Malware Analysis Report

2025-01-23 15:26

Sample ID 240419-vg68taag7t
Target https://google.com
Tags
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://google.com was found to be: Likely malicious.

Malicious Activity Summary


Downloads MZ/PE file

Executes dropped EXE

NTFS ADS

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-19 16:58

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-19 16:58

Reported

2024-04-19 17:43

Platform

win10v2004-20240412-en

Max time kernel

1800s

Max time network

1801s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.com

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\VMware-player-full-17.5.1-23298084.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-259785868-298165991-4178590326-1000\{BF85EBEA-6E6C-4CB7-BB0D-9376E6B0218E} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 647694.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\SystemSettingsAdminFlows.exe N/A
N/A N/A C:\Windows\system32\SystemSettingsAdminFlows.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2344 wrote to memory of 3976 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 3976 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 4236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 3348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 3348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2344 wrote to memory of 988 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffedb0046f8,0x7ffedb004708,0x7ffedb004718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5376 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5376 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3048 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault591d138eh3cb0h410fh900ahfe8d31a9e5d0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffedb0046f8,0x7ffedb004708,0x7ffedb004718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13903617771460765464,6654208754408133947,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13903617771460765464,6654208754408133947,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault3afedf2ah7cabh4c61hb7cfh8c9bbbed89da

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffedb0046f8,0x7ffedb004708,0x7ffedb004718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,14985702663022040201,14823113738160376464,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,14985702663022040201,14823113738160376464,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" TroubleshootActivation

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" TroubleshootActivation

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc03d53eahd3d4h4569h975cheb62c06848ce

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffedb0046f8,0x7ffedb004708,0x7ffedb004718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,4962014822190183709,14153456107041926348,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,4962014822190183709,14153456107041926348,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaulta89f8064h6f87h490eh8603h6b55a0203158

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffedb0046f8,0x7ffedb004708,0x7ffedb004718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,3336508108206246962,15701153334983864203,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,3336508108206246962,15701153334983864203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\ApproveStart.mp3"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1352 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=1348 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1704 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x33c 0x4e8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6784 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7152 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2064,10678932443885141848,12448700998546119798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6100 /prefetch:8

