713c542a4df06b655677c3d6fc006e62656e6e2e6221ea523bb77aced9b9eab4e89a0e39f37427694d4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c2702251c44b3183cce91480d63eedd5
SHA1 c414dcd2d64f2bda2eb3bfaec90e0d360416ab37
SHA256 d6f5c7bf408b73433c1033a25244af9083d1eac11cb0c761b78ab98f1f3ea6f5
SHA512 e9b6a2e9440015b073d8aa49c30451e56fc9ce6031eed47403025013ae11f506560095baf072a5feae2662c8d724dbbb889cf4e371f087890fea32713ca5693a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 13f3493cbc5eff2fcd868b6c156476bc
SHA1 717b9055bda71384815848d18e381f4723c1772c
SHA256 824468b7e98379d42d572da94ab5f31e461ac5f7b89c07cf3b758c14ff2eafe9
SHA512 8e2756bc36d25d97c70dd0f1f7124bfee852da2fd4fcd81f352baf8073a8c4efbf9b868a43cb9f6c8d7d19f568956df2ff3f411fa0f06340e1139ef43d77274c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e9472a985d4cf37883ceb8085bf0cf4e
SHA1 d4bed1689e87ac74612615cd2514d674e8c64365
SHA256 f051241f452b6568bc4e6345bed7158426a05cd7604410ae2bc79280dba64b44
SHA512 88e028b943f735c89be05dc956f597aa0694811181c32693ccd1769fb072dd4e7c9e19f928086e2e02c6a3594805ecc09bef5d9287153c258d20d20d20bd5ac1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 22084b1723c616f066dd540b8b06e909
SHA1 fc935a06782d9ce86d5b18c222bdd1277bb2ec94
SHA256 3fb36b8171f781ef42aeed0300308ca0976b1f0f2d3c7fbb20822d336cbc06fa
SHA512 e5efd1a094a58ccf1bd785eace131a1da369a5d85b050b754d2fc55c3628d09011051e27a41860b69dd28ff9f9be89e7e46713b8013b71d402ead1c664ebe73d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d17ea99d942ae7c3b681547003ef90c
SHA1 8175b3079a863e47adc7325dbd5b056e4b064451
SHA256 2e948cbb75717c6761bf0e7dfae89c2ab2fea0ff5f8f5046878162cf5226f3db
SHA512 eea35feecd3383839866e1b75ea14d823ffeeab8e787182d3e98d8908b4d74d8e3c4c10547ac1e9438f53f365c819d8f2b092a0ac179b2a7941594f7fcd258b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eddfe2ac31648d246b98ef0e3830174c
SHA1 d1e5881d497e617a92ee894af36903d415ae247e
SHA256 5cb718be55ffed084ed4215081606611711c2af9596fba897a8ae6b2229e32c6
SHA512 e8fe4a7d3a1cc4d19b2baefd51681fd8a8700eee02222fefe1abb0eceae43d755bbe1efa490410b7621ef5e292b9a8eaa4706f4b93193605a96c9c100fcfdd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dde26bfb67ee418551c69643001c7de0
SHA1 457424ee505e93e6a3bb56add68e52092898244f
SHA256 7e18ba0cb511b2912b72b38ce9619badd07d74749f2528ede6a494eefcc34905
SHA512 b2e9fad078e9e923fd52987aa564b63822c6846d81126488d32a6f14bf08b783fb2d4686a86b28a64abe6ab27560f8e6a1ba94566443c2716bc0d5d40e615855

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88776ac520f4b31e33a5bed2ba86ae84
SHA1 39551d3283043e32918cdfb971658b1bb7265dbf
SHA256 08a32f6638743ab1082c8ff7a26ebecfbfa93220bfb02a9f99337eccba2a997e
SHA512 42552047079556e357c849a60b2f64fe43d334e684c337e69b3941a97401f051f0fa389709a75c7a0ceac70f2ac41f24e676db30d131398def6c01eecb996665

