Malware Analysis Report

2025-01-18 21:39

Sample ID 240415-wm61nscf95
Target http://google.com
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Sets file execution options in registry

Downloads MZ/PE file

Modifies Installed Components in the registry

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Checks installed software on the system

Installs/modifies Browser Helper Object

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in System32 directory

Suspicious use of NtCreateThreadExHideFromDebugger

Checks system information in the registry

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Enumerates system info in registry

System policy modification

Modifies Internet Explorer settings

Modifies registry class

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Suspicious use of UnmapMainImage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-15 18:03

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-15 18:03

Reported

2024-04-15 18:34

Platform

win11-20240412-en

Max time kernel

1799s

Max time network

1806s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8DDAC8A5-C3DA-4AEE-B4F8-5978B5307390}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioToolbox\AssetPreview\hierarchy.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InspectMenu\selection_rounded.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\ScreenshotHud\RobloxLogo.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\water\normal_02.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ViewSelector\face_arrow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\identity_proxy\win11\identity_helper.Sparse.Dev.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\grid16.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\img_timetag.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\CollisionGroupsEditor\delete.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\brickSide.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\BHO\ie_to_edge_bho_64.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\sv.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\StudioSharedUI\RoundedLeftBorder.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\TerrainTools\mt_regions.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\WidevineCdm\manifest.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\ur.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\vi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Edge\Application\pwahelper.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\families\FredokaOne.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\RoactStudioWidgets\toggle_on_disable_dark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\LegacyRbxGui\popup_warnTriangle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Trust Protection Lists\Sigma\Fingerprinting C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\DeveloperInspector\Bin.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Emotes\Editor\Large\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Trust Protection Lists\Sigma\Entities C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\fr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Locales\th.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\NOTICE.TXT C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8DDAC8A5-C3DA-4AEE-B4F8-5978B5307390}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\models\RigBuilder\RigBuilderGUI.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\sky\indoor512_ft.tex C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\gu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InGameMenu\WhiteSquare.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VoiceChat\MicDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\player-tile-background-light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\command.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\SETUP.EX_ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\MicrosoftEdge_X64_123.0.2420.97.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Locales\af.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\InGameMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\VisualElements\LogoBeta.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AlignTool\button_max_24.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\sand\normal.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\models\Licenses\Licenses.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\msedgeupdateres_fr-CA.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8DDAC8A5-C3DA-4AEE-B4F8-5978B5307390}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\IndieFlower-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AnimationEditor\ic-checkbox-active.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\Controls\PlayStationController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\PlatformContent\pc\textures\wood\reflection.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\places\Mobile.rbxl C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\fonts\BuilderSans-Bold.otf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Locales\gl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Trust Protection Lists\manifest.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\AvatarImporter\icon_AvatarImporter.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\content\textures\ui\VR\recenterFrame.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_4.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\ExtraContent\textures\ui\LuaApp\graphic\Auth\Vignette.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\123.0.2420.97\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133576778849892450" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachineFallback" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\CLSID\ = "{5F6A18BB-6231-424B-8242-19E5BB94F8ED}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\shell\open\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --single-argument %1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\AppID = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.xml\OpenWithProgids C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService.1.0\ = "Update3COMClass" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ = "IApp" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3740 wrote to memory of 400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 792 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 1648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 1648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3740 wrote to memory of 4876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe N/A

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffede8eab58,0x7ffede8eab68,0x7ffede8eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2164 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2836 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2852 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3860 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4440 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3360 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4996 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3036 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1812 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3076 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4888 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4440 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2872 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3924 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4408 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3712 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5104 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4168 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5224 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3052 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3008 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 --field-trial-handle=1216,i,1127919201430976914,11442633697278969159,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTg5NjI5REQtNzdCMy00MjA1LUFBODMtOUI0MEM4MkYyMDFBfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszMUQzQUEzNi0xMEFDLTRGQjgtQkQ0NC02NjFENTdEQTY4RDV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg4NDk2MDI4MjMiIGluc3RhbGxfdGltZV9tcz0iMTU3MCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{189629DD-77B3-4205-AA83-9B40C82F201A}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTg5NjI5REQtNzdCMy00MjA1LUFBODMtOUI0MEM4MkYyMDFBfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszN0FFNzk2MC1CODU2LTQ1MzgtQTJCNi0xOUY3RjE3MTBEMzl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg4NTgyNjM0MjAiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8A9C25F-6212-4AA4-A886-7CB4A69CB6DE}\EDGEMITMP_FFB33.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff752f8baf8,0x7ff752f8bb04,0x7ff752f8bb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTg5NjI5REQtNzdCMy00MjA1LUFBODMtOUI0MEM4MkYyMDFBfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0QUM4N0U3Qi00RUVELTRGRUMtOUQ1NS03MTk4OUVCMTgxMjR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODkyMjYzMjA3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODg5MjQ5MzE1OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNjAyNzczMTk3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xYzFmYzhmZS1mMjUwLTRhM2EtOTFlYy05ZjkwZTMxYjgyNjU_UDE9MTcxMzgwOTQ5OSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1IZDZuT1E0UlNzV2MlMmZTTmdWZjVncjFUb05zcjBFdXIxc0x3VllVdDExVE9Ha2lYMmo1ZSUyYk9tQUJXRE9LUFNEN2Q3NTdrRHJkbktGSHF6d0NzaXhyT1ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIGRvd25sb2FkX3RpbWVfbXM9IjI2MjA3NyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNjAyOTEzMDc1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE2MjU1MzMyOTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMjU3MjAzMTExIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTgwOCIgZG93bmxvYWRfdGltZV9tcz0iMjcwOTcyIiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjYzMTYzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8DDAC8A5-C3DA-4AEE-B4F8-5978B5307390}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8DDAC8A5-C3DA-4AEE-B4F8-5978B5307390}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{71AF55CE-2A43-40FF-B624-3D23481D0D4E}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzFBRjU1Q0UtMkE0My00MEZGLUI2MjQtM0QyMzQ4MUQwRDRFfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InswQjYxQkJERC02OUE1LTQwMDgtOTAxNS1CQzYzMThBMDY1RTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMDI1NDkzMTQwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMjU3MjgyOTA4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjQzNDk1MzAyNCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzEzODA5ODEyJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVJUazh4WFNIVng3Q3QlMmJZYTR5RW5KaHZhVGU4Qm1ZYjhEUiUyZkRGU0tlNHJxYnU3enJyb1h6WjRZbVk1UXNBdE9IaVB1OWpwQVVnbUNYTHclMmJEZlhNd3VRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjEyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNDM0OTczMjAyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxMzgwOTgxMiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1SVGs4eFhTSFZ4N0N0JTJiWWE0eUVuSmh2YVRlOEJtWWI4RFIlMmZERlNLZTRycWJ1N3pycm9Yelo0WW1ZNVFzQXRPSGlQdTlqcEFVZ21DWEx3JTJiRGZYTXd1USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzA3OTIiIHRvdGFsPSIxNjMwNzkyIiBkb3dubG9hZF90aW1lX21zPSIxNzU4NCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjQzNTAxMzkyNiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjQ0MDQ3MzYwMyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc0MDk0MzI3NzkyNjEwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjMuMC4yNDIwLjk3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgdXBkYXRlX2NvdW50PSIxIj48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7QUFFMDZCMUEtRDFGNS00RUNCLUFDRkEtQjE5MjRGMkY5RTRFfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU4DA8.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{71AF55CE-2A43-40FF-B624-3D23481D0D4E}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzFBRjU1Q0UtMkE0My00MEZGLUI2MjQtM0QyMzQ4MUQwRDRFfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MTY2QkI1MUEtOTI2RS00Nzk1LTk4MzYtNEY1RDY2NDhBQjI2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTMyMDQ2OTMiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNDc0MDEzMDkyIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkM2RDhFMEEtRjNFMC00RjkzLUE3QkItMTc3MzJEOUY5QUNFfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MzY1REIwN0MtNzZENy00RjI1LTlDMjMtOTI5MkEwNkI4QUFFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7bURjV1ZiWUFIUDYvNHFEOGJWSHNxV0NzTGQza1hCYzd0L1cvemcrMmVQMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjMiIGluc3RhbGxkYXRldGltZT0iMTcxMjkzNDI5NCIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU3NDMxODc5OTQwODAyNiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NDg5OTgyMTIwIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\MicrosoftEdge_X64_123.0.2420.97.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\MicrosoftEdge_X64_123.0.2420.97.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff665d8baf8,0x7ff665d8bb04,0x7ff665d8bb10

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=3 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff665d8baf8,0x7ff665d8bb04,0x7ff665d8bb10

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.123 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.97\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.97 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff72d1cbaf8,0x7ff72d1cbb04,0x7ff72d1cbb10

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MkM2RDhFMEEtRjNFMC00RjkzLUE3QkItMTc3MzJEOUY5QUNFfSIgdXNlcmlkPSJ7Q0VGMEVDREEtMkRCNC00OTkzLUJFMUEtQTdBNDAzOTcxMERBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFNkI4Q0U4Ny05QzhELTRBNjctOERBRi05MTYxMjI2QUM5MDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg1LjI5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldiIgaW5zdGFsbGFnZT0iMCIgY29ob3J0PSJycmZAMC43MCI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMxNCIgcGluZ19mcmVzaG5lc3M9Ins0RjFEMkE2MS02MjdGLTREREUtOEQzMS1FMDZEMDdDMDREMTF9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iMTIzLjAuMjQyMC45NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc0MDk0MzI3NzkyNjEwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTU0NDk4MjU4NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTU0NTYwNjc4MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTU4NTc2MzY5MiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNTYwNDIwMjg0MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTYwNjQ5ODE2MDYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzMzQ0IiBkb3dubG9hZGVkPSIxNzIwNzYwODgiIHRvdGFsPSIxNzIwNzYwODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjQ2MDc4Ii8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMxNCIgcGluZ19mcmVzaG5lc3M9Ins2NDdCOTY4Ni01MjFBLTQ0N0QtQkNCNS05MkE0RjAxMzc4ODh9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyMy4wLjI0MjAuOTciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBjb2hvcnQ9InJyZkAwLjUzIiB1cGRhdGVfY291bnQ9IjEiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMTQiIHBpbmdfZnJlc2huZXNzPSJ7RTczQjI0NjUtQTFGNy00NDY5LUFBNEEtOTkyRkZGODJCQ0VFfSIvPjwvYXBwPjwvcmVxdWVzdD4