C:\Users\Admin\Downloads\VMware-player-full-17.5.1-23298084.exe

"C:\Users\Admin\Downloads\VMware-player-full-17.5.1-23298084.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 ogs.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.187.238:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 67.32.209.4.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 21.114.53.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 13.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 0.204.248.87.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 cxcs.microsoft.net udp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
NL 23.62.61.194:443 www.bing.com tcp
US 8.8.8.8:53 114.66.68.104.in-addr.arpa udp
US 8.8.8.8:53 194.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 support.microsoft.com udp
NL 72.246.172.127:443 support.microsoft.com tcp
US 8.8.8.8:53 159.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 127.172.246.72.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
NL 23.62.61.194:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
NL 23.62.61.129:443 r.bing.com tcp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.68:443 login.microsoftonline.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 www.virtualbox.org udp
NO 104.110.21.231:443 www.virtualbox.org tcp
NO 104.110.21.231:443 www.virtualbox.org tcp
US 8.8.8.8:53 231.21.110.104.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 www.vmware.com udp
NL 72.246.172.25:443 www.vmware.com tcp
NL 72.246.172.25:443 www.vmware.com tcp
US 8.8.8.8:53 vmware.tt.omtrdc.net udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 api.company-target.com udp
US 8.8.8.8:53 tags.tiqcdn.com udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
PT 13.225.10.71:443 api.company-target.com tcp
DE 108.157.4.3:443 tags.tiqcdn.com tcp
DE 108.157.4.3:443 tags.tiqcdn.com tcp
IE 66.235.152.225:443 vmware.tt.omtrdc.net tcp
US 104.19.177.52:443 cdn.cookielaw.org tcp
PT 13.225.10.71:443 api.company-target.com tcp
DE 108.157.4.3:443 tags.tiqcdn.com tcp
US 8.8.8.8:53 25.172.246.72.in-addr.arpa udp
US 8.8.8.8:53 225.152.235.66.in-addr.arpa udp
US 104.19.177.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 s.go-mpulse.net udp
BE 23.55.96.141:443 s.go-mpulse.net tcp
US 8.8.8.8:53 52.177.19.104.in-addr.arpa udp
US 8.8.8.8:53 3.4.157.108.in-addr.arpa udp
US 8.8.8.8:53 71.10.225.13.in-addr.arpa udp
US 8.8.8.8:53 41.249.124.192.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 33.4.157.108.in-addr.arpa udp
US 8.8.8.8:53 141.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 c.go-mpulse.net udp
NL 72.246.172.149:443 c.go-mpulse.net tcp
US 8.8.8.8:53 edge.fullstory.com udp
US 35.201.112.186:443 edge.fullstory.com tcp
US 8.8.8.8:53 684dd311.akstat.io udp
US 8.8.8.8:53 149.172.246.72.in-addr.arpa udp
US 8.8.8.8:53 186.112.201.35.in-addr.arpa udp
US 8.8.8.8:53 trial-eum-clienttons-s.akamaihd.net udp
US 8.8.8.8:53 trial-eum-clientnsv4-s.akamaihd.net udp
IE 2.18.24.9:443 trial-eum-clientnsv4-s.akamaihd.net tcp
BE 2.17.107.41:443 trial-eum-clienttons-s.akamaihd.net tcp
US 8.8.8.8:53 191-101-209-39_s-2-17-107-41_ts-1713548292-clienttons-s.akamaihd.net udp
US 8.8.8.8:53 x5s5cjyccimaszrcvqca-ps2a08-4e330d54c-clientnsv4-s.akamaihd.net udp
NL 23.63.101.170:443 191-101-209-39_s-2-17-107-41_ts-1713548292-clienttons-s.akamaihd.net tcp
IE 2.18.24.24:443 x5s5cjyccimaszrcvqca-ps2a08-4e330d54c-clientnsv4-s.akamaihd.net tcp
US 8.8.8.8:53 9.24.18.2.in-addr.arpa udp
US 8.8.8.8:53 41.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 24.24.18.2.in-addr.arpa udp
US 8.8.8.8:53 170.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 104.18.32.137:443 privacyportal.onetrust.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.171:80 apps.identrust.com tcp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 171.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 dpm.demdex.net udp
IE 52.212.88.72:443 dpm.demdex.net tcp
US 35.201.112.186:443 edge.fullstory.com udp
US 8.8.8.8:53 vmwareinc.demdex.net udp
IE 54.77.202.125:443 vmwareinc.demdex.net tcp
US 8.8.8.8:53 cm.everesttech.net udp
US 8.8.8.8:53 schema.milestoneinternet.com udp
IE 99.81.63.100:443 cm.everesttech.net tcp
US 172.64.147.6:443 schema.milestoneinternet.com tcp
US 8.8.8.8:53 img.en25.com udp
NO 104.110.4.142:443 img.en25.com tcp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 uconnect.tealiumiq.com udp
NL 104.97.14.240:443 snap.licdn.com tcp
IE 52.18.131.37:443 uconnect.tealiumiq.com tcp
US 8.8.8.8:53 ssc.vmware.com udp
IE 66.235.152.221:443 ssc.vmware.com tcp
US 8.8.8.8:53 72.88.212.52.in-addr.arpa udp
US 8.8.8.8:53 125.202.77.54.in-addr.arpa udp
US 8.8.8.8:53 100.63.81.99.in-addr.arpa udp
US 8.8.8.8:53 6.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 142.4.110.104.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 37.131.18.52.in-addr.arpa udp
US 8.8.8.8:53 240.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 221.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 rs.fullstory.com udp
US 172.64.147.6:443 schema.milestoneinternet.com tcp
US 8.8.8.8:53 sec.vmware.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 35.186.194.58:443 rs.fullstory.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
CA 192.29.68.80:443 sec.vmware.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 x5s5cj2i62wbszrcvqja-f-8e5941aa0-clientnsv4-s.akamaihd.net udp
US 8.8.8.8:53 58.194.186.35.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 80.68.29.192.in-addr.arpa udp
US 8.8.8.8:53 aefd.nelreports.net udp
NL 104.97.15.59:443 aefd.nelreports.net tcp
NL 104.97.15.59:443 aefd.nelreports.net udp
US 8.8.8.8:53 59.15.97.104.in-addr.arpa udp
US 8.8.8.8:53 customerconnect.vmware.com udp
IE 66.235.152.225:443 ssc.vmware.com tcp
US 8.8.8.8:53 cdn.segment.com udp
PT 13.225.245.109:443 cdn.segment.com tcp
US 35.201.112.186:443 edge.fullstory.com udp
US 8.8.8.8:53 109.245.225.13.in-addr.arpa udp
US 8.8.8.8:53 api.segment.io udp
US 35.81.90.104:443 api.segment.io tcp
US 8.8.8.8:53 x5s5cj2i62wbszrcvqna-f-f331f9555-clientnsv4-s.akamaihd.net udp
US 8.8.8.8:53 0217991d.akstat.io udp
US 8.8.8.8:53 104.90.81.35.in-addr.arpa udp
US 35.186.194.58:443 rs.fullstory.com udp
US 8.8.8.8:53 download3.vmware.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 49dde89f025a1cce8848473379f7c28f
SHA1 b405956b33146b2890530e818b6aa74bba3afb88
SHA256 d6d125ba686b825bb22ab967a346051780cab1f55fc68a2f3efdf3fb5598f96b
SHA512 53050344674d8886db66e25f42d97bf46b26229972631f857286c2a303897cda58d85ee8ca768bbfb1fc07e52567315ea85d57e39b5b382916700ec389946506