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 90cb14021117220b147943f8cc619776
SHA1 b786ea0839e6f9256cad603880d17597a024840e
SHA256 d2c8cd0398f12c2b30d395053df237736c1996feb852b8afd07a1eeda8aa9f8e
SHA512 d891353ca4fb5f2b753ce3898707c277cfe29f57ef0dab497b7e99fa1e70d321f91f3b8a57d907568ed8724cb07d3ff907e945900596f58e821795f1da69ddbf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a21e4331ee3f48a52727f0e20d549ef4
SHA1 2e9875c4ac60df49bdadd1da54b7ff45c37fcebc
SHA256 209517628543bbc8817012938623558d5889dd2e73fbf768905ccbb06c79618b
SHA512 8c8f14dee33299b6b223a06911d58fa01d460856a8a34903829a20f3f269708fe34973a59705c94c00f3c7ed87e8f2f6e438a600566e2228d07904d6a36a9ffc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce88d510ffe0cae6da66123bc6b54150
SHA1 7058d8802d27c4cb203111214b231830d8059dd3
SHA256 ce018b530bcde2422f121ae7ac51b37226795b6d59beb6e8f074459c468decbd
SHA512 38397b7000d2d76276205f730ffda309aaf5db84f28b86965c4080f46ea31cec1f9bc2557c631a221ef47226063d98506ef8a9da3e0ecdf44f18ed012ff7db85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d1fb9706ad22ffc5cbbc524cb5a43ed7
SHA1 00b3bb777f3c340c92621494f532554686e5c0bd
SHA256 4588b27554e4e896487147ffb31af5955a2b0ebe2f78bf585f4d457b8ae5c54f
SHA512 3a5068f301efb6b7408dad77c12efe97a9315f9c570b2668bce5fae66d00a5b2a888a626fac018e9ce8154d62f71db02857101b249b534e7f4a8895538851855

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d132cebd6248994d334e661201b12b1
SHA1 2e9c8f8d9a91820bab2aed61163bd68a8f72e083
SHA256 8d31a9b91ddc865cfd4e2c7d88cccf3f211454dca654f3e11bc534fadbc3903d
SHA512 b7495d0c6c5f48868e61e7165d4bb279ac98cb434908ab98afa3691e9644037844202a504a65d4aeccbcf273a43cfc7c73c6f9f98a39464d5a987f326ae8a89e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32788fbe786cfb35285d5c7e63c035e1
SHA1 dc7d5df51052dca577a74f0d5401f8cf9e545b79
SHA256 76409cc236fa698aa4fcc4caf8f82da403b1244e0c31f7b3a4017781a3ce7ab0
SHA512 d3741c4d85e2b22918af126e84c7f7b957d809cfa9a1b3ddc775f680ec45dcbe7c67c4208182e5d4712b4c823f4c8fd41fa2dcd58b5dc728f19a7fa6eb491e8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af4dae69a8f67b0c893e62a1bcf01307
SHA1 c7151a07c58d0dd29580067736d3eb85f40f68c3
SHA256 fe3de40543a768d180038d93bdcee78479835e3f8ea795f616636986ffd6aca9
SHA512 d555407f5ddb450c34dbff94c6d47c19f388bcde8d858d4bf348962b9345a613566971d629acf48573f255fa54f364eba12f1199e5f945bf57b67cd1c40b6812

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 231a19c38cb138bc195baf88345bf2e3
SHA1 8df24dae236144eeac4a76c5c4f039ed424944fc
SHA256 7c024db3aeb39e22e375303e97bfa5dcb72f6c32535d4301f6fa508ccd412bab
SHA512 512caf1be5aa1d4a417338b8f6a4b2f6ee85b02f5856b5772e963ae8e7e58717418295d5f9c402238a8e93351d10da2ffe33c0eaf51ced9dd256c2552df92d7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 959a2b90020f10a221081a1f2c73cfbf
SHA1 4f819019335dbd48c7139fce402821228fc1ccde
SHA256 a1560194a57b885e3b586dded03d143242cb619ae1538a75c1a583c7ff3e461b
SHA512 1669e98884695c2e25634aa21dd0d2a61022bea5574721c5a03d1396f3f03dc297268821dda1b00c537762d55472cb55de866ef95d1bff2dd5e7dc775f79de5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d31d2699bc8c90c232cac7cd49d1ebf
SHA1 183e661e5b0ef38906b10a5571c137fbdee0cde3
SHA256 ed642c14d5a67f049ed0fb084cb981254ecb2432b25be7b74b54a7fcfefab78a
SHA512 4a7bd40d1ae13c1634c6b7b835c3cb8467535006df17c2fce8b37d6384d29b76eb6cd3de3688ac0be825f1eb0404d9e821d3204ecc27edd171a9b7a52cced7e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45541fcf56e726667674f64204d29d4b
SHA1 09633f93ddea32e916002e74d57aa58a30388704
SHA256 6c89ea1735db3fa8d3ea834adb25a62d9ab61bdbb85cac757d46d1efc81363e7
SHA512 080a777b89b9ae5d9dde5ff2bc966688f3c2bb51435dd8ac4c781b51655030fea35bd83b501e626ad33269e827956394196feaef18162eb752c98684083ed40b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b7479b4b20f3d3cbf50873acdb9e837b
SHA1 83b783ffbad97157c7fd9a1282d32d03ecebf531
SHA256 f99e88e97b495f4a5ca3d03bd041aa945bdfc97c9a14b552a73d1a87e37178a2
SHA512 cf2407cff85a8f4549781e7305ca0b98d5a28bced6be8755504721d4b8bf04ff08098d55f38f800b9ffbdc8ae9d7a46ecda980e0f7dc5dbeb670df841d9fc221