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.200.14:80 google.com tcp
GB 142.250.200.14:80 google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
N/A 224.0.0.251:5353 udp
US 128.116.63.4:443 roblox.com tcp
US 128.116.63.4:443 roblox.com tcp
PL 128.116.124.4:443 presence.roblox.com tcp
US 8.8.8.8:53 js.rbxcdn.com udp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
PT 13.225.10.93:443 js.rbxcdn.com tcp
PT 13.225.10.93:443 js.rbxcdn.com tcp
PT 13.225.10.93:443 js.rbxcdn.com tcp
PT 13.225.10.93:443 js.rbxcdn.com tcp
PT 13.225.10.93:443 js.rbxcdn.com tcp
PT 13.225.10.93:443 js.rbxcdn.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
PL 128.116.124.4:443 friends.roblox.com tcp
BE 23.14.90.81:443 apis.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
PL 128.116.124.3:443 realtime-signalr.roblox.com tcp
DE 18.155.153.95:443 images.rbxcdn.com tcp
DE 18.155.153.95:443 images.rbxcdn.com tcp
DE 18.155.153.95:443 images.rbxcdn.com tcp
DE 18.155.153.95:443 images.rbxcdn.com tcp
DE 18.155.153.95:443 images.rbxcdn.com tcp
DE 18.155.153.95:443 images.rbxcdn.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
NL 23.63.101.177:443 static.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 aws-us-east-2a-lms.rbx.com udp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 3.15.246.202:443 aws-us-east-2a-lms.rbx.com tcp
NL 23.63.101.171:443 c0.rbxcdn.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
GB 18.132.88.108:443 aws-eu-west-2b-lms.rbx.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
DE 52.85.92.96:443 c0aws.rbxcdn.com tcp
US 8.8.8.8:53 108.88.132.18.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
US 8.8.8.8:53 96.92.85.52.in-addr.arpa udp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 aws-us-west-1a-lms.rbx.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-1b-lms.rbx.com udp
JP 13.115.145.6:443 aws-ap-northeast-1a-lms.rbx.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 52.204.93.231:443 aws-us-east-1b-lms.rbx.com tcp
US 52.9.197.34:443 aws-us-west-1c-lms.rbx.com tcp
US 54.183.81.178:443 aws-us-west-1a-lms.rbx.com tcp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 231.93.204.52.in-addr.arpa udp
US 8.8.8.8:53 34.197.9.52.in-addr.arpa udp
US 8.8.8.8:53 178.81.183.54.in-addr.arpa udp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-2c-lms.rbx.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
DE 52.57.25.161:443 aws-eu-central-1b-lms.rbx.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 18.246.201.186:443 aws-us-west-2c-lms.rbx.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 8.8.8.8:53 186.201.246.18.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
NL 2.18.121.20:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
DE 52.85.92.34:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 34.92.85.52.in-addr.arpa udp
US 8.8.8.8:53 97.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
PL 128.116.124.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
PL 128.116.124.3:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51392 tcp
N/A 127.0.0.1:51396 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 23.208.251.114:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 114.251.208.23.in-addr.arpa udp
N/A 127.0.0.1:51399 tcp
NL 23.63.101.170:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 170.101.63.23.in-addr.arpa udp
N/A 127.0.0.1:51404 tcp
NL 23.63.101.170:443 setup.rbxcdn.com tcp
NL 23.63.101.170:443 setup.rbxcdn.com tcp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 4.26.95.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
NL 2.18.121.16:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 16.121.18.2.in-addr.arpa udp
PL 128.116.124.4:443 ncs.roblox.com tcp
NL 13.95.26.4:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 104.91.71.144:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 144.71.91.104.in-addr.arpa udp
PL 128.116.124.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:52329 tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 54.120.234.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 319e0c36436ee0bf24476acbcc83565c
SHA1 fb2658d5791fe5b37424119557ab8cee30acdc54
SHA256 f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1
SHA512 ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2cdf61a9fc6e9844b890fc0bdab94b03
SHA1 e662ef7d07e0b83cdbcf40f9c5132d8787ae40f6
SHA256 90efd59a72516372785e556ad7dc4f457cbfd09f9fecb78ce0afaf5497360ae8
SHA512 398d9b37374250295f3fb9569885ecbe3eef8c0b256db29cfa3f13fbb28443c674eecba5792c3f7e6abdf3de0924b7d5f69da7d80842214a68bf7471ee1199a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64d8f9a5fa04643a4544302bb697bf8c
SHA1 2e15b1b10ab56e584861594e1b045e598ff2e0d8
SHA256 5ca837015bf7d56ac248c2950073e5f9dcd7de618bd53ad775521ddf8e98a0b2
SHA512 270646af4a5732f08b50fea48cc713642f889544dcbce93241a84fa2c02d05f25208183caaae0c88c3e2e62ce813fc1554edb033ff692c976de465dc46fb1ed3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a4b2552493d3dc810098a5e12f9cec01
SHA1 1ee86708adf612879b900fd4670b9467d078b7ec
SHA256 3301461107f6fcc5275aabc0cc4b23e5fba1bc5eb2c67f7c880951de9b19ebb2
SHA512 5f4dce88bcfe971960a85b8f25b6c122595fd73abfa3980429226a98dd83f2d842a3045ade84cc07760114a902a7e4bbd2a10d52496ae42b92e5fb5826af78cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ac4b512e0fd7841a302a0a05a34b0bbe
SHA1 038ea7d5029a7d470b64c5902179470b582883e1
SHA256 9b1ca518726680c42413296446655a7ef7be94f4c2de06d5d63b16e2b7c91c10
SHA512 5fb3d1625ac318937152c2358f4fcc5f4a6d13f0b601275e17ef77e4289d065c3e65d9ed0b4e757a7ea0bd8f183d68dd37d8570adee5fcee08a6ecc75bb58727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c6a372a0bc4c64777bce7c0aa5fd343
SHA1 a904c04f614b749511e84f59c0d644828409516f
SHA256 19791eb8827db6bac862ddfb8c311b8fe4f2c0949bf05990ca5ca666d6a2e6f6
SHA512 4a845c21f2d1850cd09bf09b15a51e8ed8b85e83e90a8ded920ec16a15cbe8053cbb6cff6bd489a6457dff70d6c315b567213b8a91be1bfe359ec5157e93d6eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 75cc78de91bafa99ac4bd5787e4e0dd7
SHA1 54c0fa8f97367e6cadc00e58287094818abed11f
SHA256 ec7c9c8ddb43cdc0aefd26808bdc1b47510c16bf284143e32e1d2365b079db1b
SHA512 48a1fae4530ab5c49e3426f2ae45dc618e83293b681302fb9acfaa356f389f8bded51aee6002fe1b210da0158ee9ef535abb29db1289e77810fed1e5eea019e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7af8226d017f154fb4315ddaaf95846
SHA1 49294bb6819e2de39a99598cffa9c722d6eee7f9
SHA256 ac0b2afe31a89a05721bd7ca37f70f3bf3072bc5bfdedbd24b5e4caf6b42221d
SHA512 97752e68676c0ee4b055951301da9c1947532c3bbf3a9e53c6232e6fb8013a178903864738bb00b7dc91009b9ab3fa705317043bcbfdd78195c296eb282f4c25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a8c2c5e9d3992befc3ff144c05d11b22
SHA1 2f53b44d8413bc0b1c3b7660fb7428d01f5ddf32
SHA256 446d645df65e53c22fb21bac17e7b5cc7090d8de076e7158e7e2c475337ae15b
SHA512 9010ac041ae3e2ba23d24728a1e85ddbab40fa6ff6786be382fe69401783d677ff620c453ea1eb0bc4875d1b0c3ff783e331dbeb6a64a1d3d9024c71881686f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3557e7ae7f090970a4981917bb7ac007
SHA1 ad09f79b658889ea83a64c57ddaf7124560e2322
SHA256 01b2c5f0acb8ce434385fb9e5c2a387ab4d860831727593b9d8048e523369de0
SHA512 921459126b7d00393e2adc90ff82729c9c607946f001a0f1dfd8d1d6c4cc911c4d026dfbccb426cded6d20eaa0dd275e56abf735ff5e3da3437d5d95d73435ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eecd914487e5285297244a99793b3f78
SHA1 e2beb8bcd9dca603500086c0008a0f13d0178e4b
SHA256 e7e1f6e7ff15441fb7153cdc506756ba402eb8f812a2ab8b6928dd859ade53e8
SHA512 3562a24899be547d63f0364015372db7ff3659e71806b83de4d369a0c0ca1b58a3f3e95759eb6f53fd5a3111e1f2c4a6caad0764e8359382411e0fafaf01c1cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 8a9bd8635b92b634f8ab27476f83e13b
SHA1 4c2fb4bfb71ce2ce4099560fb0069ca48ca0d3fe
SHA256 1978b3e7d2c6a6ac615a1ad4f11d8ec0443b56bc56be7649c1c25514f7e972e9
SHA512 cf00eeaf9464b1b4bb0ebe0aea1ca25ebb6f18068bd908936015eb74d9239212c30c299c4a3d985b6c11ff995e081b8bc6e5a65507df4bc496f1294a73c576f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58d1c2.TMP

MD5 5cffb3946d7942ce6c1c6257d4317734
SHA1 82f9c60ebfd326490310292db647afb898abd019
SHA256 8896d187fff209eb50e0d9e946d89773baff1c3da9718b2157caa6e0ec9725aa
SHA512 b97cfd67bc1d038800a4445728e20db7cb54eb49102ca96e2bf2870bf10ff6106cd930b2c812e1b36f13fc3555136ade6b0b882dcd57bca49ea51dd01e6ed26a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2fd32315d536560fb0b3fb6bb4c254cb
SHA1 8a2903f9868ef271106b81715f2a4732c0d5b387
SHA256 33f3a1f45851254871d94cda592f5141637720d8fde777ff824821e4cfac46e0
SHA512 1c226658341315b5a10648bfb08e926c738e301c0c8219f96a5e99244f707bbc16641d0c9281e043e4bfa3a5afa9e528d3e7d48c8d2f0aff70219b20a674082c

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6f6998cf4cd2854bef2e3af26abff4ae
SHA1 c5f9736cfac325d980242b3fd90a55ac771d0ac2
SHA256 ef379cbf79cb519510debef9616811eb2d90e5c6523c7760b5472b7c578ff8ab
SHA512 00f7bc12f21cffe93074f50b2a017536b121a42db5e88e3a2064b1f5e5444424fdde85b070eb458dbbc51d7f283cebf097a5dcc5a7945e78cd4772384b52fe34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8257f6e96d3c120cb4bf7e98478fdb6
SHA1 cb042e05ccb3e98fdfa3b08bd6ec434628d67c8d
SHA256 25f570d6d8c3d6dc50b2b8566bf51d2d11e8edac69a5afc333bfc346f4581ab3
SHA512 29431b092e93d0c341007a3858331c3d2b0ca44750772a9ad6708d0d3e312d358035641ffdd80939bbb7c724b6027b2f2f49d7d17f0c06181ab0757869d32034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 72dda08400102f122ddca16e53318bff
SHA1 e45e08e14c8ee5adb6caea44826d8482acfd080d
SHA256 4c23c816923229c745911d58661473953d93b2cbaff65c4087aa62dc7e74cf94
SHA512 17c89795c1c9dfbcebe5117f62e6e7ade0c851e21343864b284305658e3ad181335919d2118233fe52ea5c713672497c11e671ff166edec72d33ac3a38b6eb6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 0664be910a077d16e0af18e93a389a33
SHA1 c52f20957cf536db5280d4287b72de715211d922
SHA256 e61255f8d21c2afff8e4649ec4658ada1a44d80be216b9f5c8fef761861c078c
SHA512 e0aa2a889023939ed24e773499da50f4d75d4fb3e0b69bda5659b15425b4978adeb7d8ff3e7e962019f1122c27faffd8499975bf6242fa7920849b09bf8145e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 339a0bff3df2c92725956f30243b326e
SHA1 f624b65cbfa96fbbfa8a4a4b8051034a224a9c77
SHA256 1770946755509cb8bce10e5501f4cca4e4d7e29cc06a95d295b4d7bbef490832
SHA512 1d5cca8bb4ba510efc208706fed09595f81e028966e682590087fed5172e023b6877261b2f1259c053b1b423cc2c590ccf70caabf3b51f2fbba4859a0a4ca7fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2cd1b6be2f2f69354f56da8e63006353
SHA1 fea9294a1e6b9cee09ca54a87fbf3c9e8e0931c0
SHA256 e78cb1dae67a8683689a7b9b780bacf1d61313269f925ff96769dc6fd661b433
SHA512 812ad33473f0aa364162f996e4ac4170c98ca877eb5dfcfb6ee04062c26c891f35380fe7943ea38e99ede7d1ffdd29e961e6bc93639d7ac040f2125a8df83151

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a69ad0d93eebfc55241c6c047152cabc
SHA1 51edf250da1cf32d7c77a8ac8861f894656fe555
SHA256 97ec604194dd63698b0c489cac7cc2591085fa88ed10af324058449ccbc3da40
SHA512 23677a0360891ebb021f22761ea19210c312e25378b48b118103d7e561ba6f113dd0bdf88aafad02a4074a35c7eeac304b37126c684f3701057de60c5a13490a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 bcf8d829decf2eab5f860352b111ee64
SHA1 6421a01a8d619aad0377b029993d79e2987e56fa
SHA256 af16815cc64d3f9ce7a0d3412021b33856e8f59f9ac05bb2ca9268a1d399e5e1
SHA512 c91c2ab23db1c7af9f9106c38eed22e7070547c52df41cd749abc055ba858c9eed295a8a866035776d6f99a48091c3ff692f097210b152157fd332ca180b263a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5979ab.TMP

MD5 525f6623e28f2930434a191cfdb322e6
SHA1 a253c4f65204f18d7acb5d165c7ed8b043ac010a
SHA256 73044a1923f5f0a352f29d269d90f43131ed64960f1132099514995f0387eeec
SHA512 bc8519e1f8cc5aa0a7d7b8b81c82a6cbac96c564a613124335f4188e526063a816d2663f9d3a1dd15ea52a8943fe5c4389d96570e78f16b59dac428ed6abef48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 18dd28baec6768bf6f97658358fa99a1
SHA1 79bfee531bab46fd190eeb6e623d5480f8bb9629
SHA256 82e68c2419fc3bb0c4d15b9e4ba0be7043c5c5eb6710d4228ad089e145f9c9c1
SHA512 c1eec9a77946f33b0e242fa4bbc989873f469a9cc4970b2c8a80879a7c6226469db9c892dde70d4878b00acb5ab38034a21380a95971f73adb80f9a3ca44a2e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b5c955f53f5f739e1d205e4f01ea885e
SHA1 28296161076b2d16dd5d830d01ab7815c3fc6718
SHA256 0cc8e1cf3a56e61361e4ccb86af6a3b0cc118d95e8e6c323471f915349d7ec01
SHA512 0f9710285be5e9b03313bd33ec5ec0383c0a03e3c24995c8725aca965f41ead09688807f559b9937f93c10cd1998b859496f2bcec00f0fd3a598f52d0e736236

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 826a39d94a35137586b5f098f6eedd28
SHA1 0845833e1ae85b2546f311ee1ca86f1da843c9d8
SHA256 a8892019970691b24f5233622ac2ba027c32ed194edf9a315f7220213f0f6e44
SHA512 d42234cd1c8528e711c114953841b18948367646e6fe5d620ff4fd48078d8a955fcb8bcf6537274d3928957ab15bafc0a1cc16873356c4c91d95de301595b129

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 5eb416ca21a51ce68a70c2a751c209f9
SHA1 92a8c9ad703959eb6e87dc201c610542e076602c
SHA256 ea6f0a27c394d86ff0d8f9741c22cd941e03dc5990d076a7c62e8c9c99394c56
SHA512 cea58f88c1c095c7a5f71dc29e6effd89333906b049c1532d504473a7a94d7aed2ef9d3db28f169056506aaaa3093df230629e9437900dc28259593887303017

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 3982046721f88c277e63e03b2ffbf720
SHA1 29dc073cf494000bc1f9ba586a6f55f731829b2e
SHA256 47f8dbcd2a6fa2e6e59ea247957f097eb886b8c7db6bc62636cb48dca6416486
SHA512 c3191f9a707821664c81a5f5ab3cc58650e537e1c37b64f0a851df5b3dcd16a6c3e1bde6a22a6c8241d4bed888689c274c96a3f4f585f8ef62cd6ee0ed90a490

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000090

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4dab30a13e9cc0fd0ab3ae4239655ada
SHA1 ec90bdc57f46854b8f9bb950505b01a4408b21c0
SHA256 cfb433f9b1e0b237f7b0bc074b4d5e864c1e49f47356e80e3e918e096c0ad29c
SHA512 9a4e36798785163eb0be1ac9c9ce2537608aac996a10a1c5b88deda21ce4736de4daf13787bd673bec2deb56e015237fd92a166ed0fef6ac2c216a338e5dd663