\??\pipe\LOCAL\crashpad_2344_TIWHBVCYDPUNOZQX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3d94406b964753cc5222ab1343f54bb1
SHA1 a5e7de0781fa1fabb3cd89564f2e5693cb4dee16
SHA256 fd9923a217cd8d2c44a63dbfe52ec262e7c80b1f1e50c6e0f21f8379c90e7762
SHA512 1ad2c144e7bbd809f400f8782586d3768fc82bcef39db986f766897c344efec77ab2c0b6d9c5ee2019ef5cf9ad0c46bdd25392cbc9dbf9ea80e800577f0fc598

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1274aeb6c67c0dc027daf2995af5cf97
SHA1 41df3706748465ef0920aa22a5441ba92a1a020a
SHA256 4597b741da73c64cde376832f2035b0e2957ee71aa05a891605721992053f317
SHA512 b5d85f8c9bfb00e9ebdd9cbd4e0960fc060f3f2be99e404c8b85cacd0e45066c9ed8bef31cb065f142268a2076ae8196bfe8b4759c1ebcb108bdb39b5d7fb2aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 51d07616370d306f5f54becea36ad0b1
SHA1 75a70d71107e6337ca89e18f599ecfa4cff84efb
SHA256 db1b51f6b342862ad99ae752a211447b71affedc2322d18f47070c93c0ec2042
SHA512 4057133d12b285fdf6535d9221398c89733fbfb20cb4ee3767fa023161919fef76e711259eda2b827c3dd42f461d13e27d62335f278eaae7804dec6398366e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 78cc9ddbd77206b823b746089c685d9e
SHA1 3bdcb1d8daa4e2cc40a78190c7679806fcb9b11e
SHA256 13372aa330ed916cb3318e9f5134b652192043068e6a52713d726ef3b7aa2362
SHA512 e71804d1f1ba28b0d15f794a5554ff221b13bff03cb41c6a7ddf9794ee6229fb8bb8942076b0fa3dc7cba0b7953d1a42ee98c1be0813a2e3b229e85475b1bb81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 7c43199d1e5acf5a31e1cbef990fbc47
SHA1 df7bd524b9b3175325c0aff3469ea7f2211d3061
SHA256 52a6fd2a2fff53c738c77a6385e7e1677f8990781699f78c63d5a4b0fe566d22
SHA512 aae886642b40ffb0676534fd85abe43ab588526b8e952b12a1bcafc73cb05103c76aee4fa32cc18c74af6c59aa1dc84bcda09ebccb7d11adc79fee3bfc93e2d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b53659373433d34f8f68cce1a157e2a5
SHA1 a6a403845a285c3343eb16208a1ce3258d78559b
SHA256 6d164a850e21b6031946cbd145f88a80db2489409f212545c969eb85c992729c
SHA512 0a9cbe3381ed048469949688781ce7e3000110eaa524f371651e5a10af40db3057cdaef3c6bf38e7c8edf45ebe74764b8123bb224a9b684924281a34d1c29e05

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7a8faebffa3b44a74e52e63a003863d7
SHA1 5b5064b93e56212dcdab646b4b12ce36414c8f4a
SHA256 acb1c802edfbb4de3a67f1db27bc329447feae2e0fc63f7624972cbe5e7424a4
SHA512 040c76d1cceb0147be8d2944dc82794966530a9ef7532187195339f662b066cef5731a3af9e2e0c6f8fef4b9372134b5bec8906a38616720cbe44ee34311ac7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a2eb25358c61a270d1400a4b9c951e1f
SHA1 9b8901c8d28f640b507f77101049e3181d99df71
SHA256 d7ab6463de557059437adcdf9f56c805ec51135250d19ba08ac7ed37a91f2e1a
SHA512 443e4aabb515ec3c41266e817c7065f0adee01757316610f464d9feec1a9226d91d31251ed942a6cfd74a4a5500aef5622cef1cfedb0e8925e150dd0f6f21cea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e5b2bc06655f45871654b7c96694e078
SHA1 af0ff1dcda43a76ee48f680b6b747ae8a5f8e339
SHA256 6446e3345aff189e5624dbec2cc2b202d1962f588cfad20b98deadf1e94cf8b5
SHA512 bca443dcc3016b8e6fce9dfd33062b9f9effa713df9a2825245cb3af623c9380eac8a787b1622d65471c5a591bf2dcd573c0edd25bfe59f3d6a49c124dbcde7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ac68b2f274171e07a769dbbbbd33517c
SHA1 d0975ff12efcc9318d00b7119c244f8985b4f1bd
SHA256 00b8161df343069d2f3287a7137a363b777e3cf2d2fceb8710d1c72bf69206db
SHA512 c075df370fd51a0468ff65f624df3393c828b7225a419f36a8e92eb8e36db9ad37c8cad63c9f1927f352078deb9bc74cf86d9755a0bd8c8b968cb5e575ef53b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8ba3b4a97d7d2e35e1f738dad9682d8b
SHA1 5871fb31c57cb2d7a9b3e23e29cfaa4ab584ccae
SHA256 ebcbded4b54769af0c683030258eb09c317b25e7778612d8d7c977cc48a42340
SHA512 58f734bafdfa2ef3c287556786070d2c5df1e8d90aa33659d78ec9b866e4eea1a1c4314b2cabfb2cb097dc2e9a4d48dd77e3956cdf59734474d277d5e2ff7d91