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02443EED-47D7-41F5-A123-B4E250A2E4CC}\EDGEMITMP_92096.tmp\SETUP.EX_

MD5 2415cb112f130a1382726afa58a0933e
SHA1 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c
SHA256 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179
SHA512 a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6060f7bace8d90fa7ddf67f541739c5a
SHA1 2cc9c560851d7996f57cc0f2a1cb29eeef20e718
SHA256 3e89ee0afecb49030932a986dca37d4a8c947db64ff2ad98ebd6cc857e05caed
SHA512 987cecc8f422c4d7f8d578d5c5ce9143b14e64373ec874287ad5b0c23e4955095a13a0b4976794925ee89c72859acf2988e4d22efa732098ec51a4979767943a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 44b524050bc753a4de1d7aa8f5029593
SHA1 e43c253599a0e174153498886843069770a8d411
SHA256 2463e79c02336777564738d7b31aa247b510e4f923457d28f431b50bf11b559d
SHA512 70154bf04e1c403d71cad2381cf46269f7960f1b6928434685af447ef504b79f92c05300452cf5a450d3136aefffc0bc658fa9f67a03fe164677299eea8ca3e0

memory/3116-4958-0x000001A153220000-0x000001A15322E000-memory.dmp

memory/3116-4959-0x000001A16D740000-0x000001A16D74A000-memory.dmp

memory/3116-4960-0x000001A16D770000-0x000001A16D778000-memory.dmp

memory/3116-4961-0x00007FF97F0A0000-0x00007FF97FB61000-memory.dmp

memory/3116-4962-0x000001A16DA00000-0x000001A16DC49000-memory.dmp

memory/3116-5025-0x00007FF97F0A0000-0x00007FF97FB61000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7f4d98e7008404efbf29861561984b54
SHA1 fb619e18e4d07af1b14d262cf3a55170f7bd0351
SHA256 4ada0af45bde25b1d8f709e5b99875b8d3a9a722acd7b599ff3a48204289fab7
SHA512 d68974d02a17301dcbec8fdc6cd3e8018db7026bf6b620fc6a9f2fae96d221169a564a180b8f5bc49963e1c28ae19baeba2838c9e7b3ae7dd9997c1cf99b2320

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 edce7e0382b420d75cae92de0c7ce146
SHA1 1d8e8b6cf4c57a4276387dc3ba0cbfe92cd4dcad
SHA256 a8e1a605b06652c1939d548dbf9872691d8edb1fa0ff3d9720c0706d64a8948e
SHA512 97ee0aec67b1f38527035b31a67b83c1e10680c0f1317ed4280f98bd3a14bd797a759f3354a3920888066201a414dcd628621f316b1515401533118ff11893d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b6dd9e2655f4b0d6fb3f69d459d7d145
SHA1 b64b0ed82d462ffda13b11b2d4722e0ca0c39ff1
SHA256 b2af93f5202342eccb0afb47e1424ebcb7d7cdd8576e2eedb1107af567c2b112
SHA512 118e97df158c9c273f57ee12995598fcff1602040cf8a002bbebcb1089a7d857e62758a842a69dea1171830bc92427c904e1ebd13f6c082e6848ea44305b7838