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9f3f9d5f2e060cb0d8b38e06c83bbc54
SHA1 0d5593da2905f85f05487c31cfe8ee61b7d40648
SHA256 08947000b997b54fdf9c6227c768d5036dd45785ce41175e9d219e03d3c14cea
SHA512 80d21b178cc98d2ae67ac2efaa51700e7e51d3da469e5330a95479e8a65b35a3b5e9695ec2e529ee651bc2aa93c019e39404923ef35f10b095a3a15cd67d0b53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 5cf434505fa0cd8224c40166139514d7
SHA1 2ed1052b941a0ad8fa6aada611dd0a8377a49004
SHA256 ead01541306d4a76f427a0bb04f3fe64b54aba79c644ed9ec34888e9b0dd0b3f
SHA512 598c58bbf6fd4f9211d032591ef6887d7ba0dcfa4cbdc160d9abf0255f579bbb9eb4655e09a3a4eb67fc61cee26124ca2649dc9da936c89dd99a0079e508e114

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc85cb7513053772a021b460a57192e4
SHA1 3ae67171012b9129ad44e85e3dfd064b8d4d7acf
SHA256 304e12af343b621b5a7a1ed4ab293212d800a62dfeecc1e004dd1ca13b52bffb
SHA512 5c1ff5ba370fd304a4f477599f36e3724e37ac78098ad3354a459effe9be264b5b29e137d860d13f0ab6caab5c9f3505c84ad108e7640deadb347c40a1deb1c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 e82b9b583fe62ad9743f5fa28958772b
SHA1 3ecc5b3d6364475b1ec6fd5e9ad31bed8dbe0f6a
SHA256 655b52cbfb11315bd64012de6a64ab901e7b53441a413f82d0c63d926ef66154
SHA512 5f7a17813f318582b8ae3db3a68ca170c1b92480d28754db14ff3ac50ef08c14a73284aca94fbe23eee10c8a49f52496608d21c6d7b0c04aaf59e5855075620b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 631e905680da3b14d85b7da6193c7dff
SHA1 442ea70e4c5c755b3371695b07d235c98ab14245
SHA256 75fb33eafe26e265a119d5686e593356770b963ce2b1cfbfe8480d1d0303ac82
SHA512 65755b2619e03d6635a6bf9ca24929a08c3f4bc4b16a5f9f77a8eff5399dc3ea4c3576967fa1263008183ce10b2cce92ccb8dde40bae453faf719a22ee887341

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 0c0c936f921ffa0e068f8815a3829ed1
SHA1 57c06adae09ffbf21b1db3a46ec9937cf218fd01
SHA256 e3b78eb695e5ad310a06c05a0f6be53891675ca83e52c8bc6f83ec8bbca2c95c
SHA512 6dcbc8c1fff094112d0876df547ecc319f17abbd4f15cfd52739fc93e526dd7259cb7319e6eaf75bb7c35d4baf5ed3d14f4ba10641bd6f1bceca3bd9de18755e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 2f624421c0e023d81be6bc2ee4528a4a
SHA1 c7390b4a5e59edada5d3bc76f8eedd3f435e3fa7
SHA256 e6fddf00cd87071b6cb2d08a0378bfa60dc4e8af6303a1445840cfe2be63d08a
SHA512 021e4dd5081d77255cf7dfb686b4f83016e072fd59f20a2ee3d4a609479d99f0f7ab78e8e10af257e11626f5bddd1491398f099044d9ec7f3fd9db4cf19c26b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

MD5 38c7d56fffeab7ef771029a0efcc2e7d
SHA1 7c5bafdf360108c9d4e3c7696c55f668d6ea6f4e
SHA256 49ef09d974465e89eb136c40e85a60c206b9b65f58e27219d18489a6077b0b52
SHA512 d11882c632462a8fce9aa3760954437be22f85e58f5f23f927a84e32d394886b32f85bd9e4e66663e7fb99a57793b3138df9fa14ef966ad3753b04f03ff91220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 938ff26c4d510feaf63dbcdbc37de13c
SHA1 d47e559f02c04cbc4efd0b1a77855a538911fdab
SHA256 458f4a11a80c2933fd621ce94fd8f54320070f68c38f8d51f17c222c86cce850
SHA512 94116e262188061d3048efb97f6ed4866b1ac5ddfb1f55078d8776a9f6dc135934942a23a55749acca945a3fabf87726cdfe8998a0886e8d214bcd8a58bf75b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 96472c0958a76f9ac86597d8ea0a45c0
SHA1 1fd97aac048d779fd26aa2d27ef78c9448a9608c
SHA256 b79f4343202bc8d9afced9dac002a5ffcb8c0ad21668fb50f734876d4639591e
SHA512 7183bae33b4a62215d6e2b0ce185aa26a06a14928b6cf6e9244c2b2551d03a85570e95fcdfa78763dc769a2de76e0a8ae6efe014a59ee6698180ffd1c4ae23ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e62d690dd57a26378905ac01650b68bb
SHA1 e3051f55ac45a5f4d7c9f911762f74941c506ff3
SHA256 80af329374757f3f8c0f2d39eee24fea29f6b08e003e18110b2be5e207d4e06b
SHA512 82fcfa478cdc71415f38ec06e3a4f4ad88190a1bb278b4e75b2980ae7ce905e1e149cc9ac051e5dabbe06b6a7fd1e2f7231ed2926b07c285f2a94d321816e1da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 174a57971adb6c214fe8b29421bfb407
SHA1 32221a3bce25787fbb906a43f51d00408afc8039
SHA256 e7a7f6d572da0402e50f8d5abe09e87c1ff62332bd7661b60f41ac909f1c2d62
SHA512 257a6d0b5c464291cfcd6eb81a5754f3a8ac70bf2e965c071367c5f1bc6a995bb837c5956491b85af7a79bf4bf97cd7daf53406e43c545c1f658d7d4cabede72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a05604cbd44fcdd8274613ab744ce2fd
SHA1 b4d4dbf9612193c2e251af63e25e2079f57e323e
SHA256 ec274e92d85483600787e8d773ea86f0fada43b6b6f36de6a2148f6784108e0b
SHA512 fda3ad7ac363a7b486b90c33738fd57e6d7324061cb101619a691b06cde65853955fdc8f00794079caf8d8b0b82e4546c98d690cce5162ffef8e315d78264bff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 89563c4e207a23cb96dc35a54f1b8c0c
SHA1 d831ac89c4ef961eb3d23d84d66d407b5a96461f
SHA256 b8cd57664484ffa6eafed7e93cd9c125f99ef23982fd4c4d2f06194c95b88afb
SHA512 d1e55af945bd4d1ae26c95a749c61f7d95f9c5cdfd1c3ccbed6a6cc06d81e3d8b5e45e0311e4105b2485af456fbfd2b9dfd28d610b82e08b1e9e7e4f320aec04

C:\Users\Admin\Downloads\Unconfirmed 447454.crdownload

MD5 9fb66ffa1e1f4dedfd16eb3a8170bafd
SHA1 69b5d57ddda6b97adde820b9ceaddae9c33d53bd
SHA256 7953b28b736795aaa54e6cd5cb591e794e2f770c1045ca2e33af5ff19f480eaa
SHA512 4b141802e7a4cb6bd4a7498d30086a9d83c62d37f2137f4910ca7d3fb7009079d4dc59b95050849cfc720210b0cb44bf588d15c08e3ba830aae19c0a27e8e6d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 11ed5758e175a6232e95ec4334ac93b0
SHA1 ea57230b9d0adca3f1d2c1193adbf80c7d051bdc
SHA256 91aab1d3ca9a0c66bee1647f5d680abc2c4b84f473e5151a18d60b60338a450e
SHA512 3c6b58c2209fd78a9a6fddfc0fc639f9065213f5e576cbbe952b3c7a6290cecb0e46160e658752ab0b5d0fedf5b1d2a59b80e310ba21d11b11ccce22b4b94f25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 820494d13b564045970bf120ef2275b3
SHA1 00dbcb426b1149f65cb34f9f5c2f2cf87ccaebe0
SHA256 e9fdb7c8fb8380e959b47f8e0b33c79bf3e74b732439f3213f7f910d49f99935
SHA512 53fc4c9e18fba1ad03320c28c097745a0cc6a31bb4ddf8436b3ad6f9d0e7ec8d8e706f68585f2059f6d4425e7037ffb40957e7a368801a546215912f00be650b

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a54e31cbeb19225e15d610ebad5c48d
SHA1 b4a345b83c14c2c4045e7deeac5960daec744962
SHA256 02537ac8c2a341c038c3018d97a64b7a663b468d9c54a28d3ea841be48e0cf20
SHA512 e9ad20ac49101396a5f20bfa59e7617e6dd3a06a9d9706df7f51a71b8c56ada25893579b136a11cfa661e27e16426167def3c9800262a3d82f22b01719c238cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 686bc1a460e2acd5a7d43e386f6cd89e
SHA1 d13d20d6fa8a6c31e86d7321be3e1833d1c3ce4b
SHA256 eb5671675afeecbba6d95a4f8a835ce7b6ed3da6e4af24fdf69949b92cff5b32
SHA512 2c9f2dacf09a8b5ea3ce67833a6d23bebc06894fa45563dabc1e4da9dd9262e2e8d0275538f583c56a66d41d246db3c854e4995bea69ebcf38758654c783b9df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 402bd1d1cb002c0c79f7bf0082fe6fef
SHA1 a2278eb3d280cb35eb379c4543198a195abc3d23
SHA256 01a48d29fca5966e6b26efcc54657794931b0546567d79559de44ceaccd4f32e
SHA512 f6a510ccc85957af659beecebdaba38eed12d290d885052cdbb7e3dc8cd507947d0e80d6ad968c9ad43f062cb6381d0371b428facf66e9fc01aeaaa0a7ea9b6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9becec3aa7f3f9271f9ac8a067276f10
SHA1 30ef600797115d984bca3761ace985efc100319f
SHA256 e1a49f2522ffbaa2a26cd0638ec9cdd336d79fe5747e4676027dd5d710cfa22b
SHA512 63657e55327008598830dd1c5c38fa6b771c09260ac72f70a9e0b09d97afec55fea58257363898dd202e629fae39e0e753fed918d93059ff479b7df9f402d1b9

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 4f9d28edc0c431adbfcc19d8fa47702f
SHA1 37a6e145fec66acce633199ea7261bf5dd3d855b
SHA256 17e5cfe0cd5e01c1cf679b2fb7da7f3eae6cac2481c41f355c23df375ee0b48d
SHA512 bb7a5f33e2ef384347f8ffa09381aee5609a5b4997a205c972e7d431effa8c89f47e065b41f3acd86c2a395e0fdcd2fa656b57c84c3b94bb2fbde52ed2284dc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce8502e00360410fdf4d79ddd4154b79
SHA1 5d8c87490565b212e9f8995c9f63c0a8a50e2f6d
SHA256 7f74af119247ae389737072cae5e20d360bb52929b6cd8cded4236a7d0ec65ae
SHA512 5aaec526a84df1b7c72d41b202b34afabae0472c3eb3867bd248ba1bde868868701c78fa5d90ad10653e2ba17cbe61eb0c9b0f79fa863613e23f3ddc4c3864e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f1dd93c7a841fbdab9e343214e9e1447
SHA1 d7c5d0c116f24a289664a85dcd9ec5e9cc8bc5ff
SHA256 aa26cf0d72c84cac02fdd421142a51cac6f3fb56e0d9031a29d6e85388088aea
SHA512 aeb01c5ee234c38168a8a34cab7cf89d46f0f5a66aedd6c5e84a07ab836b2b7e3e555ae9289f7a57907839b80472dc99cac328b141d03f238dbab4e6404b856b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 59577fdfc052c97298d32cc478b38ae8
SHA1 21890775fe857d4becfd0611404cbc480ebd9eb0
SHA256 d6da5486aadb89cd37acf59c1019ddb1f5e66e3ac7298bcaa052f32f655acb3d
SHA512 c473d394b963f2cd7da151d800af6a65af8e84b05d4bf0c997ddd9c395836445e92a7a7fd4553a8f3a89548e16ef5f9ec077d07ff23c927d88c24b61bf56fd2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7a8516622f0880f0e3cb75568951bf04
SHA1 6ceb86d1035d45456b87eaa4bb79a72de3ee8e85
SHA256 1f2d1bc6e67ac944bf81ca5698699811df9a923a140a03e925d0555d5554faa1
SHA512 de371846ea3f7540575b7ab3bca4b6575e7aed2fef63e598fb22050bc3c9c6e312c2f49a785d2feb06cb50559da3cf48e35ba2fef11976c88a535873e60fd8d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 caa76589495dcac961686877504c4ad5
SHA1 27190ac7eb76da8dd46921b834fc551e3ff9f540
SHA256 a48ba951e94dca97f4004d65b1ef4b1644098be9ec07c8fecd61c0d100ce13b1
SHA512 b731c7115a8d926cb22ab90595d15ee744b6661a37221d2a7a22dc0accce4f1cab81cd1f6cdfcd564c65da96e7bf65358f07ebeffde477ff277630c881dcd334

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc7c931a270043ea9e66df7bb3df3d85
SHA1 0ae92ea59e10e47e464d059942686729ee91e24d
SHA256 f10c1234e8213d02639d9983c1213973623d1812440a802ed0e2c199ff204aed
SHA512 6a78c887d8c8e7d4e63c58273dfc20e45a29f863f3a9987b4203e7846cf0bcdb96f41e64da04aa018f2beabdf00c6cedbf01cb63896d68b4f4cd3bbdfa7cb897

