Malware Analysis Report

2025-06-15 19:54

Sample ID 240425-y7b25sec62
Target https://www.tumblr.com/appsetupfiless
Tags
lumma stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://www.tumblr.com/appsetupfiless was found to be: Known bad.

Malicious Activity Summary

lumma stealer

Lumma Stealer

Loads dropped DLL

Executes dropped EXE

Suspicious use of SetThreadContext

Suspicious behavior: MapViewOfSection

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-25 20:25

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-25 20:25

Reported

2024-04-25 20:34

Platform

win10v2004-20240412-en

Max time kernel

531s

Max time network

539s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.tumblr.com/appsetupfiless

Signatures

Lumma Stealer

stealer lumma

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setap-Filess\Setup.exe N/A

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 5440 set thread context of 4720 N/A C:\Users\Admin\Downloads\Setap-Filess\Setup.exe C:\Windows\SysWOW64\more.com

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: MapViewOfSection

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setap-Filess\Setup.exe N/A
N/A N/A C:\Windows\SysWOW64\more.com N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3988 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 816 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 1672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 1672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 4492 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.tumblr.com/appsetupfiless

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc673a46f8,0x7ffc673a4708,0x7ffc673a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6188 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7160 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,17441412648965299796,5177200806878578010,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap9992:112:7zEvent12472

C:\Users\Admin\Downloads\Setap-Filess\Setup.exe

"C:\Users\Admin\Downloads\Setap-Filess\Setup.exe"

C:\Windows\SysWOW64\more.com

C:\Windows\SysWOW64\more.com

C:\Users\Admin\AppData\Local\Temp\RcClientBase.au3

C:\Users\Admin\AppData\Local\Temp\RcClientBase.au3

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Downloads\WriteRead.m4a"