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3b01c389b39d45d710a060a62b597015
SHA1 3f65b452fa174e606a96059f5338f19c56823aa9
SHA256 9d17c333c2e59fc1160f3c76f01e02a90ec6365249dacae55801b98f77208a0d
SHA512 4fa28c5b75ac0ce2d63318200d01433c36eccaf0651b5ec169d7c5b7802b13bab96848dfa7a9ddcee4b36a97076ee5a19dfddd09c1c378c4519f1bff5a32f29c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eaed0a15337a60b35d37baf34331851c
SHA1 cbfefa9800ad1ec04971c68e0d54be1767d73444
SHA256 3f84b781db300ea921e07c666e3afc116ab9d69dd213c9ea5373875e8065f7e5
SHA512 cc922bdcade20fdf7719882d5528f0709c2bca070fd10987334c3bff7a88bd750668860e0171c97191392dc3c5014090b7434a807c8b954ceeccb37b01d83656

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a4b31a507ec4d20fdc74f5076010ab15
SHA1 86ccec34960f6d36f712527575685ac39f9386f6
SHA256 e26a39c3a6bb965aa3e5498f78ef169dc9b472cbb28c4a18495a8817bdb8e6b9
SHA512 70fba4a5a5dfcf698847552f8e074d052e7f487998437ebc02ee229bf5b75a2125f5d6c758528d4807759fc417f4533bfe7e6f1f9d31caf0a810f9c0b66ebd5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 377bc08401930417d78174147d8498fd
SHA1 772060e9f69804b40cba52c39ec77697df428313
SHA256 78d5e08449fcf175c0dadb7e6ad650c12d9359c2808beddc60b84f50b8baa1ad
SHA512 ebeaec2780ad959758493aa7a2580abe06be7b601edf32d42617a5a0934fe35afef0a06eb349c1992bf4347542a468a1ff07e3f973286b72db0a779c28b506bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 491c40307c37b49b908fee68f630969a
SHA1 c4a865ab746f7cc4c7234f9331ee5eb21ab0e405
SHA256 ab6571335409c05d7fc26d501d60d328ccbcfc1b7c7573b65af31939436c923f
SHA512 1a2c3f561040aecb2320049cd491abc0d8d1b211f9dadf613d22361ce890269e5bb57dc9bc85d10f5472b9b1f876716a804209baa14c7c4c61b528c62eac65d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 490c2b64f588a24cdabb6903bda6ca76
SHA1 3564904125a239cbac3aa352101c926f43cacc6c
SHA256 7963d11d238202638338e1cfe3e1f323d88fa90b553c7a955de66818c31b445d
SHA512 56cad62b4e6f7309206a93d9d63a2ecc28727b7b01b4e3c77934b38f1c76f53e6a03f86a7306fe678d517c897dc39d889ac77dbcf8c80d1cbf53ea8b03266092