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 802f2779bff14fd1959b02f52cab0d70
SHA1 55624d2067cf7bd0e7f1657cd6d7d80b4a195e3a
SHA256 fb8178e586c5330c60b4a509c86284d021b4c1972130c8e804b4383f108121b9
SHA512 82532a79bfb53f99b90c6339fe690e68aa55847ad605d5c59186729951198f2de22af95278ee6d4a61910f9dbde1f63ef6580e79fa043e06db3208cee236d78b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1f82633eb1133829dbc64b1a44b3d428
SHA1 110b0f08b6616726c5acd1548c6f242a3a402dbb
SHA256 e4c559f540f5e1f3991cc78ffdad331c5ed1717bb5b22ee7d5739c42a176bcba
SHA512 8cea74d04c67860081fa2f814389cc00db1a422c85985ab582a7e5deca1d5ae32d5cc1156084e5f7396e55a17df1d0c2f2a7b37da1676ad1315e031e4d8be7c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 353aad07e1ea5e1eebbd6b5c149f326b
SHA1 b2567227e22e59237ad85b9664b571ade2ecc16a
SHA256 15a2c41b208be121dd160447c192e96ab45dcdb3779495755e3bc6ba319d390b
SHA512 a2ec5ba6f71a491d2b01903674ff005abc6c52d6f56969fad3104e8c5d8fbac05430647ebd3c982ff722ee9de369f20fdad098621648a7d8dda094d12d8c675a

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\f3b8e82c20c4bb3f94a2d7bcd2a82cd1

MD5 f3b8e82c20c4bb3f94a2d7bcd2a82cd1
SHA1 89618596be7cb90317eaaf2d09b05d522d008260
SHA256 7de6a5a45227b0f21ac7dd50af250e37f20b8bf2d6f4aa53a7f643d77515bd07
SHA512 82f15e37366efd29879add4f50cedbdc27d4eb885e190dd54c8e89787b51d59ccc21473f431292da679c7e8aa7cf2d0ce7219e1503d59a0f356e078f9feece55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad64ab4facacfe4c18f448f00e069d8b
SHA1 069332a91beb80a112a73c525227475f21d5b6ab
SHA256 721bf3f354652fb0152da5c1a9823919b4144081ed87f152c05fdc4e7775c720
SHA512 fa51a3feaf4db67f1e61bdd923960a1cede05ced2c1eb46a8ced665eb428a9fef66b882d00f63fa26aeec4353f5b22bebc779eb29a2c756aad512f88b60068c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0be14a49041a8c2e71d7f4b76cb133ac
SHA1 cdd12dfc0e5c01f4297a8dde22b814fb5a7f4645
SHA256 fa4a140d7af38fce942cfe49955673868ccea7584e289aa7df1fe110bd97a2b4
SHA512 b1c1352a7c1e1cf7b8a748fd01682a5421be29259662fe85985d2f0fcb46fc9bd94262821505a2d07f56925ebc99b6b2cb7edcdd8a42e6bde05cec9474e4a063

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3276385725c8da6c1c4437b21b679d7a
SHA1 b9fa2414bbfbaa3576c9be3eafa1ad4c393119b5
SHA256 cca012ec5365c4508cb000ffcbfc4d4d40af6f026eb07e614d6d81ea3d9530ad
SHA512 93eccca8dbc7966f1d9323ef27e496f86ef3803265825059325d995537fa00cc73159028af6dd8aa9854afae0dff6b74e004807a70d56f5b55154f3e1d9e4413

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0572faf6fecc2713097945ceb708b2e6
SHA1 fe314baaf585bd743e5d7a629ab7e6d64e1f17f5
SHA256 37d6b805e36dc495fd6bdf5920287be8c1e41a886e6673aff994d17a605ed521
SHA512 0362f4da99034e4e7ecffe20196afd66b0ed848af8b596b4729836e4e93ebef053b0d7ac901b31ed4c1b0bdf2ac7ff451bdc312bae246584ca307c33eb01fb62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a271938dad037ea5548dbc56a2e8866f
SHA1 eb4644b11e872529cac396b090f908f26d823343
SHA256 9c56905c1b85deca322c48852413067ca0008639336c9f56e9a10bc3ea7065b4
SHA512 47c573f65ea5e16eb8d2c43a6c6b2a43bc28486beaa22a9989925dd8b66388a92c87c80df61c8bc08ec6211c3ee4d181815c7a6722f3fd767600e4e4f9605ea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52f46b3b0ab17acc422ab7df37f98c02
SHA1 8fee632de6a92b92de7df2a9cf52b283969a025e
SHA256 3025cec47831df855b80499cc7a0d8e8e234d28d224b94cf60772a04fd8bcca2
SHA512 2024d1aa60a971c43b6e5acad07ca1a492aa9c4cc4c51fb2eef75d5449fa1532ec80d6a436a95af09b7336c4d8eec7f0a4622308b1d7ada66fc8ddbe0623666e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21acd434f3fd0ab2c1789af7558c9c64
SHA1 5bf823c92584e573844954749ef71d1cd46594af
SHA256 c442263dfba9408321a4168af4d48e9322d32e8025c3162eeb47dbf825907df3
SHA512 2bdfd0e13c9cbcc0d14f116f01a7091a92ad9b3791203d3ef79c7440c29ab8520fdadbc34e340fa090bc6f2738b53fcae2cf04b9c6a282e3cde995ec138311a0

C:\Program Files (x86)\Roblox\Versions\version-8950870ea20941f9\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUC789.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 33131f0050e56d7ee0696de0a11df69f
SHA1 92e317ea7e57235b1b292d16fcf76a035408dd8e
SHA256 15d0dcb03c81f60f6622549a9ce2ddc651d4fa0b0ad03c65eb2b14229159c3b9
SHA512 d947943f46c6e77b1a5a21bff9be295278e0c0859cc1fe5b95e9092724715c20ed11fd8fd0e545d2e0e67099823ff6f10e2922197dd03d393665194f84cbd169

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7223c52c0ae78869ab2ae27755d9d665
SHA1 9e621de34f9c901f66f51019f35dec4a0de04f39
SHA256 6ceff4efc9279eda1b12ac3a85e8d83148a9952395cbb4198d21da3a2638ed10
SHA512 32060acf1801cbda485d5436217bb690c9a08a15ebfb3672767d190f81835757ce297b20c4f9359fef62c533799edc68b4936beea61c32f759afb9d86aa8bcb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 883fceccb62e13ff4443d94b0d27797e
SHA1 16c1c87a7849018507d8a8a94b09214ba0312b48
SHA256 0c81376f31bc3f88224863990ba573560167bd963aa6cee687c8884fbce71360
SHA512 2f959385f638f857f5a1925b5aa19a2a381ec48a2b344c6d41c87fc32683c58163014ef792292d45c4f4d7d9ba986920ef123997ad9d0672cb184c633b2e453b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 331f4a53d145db4053bc7d8e34ba5537
SHA1 29e2436b57bdf4a458184e576f067e5251b49d13
SHA256 df19d11918b82a99ea2c49c16b9e2e9aa1887681335c3c9c52a6a493ccbddf46
SHA512 2604147f9c9c7959b7f2451c8d7da5a5664fe66e7b5e11cae1681547bbdc5b70cd10ab047f5856717b82953428abc51792a885fb12ad394068a474d6eb55df1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b277e4463752acadfac612b2512ca446
SHA1 202f83132aa1292bc16850f1d2c216070d2f6d78
SHA256 8f42f22f1ab0f0055774b1eaa08ab68431d082a9b15d53e649a4917d948bb911
SHA512 e7b22aa6a7684c2d1685cfa4cb3716ec56d763fd2ba95dab18ccbaef552102864abed3fd396072ffb27478c8b214f8ab4fcd4b510ce83f4bdc464f5f26f7e4ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8794a5e0a5fd76b3c9b7cb12716bce66
SHA1 33f66f1158df39ee56b3401eb8631293584bb830
SHA256 ec43c9d93e0d11ca8935aca94fac4bb5aa2785088d16721b2edb701c21e77f6f
SHA512 2d2e6887743e72309e62354c5848e9ca38e476ccef8577b8156d8d476b1de43999b748296f16fd16af6c83832844956306e68d95c4932af80b1ab27350f84bae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1007d4fcdb2f22fd83695d030ea44d76
SHA1 7a53f875dce0f0d51e9664c909a1a6278c054e26
SHA256 6436ca960a848dda0e908f69496c6371d613a315c547141e2ad29adf70ac2ae5
SHA512 ec29dc3535e34333d395f6699ffaff9fd81741965e6766a83e6c0667e59fdd6adef2cd23001bd77a3d2d1153d6559a6e5b7ab9a9c23523e5a2d112495fa3ee75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 09613112e15bad22e0f20ea78a579c98
SHA1 d1c813335f9c5d65a1aa88ad624ba774d8f3adf3
SHA256 195bf7c95563f52ab66317d30e8b8828bec6ce0140131a51d12e73fa2452f677
SHA512 fef7af6d442e30aeb7dbb43043a96d7149c0df926090cc5f591db817f7f20c919e8dc21d34cc4d7e770b4767362fb87d008a72acd3447d399a84ed81c7d725f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\cd501879-d04b-4f1d-8c7b-eb9ef36836ab.tmp

MD5 06c5a8ced97adb68f802b2faac85890f
SHA1 f37a2356b2b67f30044adb011649f6b35974684d
SHA256 4a8be4cea3ee5d82fd1272fcd34c3aad53eebc9db53a1a03c83e93880be5db74
SHA512 03eeeaf690056c9b97af811a46ce4b9916df133220b0f3ced0b02b6700be08aa8325ca35e3c326b89fe7c9482e76cdcf5af498feb8ea3ac1b6b5e72dbd3ca6cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56bbaae3b8c8db3032a8f5dba8b85a12
SHA1 222cf7a4338fcab363d99073a11aab591ae0bda1
SHA256 c7c205b0a34189320fdaab2778fa95cf2e06bbdea55c3d7a1cfdddb31c39ec1e
SHA512 ee399ca022cdbb8f162d0048134c1d2bb755abc9c2e12850c69e5b64effc590768e52f4b35f18a0d950944c6d215de64dec6b2e97d7fcf05bf8d246956efbaa4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 43db2b29ace0829e1073b77d852c63b3
SHA1 b64503aa0947bd73262f3f8191674ac0ec7ee35f
SHA256 2ba24efcac4773add17baed1b5bd9c740625d2bcee05486dfdf6bd209e7ceeb8
SHA512 da684448bddb05b83c9706a6f078c162715f283d8232b35e853ce25a8f528eeb7d801bbb59026a75056a759d48028ee92d22b6656321ef29bdadedf60b42da5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b4062036c00e12051c7d3ee4f2de935e
SHA1 bfda70816861ac84d1f48c8eacfee0f2b9ccf698
SHA256 628a6d1f2c57a91e774cf1ac640861e1c6c1316e587b55e2b7c2e61d9e1eff02
SHA512 b7f43a26a9b4d56582fafb8e2f27eb31b42ef1f0e1eebd51b5b72ccecfa800b9a469e0de677f1571d5ce561835103f19cf6c3d5af05d9d32b96088142ef103dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df14e679e39dacf04d3cf068260a19c3
SHA1 74b6d98d391361f42ec8926b5ff8f04f6b6eb214
SHA256 783c7184c06f7aee8c5a9c0ab25da264c34acae8ee80bcc1d196c89da201ab9f
SHA512 387b128f65f639990c3f63fb9873c88e363b1da719a3829a97ef90c51f7a1466f8a9f16970f6115ef5102e0a760a622ba2c4d9cf8c01e93873745d81904d9167

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b4855bce330690c83ae0537a7de91d9b
SHA1 741be889851c6484e3230ab39736cd97c05cfe23
SHA256 e1894364292bd5e8ef005d8a800872257f998cf7b3eb0ff9a507a13513363c5f
SHA512 81b1c38af60f2fa1bb41fb45a9c589b51b91734bd5f905d85e6b00491ac4d07f53cf4b526d8874c1007770721dda309631cdda2ab2d74a61cd9e26d00213259b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 53df748e107e61795e82da15bd2150c7
SHA1 14a308725cdf485a21c4078f5813650b8fba6ff4
SHA256 57d22c24c45fb7fa565e53c766c59e1fbe96287183914d6082d019b5c49e275e
SHA512 7ebb8078e34363f76ba58a98cb66a3f14c4f00b9f776c7081c1d83a7eed888a3042e2f7cb6048fb830c108b60bfa7553c5ec6baa3deb5f80b22c833e75aac597

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 78a0884b9d74d31c96b52865265d594f
SHA1 2e4479775ba9f7fef16ab1624d63d8101e85e282
SHA256 b58ac323f3fbf3dea176b4cde104b92cc1431ca700dd7d0f5dfe682ccf59a535
SHA512 6791d3b764b19527fec9a00de7c6813a45d6d4f363deb903ed2d8a380e53340e6a448cd25d6390fd99797856d79d5c718e4b0a741ba22667cba55c70192dba26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a209c5cbbb430d97f66baedc0545b8f
SHA1 927f8546fb1bf9d9fa009ade182246d11aabd2fa
SHA256 4ce96b7e4e8480c2e84d2561842ee43b32a0b89c2ad324ccff259df6ce23963a
SHA512 3bc224c04e8126ebb3903c814b0ca9d207c23983ec93af13e7aec4ed8007c476116958f6881de6d348c2014e0d65facd23cd94f9395b41f36175a7b6746172f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 74e86f707d2d30172c2803e23949d84d
SHA1 815fab03e1cc381185aa0a8597910d8b108fe1fa
SHA256 fd3992df6345a4b617194825e27c554244d0d5010cc3702811eb64b07012e691
SHA512 835700771ce7ef405229eeecaa78cf5ed389960065c692d4a20f6185b4ee92a23af8c88a07dbf5e569d9a5bf53c42dd6ab856b2ad9cae3cc339d94e1d6da00ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ba328f94cc039a33100312290a8dc75
SHA1 893a1d743095d63b6e9dd48a5b0e4bafcf0e6f29
SHA256 4d0b561c97860609923b82635dca3628eb4374677b13053129d736fbda2ed7b1
SHA512 f52da9d3170b2131522382dd4f2a6caebd986e9a2f377928de3df7ca3c1c590ef6de89833328afc561bd44fd37c3eb5835c650807fd923dc6761da59ce38bfec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7a079b5473714464a21030a407d0eb58
SHA1 64f54e3d6c8ed231fc51914f2844e890402203ce
SHA256 c35deb0bb122d8c1a7ab9afe212d3312289d570aec6bf71ae62e98802c5dbe6a
SHA512 cfdf13e2e7cdc0a2f9fe758840600ed6ebe4b9098b1e652f2008e9d5fe50d455124d1f3567571a53f018e5478482b2c255d6b50e5036eb9f56664fdc96794340