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 27d8e834fea5a6d5738bded5df914aba
SHA1 dc57839efc2c69fc28b9609fe5c7ebc1e12e2ebb
SHA256 2807b610ba351e992e116f2dfb35e8419b2198241957d9e2a5efdfe0099b306e
SHA512 1d9bd906b2b9dd7239b2875480353045229ee2a83233595927d372fa72e4b30ce6daf3a8d168fda1780c95ec3f283f797de35345ad1336a2e2366af893333b26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 092588cf2d8a013e2511da508df40504
SHA1 ddb95702eb562841252991412327ebb4b0708b15
SHA256 cbf863d4ba4cfc3243deeef47b0d0e59416f774a8379c6e921ce8652f4b7c5f3
SHA512 1d40181102b08984a2ee163db4743c97be82b64aa9726b0d916393d12dc5146bdcf6418d24644d7d752c8a882474cb5e1d4302b70d058cca4d3b70dcc0ce02b5

memory/3100-259-0x000001962AC80000-0x000001962AC90000-memory.dmp

memory/3100-260-0x000001962AC80000-0x000001962AC90000-memory.dmp

memory/3100-261-0x000001962AC80000-0x000001962AC90000-memory.dmp

memory/3100-262-0x000001962AC80000-0x000001962AC90000-memory.dmp

memory/3100-263-0x000001962AC80000-0x000001962AC90000-memory.dmp

memory/2956-264-0x0000026997EE0000-0x0000026997EF0000-memory.dmp

memory/2956-265-0x0000026997EE0000-0x0000026997EF0000-memory.dmp

memory/2956-267-0x0000026997EE0000-0x0000026997EF0000-memory.dmp

memory/2956-268-0x0000026997EE0000-0x0000026997EF0000-memory.dmp

memory/2956-269-0x0000026997EE0000-0x0000026997EF0000-memory.dmp

memory/2956-266-0x0000026997EE0000-0x0000026997EF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f5325c8f338442d1686dee213cd67530
SHA1 e78711920bb61153d28d5f480fa3465ae6d97f31
SHA256 11d388b5f43085d58bbd352f55184fe5c5c3cc85488049e43cd4b8491c900cdb
SHA512 29cbfde63759909299976a86f515720d40db39f95ba23ca66d057378c359bec4e48c5215c844c21a79fe24f44376ec5ab62b89e60d0f38af73c05981b47c8337

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 84e7fa9ff56ff87e4f984d864451abb8
SHA1 14cc37ecaaf8e8b6261dc8e9ac5ad4e5aa7ab5f3
SHA256 76d67f836d17ae149218dad3e1c20a19116b533c6d0a0f23c82aaebe7645f8a0
SHA512 3b7f72a79c2158d94f3a63053ea3d90814f4bd84b4056e9d2b0c1a762c7276873287007d8d6b3f58c30dbcb69c974062eca381f6801c3b629f69570cbc5b98ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 502d67ecdc623dced8c56b1d73ad73f6
SHA1 b37aba71684e496bece7943dd52c75f3800b95f8
SHA256 25a48391eb00b4fa7c76f75922affffc79f51d9ac32e7f0f21735f9e7b565f0e
SHA512 8eaad41199150d2b9ee45d5819080e02d88d861e3e380447e0ed5d51530a8535b9ed06a16eaa4e12c58dbf054f5df68da22867c8987e46e64bb610ca19f6ac59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d6ebc9b6e71843377313ef01f865ff15
SHA1 918e90aacab219eea662aef2659fd61790ba0e6f
SHA256 1f2f5b27edc3fcec4a00a6bfbe64cfaa672721800475d775bec593be3a85bc3c
SHA512 abd4c62f139967c8bdf0350a53ef4f18fc1bbe94d7a4b846e4d125b58a840183a5f5607265828dd616d689b45a4f9b62daa859b1ffaf9001c4bf61eb056e63f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a53ed5d5ef1fc0f9c5ea13806bbb4e33
SHA1 4d35179f6e5edf4c0ddc0fb694311090d70b4e2f
SHA256 5f6f50e8911c30a16506b647c39bc4b6274cbfa70edba7ab20f7de1c36a65a65
SHA512 5e19294a7fd6bb72d4a83401ed25e1fc3dbfc782cf0a5e150b8d1fd9d3dbbaaf608c2a8e9d16cc73561f7406a3835b97c2820d466f2b6b43f4769ae62314eab8