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.tumblr.com udp
US 192.0.77.40:443 www.tumblr.com tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 192.0.77.40:443 www.tumblr.com tcp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 40.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 assets.tumblr.com udp
US 8.8.8.8:53 64.media.tumblr.com udp
US 192.0.77.40:443 assets.tumblr.com tcp
US 192.0.77.40:443 assets.tumblr.com tcp
US 192.0.77.3:443 64.media.tumblr.com tcp
US 8.8.8.8:53 3.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 s0.wp.com udp
US 192.0.77.32:443 s0.wp.com tcp
US 8.8.8.8:53 cdn.parsely.com udp
US 192.0.77.32:443 s0.wp.com tcp
PT 13.225.240.70:443 cdn.parsely.com tcp
US 8.8.8.8:53 70.240.225.13.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 o248881.ingest.sentry.io udp
US 34.120.195.249:443 o248881.ingest.sentry.io tcp
US 8.8.8.8:53 pixel.wp.com udp
US 34.120.195.249:443 o248881.ingest.sentry.io tcp
US 192.0.76.3:443 pixel.wp.com tcp
US 192.0.76.3:443 pixel.wp.com tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 32.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 3.76.0.192.in-addr.arpa udp
US 8.8.8.8:53 90.102.244.18.in-addr.arpa udp
CZ 95.100.146.34:443 www.bing.com tcp
CZ 95.100.146.34:443 www.bing.com tcp
US 8.8.8.8:53 34.146.100.95.in-addr.arpa udp
US 8.8.8.8:53 198.32.209.4.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 163.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 p1.parsely.com udp
IE 52.17.99.225:443 p1.parsely.com tcp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 225.99.17.52.in-addr.arpa udp
US 8.8.8.8:53 www.mediafire.com udp
IE 52.17.99.225:443 p1.parsely.com tcp
US 104.16.113.74:443 www.mediafire.com tcp
US 104.16.113.74:443 www.mediafire.com tcp
US 8.8.8.8:53 74.113.16.104.in-addr.arpa udp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
PT 13.225.242.19:443 cdn.amplitude.com tcp
GB 142.250.200.14:443 translate.google.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 translate.googleapis.com udp
GB 216.58.201.106:443 translate.googleapis.com tcp
GB 216.58.201.106:443 translate.googleapis.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 40.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 19.242.225.13.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 64.233.166.157:443 stats.g.doubleclick.net tcp
GB 216.58.213.3:443 www.google.co.uk tcp
US 8.8.8.8:53 api.amplitude.com udp
US 34.210.141.171:443 api.amplitude.com tcp
GB 216.58.213.3:443 www.google.co.uk tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 157.166.233.64.in-addr.arpa udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 171.141.210.34.in-addr.arpa udp
US 8.8.8.8:53 download2346.mediafire.com udp
US 199.91.155.87:443 download2346.mediafire.com tcp
US 199.91.155.87:443 download2346.mediafire.com tcp
US 199.91.155.87:443 download2346.mediafire.com tcp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 87.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 24.139.73.23.in-addr.arpa udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
US 8.8.8.8:53 128.201.38.23.in-addr.arpa udp
US 8.8.8.8:53 119.110.54.20.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
GB 216.58.201.106:443 translate-pa.googleapis.com udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 133.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 219.138.73.23.in-addr.arpa udp
US 52.111.227.13:443 tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 216.58.213.3:443 www.google.co.uk udp
GB 216.58.201.106:443 translate-pa.googleapis.com udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 172.217.16.228:443 www.google.com tcp
GB 142.250.179.234:443 ajax.googleapis.com tcp
GB 142.250.179.234:443 ajax.googleapis.com tcp
GB 142.250.200.14:443 translate.google.com udp
BE 64.233.166.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
GB 172.217.16.228:443 www.google.com udp
GB 142.250.179.234:443 ajax.googleapis.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 199.91.155.87:443 download2346.mediafire.com tcp
GB 216.58.201.106:443 translate-pa.googleapis.com udp
US 199.91.155.87:443 download2346.mediafire.com tcp
US 199.91.155.87:443 download2346.mediafire.com tcp
US 8.8.8.8:53 25.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 216.58.201.106:443 translate.googleapis.com udp
GB 216.58.213.3:443 www.google.co.uk udp
US 8.8.8.8:53 routinecontoradwjsk.shop udp
US 172.67.184.49:443 routinecontoradwjsk.shop tcp
US 8.8.8.8:53 49.184.67.172.in-addr.arpa udp
US 8.8.8.8:53 productivelookewr.shop udp
US 104.21.11.250:443 productivelookewr.shop tcp
US 8.8.8.8:53 tolerateilusidjukl.shop udp
US 172.67.147.41:443 tolerateilusidjukl.shop tcp
US 8.8.8.8:53 shatterbreathepsw.shop udp
US 104.21.95.19:443 shatterbreathepsw.shop tcp
US 8.8.8.8:53 250.11.21.104.in-addr.arpa udp
US 8.8.8.8:53 41.147.67.172.in-addr.arpa udp
US 8.8.8.8:53 shortsvelventysjo.shop udp
US 172.67.216.69:443 shortsvelventysjo.shop tcp
US 8.8.8.8:53 19.95.21.104.in-addr.arpa udp
US 8.8.8.8:53 incredibleextedwj.shop udp
US 172.67.218.63:443 incredibleextedwj.shop tcp
US 8.8.8.8:53 alcojoldwograpciw.shop udp
US 104.21.48.243:443 alcojoldwograpciw.shop tcp
US 8.8.8.8:53 69.216.67.172.in-addr.arpa udp
US 8.8.8.8:53 liabilitynighstjsko.shop udp
US 172.67.192.138:443 liabilitynighstjsko.shop tcp
US 8.8.8.8:53 demonstationfukewko.shop udp
US 172.67.147.169:443 demonstationfukewko.shop tcp
US 8.8.8.8:53 63.218.67.172.in-addr.arpa udp
US 8.8.8.8:53 243.48.21.104.in-addr.arpa udp
US 8.8.8.8:53 138.192.67.172.in-addr.arpa udp
US 8.8.8.8:53 169.147.67.172.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7e0880992c640aca08737893588a0010
SHA1 6ceec5cb125a52751de8aeda4bab7112f68ae0fe
SHA256 8649a39877c190ec740a5422284ec5f9ff509b30b2d7896635476873dd8824e2
SHA512 52bd0a38ca7f43b26731966035045b1cbd8b60b2d81bdf9aad791cf444da8af8b722ebf3cb364a6e660bebdf23084eb0e30bc23562575b704801669817549f8a