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1dd1724f9bf73d96d996c0b6addba255
SHA1 ded0bfc32973eac8405d11532e0a3cd2074c9776
SHA256 9d63c721992857773b0b2117ca64075240b5269233d5f4d6e2836899921c9905
SHA512 bcd424625127de02033cb474133ebebe4b0d4dbe244289f2a181c7b7668bba9939f61d44ba2340b73fc01360aac99ebe4170b57e27c694814eb73444a687a02c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5f63a1ccb60b2d7bb5cfc8a08a875374
SHA1 de99bbb3002da21bee48f77534dd31d5af5f4026
SHA256 d2bdfeaaeb374c29b3bd1256506e5213fa5fbd6e32647333ebdf3f506fab7895
SHA512 f54d52109bafe8485bfd49af09005b439911c5f1a9a4d5b5accc5cede4020d65f33de2451d8107087f6422c9f9ad420387238fa53386cd6d6bd94afd4f220d75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0262d9a891f4def0f0d1aca5c355719d
SHA1 e3759de4a179b723c24f0501157a3e3183148457
SHA256 ed073858b9863852e163b17feffb503200a92aa4027ee48759a89623e4e76bf6
SHA512 1b579cca56956aedf44233b19d03d821275df953e097cf9b438dd7ce6cc2fd70ffbcef2cea5968ae0802b671e93dddd91e7352bf11c2e77803c43f572ad38382

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 10ba0e37f698be170b2539e63b807b16
SHA1 5ea1b40777f570e853b9e1b4ef101229b0fdf062
SHA256 bb591d19c7fa5b1103badd0e34fe3e118a7f2c989666c435df02a8b8a9488169
SHA512 693248d2526ac5251e181d4a00081b7f501af188db88fc07211055d5b78076c88025f9aefbe1c8b29a1578e37bafc1f8493ad0ea279dfcd3e43236d55d0b6035

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bda63b39385258cc7b1609fcb2d780b6
SHA1 a4fca203e3f004e01e85cbb8972769227e24885e
SHA256 de3234c87a483d364b51b55708c004649167b85b42c8d984b5665d535867a01c
SHA512 f96da25bd263ec5d847ead7cac21f81603bd1cb203dcefd67afc2aad084aa0020d4f1c8a387f4c3f14c7c751ffe835078057dbc3398892b53a9bbe7497603bf7

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\123.0.2420.97\MicrosoftEdge_X64_123.0.2420.97.exe

MD5 300df46436ba5d076b227c32967ada91
SHA1 de9d47ef0c61fb04b7309875e2f03c8fa37d19f4
SHA256 1614eb0c2697d74f2a05f8c973b2055e9cc158d94b19105e3a9d450adc9e333b
SHA512 ba3053085da062ec32f87aec43f527624248a81b702c8cdb359c0fba7194556658b49aca8ef98d885de5da5b9b2eab3f1fac2c99891f91949d1b9a155e4a6971

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 a8ec472f107ceed42560accb498f6449
SHA1 1f48ee71c4aa76a2f46e3679ac9406c9ed690d33
SHA256 9f45460e0b0ff3059705fba2bb6dacf4496c7142db8239818e8d860abf04b7a4
SHA512 f764387509346bbb73dc19aa79b3ee4bdaf820d296a248dd0daec111866a27b07ea3d3f411f3b85f335923c6f147c46720c8fed2fe8fc1d27dac1809c05cc7ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\bb1d161c-e5d2-4a02-afff-a61ad731e86a.tmp

MD5 a78056955af473452f9ddfb2e5464c16
SHA1 c83a4df9e69c54853bfeca4fbac73127c4a460ac
SHA256 7ce7d2b14246bc92c3fa1d8fbd98a1b278b1a8c683c0e4537068bd1ee5f3bf5f
SHA512 5443600ff4d280b68ecce0fe18615c992d476b944879f910545df28a64634de2d75235e44e3f40d65254f568b24dc481a7ca3b706564463e93b1d760c7f18a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5fbe5c613580ccf8efc74df8df77b985
SHA1 69359e341c06e1b3822e34039a01fa4a3e2729a4
SHA256 ee3c2921a6f5c3da96c095626fe25c0c54688f196db0dc6ef8ce9e1a221f481c
SHA512 706335493e1c70a27cfa0658cf676bfec74784e1d1e9b1b80abaed3c3e3a2a3d23240f8b87f8699a5068dba487b0f651af3f67fb447e33e80096318b20fbd939

C:\Program Files (x86)\Microsoft\EdgeCore\123.0.2420.97\Installer\setup.exe

MD5 31ddc9e1c11a44b88cf96c45b3551ffb
SHA1 811ccb9706f656e29d089e30a2ee1650302394e2
SHA256 46cb58faa60db59cb8d145bf6493f7c01a8ea8895f812d65512e3c7340a054da
SHA512 67e5a4ec4b030e48ac06bdf79bfb2b9bfe7778f046a739f23b7be65e143a7181954c7587eb6841636a6e667aabfa292d6831bab709cd798d1de01987bc99aaf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc35fdf445e1667207206d61215075a6
SHA1 8243f234f15057dde50c5eea3937017ea03ed264
SHA256 a83d30fee437d7148ca3c0d694812d64845d35f25432b2ded2a6379a0913fc1f
SHA512 5a599651c033a8811534ba40b0e6ebf8a1d4e63131efb96fc33447d8b236171016a092dd3439267dd166db453e04c157f5e2f769a4c64888bb99368467879422

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 16fadfd6bc9c5e97f7773afc80c9f8bc
SHA1 8f4a1bb57e3f9bd32e4314f832f52f616064a21b
SHA256 4b517fd411e8b47b90cf5190ebdd5b0bba7167ca75a6f4aebf97dcbef08d56ea
SHA512 85b74893838bcc5099a90cee52ece8eff5862590c45c286aecc6d8d558ba99c590ab60a4bcedb0bc3506081bc2eb9fadc4690a9f3cab84961acde0dd4056a040

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8d634bbbbef0648f3ab08cb0b0d2ce55
SHA1 08d97fb36871a8f7c20e915943a290bb91b1c70e
SHA256 f994263cbc4cc98415d774d35330c09ca4f66b21f9c7d9df5601b0a2b24fbd24
SHA512 b724fb15cdc3b86dee6cde33666c273595453520de0ee0e267a555afd8b3b37cca36a727897dac82f7e75c66474cf859eedfb558b5d3f29fe9b3d0a83e2bccb2

memory/4088-2237-0x000001CB266F0000-0x000001CB266F1000-memory.dmp

memory/4088-2240-0x00007FFEFEC00000-0x00007FFEFEC10000-memory.dmp

memory/4088-2239-0x00007FFEFEC00000-0x00007FFEFEC10000-memory.dmp

memory/4088-2241-0x00007FFEFED20000-0x00007FFEFED30000-memory.dmp

memory/4088-2242-0x00007FFEFED20000-0x00007FFEFED30000-memory.dmp

memory/4088-2244-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

memory/4088-2243-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

memory/4088-2245-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

memory/4088-2246-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

memory/4088-2247-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

memory/4088-2248-0x00007FFEFEE00000-0x00007FFEFEE09000-memory.dmp

memory/4088-2250-0x00007FFEFD0A0000-0x00007FFEFD0B0000-memory.dmp

memory/4088-2251-0x00007FFEFD130000-0x00007FFEFD140000-memory.dmp

memory/4088-2249-0x00007FFEFD0A0000-0x00007FFEFD0B0000-memory.dmp

memory/4088-2252-0x00007FFEFD130000-0x00007FFEFD140000-memory.dmp

memory/4088-2253-0x00007FFEFD150000-0x00007FFEFD170000-memory.dmp

memory/4088-2254-0x00007FFEFD150000-0x00007FFEFD170000-memory.dmp

memory/4088-2255-0x00007FFEFD150000-0x00007FFEFD170000-memory.dmp

memory/4088-2256-0x00007FFEFD150000-0x00007FFEFD170000-memory.dmp

memory/4088-2257-0x00007FFEFD150000-0x00007FFEFD170000-memory.dmp

memory/4088-2258-0x00007FFEFD240000-0x00007FFEFD24C000-memory.dmp

memory/4088-2259-0x00007FFEFEBF0000-0x00007FFEFEBF1000-memory.dmp

memory/4088-2260-0x00007FFEFC410000-0x00007FFEFC420000-memory.dmp

memory/4088-2261-0x00007FFEFC410000-0x00007FFEFC420000-memory.dmp

memory/4088-2262-0x00007FFEFC580000-0x00007FFEFC590000-memory.dmp

memory/4088-2263-0x00007FFEFC580000-0x00007FFEFC590000-memory.dmp

memory/4088-2264-0x00007FFEFC730000-0x00007FFEFC740000-memory.dmp

memory/4088-2265-0x00007FFEFC730000-0x00007FFEFC740000-memory.dmp

memory/4088-2266-0x00007FFEFC730000-0x00007FFEFC740000-memory.dmp

memory/4088-2267-0x00007FFEFC750000-0x00007FFEFC760000-memory.dmp

memory/4088-2268-0x00007FFEFC750000-0x00007FFEFC760000-memory.dmp

memory/4088-2269-0x00007FFEFC750000-0x00007FFEFC760000-memory.dmp

memory/4088-2271-0x00007FFEFDB90000-0x00007FFEFDBA0000-memory.dmp

memory/4088-2270-0x00007FFEFDB90000-0x00007FFEFDBA0000-memory.dmp

memory/4088-2272-0x00007FFEFDC00000-0x00007FFEFDC10000-memory.dmp

memory/4088-2273-0x00007FFEFDC00000-0x00007FFEFDC10000-memory.dmp

memory/4088-2275-0x00007FFEFDC40000-0x00007FFEFDC4D000-memory.dmp

memory/4088-2276-0x00007FFEFDC40000-0x00007FFEFDC4D000-memory.dmp

memory/4088-2277-0x00007FFEFDC40000-0x00007FFEFDC4D000-memory.dmp

memory/4088-2274-0x00007FFEFDC40000-0x00007FFEFDC4D000-memory.dmp

memory/4088-2278-0x00007FFEFDC40000-0x00007FFEFDC4D000-memory.dmp

memory/4088-2280-0x00007FFEFDB00000-0x00007FFEFDB10000-memory.dmp

memory/4088-2281-0x00007FFEFDB00000-0x00007FFEFDB10000-memory.dmp

memory/4088-2282-0x00007FFEFDB20000-0x00007FFEFDB29000-memory.dmp

memory/4088-2279-0x00007FFEFDB00000-0x00007FFEFDB10000-memory.dmp

memory/4088-2283-0x00007FFEFDB20000-0x00007FFEFDB29000-memory.dmp

memory/4088-2284-0x00007FFEFDB20000-0x00007FFEFDB29000-memory.dmp

memory/4088-2285-0x00007FFEFDB20000-0x00007FFEFDB29000-memory.dmp

memory/4088-2286-0x00007FFEFDB20000-0x00007FFEFDB29000-memory.dmp

memory/4088-2288-0x00007FFEFC8B0000-0x00007FFEFC8C0000-memory.dmp

memory/4088-2289-0x00007FFEFC9C0000-0x00007FFEFC9D0000-memory.dmp

memory/4088-2290-0x00007FFEFC9C0000-0x00007FFEFC9D0000-memory.dmp

memory/4088-2291-0x00007FFEFC9F0000-0x00007FFEFCA10000-memory.dmp

memory/4088-2292-0x00007FFEFC9F0000-0x00007FFEFCA10000-memory.dmp

memory/4088-2287-0x00007FFEFC8B0000-0x00007FFEFC8C0000-memory.dmp

memory/4088-2293-0x00007FFEFC9F0000-0x00007FFEFCA10000-memory.dmp

memory/4088-2294-0x00007FFEFC9F0000-0x00007FFEFCA10000-memory.dmp

memory/4088-2296-0x00007FFEFC2B0000-0x00007FFEFC2D6000-memory.dmp

memory/4088-2295-0x00007FFEFC9F0000-0x00007FFEFCA10000-memory.dmp

memory/4088-2297-0x00007FFEFC2B0000-0x00007FFEFC2D6000-memory.dmp

memory/4088-2298-0x00007FFEFC2B0000-0x00007FFEFC2D6000-memory.dmp

memory/4088-2299-0x00007FFEFC2B0000-0x00007FFEFC2D6000-memory.dmp

memory/4088-2300-0x00007FFEFC2B0000-0x00007FFEFC2D6000-memory.dmp

memory/4088-2301-0x00007FFEFEBF0000-0x00007FFEFEBF1000-memory.dmp

memory/4088-2303-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

memory/4088-2302-0x00007FFEFED70000-0x00007FFEFEDA0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 39411ef0854db772baa82df072b2cdb4
SHA1 cd7c56e179b1cf4616877bf1f22021b6eb153372
SHA256 db6ae4d2938ebbf0d01644462be629728939dd6e3a675ad346051c6688f57504
SHA512 098244d9695f78ab0397a263fe115889c59ba537313cf2f2233f0fc021be603c55ff193724caf84cef7fbd400f0ea08b3ee31400615be023d80e7afdc8cea3b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2b0f3b72a2b1196708cecfc789810a90
SHA1 6a437cb675c9558b83be9d82df30e16f609b901e
SHA256 df462952a74aa3185d6737b00c963250b711ff539232a9d53855168f6d15959a
SHA512 c44bf6521773a8ccacccf4dc0454a1c0e1b6e9caa85173e61af86b432bddfe54ded3dc23242fd6b38cb8926525c9d03971f3c133a97067b44d8a9030daaee2f2