memory/1356-359-0x00007FF77E7C0000-0x00007FF77E8B8000-memory.dmp

memory/1356-360-0x00007FFEE3100000-0x00007FFEE3134000-memory.dmp

memory/1356-361-0x00007FFEC9E00000-0x00007FFECA0B6000-memory.dmp

memory/1356-362-0x00007FFEDB550000-0x00007FFEDB568000-memory.dmp

memory/1356-363-0x00007FFEDB490000-0x00007FFEDB4A7000-memory.dmp

memory/1356-364-0x00007FFEDB470000-0x00007FFEDB481000-memory.dmp

memory/1356-365-0x00007FFEDB1E0000-0x00007FFEDB1F7000-memory.dmp

memory/1356-368-0x00007FFEDA8A0000-0x00007FFEDA8B1000-memory.dmp

memory/1356-367-0x00007FFEDAB90000-0x00007FFEDABAD000-memory.dmp

memory/1356-366-0x00007FFEDB040000-0x00007FFEDB051000-memory.dmp

memory/1356-369-0x00007FFEC9490000-0x00007FFEC969B000-memory.dmp

memory/1356-370-0x00007FFEC83E0000-0x00007FFEC9490000-memory.dmp

memory/1356-371-0x00007FFED77E0000-0x00007FFED7821000-memory.dmp

memory/1356-372-0x00007FFED77B0000-0x00007FFED77D1000-memory.dmp

memory/1356-374-0x00007FFEDA780000-0x00007FFEDA791000-memory.dmp

memory/1356-373-0x00007FFEDA880000-0x00007FFEDA898000-memory.dmp

memory/1356-375-0x00007FFED76D0000-0x00007FFED76E1000-memory.dmp

memory/1356-376-0x00007FFED74B0000-0x00007FFED74C1000-memory.dmp

memory/1356-377-0x00007FFED5BF0000-0x00007FFED5C0B000-memory.dmp

memory/1356-378-0x00007FFED5BD0000-0x00007FFED5BE1000-memory.dmp

memory/1356-379-0x00007FFED5BB0000-0x00007FFED5BC8000-memory.dmp

memory/1356-380-0x00007FFECD9D0000-0x00007FFECDA00000-memory.dmp

memory/1356-381-0x00007FFECCD60000-0x00007FFECCDC7000-memory.dmp

memory/1356-382-0x00007FFECADA0000-0x00007FFECAE1C000-memory.dmp

memory/1356-383-0x00007FFED2FF0000-0x00007FFED3001000-memory.dmp

memory/1356-385-0x00007FFECB020000-0x00007FFECB031000-memory.dmp

memory/1356-386-0x00007FFECAD40000-0x00007FFECAD97000-memory.dmp

memory/1356-384-0x00007FFED2520000-0x00007FFED2538000-memory.dmp

memory/1356-387-0x00007FFECAD10000-0x00007FFECAD3F000-memory.dmp

memory/1356-388-0x00007FFECACF0000-0x00007FFECAD03000-memory.dmp

memory/1356-389-0x00007FFECACD0000-0x00007FFECACE1000-memory.dmp

memory/1356-391-0x00007FFECACB0000-0x00007FFECACC3000-memory.dmp

memory/1356-392-0x00007FFECAC90000-0x00007FFECACA1000-memory.dmp

memory/1356-393-0x00007FFECAC70000-0x00007FFECAC84000-memory.dmp

memory/1356-390-0x00007FFECA600000-0x00007FFECA6C5000-memory.dmp

memory/1356-394-0x00007FFECAB60000-0x00007FFECAB72000-memory.dmp

memory/1356-397-0x00007FFECAB00000-0x00007FFECAB17000-memory.dmp

memory/1356-396-0x00007FFECAB20000-0x00007FFECAB3E000-memory.dmp

memory/1356-398-0x00007FFECA5E0000-0x00007FFECA5F5000-memory.dmp

memory/1356-395-0x00007FFECAB40000-0x00007FFECAB54000-memory.dmp

memory/1356-399-0x00007FFECA5C0000-0x00007FFECA5D4000-memory.dmp

memory/1356-400-0x00007FFECA590000-0x00007FFECA5BC000-memory.dmp

memory/1356-401-0x00007FFECA440000-0x00007FFECA453000-memory.dmp

memory/1356-402-0x00007FFEC83A0000-0x00007FFEC83D1000-memory.dmp

memory/1356-403-0x00007FFEC8380000-0x00007FFEC8396000-memory.dmp

memory/1356-404-0x00007FFEB60A0000-0x00007FFEB790F000-memory.dmp

memory/1356-405-0x00007FFEC8360000-0x00007FFEC8371000-memory.dmp

memory/1356-406-0x00007FFEC8340000-0x00007FFEC8352000-memory.dmp

memory/1356-407-0x00007FFEC81C0000-0x00007FFEC8340000-memory.dmp

memory/1356-408-0x00007FFEC81A0000-0x00007FFEC81B7000-memory.dmp

memory/1356-409-0x00007FFEC8140000-0x00007FFEC8197000-memory.dmp

memory/1356-410-0x00007FFEC8110000-0x00007FFEC8138000-memory.dmp

memory/1356-411-0x00007FFEC80E0000-0x00007FFEC8104000-memory.dmp

memory/1356-422-0x00007FF77E7C0000-0x00007FF77E8B8000-memory.dmp