\??\pipe\LOCAL\crashpad_3988_YHKVQUUJGGYQSXDJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5e2f0fe48e7ee1aad1c24db5c01c354a
SHA1 5bfeb862e107dd290d87385dc9369bd7a1006b36
SHA256 f13b3ebe8d71bd0086d5bb82364c35f59a95d32b39753af251e8639360e291a9
SHA512 140d026437fd5e8a874cd00b03950c8f010e1a0732a0a1cc5bdde477e7f8315ccb95790bb4c15b8dbaab9468ad532eb885b6c429300a64e39412d976d079324e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 910e3a5862e29df682a5a6d251a4d990
SHA1 527d35946d3a341280a68e992e9690812ada7cd5
SHA256 ea9f65d1600c3eadd774e59a6936f1ec9bd4394a429d90708fbef26d2d38578e
SHA512 e7bd81bda7099507b0d70389f88f0bfca22f8abdf461389326b9436a0e5addbffcf10b9c74f1d1a85b2e099b24a43035948e1ca58b5ef74796486bea60d4aad7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2c4b0239822f12ec6be42124f8ee8a4c
SHA1 696820a812149aee0a09709533cd40f0d8563da7
SHA256 8d020dced90e3d832a639240234e4d99f2468b33e3ac2c898afb385d3f1307db
SHA512 87651dee1e91879041e84a755d35ac8e2d320f365584f0fd70f7e41876208d30eaaf7895010ae3f7202a594335e4aaf624af0ff5a3557faf5ff3e29374804b2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6dc508f0d225faab0d287ec9cb028c32
SHA1 283c6bfdf31a6a404c0493c9447da74dbf7249ff
SHA256 d8fe51d856b16fa53da1d1b5189133f0cef710d0043d1ad9090d45897366c387
SHA512 f836d27a1dca6f39b90f493af4e3cc8e0b50dc54fc03f16da340ae0beee83fc8b8ee23030a8d7d030e207e624c8430b4ba560201e18a0204513dc55702a1b34f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 807419ca9a4734feaf8d8563a003b048
SHA1 a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256 aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512 f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b6071eebcea33bec70a666b3477e98b5
SHA1 538c33ecea101fec8c2e9ac4764da7ca5ee23a03
SHA256 d2ad969e9254ae634b9e19fef176e8ee63f5351a7b4695e575120314107ecc1b
SHA512 8f666e5d81c8c26637ba3dcb7c8a57dfb46fa745e19606d24bff118a9eeaffe7bd77376e8f175ab2bc7dd2b88bc1b66d5d76ee2ca614d1f2f6cfb2701e95e781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\36dcec9ef4b2634fcfce406f466684f60cae0eeb\index.txt

MD5 99cb13a3ddb00ae2b801aed82c37f054
SHA1 0906cdd579b2a5296526fd2bd373c808ce170b37
SHA256 a627a1baf6fbc0bb2e5c3d3c6c990d176826bd2e59e5909b0a0898b7fb17633b
SHA512 bf70d25b73d87c78c66091912620010a4aaf414f9aaf579e9045a80f8b3c59fb8aabdb7743c1a03bab122a4d6d3379b07eb55435f44bcc3232a1fa584d6617ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 302e08b4670a1079d256269aa4623718
SHA1 e63abd6164881e553a97f373405e8839b8d73ab1
SHA256 47a905b83bae1944ca300aef651df40d0e1656204f31037b54d986461ea3f4ee
SHA512 5711e917fc181a1b82e1c1794028920fb6091d1daf7168eed319a59a211974f679dd6d6ac4e6ba7a9a4b2cf9960d789cb926836ef381a807bbe019dc50bd9c16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bbfd.TMP

MD5 d096acc7c8b52bf6cc300121b03b80d2
SHA1 b137dd65ba34d787dffcddc0ab3aa55ed85ba636
SHA256 bbeab4dbc733daa5da4bf58756938b1ba06c96831fbd0dc93b758ef62e2866ce
SHA512 27687984b85d7e4ba2225cbd55da2511952bbc020df0dd727491bccc3d4164f3941665714476e2c0142a8a63a6596cd55f2a25bcbf9dad95993d7b005ac8d203

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a72208842b356375a336a6aacc5e9bfa
SHA1 54b2fbbad0880c1385a067c8be4c7031c430466a
SHA256 ed50475c5a9b9a7642d75887b5882ae17f3fde27c1b6fa0dce33da866de9a83a
SHA512 3f032ec01b55c21b1fa71e0e7ca5f885b8d98b6e2ab619d6aacb91492d9efd5439544e818ca51e019359cc06f0bc61ee1667d445883d094a61023371824c7292