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe

MD5 b18c705b3c68cc49d9bf3649abc75c24
SHA1 6dc8963dea0f3185368790dee2a346301b4fa24c
SHA256 c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa
SHA512 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb3c348c20140ffe98784d8644eaf56a
SHA1 e151dc6eba81780b33e70ef96b80c76706257c8a
SHA256 d5f349d512c39dca81a5b4b1e3b26fda9bed6f8a82bcdb51b2b36c50d559dff3
SHA512 c535d0ac48248939a780e5c53d48c7bfa61784f988cc9f4daba8c27bdc5b1d7f3b35654b6253dd2ff046bd0393b1d6e7ceca71bf5325fcb013622a817530bcdf

memory/4088-2469-0x000001CB266F0000-0x000001CB266F1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1318752f86ac0b1f826c42ab76648d11
SHA1 05ca6461c3be88d893e8491110100379c3f40882
SHA256 1c4aaa66c8e2fdf0bed4578608d028e66fe690d4d8be1ff28ff297bb2a6f715e
SHA512 d07ea2a4219236a508363ab35da23101d535213a08dd8c5c9d809f5a9851dacde6f3a8e03996d8e2da2f3d34ed8aedd82da533f4e5a3d32c43d9bc7f13354993

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b497873555c673f734ebd25626295704
SHA1 544c67058a1f9ba57d4226fe00f45d3b0ca50d37
SHA256 e1d80a862f8c995c17c3f4b9b0986a2e26870fae0a815bea08f110558ff047c6
SHA512 86f0510c3c56d504ccd39704dd4e060428396d55b28ff432af465b2af0feda15417f12a21bbb01c77c36869823deb982866e6b56664f262b273b0c4e4f8a49ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 723558c4cb2f11cdf7373f52c25ef871
SHA1 9a34219c139fbe3c43d622731bce12100aa09bd2
SHA256 1883ee2d99609fa1e5e1c882a17f180bcd7025319e819a6fd5449aabedebdf57
SHA512 6de9cba85481ce562ad654a4f51b3711c94faca2d4f8e5a5e2407dee28c32960e9d3bebcae602ea871835398ac3e4ce43cd4bf06831dc054dd3db98f932cccfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 279a56e3c072ea9d825c1f152fe07eb3
SHA1 d87c40f0842db1673ca3ef5b6c9213a16945be58
SHA256 c9dc9ac7e91e0a1ac8e6eddd8b683bb5c5969a57e798e7d8d0d7413c0362595b
SHA512 df907dd95f717c6f223004d614f1ec82a790d771a88375aff35e6c70f98c4026721c5253dac259464f9ac12108c319d08ab6822cc80861b26c681d397181e127

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cb580bc261e9605154f052db8c678395
SHA1 acd461a2cd22d294117bd0673b5dd3b3f2e3c10f
SHA256 29ddd77e0f3b4cb91e0410b14b3fa3fe2bb2cef3959e1022e5ffa0886fa2440a
SHA512 69ede2f2c9e7195ffc9c41d8aef73ae1fa8f6779af38d2a33fc152e9d47bc63f8ec673a77976237aacf33836fa98cf0604aba323963cb667c5902e8a622a243c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d77d951ef1a194d0002d01f1cac29fe
SHA1 5e7c395b3d4a06b32e527c01a737bf2821f74f97
SHA256 43be74ff08fd305438d996c4a0393ef49539d05275ca28fe2cd54777ad243b1c
SHA512 4c06d274c7c632d543c085d3c868dcce709f9a544b56184bbebb6af8c781ae62edac58376ca79460e61c0e1a5dd9a030103c9c80872c9371423f98613f158764

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1a6df01672964845a8b18859449c5b5
SHA1 e2e7af415163f6c7076645219fe735a2be80fbba
SHA256 9977b99835ff21c342be1746bc394a4c85a3e65895116ea574f6cddda309cafe
SHA512 7491636b594d5466e70c5cde8394508fb23666ec691ba4064ff742de81712010618203700d3687216899116660d162bb97f018dda615ebbd8790826da8d79476

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac8ba09b3877031853218edae6d8c776
SHA1 3481aabd6559f4ff68dc944cce1e7bf6e6a2434a
SHA256 62082faa50a17d78e85eb3c6d7bd40ca9d5fa26c52b7816b579069313909136b
SHA512 ef8549e12ce4e2e8b6cb2228e706fe67e00b91206939058c12bee29f4e753250d664a5e33615cd8cd737b6de6e370d984a7aaef5707357293a6a2296e0549b51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 43c7d0c6fd8c962de0f7c10c748f63c6
SHA1 0eecbc578480629e7fbc59ef8f0f1971293c254e
SHA256 57573df01de965ddb75098aa747fd50cc4a5a1c63ce19dd82604e44dab3d2cad
SHA512 24ce806851bbaa1c82c45702194c9d9b5909e5063f841aea6a4fdde110828906891d143a26e35c7b986965893cc2c4e26b4c354973b7cfb0aa8ad3b784726f5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ab62373bcd8a0a82bf97b27a60b8e04
SHA1 fe6ad2eff6959d3721af8fa21d4d37190b7fc57b
SHA256 cdbc00c3cbe272788e2633cf90d418611f9272a9cb202b4c069d5c43a2187903
SHA512 856d1edad30b14eaaf0582efaf4598f1123371ccf661087359215fdc1f4528611d4b05886f2ffec44e00a89c4786735ccd9d188d0a6939e156218f8841e3d4b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6c1f598439350c401fa10e72ebf84b48
SHA1 1585c2544f70c68e5e637e51596d98b3678ce2df
SHA256 a8f9d64d3a5cee447c24cacdb79eabf8a594ff20a7ca7799c032cd19d1b4695c
SHA512 9211f30ea572170ae61143321504b5104364b72dcb449b2fc316ea8a25b801e4968049adc28e140440822f79bd2e2c4be8812473bcc045f20e175590064204d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 040bd1a39576c07f50818fc6c7826d3b
SHA1 cfc65c7b185d5b23fe0f99f06c1b0dca3717c24d
SHA256 3884e5e0640e858aab5d05bee093d50f345dce051e254328e0fcb22b45a6250a
SHA512 9d8e1df501f29a2b504deecc950ff09da552b26a53dc2ef9be15667da696d1857dca47d23383f9a3b6da3646aef35751f048706409f9adae8c3df4dc8363c019

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ceb46dcec9042d41b7ce9dd5219dab7a
SHA1 17596c3f7f3791836e3ea72dad4aa716db565f5c
SHA256 0a244b7327d8531cf4f6cfac4af621a6a0cf97b2cf46bcf749a99ff280b32616
SHA512 e6c94b5b7d9df13d2534bbc12ddb404f9843e192b3aa39f88f7f47420fd8970cf305927fc98aa18d71ad461724e50ec4be96d933d8e987c5ebb4f9a98b4cdec3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 28e9667c0d2e61904c7974351062e53d
SHA1 0183b8f623f1a5491c8ac8588a795939aed0d29a
SHA256 fe7fb3e8f9c4eac6af5bccaec1ec4d00378377101ae2aaa30173f46781c171dc
SHA512 c4f7975773743afb92749f7788ee6f83a49c4106bcffbb4776bc5d0bce16383ae67a278a195ac5ff17b67fa3010ab92036e7b56210da6a8666e8d033a079f7d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 115d83c9a01055211b4c9108bd4113f7
SHA1 e955e4ed48751d4ce80cfbdaf01c475bb758ff3b
SHA256 49abaa59d6c725f6b2da1bccfe3fa1d6b181231a4e4a95dd2732764bd3d2bf69
SHA512 f3bbe192146d9ff7a4a27ac7c644ff8274eee555ca08c01639a8368847b3d37f5c60791003a9b4ddab0ac044e0cfd6e51a80a8cc3e523c3f462db9195be40b0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 71e6fec55757b57eabc2a813a6456def
SHA1 2b146a171348ec607186c49ed2dab61803cd9d53
SHA256 4219d8295bdb959aff6e662ad2ab7c431d4f3c6c310dcf4077bf8aabf3f31071
SHA512 586cc4ff2b9c36eb3ad766583f9b00765f9d8a2b975c4ed854f90d7d19bc7824bda90604b038e3b26e9d5a2b5186e28b787e181e095060bf0449888693633d78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2eeada52959aa1fb974dfe797ff3800e
SHA1 466234169f23c018134697c9c5121a7dbe6fe911
SHA256 a474af5311adb7772b2e95c0b75ae745eb2a55b823357f10566568bbac0ea319
SHA512 cf300902a30be2e4815ecc2605b2e0465e0fac31eb66a4ab14c57539a1ba053fc915bf27ebc4e6c819d9476ed1a76aa7b288672de3420a91396fc828330359c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 211859edf0f1c5a55e75861dfc930cd5
SHA1 487802b1f35fda8d8994d891a4bf7a266a777a0a
SHA256 ebc59d82bcade02a20474eeb0091788e68759eef8a64e364d9fd2d98073a31cf
SHA512 bdd4fc92c1663ed3747630a41096815a77bc777d2698a37b98dedd7960fd97d8d7585014dbfc328e711ebdd59d1fc68a03fc04073b2f07fa18b7596b5ce7176c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b9942a71cb905b5a371afcf0fc26fe3b
SHA1 024b02ce58695310fcfe11bdb9f4cebd902c65bb
SHA256 474d9ce98eba0608dd18833cd20bf68018e6f75dec4c0cd74deec64cd7ae4a31
SHA512 76d51398ce09cc786b3c9864e1adffb5fe79b0bc9d2644ed2b47b44a3cea3af54419a2f3ccb96d2f505fc3bda02245ad391058a512fe34d411179e6f5d163208

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f6ffcbaa5c8df5302296bf4a7665292
SHA1 33906db37fc38d9c28367228c06773c77de8024f
SHA256 c1692a987f62172134be554393d127ca3a638425d956421e81ee976347a1326d
SHA512 053096f7c1b5dbf6faacac14bc2569bc210f46e543ed14c5d1c0770806b18721465d9f0e21af3d4a02f1dec7ed37eedc2ac488290172666fb9da81dc7a1fca0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4270de4ba727e54ebbfd3567046e8e12
SHA1 19ae2d233271f0b6e89f34c93ff403f26d03f591
SHA256 464b9aa2245c7996cba6c527660a9ea25851361ae16b71e025c33e2a2d6d3d0e
SHA512 b54cd0691647048c966b18eea905a85f9da541a5ee715c62e746954432d71b8432d6db1ffacd92c9405c75733848f37f4ce8aa59e166ebb8d1bac24bd7b75fce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5d8db8c00ef55978cbc4daaf2c546797
SHA1 cd6ce00675d0700fff13659fe1f04427731ecd48
SHA256 4d30a0ca691784dc7bc4845c0d40e572d2e8298827270b7d95dd56e7b86ea165
SHA512 6e4364d3e6daf8f0f654a8e9cc6f6a09552d2ee008adb005cf188d4c65ceba53eb26e64d7105c83deaebca566da1bbe60d06fcbf45900e708c7d2a1a8d10acc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60ba574eb68738511aad086d2f82fbc0
SHA1 e8ed575a9160a24b1efe3c2be19081a593cc7487
SHA256 41547c89d731025a789d0cb90729968cdfd1db0779dee7e0101e54857053e7f7
SHA512 d3d0774704281bf1adf310ba0ff9238027654b7e90b7b38dad7a7284f13dc8d8adcc28897612cf3ce55b5bffbe137dc44fd45d3e443d212de0dbf57db410d84e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59dc3ced0f742e16de5726888a7a4c8b
SHA1 d725cfac15559ba0c25050a718d206d663597e25
SHA256 85faa59ac1934e0b382f6c5a01657b95144d9fd40e812efadd85b04e37a5b950
SHA512 2aca99a8f3141f0fc1a7636c812f9bc159d93d99cdf8ac89e6d392366ba83f4142fe84ea3f5ae37d6a98538394c90bbb04edba41a7ccacdd0daee41f75b95026

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d839249d1b12c870203ea37369ce1ed8
SHA1 20d5e953cb1ccb26a8d68a05c12cf141b222e785
SHA256 51e09805f47ee80fd76340cca12c99f8c1e54362a4d77f7865197d6a9d062185
SHA512 91a655da5d06de1f9bd6e4909f96741e2e68897b4f6fddbc22ddd6db8ab0f6e2ce8c38685d211950c4c008af47bb538a083e0f5ce8867f558bd6bee00f2348ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bff27d89a1950c3b6ead8d95a937c4f1
SHA1 e51c6984905b8d22318f846f31b8726435e63a16
SHA256 48f8b8015907ee8107f9fe985f75938ac9c69ecd1b6343c98e1760947e5f203d
SHA512 7f564c5282c490897a3245d08d66ad076ecfcff3969a388b0b71dbde7d8d5beb3eeeed995cb98171b8765a736dec3f12af0ec22cd9a81c756c23541b897bc701

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CBD44A8D-543A-4ACD-8712-4F447CEB77E5}\EDGEMITMP_2F0A1.tmp\SETUP.EX_