memory/1356-424-0x00007FFEC9E00000-0x00007FFECA0B6000-memory.dmp

memory/1356-423-0x00007FFEE3100000-0x00007FFEE3134000-memory.dmp

memory/1356-425-0x00007FFEC83E0000-0x00007FFEC9490000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 69f1e9c576bb674e40801e0d4daccbee
SHA1 8f6d84d1b546ca8a8f349fe50986a9ccddc48900
SHA256 fdb5d7b01355086de285c3b48e093d92c2e1ad023fc11250fa577b6a87d221f5
SHA512 84ad2b3fff2c73e87aa22b1ce779f14597590f897acb26ab73779f8c5f3740746f5ebc878db1a4fef56ebd6339d33ace1ba4212bb0ba5746ea957e402b1b31b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c173aaa31ffc09f6abfde55407f3d7fe
SHA1 dd3e020a9b665bb9d1ea25592e372b57afa85798
SHA256 a61a07569cc0376f4b334489471c203ea64821606dcb8cff50c37ee85177044b
SHA512 1617628f1a63476999c9263a6e8b92a06e393f389f86ca79207f79951910558597a4dd11f3334c80fe76f46e3b2af06ee46211ee6d53713d28801eaf16789041

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 d2d55f8057f8b03c94a81f3839b348b9
SHA1 37c399584539734ff679e3c66309498c8b2dd4d9
SHA256 6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c
SHA512 7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 19fd35a0194d0a34348e2a8af77afce6
SHA1 94faf9bc8e414431f7f986a3e761231753cabc04
SHA256 f087580889ff2f970f8a29771a2aae84cc2dc23263d1c50cff66b5ccf26e8677
SHA512 f2787cec9d67914e254c13011c4ef5d5222cef075dafe14b455eedcdc7f400139b4aafcf5094212953b84bf8a8fef1bade755a0db8d4c5aaf3370174a7cfe7db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 df3641e0b5ccc838ed4a1582a1da49b0
SHA1 72576c2f1470e2e0728adc973b41dabe1efe6169
SHA256 fc301d9ccdb8e8665f86d3253cca11e7008296896fd7074092cf79fea8e311a4
SHA512 94c4c1272a8564e2e53d91b3742130e8c412c5a64dd47adc91f1fcd0a27c4e6fc9739924b3b0f40dff7255df33755e4886d053881503dbac5f3c210b4d1ade41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 1f557ae943b3a1e823b56cf9d410e7c3
SHA1 1340fc7fa2cf9fade7bebcc8b4dc62a1686aad54
SHA256 40f47bca0281df7ada22465ba6c706a9ccf9580288915aad5d42c2949521a7bb
SHA512 32d8f83a30ed7179a74ebc7bdcd454d2f5895592f078910564c8bf40490d92c24a836f50b359345cdf4f0288f9a922b0185beeccbc4007205ba50f585de20169

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 20166a189695c36bc512e18056c1af77
SHA1 ce5406d6f151a088c7d492e0b6b2268aebcddd2f
SHA256 9805641d222a34e0a995fc95cf17b26c872b1f52dab97bce91d509d51d631dd5
SHA512 5b7170b6bf794a51fe206c47ed6c1c59cf9dfce0237a7380f4fae27e8ab9c650335f1c866cffd9beb289d195d06fc35cd15d83726fc018ba7222394919417db7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe6e4b70.TMP

MD5 498d5ec531075a8616f6b6cef1d1f4d8
SHA1 4191b10b308df22b5ccd0204789cddcc170c3159
SHA256 3bbe23eefe72f230e99e4abe4899fc3d014692d2a1b6fa0de4612997f0771479
SHA512 357dffb3748c84b5436477cc38862441335bf030ee15679448e171060b23990c3ae4c871d30a8df616bda64702c99950622522c1d5d375f859ba29b276857637

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a05027bf950f7a8326307e7fdfd36d8f
SHA1 b42fc5815d66036fb6b8380b7a07615d787de1b0
SHA256 0b7c233010c6fadc52ae1f5534ab1315e1ae13d6a5ac847de726b6cb2dd4d77e
SHA512 1e275b19f9eaea24a3fab8dfda25ac3b5c8045e9a53aaab6c352e632268fb7acf077cf3d3f7a1d9f93a18e510a22f9e9ba0ed14dfdd5eb47b256616d39e484eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 82ecd4b50a5b8e6c66cfdc9b94b5b879
SHA1 230738b511f6d5bfa5bc89c7b9d28a9293fb2b8b
SHA256 747070535b2a8aedb46e52b8da560b89f54a34484c41ec1bea3e7a8ce2c248b8
SHA512 c6bd11066318c9fdd1f6759a3f00ba1076fd435782b441ed9187c7cbbd3e2552523b06744e8f31c2ef44a919e1cf49fe0a03b426e3cb67a2cb529ff727a3861f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6cc24aa5-11c4-456f-98e1-4aa0d4ecf032.tmp