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9081fdd5cc58cb2ab60bbfec91c32385
SHA1 3be4eef884e45043c43bc7a47373ef06bb0145aa
SHA256 e5ad51ecde2495665c78785b6b5fd06db421de3bb1747dffbf1966c6e959c622
SHA512 c4a41259674d085ae4a7657d3b3bbd9e272d6ed1a0a7bca051a5cda0f94dd78357c25647278637848842b0971a73e3551dc28b41770aeb5a8671fa5b49df0da9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6181bf40170194930be4a8ec7472e50e
SHA1 8da50c206114a757ed60d6725f01e47281f2f254
SHA256 5cc43855b8579a19aad69727375bda148875cab44fc2a844c8038411f22d109f
SHA512 bde279e3316e984291634cf2b1085284deb94cc0431fdd079190dd0e46ecb5dc74f98d753578faebe74a3d186e96c4063f0e7ef8261e2a10e14f8ad6b6cd18f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 442818e7178121e271ab55094195fb7b
SHA1 320a8ababace4c05d88ec9a5e34e3bcc2820b2ca
SHA256 b08ca40024e7c2cfce4a34ca00827cff5c7c26016e1396547ad726070c9a84b3
SHA512 1cc72c79af5ed464e27b5d0f85488a5e36ee3a5f214dcff064a34c9d97893e677fa70a4492b7addf40bcbfe020a2921d92b9ed5b63ec2366472f404f1d3c06fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e08b4a00df691933891d1e152cebaa03
SHA1 0cb304ceb71c92642bb983ca3a9fcf9f6f6b4e18
SHA256 fbf3729bc3e715fb1f34190df1af73fbae7d131dff6b84a8de7b4d0030250171
SHA512 679afddfeaadf2a451b73b003028f33638f3d05d1a0ba95a00995427566d6c97591bc24c78566d06ec40a194f95ecbb33f48e16441c2b8b8650dc61c3213db85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b63b38bca66bf17f9427b5854cac8abb
SHA1 af8941fd3d21978ed1d48f25286b57ac5a9f64ce
SHA256 4f5af20f87ca15069386b2871ab80222bdc620dc25b0019843b585bd923b6bf1
SHA512 2133d84a0e38d43a9cd428b3b937d9eef8177a65646be5dfe00a46c62c01c7579de4739ebca8df7c64ba58612481f351e018799b73bb159d46e250ceb7270ff6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3e4edeca6582a82dfaae718b065f5167
SHA1 c5a80b7a6da3f01dff3c5f02e53e583e0d69cd53
SHA256 4665a61c235886e476fa385f3db7d2673470261fe7a5a74735bbef08beb97dd1
SHA512 1450e25becdfa381d590013b7f4cb1b8999562119927a145c3e09cc90ba2c4770930cabb8b038f74d355d0423ad2ae9307f7d894bbe4d67d84f2a49dc969219e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ca3b68eb7b327e44b786f9be7580a48b
SHA1 c1545e9c8d0095dfaf4dd4eb1d8543916387a1bc
SHA256 416dedcd12ce351ad4a3246042818704e81dd16510a9a737e34f8dbb3291b526
SHA512 6378273f14e561fff27100e841a0f638bd3173be8a02cd9a80fcef7914884b64122ac8ed0100a63e9bcff881e7f2d4b65c2cec80af9e35e1a1efacf44139226d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bbb8ac891de6d3960ad7e7bda0388b15
SHA1 d8fcde3b7cfc44367dff20823d0068c99ef4534c
SHA256 7e77e7a8489be2364ba77fc04c62eecde59e775f3a783333bd7de26c53271ced
SHA512 e8de9902d2354712bd141729addbc231487bd5f82d88f328505e6454a1a668a74ec857e9ce6efd1809ff904b4b571c588052944f105a625c314a4ee913ebc1b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c0f07b4668d0237353c510dd721bd61
SHA1 9527df7e61f109cc6062e3805ceedc2fb6a01d7e
SHA256 0db5f5057534590663ed2df597c0eb7749335c1242ea220e891eb979935d34ee
SHA512 2de3e0ae1b4fbbbdb7892d114f27de065fa973115587cac5f7c7eb7271a280b4b68b4a9f5e898c6f73b3317afa91cfb486a3ff6ac8defc2b92a71506e911d82e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 371ba3a9cc2c20f2151e63c89e2e7642
SHA1 fb690f21cee9e6ca8e20fe4de24a95c5f2f257fc
SHA256 64ba8c07f7caaf40c7aea1667b3325ceda477ee6acb902ed900e912300645f05
SHA512 417baaf51ff300ddbb29360015a5e34fb540fc955afb922e8c2d2e776b391e81b956f414a03fb4e92f78ee4620501168491ed635d32bc73dd510aad5a1693016

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df339e8ecc7e48f1936b77abb822bbb0
SHA1 2cf857f2b3da1ef84371285b8e8a5ef42ee2cd0b
SHA256 a94f6545ac74e80f555d69cfa03ae2318e56a1dc34203a8af1099e1b54f96b12
SHA512 403d7cedf2626469c3deda232677d0d095e930df74cf32bfc8ac583dfb93d4023681c119fec03b06be129a63460e8843caefb1dd2b12769c7b11666593ab6a38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d804725e01da7065b4cbf99c576504cf
SHA1 28aafe599d95e055b8e44f94e07290b1dcabc3f6
SHA256 85cc1ad4ebde2ee51600009d75b0d3b511def8c900df78db9d50046cefa2bc3d
SHA512 e15db43d8d7d2fdfc304febfed03ca901ece690974c810f0c09d9f85853a174ec774d09a2a1efc2fa2e63b33ae549a9d6982962068fd8debdf52b65280fa7bac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e934cb7d9be8c723167cca4486a010f
SHA1 85a068c62f8cfced5358424854c15fd5cf303bf4
SHA256 ee9d93f091c3b1feebdc74759d8fee2ee8df72372cea286158e21dda456c607d
SHA512 b6a30934f24bf91c26958c234035df06d950c29bbc8be7b96480143f0eb04179538f68befbb70940067cf6485f66ae617c40340e24567df84fcfc91f4d012dbd