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8c06224b9cc879a865ae1b383cd8c81e
SHA1 2f23714a127527a8425989a94f34571fa456dad7
SHA256 87b8fa6d37205843d7da0bcbf1762ae480b201a60d39b07f5afeeb881bdca9c0
SHA512 1bf09514b0acddff1ebf4f8e9acb4aeb0175af2d0411e2b5561dd08a291fffc1bdb446d080321ad60831234b30b107f58f5acb1b4a42e1f790a5b47a880ee25c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9fa917b39f3970aa1fb6a9582f34108f
SHA1 c92ac1bb78d907c99d01de80cbf97178af642b89
SHA256 ab508c0d2ba0f3970b94e06b5af96ac80d1b367983be3a2e8f60097c9dcd1c50
SHA512 f6d35251718ee6aebab04a8d9c0e9c57f36d28a43a8d483caa35b06d820a251ad86c33727acbbc3798ca79ac7985a54d8ae120f48aec60c943adc7acebed512f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57fb48.TMP

MD5 290cb5228f2276e0fd18fed125b38377
SHA1 b2722e11e7108cd6f2f2197c3f1d2347ca23ed03
SHA256 fcc9924ebf55702ccd2a0b3c8b5ba0b72287650f711fa359890fb2e7872375eb
SHA512 87ee9ad062d20a5e45472deac234e938d8aa0bae545614ca7c0f7e0718ee5767d8ec0ac314c127bcbf4e7d6a8dc2011de585bfb095a24273dcab4c1864ce556d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

MD5 c8debb7d9b87b9415e496d1b3d7f96aa
SHA1 049ad6f947f01078ae6e465e6bcbd1dc47f39e29
SHA256 1c6108b216a8243567b5e2282ee7f209c91854029552c52102a2de252216236d
SHA512 c1f691c34cf7b8ced0e3df8c736b35fa0fa054ac9ac1c8ba692c0a5e49c965a4cff423056410e4c7cdc6ea40143146a30e99a4e6641b940a4d29310ba99e78b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 426838ceb5a071ac3233a88ffd4cdba2
SHA1 6a054501cb93d9ae59263688da0046869ecb6276
SHA256 a62a20712ee736830ba4088cd1fb9c3c86dc91c5e549db3d19bf7cb166485c0a
SHA512 9419f63d79259d4edfcedb1089fec125f6de3bc1441dd5ebde390b0ecc6fe8b59a454f2f2cbc69aec30967e70f3501afa6bd751444aa5e6b7791f6d9f520b537

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a3c50d65d37784c3567a96df71b51943
SHA1 dbed72a8c2d8661d0552032ca39866337ff6db00
SHA256 3184c349935a7d3f93d4cc5c6ee4b5864e4b4e608e5aa46f2e49542022ba6952
SHA512 d5653a6efe3f386a8193ed0897cb5a56feddced9e2a71962122521caac7d01247651ada1a3a5f53959cdcf0a142fea480a439eab1abc983bb5e247649626eb95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b4dc2134770849cac5616fbaa4d7ad77
SHA1 0791d159efec68de665d43673f88c621942fcea5
SHA256 00cb734f892d2e8d7fd669e2d28b602405024d79d9fa699e80622e5aca6bc481
SHA512 c0357b46fdded3117c42d4bdff9fcb3d27b65b341f2b4170352fd645c344cb7be544d41a906aae5ccfdb05318a0992ea1e425ad24f0185a2de6226c52993c595

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 292c81819dac4b9596e8794f3b422c61
SHA1 133f4dc78d463c36fd8c4f088941ea03162deb91
SHA256 689fed11d0ac98952f606ad1314b6fe2ce232ea9dc448149b7aece7efa6ec9e7
SHA512 98e55cbf3da4d96e0c309da8343e8bcd640cad0366a22269b1aea1b04ae3158206ce78482a892607136197e1c1ac6f5f60ef2900e3195d63b5c414593b9cf7ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4435f26d0d4532b83702fe2e054a0eff
SHA1 f249d931f534141bf014584986bb9fdfb7ba57bc
SHA256 ebdcf70f257b9dd6f5e0007b9526b971a8dbd1eab0d90976a1e784bf6223407b
SHA512 92155e0087eb64c72769be8c1592991f628febb559fb12afda2d90413ee0aefa8a0333021f9a83c3d880fa917524cae9ac5028d65fd832f6eafed7e79a3a13f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\36dcec9ef4b2634fcfce406f466684f60cae0eeb\0a1abb4f-b6bc-4285-a368-7ab64157da44\index-dir\the-real-index~RFe589dd1.TMP

MD5 3b0bb5f4258a6db36292b519f5feaba9
SHA1 b1c6b223b2c8be805dc26890df56c74577196e3b
SHA256 6de7efe3f928419037a801315f39482317bbe19781d59dcf7743212544487f2b
SHA512 687c375c026e041c85638e7023daa0f2103065f459cf7fcdce91e03900c796bf496b34145a26faebf82d886940eb241db5dd662a3bc1bffad75c93945d1ef0b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\36dcec9ef4b2634fcfce406f466684f60cae0eeb\0a1abb4f-b6bc-4285-a368-7ab64157da44\index-dir\the-real-index