MD5 52b88daf7a95f41c1f75a86b20f5ddb5
SHA1 6b859cdf4e70ea8abdcf36267f25bd880ab9b4ea
SHA256 07c8e4c28343a02df2550e44dc6796152daecebb11ae2e110dbb71aa0c13b76a
SHA512 8f51e378a6f7c3a65983556c34cf53adf11b219330f94efb5044e399acc072cd4e335eb509382796841a888efdf318f1face0d41dff703cab2abf88397006e15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 538700a493cc20f294cafa3ba59d76bd
SHA1 a0106e0b940ebb3e492b331a4ce78d8a63eeb260
SHA256 4ac82d53ecd1dc14458b04dda926d20e66f75b7c89623c9ce63dccea07c0809a
SHA512 fcc0f47ae52562c28670301d9d76d0ff77046a79d948b404018289cb621faafe1b73b688b7a99cbf534f0710904483394f35bc03ba6df5b658212196d7b495b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 177465a40875b963e2f79b700cbc296c
SHA1 96352620e20acd42355a2f7dbd8dcdce6f224abb
SHA256 23217d077a77119a5c5999b745ad3209f5d2d025171456e299a8c1ba458fd2bb
SHA512 64215f062d5e9c3be6af3af305fbb97b43ad5da3774d541dbafb4e12d19e07da27f1401b2578301f4ff1da1a0bbf15d1adc640449ff43ed2de323c519d26c4db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 16f8dbc98179ae631754f5adfc87de36
SHA1 2c6a00e7c43840bb470921112a827a002cc0dead
SHA256 8ab7470a6fa531d89088a0798b2bdcca3f94dd7749a1236b8f267b309a270ff4
SHA512 2ee43d28e573ae218505ab55b8628cfe6d6c8855bab295eb8e94aa90a89d064a6e7bbf23df6b4c9fd4586c1f4c80eb2d94a6f032610c712578a2f386005c335e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 48aa1a4414e589fbf1bb63f83f1f98f2
SHA1 ede8188c26859a227d9c6fa96dd9a4067b240cd9
SHA256 ae839917d864b75528554ca71f7a658b0fb9a5d2e203d1802cf7b1c3bfe29687
SHA512 0ffaf89ac080021388df6c2d023c123c8a8c852c2cbf0e6e1575146b4bfd46d3b689f7c46f435e5669dd2153f07eceb6e87e1a356d72cf3ea7a84c6d38ee0104

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 5c99356594e58edc07153dea708260fb
SHA1 7bf85286140092c7d88bef6b9ef62a670c6ce9fe
SHA256 f204967244715976b63bbb045d2da6836dcac195e881a7dd6873b999cef01018
SHA512 1c12c4902b277303371d154f40112d920d84c132ae24721e1a8510ff74a032e973773315a9d85efabeb86c468474f74e152244214b6f5c7dfc182799e019cff2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

MD5 8991c3ec80ec8fbc41382a55679e3911
SHA1 8cc8cee91d671038acd9e3ae611517d6801b0909
SHA256 f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
SHA512 4968a21d8cb9821282d10ba2d19f549a07f996b9fa2cdbcc677ac9901627c71578b1fc65db3ca78e56a47da382e89e52ac16fee8437caa879ece2cfba48c5a6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 eb62f93654f3ed5ffc9391f18af88017
SHA1 dd36135d97ebe112932b83f337372d65b6ec8c4d
SHA256 40e253e56c97df52540ba4e91fb0cfd731be677b10a3291bd1143088834ed8f7
SHA512 a6e83e9fcfd5617fc3ceecbbfa1a0cb560e214e9c639f0913429d0dcdae32651ce58bf48993fd6bb8dbcd03d8c686f4b787ef0102e9ed359a807d92370602a7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 9241f0f8decd3f69ae27df07b075e1c4
SHA1 15c49cd22063ce231ee6b937e0800ac09a0e9cb1
SHA256 b4fa9f70f5f5abb655d599a31da789a226542a459cae91d27d032e594235f9b7
SHA512 4d52291972962496cf6acdc0f978c1b7f6628b2720cf140f990a1262b9a7827340f8c9f508e5b105845b90604dc8f8e4ce874dcac9fee679a635003f2f7d2cde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b4d3dcc62ad31545597ebcc879f9255c
SHA1 105501f132bdb5d98228b5986fc453fe17d0cca0
SHA256 19b30c85bbf38a56e284b6179fa555497a12183c3d69f1a7bccce94a2917963d
SHA512 c3d66c39f0b6b30f8ebc13c7bd03613de267b1484879c1f98099cb02b0e654abe4112161f4f09602e92df8dc048eccc18136548f9b11e77d4ea81bdf15b4f979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c4535c8f6fbe667e7504cabcd6d06062
SHA1 a495a74efbaa3c6efdd5cdabe44a8a15041f1f7b
SHA256 60da757b09fef7d2dfb513636b7c7e07f3f8b036ce18faf4f7168ed1b71cb4e6
SHA512 c87064f49f1b89a412198712fcc64be37b365805dbe6e829caa0bf54c877a14803d85d4fd50ef524120f45b2185de3a2b001162bad09621d575f6f19359b8742