MD5 2415cb112f130a1382726afa58a0933e
SHA1 74ac041e6dc607e476dfeaff2d2bbf2b5c004b5c
SHA256 85679b3b17d42aa988b5c753b9cffe457c063d5186a94203b5e584f4156f2179
SHA512 a334cba72cb6ae4c4706ef3954e98771c4502ae5ee66d7b2d2dca759ac75890efe5a7fea46818760589a66f425a4bc9d463512bf359723685eba86ba4c1edd99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 00078ba0f237364c252869fb13d09385
SHA1 f3b601e1f51e7c66978f51b8366ba3e849869db0
SHA256 b78e8534061689dd518cf9963210b5a99a323722152abb8ff510fcb9a565e803
SHA512 7ce6ff08fff0dd87a6af971b91f1050dc552a47e21914c7c19197d1e73ee82cc65686907c1394fbe33edafead1dea15bc30b4fb243ddcf552e87dca2b3368e72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f8b3da0bc4dafab8ee8fb61cc140ebb9
SHA1 51c0cfe271729eac434d47625ab7c930acdc2f3a
SHA256 2a3b7424a0924aa6883391275d494e91308132a643cf8ebb1a55d08cc0a43963
SHA512 11e413034d58041de324e180e6eeff0af2601c83498a48321a9aa99d3188deee411694980bae2fed595212e0cbf9df7e46acbf47926bd085102df19c10a6464d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 58136c844551d0ea1a8b165f593c5347
SHA1 fb5fce1298e86baa7edf8da41b9464f2db44dad6
SHA256 6685ec9a1ba8149f92c4482951d58adbbcece2efd335bed7f2ccfae99fbb21dc
SHA512 8d5db1dd9439b2f7e88b852dace1c1c210f942847946046488c141113683daa6c5792f421e4e20a05655fd5ca306a6c3fe3f28b9300ec7ff6d0e48ff27b7fe78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81635c30f25d4fb5c3cf7408428e6e8d
SHA1 d29efeb52202e261fdb5d38d6553b369699cf962
SHA256 1d6d2ad96c49ebfd28f76cc228a7826967f6ef6047bb4eff04cd4f74cd69c98a
SHA512 3b2e7b084b9c332c6dd28d139a873bdc769ba6473db659ade22bd1732437ae6a587fb2db2d47867cb7d0c27369b291cbf9c81632d235d9c641ce3e5b326201ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c0080c8bf3e9c383c7e52c4f7aa67395
SHA1 51f2bde6908320e0e61bb005c2e2a51450e5ab6d
SHA256 60860bd466d0d8876a1c2b7095cf5aae882c167497804119ae4b2727755b34ae
SHA512 34daafdedb16210d8dd99b9fcaaeb73764ace26d9b2e6b55f4f72f8056d467caa9f2b8b6c34f570f67ba09a0e5da0cc3cac7a1f9000a08361ef0bbcf8e74afea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1af6cb0946049f1c63f4667420e11f72
SHA1 abe48a587c433f27247771178cb5e27c4e299ea1
SHA256 8e75cdbb3b8b309d6a260f3a0d72f1a283e1788cc1b940015bbde8fec23350b3
SHA512 1f1cd53b00344c3c1edac1c370c18dd55f78fd4fc22745057b173de237b0cfe937f68798d03b1d5944dcf9c66f39aabdb091befc563d93fd9168a7aab4be96a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 616f19338d41b1eb9c28ad35c6bd708c
SHA1 902d5980f50cdfbe5c1523cba5a79ab64f8578e4
SHA256 011654d85e68fc0ff96d52db0fe5cac10c78ed6df8a090805109cc26105e1992
SHA512 1746dcd8504086d4fdb2e4c1278a703a574b7f2987aa636f48fbdc3e1cd0523ee39d148315a88f7a31ed472f327b8c22d0ae90f32d16c89ae40a8fb151d6ac5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f72994ea9d7aad42595fde1763986163
SHA1 7bb2f87e86509eb09b53f339d8e2ac7ee08e95ae
SHA256 29d935e7858682cf8684125928d3fa420cf4af53c1f87e80ab4b73ffd066c372
SHA512 ba630ded1b38b64c22464a6c2ef176ebe7e67f3a9e46599cda3cdf5d553bd1fc6457bbdf15d141fd172f036e005ec9d880c83d04265a6e6f2e0fe310e2179968

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20d7369c772a1de2899d189fccc9bbcc
SHA1 b507073036b5c0c228010011d3197726fef0084f
SHA256 8b7a97b383ca430c1c05416dca627e323e08e1ce801df59ddc8b1304af0090b5
SHA512 efb50f7b1492092dcff6adb55e65e5cb3156fc21c0a837255d1687bae4f682ada4bbbe398b8dc685707e950caba52ee4fe4c63b001270263032eb577ca2937da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 303887552edd6537fdb1a639ef66cbf6
SHA1 4c8f426e279fafe33cdaeb9815eecc591662fa04
SHA256 10c65d9d5f553b4c3cf81a6523d7ed0046923ebd0ae70e1e23fb62d924bd7414
SHA512 0b13e345f614d903bb8367126d76ac075072eaed456826454dc1fc52f1bcedbb121c264b086be83188df7c5260d268718958111240b2ee0b14b3ad287022f6d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7c2c49a6a64023f8188a5df3628028ca
SHA1 ebb1db22fd4824e10ce32b340e8ed30e160e8e73
SHA256 2acc27574538ef29aba3fceb41aba189db3d7134e296eda0cc857f7107e49841
SHA512 8538f735c83883c32be06c5547ef5abb7138933df34f74d045b53366d468c981d6d5c60da78338be06ccc75f043b66a81bca06ce70afa92343e16e0a49853a46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1bb3030a69d90b872407965e4f5fae7
SHA1 07965bf3f1c915425fc00c2d022a42d27791f3d7
SHA256 834412c94859e4bf36fdbb9011bbd2cfaf6afa8954c1c257a33613e629be8933
SHA512 2ad3de028d77f03de0fd6d7719969cad4997073eb48ab1a96b6f94150ddb2b023b9675d61373e65bc434b46078976c8a770adc242eea8e4551e245f19d0f64cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9ed3e2c052572fb2381c0a160190a8b2
SHA1 e17050b83f453f9df74a43da6379c1dda738af12
SHA256 00ab2cf27b24874b549c298e129c9753cb677651442ec163590af8b1c6053c5f
SHA512 5a8f852a27d360323e86afd8ee74b647f1d476bd905a35f733c1f3124ec1ad64ee401d73d69a8d66fc5c42fac44fd050aaed18d6873d857ea88dd01b5c8d1935

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b536540c548f3568fdd654326a2a767a
SHA1 9114dc31eb482c67178fcc8b2e17552a1a09617d
SHA256 e91e8e7a6261364f5399867c1014048a0a18cc062805e116a1ce1548684f6533
SHA512 daeb88c6c19dea6d5d0c3ee3cbe395d320fdcb358aa61a3d89ae44422d7fd8852c0c8079f499865c9c31df4f9b656e62eae8d81caa8b28b5984aa43ccbbc8f8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ab2d3937-e089-425b-a21a-c314dc7a1e48.tmp

MD5 8311c13cda5af02c89d287f58d171378
SHA1 583a03ade09aeba1d378c68356e2f1c60cac6bf4
SHA256 fc6c376e0eee414aec2f620469380f20a2c81ee3099524b087e5de660a37b533
SHA512 9a8b114aab6be972dab42badf68686503596c59dd1bf7c8c0ddf448b6240d36439dc850bc1cc9c99010d7bdafb2a9382579c462181d45dbc76096ae8a88e1a02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f20f9ce1c5ac75c6f966beccfa3851af
SHA1 33932c8bd1fe68299152c8b28c38450a9c9fe390
SHA256 23995c39e15ab95af16ba587e4bfeefee6c4d8953e09867c7432786b8d3f29e0
SHA512 df28ee33700c124311ad15c2ab42ce0bcaa9225ddf00a09f46cb615dc3206a1c754093f63d5206431e101d772c5cd9a9fab8e7f55d101e543c5e21b3214849b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 256f99dd9f64bf88a7cd13d0ba8500f3
SHA1 07b1daef049b6980556bdca650cafb79238b4018
SHA256 25e9f778e19615d58ede6686260f3ddf5894b07a676fd4bfc8ef4429f1cf793e
SHA512 5881f6f710ec0d41531111a429397a0b520dc57c22838eac3781971e2e6a0851e83e7c3e247db3f48a345c0c47bc55af295d758f27cc311eb123d6d96fa974f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 877e2b1d149e8f9ee69e09376c3676d3
SHA1 14a9f2c6351af8dbcc498af54a9b455fc176d00a
SHA256 a305b5b4855dac5c89da2753c61d74cc53b145fe4ef56e6b1c967dd13dcd525c
SHA512 73b429244e0d41463015612306c3c867add0522cb3469eeea2a20e9b5cb858adc61d542b23e25861e0adaa74092e1d7f12ed5fc8e768dd99ff53ea52afb5160e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c055e5c85ec377f32c359857d9f14a7
SHA1 53e210903d844c073c50201d23f9d68b7ea9fc14
SHA256 b8e86922f0999c441c20a1d2526e93eae357c992cc017f781361ce0322365fd4
SHA512 dda0665a7dbf97893f7d00cc46e59b6b05f6ede6fe3b6ca7efc06f1ec571652200df8e721f7d0121d6e39cd832ed6f911ed26df90b5284e3af1cc6ea277dcfca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9045faee84fa9830f2946291d2a4fc85
SHA1 51972a9eee2f5fc2f6adad1e035f17a174df1fe9
SHA256 1fe8cb8a7e82f65ceef065d316ded8cca1ec49b490e4e9d03d8d624ff715cda9
SHA512 8ccfd7ea5b172d2d84103b6f7892321060d83b0982981837aabac696b4630ab1cb7387765e07f1548e8f86863628bbb3cc58721e45a2e8b204b1d19cebbd95c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a1b310fcc6ecce628cac34ca5248a2fe
SHA1 c6cb5c1c20fcc392902b0229506f763300e21e31
SHA256 4d6b9e8840839f097bd5dbbdd8a384f065cf27e8436081ff610de817d9c18a17
SHA512 8ba951e5c939c93c8fdfaf72827f186d54a539ff50718857c60eac9fcf884380c5966fcfed87b15046a14be36baf80c805270fe1fbb407d518c3cf884ad29244

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2eb8d3983f1b579383905e40d78a829c
SHA1 e39c28ed22bf5a58cc2dc11d6ef95f611d1a871b
SHA256 092b313c470c5ed4e38dc5c3496182906396fa87aa1ce991c9fb0cda8ff3d64a
SHA512 d4de2da679f18671cb57d0c7d7502ab3c7c96f53daff2d4d87c78ea1d4cb27c53632dc2326767bf27e3a827bea0a5360b18f27f201f1d6aa04d783c864b21a81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 237c1fd69fb8be4428e9a641b1a9bcc9
SHA1 f5984c64c3503fda85a60da8cb1e333295dab373
SHA256 436ee795797969b6c4ca5f0883f96ede140e8b5b7982a56059587d197b68f86a
SHA512 7abf53ed300c5006dfa06c9aa9ec5a0d42f0467ac2a8fc5861eca8a6f85037114e05f3b47910e75191fb7436f2dbca12d980b4ca81aacbf4ee3ac4f87f70e37b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d40a2e8ca6cc2acb1cb6e642513f681
SHA1 e88da7492971e7c854123a0736c8e1948d758f23
SHA256 f4b0b75c1be69c61912c7d8b8b254dc787e335a8a2582f03ba74ee83efbf5878
SHA512 b28aafff3e7463b5058b1da089c13563f6994249e49cb2f5f3d8a72ae746f15d253d39b8fef68da57639c170ea4a6f2eabd38a0f56743d3b411580dcbd17c087