MD5 c707baf6b3f8e48f4ffe6d9085df69dc
SHA1 ecd3031275b5ecbc566c7772f98d6d4d089f62e6
SHA256 0d87a96d43b940b7144992a95bff30f0764c7e4b98ef099ee565ecdb6d887a4f
SHA512 20fcdc6e89eddc7b26d9d09eec52af1d44182c06b70450d2b3c07b0db821b03fae9542c23c6a292b3267dd7e70dbf2344d522c59e2dfc5eef40a1af06fe33a4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\36dcec9ef4b2634fcfce406f466684f60cae0eeb\index.txt

MD5 7921850200e8a02ced11c17c4e704b6f
SHA1 ecf2e4c7558663505439e75e864461838a0edaff
SHA256 65fef6f43af29ce956bdd54915f739a64d98a32e20ec4830bbca2135455ef2f5
SHA512 8bf78bf7663d90f567ff35ef73d03be8b0eb5ac0a47c09a18723c77e2b134cff19ac5bd2c0b1c85a24a1467158429e81f68383b997ed45da02a4e451b840426c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a25fc953c8abd3e39a5755a06adf696d
SHA1 6be7a9ca8fbfbd128b4930633196f923713a000b
SHA256 84f3b49b8a13e74b4fdee99c67e28a43aba1d286d458e7e562efaf293b241f05
SHA512 e9f287e1314764f91ad96151a4d7c7e49bd760973cc52b6f348924004d812bcde1509322b12f030ff2432f10ad61ff9740d04462645136da88da36281535afec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 660c3b546f2a131de50b69b91f26c636
SHA1 70f80e7f10e1dd9180efe191ce92d28296ec9035
SHA256 fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9
SHA512 6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 d2a0681a0495d93b04c1e86eeb3e24db
SHA1 c7624fb247599533674df48a070b6f9f282f900e
SHA256 ca40f1641fae8fa4f3bf72be2bf0c1ee6fc59e87b22dd7e8fc9dd43a4e7a4dcc
SHA512 575e4f2991a84de2899cd9684658fd52a01aa8f3343c04d99c920474c5ff59bf2d888165b6fda85657a1340e69c63262ca2ce86279d9b666e8e65b8c3ff52930

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 410be30ffa7f2b57ae829dfc65fa3809
SHA1 d9874f913869b313d25a1e25a1c1bd1907303345
SHA256 7c1a94064fc31a4294fbb65e2b54deb6835e951e90699bfb08481665e06e3694
SHA512 492794b9b617bb89134310abd003d6d652c89b3c7cb9a347246b2c908e5b86ad7b3a4fb14bc52b78c75f9515079c85fc4cfcedd46344197b182ead650b961038

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 5e15327851626b49baf871837e02e667
SHA1 7fa21a686531dd2a9f52dfb5354902831e793561
SHA256 2b5390d5fba7edf78cd9dd8fdd5f601fef0cd20e0806dda5367bd728495a8b48
SHA512 e6ebfcc48873250765332786c23ce6cd4da8a8f356c7dac65b1891e6a1351fd9501a470bea1538bc23033b59e902a30a1cc87442c774a8328c8abe4af75eda10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 63e850304e36cc8b2004babfb2dafa91
SHA1 f93f6bee14861219896383d041da80ce86e3a087
SHA256 a3ee1d08cb25ce8c4457142c4283fab6e0926f8505723c55c24ce44354422171
SHA512 ca8e5ea5d509b1ca7fab5f90af46b9a2c3dab8f0c3a6cc923deaba97a69263b11953b1f1a129a662eaf5b8932b18d8ae235abe86f64c15bd6f4ad3d5f5905e50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9cb78418e8c399f7a97da3c3eb6c5c4b
SHA1 031b9cf46d182746407feb8e1fbf7da1433d2b2e
SHA256 ae39ad8e136b2fd1890bdfacab6f2fd5fc0e69b942c4ebe13beef269d05bdd82
SHA512 fee3fb81d40dff8562cc307d8be1e597f7b261c5376a865fc3615262ddce510aa532ea80ad4b1043b3dece341fb49b5aaaebb4b130ca3e8a4af8dfca1a53e27e