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 be3eb98dc6c48328ee353aa50d50f20d
SHA1 fe4a69c6b757132919f424aec3e1edc530e1ba7e
SHA256 5aec3c863faa78f31cdbff1288561df2c68d2fc9f073d83761148fbe59010fdb
SHA512 f15e996ff9c48d42afacf8309b5bdbc7db296ea311ca8ee62483b810192e7c14772cdb7373cebb95befc33a2d07ec66b40de4671492683fe7aa23831fa6e148c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8965e87d45b56deb9be1642c80b426a4
SHA1 e548516b56a97a5d7665abc88ff393dbd5ac7a17
SHA256 95ec383ebe7423930d0ea74398a545328ce0d8606235b8ae2f7c44cff2791b10
SHA512 b691b460e009ced50be97a3631bcef4e3030ef0e1413f326c4d1294b7a4db143523ff5ecb7593026aef6442f53b47e9819a1e35274a37294c46820379ebf19a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 130b04ad074a66fc09a468e21267f8f4
SHA1 3a2b87cae6c486b5ad77878033a8a652b967ed40
SHA256 2847594dbb8b47f66cfc1a72f445be4e891c2da9a5a7365b295760bd55f4575e
SHA512 affbdad6a9df620d50702cff7008366e958078c5e16fa739a9ca0c9b75d2eafdcaf53894d7d260ff12f3215b47bd61210135d171326464382c75ba2f25ab1421

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4040a0c76ce78d37e01802e1afbf9145
SHA1 f084d34942d20d766d95d6e20053947b45267ba3
SHA256 bd3d53e8ff1255b3046459b1d2bfb1a6ba6e58ccf4cd123f9765395c9be07cf7
SHA512 f8e559768e6bb6265f4ff1766790d92567cf1bfac6740d75dd84c3350979ec06e35cfe6d8ae1561b4f539520112f07d762d30497cf2acb7da8671c47bc3336ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 af2cd020d2978cd765044af164f7d307
SHA1 10c384ff54aa3b501a932c9404a3524cf09685ed
SHA256 e43c6757778c6d2fb7fe3db118de33ce46eac9a6ac80a232755135b0186084bd
SHA512 04f918517d935dae78b42128b08e9745a94a91b02b85f679d312228f56199f32cd989a4091ab346f69e3ed4573e12971f68aeb809816c15c16713852a18f6d97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d1bfc42612ffb8b4d8d64509f6d9b0d2
SHA1 ea5d51aaac13c4203b631d4d1d1379246c53e684
SHA256 143ed22ec4caec03897d508936358a0cf2fb0892b89429f69199cade968fec73
SHA512 5a6f5c9c59aa16659380d44e1231a6873bdae38d190792a306ce4b675e5f75ededf341418be886e55dca1b9330403d95b1a94a6d5bd58eb50cffd20ed3ab8658

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 bd812ee4cd4d8c9df63179279657f03a
SHA1 ad1e34e202ccda772ec298f3205f7cbed16361eb
SHA256 2d469a713cf84ab4f3f50f4372c0c7db37bda8277387db40a27fb6f7c9b37ea9
SHA512 49d136f987f273e80cb1f83e4bbeaf3e5eedc7adc673d470fe2e56d0fbedddb6f61eee7e899466d86560befaf8740aec079a7ce200c15ee2f9c506fba56118d0

C:\Users\Admin\Downloads\VMware-player-full-17.5.1-23298084.exe

MD5 4658408192fc875aa932292f686c3b32
SHA1 2048b14b13b2bfc8745c1ea9e55b5ba31de9b1e4
SHA256 50f5596fbd3fd60336f368e35f9ca991a4be1aa40d94cf5017c3abd104b24f8b
SHA512 3d8bf15514533586d3f576108263494778cb7b87396c958d64bf4698848af64c55bc26f072ed4f063e6d616b65795d7a0f9f7b4c4a7ea72169fdd1e7c6a3421b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 451167b931e38ddb1064649a0516da72
SHA1 7e429e5e75ecea56a6503bd6aa85fbb14cd71be4
SHA256 5635f6eac7fe2790f7c40b575106ef2047bb37afaabc8066a5f6d40e392c29f5
SHA512 34543dc8f1f32c9a03bded3e7748d819d049a9021a64cce397d17e4d99e678e606351639be18618236a6664fad47cd727c725893d4653d01591dba15228f51fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 79bfe538d44fe6057aa00c327ee91dc6
SHA1 ab08afc2f582582c059515a43628dae08c038cf6
SHA256 17fc4663d2fd51f39505ba1bbc8a3d7206c7d48d67ed409fcd6378dc6519a769
SHA512 9f7fcc799b5f6f38a532abc10fede147a7730c253f31b23c582fed5152aa3cea8dcace887f4a20e4d9f592c209be3bcb0cda023ac361746bf25fd0e789a85c90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ab579531f1f2a400800bcb61fb191c51
SHA1 da78119508d7ca8b59779f1300b94564b5d259a9
SHA256 bb9d4a9fecb71ddfe48bc92f73177227ffea0892fd84f1837405a297814b8734
SHA512 0b33934497ea41c8e7a5d58437f25aea6fc0a241903f53dbc92db0dad39c74ea8b284345d0cd4ca9d8d7163a6b6db62c08793ea8581cbd7dd31d7eabed252a2e