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c2c5fbdf5db844cf3e4749b30812209
SHA1 4c0a006ce935b3c2e0cb4bb24f490d04287e4b87
SHA256 7d3078c6d21b976053f57eaa963380404b54a3f5830a78cde42b861011df09c8
SHA512 c60bfa301eb769d0820c8e23a9d58c805c410bd6b0d703b3eeceee43781b2e206f71ce9a9b0c12e197f1ced99c13db362a03a2a78580ffc922e1275ab6bfee14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8df4dd9a9b249a2f1a19914374557212
SHA1 cf5a80fabef601e65493c3bac87181cd4ac52b84
SHA256 a7787145f714d4177dc34d4213dc4b53797ee0ce887f04990f251945e5c42fa2
SHA512 d6d95b53b5415ba786325ed6b0c5beafb9188bdf1e25c19ca3cb062a73657a61bb55ba2a1d8c9b22397dc77881b506e2000685a4f91114ef188510de77c8702a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6b5baf58f7689590275c91bfe19dd8b9
SHA1 9cb5b086a1d626ebe36338cc8d56a027094b5659
SHA256 e33c2ea8ba47a4847f352fd73498786d44b7714f4bc9ce2b48d9cf2d03d03eba
SHA512 ff08f9a6497d7e256d1e40e6aeb4d5632883a07d5b8542556dd130989c1aa4f82e7cb264412311f9b220e25b9ab9458d2c2e8f5c7d57d2026840a1a3ee55669a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52c752ee6b6c2e940274ee87df4ce3c2
SHA1 d24c0fc5ddb0cd9111f7c97edff0b554d3ddb756
SHA256 251ad864c36899c75c2faca1f0b4a41f3d0e870a3d0d9a3d4a6c348b0363391f
SHA512 6a62ebc6e3c9250c3aee195797ec5ded3e92540fc0e36dc20069052b851748a1f9531905a571b09ffe1fa12acffde96f1892940a174a087d3dacdb50e6a6ae32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 98bb7236ea05e636f25b67ef915e2c5d
SHA1 efa60dbfe5d91dfdc898d1d7e2132040835111fb
SHA256 55759e5f5473020434b972a31f55c0b4a3c98703f520e54510d58a8eed6219a2
SHA512 39ad7de790a1cbc501f7688ac3af41ec8a797d3028b30d9dbb4a91a2e3b98458fa487071d580f9297aa9ac3e49013ff51c632508a695df6faa8711ce139c69d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 435422bff74634f45b903dc290353692
SHA1 a6753d4a4cac3aaa3349d7f393554cac46a92158
SHA256 af18f14ac942cd5b3627d4a74abc7383fa77fa811a9618910a2ce074549037d5
SHA512 9fe8759cdba045f1edd1dc1f9e537a84ca73acc9d89dc9b83f1b025f81923bd1b902b6b3375b6847e6c0d3b0b5cbacf55c7115580eacafc24d830f56f45a6a51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0f67c5a793700188479094579265009e
SHA1 6949c2b6ec48d044b2a14d74f4ff75594b616922
SHA256 7815db7b4ea9c7aa84b2973389d0283877d861d9083616fc0e20a76cce1c6caa
SHA512 cc1a04e0166e6acf90809ff5b80128ae8ac5889016e0668b8ffc8a9a74bea7165705b94103c5bb65e48c1f470b58d6ddd1fd448bf51ad65e4df8291767776ed6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 76ee03f52bf1403bb86438fb110fa60c
SHA1 f394cf19fc64ae65ca402ed4837f4190dbd614cd
SHA256 92507fea66cc820d5cf10a4946ff7b93c8325cc90840387719d0deb259ef1387
SHA512 20d62987e41c1689007f51dca75de17d0dd4532d4bba88a304327ba30d0914f605a76930e5ce59099454a54d5a9b45c1251ea13a467f89d37a19b9f26d6d0a96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0c8c7d6a0cccd6e8f52167da2fbdc8c
SHA1 b95a2693f9795709e883391db73b3c82bfb8c89c
SHA256 9944209b087f3a43b8e3b92a2e6cd549a8d3fb6391fa92ca1489a230ba7eaa97
SHA512 c809186fde0ede209184160ea4b3967d9693e922c5f9b2339fb5a434eb644058fc0f9f077ea7f9258ac9b2aa1185ca22e24b0927f9e5376b7e82238da4c767fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 422753af04544e8d15a33a4194350be8
SHA1 01a7674971546b6eb9f43ccd676aa5ec02463918
SHA256 ab90f4ce33d87ac5baa8eff340cc24ea97198320941fe4fd9b71e29ebebe4d8b
SHA512 04406deff38241c6fddf11d7b971ce4b6c47992f8ec4ac9cee2f3f351409f4f0510977683d7d307926f0ba6d1f4bcaab86a80e6528bc121b4dbcf04928c4c23e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9e8a7e3bdab35e84147f0dbe1b5d57c7
SHA1 70da9050580c20762834277075f0d70395ee8c1a
SHA256 71d5131d0fc7905bce178d0556befdb1653aece91042fc37f21890ac26fdd671
SHA512 a5a24f3aa9573d44d8e1c3c507353e455b971d473b843a33830f0174ffb5298be2856e46387445ce37c98533d412ac8897a3e7ae4f808d52e2af3ab8e877a951

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2795f9897143dd200efe40a2ab3dd06
SHA1 a500c26946f99700c16b79650757db5a4ebc7278
SHA256 cabedac3d3ad75a96f1eedfea22111748f49797c83dc64b3d522a57468ec862c
SHA512 ae75376f98370ebafce4bbda3a898f7f14121f4b99364da255565be7751ba96164e041934e25af71cdc1b799b1a3bc4ddb6f84fe2d4a97c11c10cb75f5777c69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 210eddce1d84e9748d090badfcd03dc5
SHA1 51aa31f43735badd20b4ef20bb75e2c0713949b2
SHA256 d08f38955bc419e8ea8695ec9c6a5426f3f48a1ae5c47de542f356ed2bf52c0e
SHA512 cc9abd8cb264dc0848c874318814e985c09b115ac39f2c7823cc6e720632730a0454fe5ac13bd88634f41898813b5958f3ee1963b5a75dc6d1f2f92f38bfb566

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e2b0300b875e51237305adc8602671a7
SHA1 f8658356f125afbb4f5707368a44fe8fdf9f4aa2
SHA256 b39fca0d8e8f7fc04bd1938e8dda951d21e973edb3cda7caeec3733ed5a3dbb7
SHA512 8d287bd2117cc3cd50221c4f1b8160c7bde9b12c1dfc826432e1486b9186071bc322997db7b3a5fdbf965799ae7a65ea7b0565a39d241715515669f1a5fc3920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d40685b0cc49fae330991f461fe9d8b
SHA1 a40d6d7a489e278d31a432a0b9e4cf7aefd5b3e5
SHA256 4b70efa21a3b6b10539783baae7d052a4fcf195151f896f5edd1044f19acbfa9
SHA512 f2f69508875b068585c452c1290e6babaf758f42c3fb26d2eeb9891b9fa6c1fcdf3738f76a5e9e8c3a182033f13b3b7ba19f4518d50782102ae4032ceec5c329

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f8bce5a5af61453c74c54faeef855dbe
SHA1 c1d355d3adb80ec6dc7946cbd6c1389443157ca6
SHA256 0510b031123f20bd6e57f3ac1ff9943b94ff8302423444524056ad97e8c97544
SHA512 070cdfa7366c8d9fe80e07d0d90532728629fa37dca3e0f12aab5a004fe892b2ea8a73028f53ac3004f4ff8dc9482602972209d8751dbef7d182ef6af8b132b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7cf03560cfde5bfc51c2a275df954504
SHA1 ab17885e1d5468305008a3e03cc0507765a6d8c4
SHA256 2ccdc4d34623e88dcee24b500f9ffb6cfae2ccb5b5298211706081fa77579ea6
SHA512 301bf806abaa180674e3f17c60e428637e62f898f1ae01037021cccc313deea01b2fe0371a26ff9c59ed9614f57a431fad81484a83b37dc6f007f83034e61efe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5c37e8dbe8c4b5473fd9146521de474e
SHA1 37e8d86753fb97befef804cf77a6e806cc62f96a
SHA256 2ef78e8157d6ab6b16486a0d35cbfb385e1691d3b78cb9b0f5614e546a5afd51
SHA512 b4e00c50d147ee61f166e0ef6e951458137ee1ac3aae9c4b3089f74aac951b505aa590e420d71f56aca370fba39f51e2000c13085c2053c9e005ca3c5e4bac31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 986b099da32bc37957f3851e59815e03
SHA1 9edc4d7c2b187c339f4bc03d9debde1c67e3c6bf
SHA256 b080d63a30846dc1f9f9bb8731fbfadd2d67c2a777363741bf970c9fb90d0bea
SHA512 d2e35258c28bd4562b37a4c151973457fe295ea4cf76cad7558c3afb44ad1d9bc10db7cf58647d2681039f0ca4aa029c31afd1cbd77a05a26cf9cbf3dbd0d95c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c6d7cc7f5fe5588ce869172206ba2ace
SHA1 ce3fbef562f68e1537fa0ccaa2656d7283493751
SHA256 192a827e6fae1356eff6c9a030b250c884ee1001eaed566219d1d5bcdf2eedba
SHA512 162af42a56050f14b1763ef61c2a9aa04dd84d401326d259688e3a8410ec3aaf73a1602b99625279f4d74d514ee874708af909194d58182194e04c9d18973da0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dc316f83898a3c084e9293e564ccbd5c
SHA1 0bf8b8ce45bd643ed038f27661c9c26147fa3e37
SHA256 5a9025dee1998af5218797d7413690fd56e6070f1af6eb070cac87265fe4fd11
SHA512 850bc942d51aaad56cdd1afdab9e733c8dca6a020062b4b9060b6098deb7324c660359cb20bbc6c679cc0601dca96f402a7c019f9d31a719d2b0642205914b93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd48051cadba8892e786d8f2689d75ca
SHA1 bd045fecda5294767c88e18c5087d0fb366ec16a
SHA256 4cf19a67dcd8b245d1889c354e567b2f945b5a05c8dc6e2b326d63b25dde8c3f
SHA512 5b42201dfc955a47221fbe375a8f5549c4d7620b721875e13bad8fb7c6c161a4d6f03ce48f087574d606b699bbef51fa7ce7ff5dc1ea99ed51adc82ce91823d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 48f9e3a1ba86e4c055285dad57a77974
SHA1 f22ef74d86bc000cd5cff6e04c5615cba73d4dcc
SHA256 a82546ce83fc5927d9ecd0b8173e6160f131652f1e1bdfdc795ee24868cc79c8
SHA512 9836bfc10ad76cdc47a0896a947da2d7228e3dfd75332163c756eac6ea2b50d0cb33fc95830a6fce51e36891dfc9e6a153aba659097e9a1d6212c71a136a20ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a64888e60d28d41cbbfc0076d73e359e
SHA1 3eb17c546a90c3f9871185b5b055e994430e437c
SHA256 6d32ab6a8f0a58ce5a4613dd763fc2aa878bc2a3416e2bdf6774190f64ac215e
SHA512 4c6bb64593fd1b5800143ad5568d397eaf934381e4c28616f8c012ca3912873d741954122d512370b15382627f48905528383a9c923f7a3a1983a1e6a53d1187

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 014b4ff9d6febeda0a2ae231ddb797fb
SHA1 25272eab195c898e1503f026c8e55cace809b8c6
SHA256 d1bc7886b06520b9bbd9774f1aa22217bd0db77c24d8a5d0378e93e7e6107864
SHA512 119243469e91131426209dec9679beccea8b7b5e4428f13588f3dd389c69dd2d3f66a9063ed4a9db908af15009c5ad97a8329720dbe6f2f222520f33315015c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4fbcb4ad69e0c30ad7b09b74089e46ef
SHA1 759be2bcc9649e0467a8483cb4b74a1a9531cd57
SHA256 90eb4b6cb7e2c97cb2d8395a0644b788f320e22d3fb309e39fbbd3fd1baead58
SHA512 f705b45ef1fbd4f7c87268db9c85125b75a96ad409ce8288ca3f271a66cc1345900df0b46928af6e32a43f106f8df71212f34043499821e2e1c65d057c7d2cb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 929b88921a44fdcc9cf8c184e214e73d
SHA1 b524f839f2b811f4652acd2d8d8d833755e4bebf
SHA256 25a4863a3ec41b49cfa8031c129e23ceaa9ec611f73190cc02dd3823da274a3a
SHA512 d7f715973c1543c62b96735d8a22308326f59b5211b0ee893279de6173d462f090df848686808e8fd9522dfb3bba0c492a8463ad5489d091b5444c3fca5010fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6efc7c67e334892683677b116e5dacc5
SHA1 b2abb7e05df6f2797b2f7bb6d8e7d3bfebddef2f
SHA256 6ace829cd4f3cbe05773b0797fe639961b0f45c6ff209512e5082085d4d118d3
SHA512 6a23384f1c3fafb1d8950f968b03c86d0c299c58bfe027d88047db8ae1c09a537a25e1b21f397c612a05f17149465eceff3056dd5bf865e5fe15d2f729432a68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 79dc2c11908849be988e3d46fea1106d
SHA1 a8ba70d4abdc63fd294a60cb8eb651e4a24390b0
SHA256 04dfa4a5b6ccfcf974673b8a7cc9d02537c21383c9ad77808c3d1a2d1f8e3484
SHA512 ad6fe9f95f5aa144bbc8c8e71afa9181c221a23551292e06429d66ac3780e5662013c495f22215579b5a06f2f7b3c25afbc0d64f093212ac9d6c4cef383aaa87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 159c891267e6c728a44247ad33a8e5f2
SHA1 5431b3e1f20be470071e93446f4f524630bcb7a9
SHA256 5460197b3b60956045be78c176105ffa1dcc39d0f40cd96356998bae8153539c
SHA512 164f0d1f511484410168b33361b199a9118d816353161d4564ed4d106e39c9e30b3df19ae3ac04d7b404f187c0660e7d856084d75cebfcc9d2928022edca0ad8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bb61744ed16e104ce846328829a3eeae
SHA1 de9bc82be3a442528d58364cab5946a98a847a5b
SHA256 f174aee49d2c1a5d3a5fffe6f8b5e8b762f9f12b0b4a4af4a19981649ff021b5
SHA512 57674ce3beeb2ba02703d8eb0b587a11dadb795d7f2de708aa077526b59928bdabe6b3cadd7324e3ab8dc139b826ca308f1bbad8b20c786d9ac5a0e9fa90f484

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 14ca515cc53b57afa78411156ae95b18
SHA1 32c88c4629d3a99a005878ffa9c56c90e6b7162a
SHA256 bbdb96b84f6fb71008130c958505db9c474a4f32b168f1c4d4e013bc59ace1d9
SHA512 13949be1d4592dae7ad591263272800739ed1ca69ecdd3f20867de701f117cfadf6fde47efc6e10bbae29b5ff45b13c06638f773bae6ebf71aa6d9410d0e1695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a929fd2b26660a153b43bb933ec7fdd
SHA1 a1288e24d6a8aa967cff010de80006980cb00cb9
SHA256 7d8deef769095545178c5ae7a701f03fed23ad4654256c0f43c9b60add5f88a6
SHA512 3e5c3e1f3e913537fd9d914d0bc77c062067d970fa1d4d85cc19a4a83ca795b3692e35f7988b78a4bb29f75c819b367095a93d4ee04a4b6a9eda5529a9ebf3eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fc30b6f499ab0568b0fb9d5798ff5713
SHA1 2c8d72c542d7d3fac5d5b38292f4527c2c8a448e
SHA256 7a6e479a6c9697a35a9226720d2b2bf9ab812899aa84f545954a81109eea9bd1
SHA512 43c0bdd0df751db67a33c6b159755efcedb002db929ee5a39b4394269b2fa825a7886862ba56315553ac5170690e7ac705e59a47a2ade4981568d21289250522