C:\Users\Admin\Downloads\Unconfirmed 377239.crdownload

MD5 38cc023464ba203f847e9b2dda828cf8
SHA1 4e5b7773c21813597a8b8f8b71c59656cd5f6d4b
SHA256 703184640dcee1ca42d80d64f2182a719ec078956072dae2e25e6b35c5379731
SHA512 3ce7814d3850670a06d4cc084bec339433ddf246d2e9275ad72b6c5be65cc48d3a58ae501facfcfad8fd6ded118cf944f1f20c4945cb716d1d26aa1a9d7a8399

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 53180c3719791906c15b914b270ed6db
SHA1 ef6d09766e67221a5284d03b1d880e2fad336a8c
SHA256 a229ebffcb1b30d7074d006308432461edf1c2e1e431831a714dea0820768860
SHA512 e87d7de9d365c75482d6076c4d93e4be8e22ab8cef4826e301a7bc3afdbe5e74d6acb1c84fe5c26807a9c2caedba32940b46e3041b39cde80d0aa7d0af6a2b25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3f5b2d6f5f5415a8570304dbcaee9f40
SHA1 da34669eab26166d851c19837690ef6fd9635a65
SHA256 8bbd563cb57e87eff9b7bfe726dcae72c12a8c2537e0a987738ba008c3ee8316
SHA512 53a503f2315c354788d7f5dbe094250fa4cf2eff5a95d03ffbd613809a0f00597d0cb5327aba68b6a018e80b17e920dea8309bd720db217e6939b53b1c207697

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9dc31bb8ae8fa6b5941e7d2e20458e78
SHA1 6abed4185b9269723b082cff77f51a4ae27c42a1
SHA256 9fdb0df76484d75b4299265d0163de35931fac2ce2fceff50c0890c64f2aa32d
SHA512 7aa81c287adf7ff5d78f643468cc2cc5cc0421e4b7831c8659f30158929fa733b01d22bab5c63ee63c8a8bda34cd0a4d81a5e882730f34fb62f4d46572e060c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 75694b76903737a4326cba3905959c01
SHA1 20ad67fb3768ac6686c5a87113691fa616645514
SHA256 b8ea2d3bbb9b2bfb0f93ad7afbb0f43e9c180dc21f5b8758e585516fbe84fbe0
SHA512 c51e01f9bf77644bf56e1cb5b5963b5c1a79dc6826e0a27e436486afbda1ddd783716ba61c8463ac4d360d6a28604672f592bf05c9ee9e5970415ff1645ffd74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8a554861f1ba3e15ff3c295a55bd62b1
SHA1 fcb199a9e0de1e94e3397489e916b26be7808bbc
SHA256 2e23c36581876b054cb6942318ccee49386c8dace3c7b562f86aef063e51a5c1
SHA512 e7b3e0b63803882cc647e8b69d8a06ec4bd1fed0f4c0678bf75a5ba0237def90566a11dee8e6d01e02db39cebb9a68b1e0ae9607d546f55d740f70d5b8552e3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1038f3e98a49e613e6d15159400695f5
SHA1 d04cdb626bfedcc48988366f04ebc8d5561a2eea
SHA256 a24e72f322a57b9d86badc1ac96deaf549c8ec2589a968b5c1a8ada99ee2469d
SHA512 eff3428a3966077a64fe497ebb675b864937250dd3869137cf828077ed7e7b3aaa8e6e772004a954f5dd7a19145a98bd87f8f07b455c638fb47610c28a345379

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 904d5da3ae3b578d839e2ea841e5ada9
SHA1 e0d08a587c158d37746a800613f8a99d5bd5fc38
SHA256 c7d1d730c78821378825ab1533a4720da0868c286f5af90b783a255d1cf1018e
SHA512 7e22d7f180df909ea76b6f4f0c19c33fcb8498a993b64d42791f8a4bbef44d90b460193e9268c474a2458f8beb6806cd0068f5ff11efd106ae865cce4ef2adfb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 aac203ec5c12df54e01bea52bb9589e5
SHA1 6a5921848a5c5d36c66fb84e500efc5f4bc6d268
SHA256 66205bac7bda97037652af372f689c4531ca8d156eb00e0acb1a200e55181175
SHA512 48d2ffbf31100a81caff5b02760181537318a50459a89c31d1f6bad779d5d135f380ea2b7e70506c37951c96ae5ec262ba40293662b39b3d987a40ef20ccf171

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4ec2f4c352e4b7ed3872e7cfd2672ed1
SHA1 8082b45571b674005966758cd57d7b22b892acc1
SHA256 55b36f524460171344e8e407b450168f7cba4e822c5a26d2d08c33e0e597a789
SHA512 a2954db228106da26089476b6e381a8059e1bedbc3a32eae4417c95fad23d1ddf54a1e8cf9d794e34401ce93e21df3dbd6a944e192b6827b8cedb3fbf926e2b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 df750a330bedd2dd471b88950a976b3a
SHA1 3778a57d6fa6563c68c0e663bc56b665b126598f
SHA256 97e01a0cc3b375ee621a8efd1fc9e1d99da5202f59ba69e32860269515d5bc40
SHA512 3d48b1330b0964f049166853f1b5f527cee1651bf535d31d561af9efb86dd34e15a24214fd56a414ac55ce548e430ca27e1ba139bbb6f102729b8daba2fe3c39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9a8ad593205d089eb0896cdcaf051b7c
SHA1 fd6cfa0534028af37ba3fcda2801bc3ea65594cf
SHA256 b94bc71e94e3ceca1a9c08398fb870afbc91a0c3fdad41bf68125cdb30823a7e
SHA512 e40158d513becc25d8d772a90840c237a777ff18d827c1597a7759d11b31249dfeb988412073dbb5ec54976067e1b45831aec780e451cbc5ee45b619574c94e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c55eff1647c5c9339fb36978e4eb1b17
SHA1 41158556b8c9c7ee1bca3b35dc02492e53b34748
SHA256 cad4e25ee25d0f9c9466e036df8afa9e0c6f7b788f58a33337f94c026201d9f2
SHA512 b20971f71b2c9cd952f063021fd450974d93403d158d036febc51a328577682d89e4d7b11a7dc61e31410830629811234c5e265479c88a2512c2de6153b27e56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\Downloads\AppSetapFiless-win64_enus.rar

MD5 b575972769490a1e3ca1fcee07537f13
SHA1 a60603fb405344f765d41db5e24c4fc07c21b0e7
SHA256 af0fb84a4ebbe2c4059d374e82f6a9c149d450de062c16e9e409422604a9c1e1
SHA512 55bb20e9b93e9ed8af57e22d183f277c1aa7b5e3b25cb53e2b3832e826afe942a4bdc8183c400cd02f245470eb5e8c554e5e4da8ec3b89f4ba82b74a714f2d0f

C:\Users\Admin\Downloads\Setap-Filess\plugins\codec\libavcodec_plugin.dll

MD5 fad5798d2177993c88072f28581750e9
SHA1 029bb1a51e948f649ed8af73bb54b99493b7e233
SHA256 ab10e941252965e338b8b9351902c8eec98c71fa23dd431769a732ca109b5f22
SHA512 def4e1de52122ed8826b46f00067bbd3420e2591bb854310aad05e2e4f01923dec5400ad242ce3e3a71ae344794688ebb084fa534ba50f946f2e6ad0d0649161

C:\Users\Admin\Downloads\Setap-Filess\plugins\codec\libd3d11va_plugin.dll

MD5 1137f05e3030ce4031dfa68731650f25
SHA1 c1e78b9ad6c834d71b0f42ca0f4932f37b7b1579
SHA256 c5cea8862585850e651cbcc5883c70ce7d54e1871b53905b210b55ed9bc1fab1
SHA512 7b03d88f75a30cea02c766741550fb781f7a9a9472145558989e90cb8294f58d7104c79f94f2775fdb90edd38580d189816e63e56aa7c5f022e85d8bcab20a2c

C:\Users\Admin\Downloads\Setap-Filess\plugins\audio_output\libdirectsound_plugin.dll

MD5 077990f957556e8a72a37f0ee09a2083
SHA1 371908e5515adb53a57f8d2bda47d59a7346fc1b
SHA256 412f9ec13da17b2f2269567b8397b587352070ce77a641ae40b7a243e26c57ef
SHA512 420d536532ccd474176e2ad2421e655708e0835faa1a60f9b2a70f8a54fdd8d787567c30f478639a367d913b5b34e4e0a81c1c38d95d14351affb25abc536770

C:\Users\Admin\Downloads\Setap-Filess\plugins\access\libimem_plugin.dll

MD5 b0770c82314e94afd0d793774d66290b
SHA1 79b280cda1ca944478ebad7778f642d415de523a
SHA256 a5c2f2030e2cb70837d35e434d9793cafa04132e1823430ebcfbd4d985899637
SHA512 21f4780a6da31c84fbc0fe117eef11cbd796d837b7fa38ec8c5e025c8b318f0b925775a7dec1e909ee14da77d800a01115758e803ddeb605e1da0ccbff047133

C:\Users\Admin\Downloads\Setap-Filess\plugins\video_output\libdrawable_plugin.dll

MD5 defb6d6c7bfbddafd3d48d47a69d47a8
SHA1 787c35fa991694f54834d007c13646a219ba43e4
SHA256 aa8cdd685be3ffecb848dd4264061536d562b784c473c3ad1abc1fc3527ac1f5
SHA512 2284fdaec89b819b695db72c493f59b11d60eeab24450c500b0972ee097eae0e51578c0a3044ed100c8ea29e389e46183400ab17140407eebb86a418e04b005f

C:\Users\Admin\Downloads\Setap-Filess\plugins\video_output\libdirect3d9_plugin.dll

MD5 f910aee501d6fe100096dcdf9bd4b525
SHA1 c3aaf9ce5643695822cfa6935eefd4e39eaf3d14
SHA256 77a79184b2c81da3b98d501632fc8e5c8af6d078dd29414ae693906f51c343aa
SHA512 05fc6297fb44ef9e60cb975d941d98dd7bea9fbfea1e48723168725a887b1e1e8e00f97d8a5faf419039ee791c2f14404db61e65b40c767e17a1dcc2f6f84940

C:\Users\Admin\Downloads\Setap-Filess\plugins\video_output\libdirect3d11_plugin.dll

MD5 267237343345265fe20a9688bd840de2
SHA1 99fee276074a4671e2b5ccceeaf71ec951df45e5
SHA256 0732c8978869bcbf11fa63f8cfbb5d6c75dfd8d34d176cae2dac99a261bcf2dd
SHA512 e354a8c0ec8c32792b6c356dc519d41319684ea2d20d18b61e19eeb8133a049db93ac6845e9ca7978f2933be9bf37eb3f608b81277dc14e3d7d240b206392196

C:\Users\Admin\Downloads\Setap-Filess\plugins\access\libfilesystem_plugin.dll

MD5 8fac15d2a2da66abdf345afa45ac5e3b
SHA1 553d4c9f39726d8aadb15fed7c904048928049e0
SHA256 66ef741a9282b420b09b940fbdbf666cd1625a8da18daaece036fcc4e1a74d38
SHA512 f756e3b3368245d4670cf0f86a6727858e3ead983b3e10c11d9b13e67d86b632703f44df70e648bb8edcad295744c763a268f4eb02ace0055405c3e9af124548

C:\Users\Admin\Downloads\Setap-Filess\plugins\video_output\libvmem_plugin.dll

MD5 30afe05b0f7f8dbcb10fb9533b189754
SHA1 e92e194b6c0b9b3abdf16f2d6a80081e61f3af65
SHA256 2062d5c42d295e8f01cf0d1c8402460597f1e2b9ba9f86cdad22014364a92782
SHA512 1ac4386671dd47fc9826b718b345295ae2b1a35a1198f4a0d9c0003a3983940df118e440ae9b02e7ff1d821e38eedbdfe1650d6dd02ef39da4c08ace4b17d634

C:\Users\Admin\Downloads\Setap-Filess\plugins\audio_output\libwasapi_plugin.dll

MD5 d217e0144d8d9237d284a38f9c3e6340
SHA1 fdf9f0edeecb0759fd8b502cd5314511e60f6347
SHA256 94eb16ffd5526836c715d0a1eedada03f0a1061920cbfd44fd4daee3dfabd1af
SHA512 22f7b1b05035011b95f3bf3f1ce4aeb43f8baaa8dde2f2d565dfbf83a9b0a00adaae9c941cd5a2ad4633444d9fe1410accb97a1dd16396afbe84679758738227

C:\Users\Admin\Downloads\Setap-Filess\Setup.exe

MD5 b15bac961f62448c872e1dc6d3931016
SHA1 1dcb61babb08fe5db711e379cb67335357a5db82
SHA256 bf1a0c67b433f52ebd304553f022baa34bfbca258c932d2b4b8b956b1467bfa5
SHA512 932119f7dc6710239481c80ad8baaed5c14a2085fcc514b6522671b1a4ebbaf488e43453f11d5aaf6dcef7a245db8de44d93ff255f7cf8385b7d00f31f2cc370

C:\Users\Admin\Downloads\Setap-Filess\WCLDll.dll

MD5 47eee41b822d953c47434377006e01fe
SHA1 ad42e88bbcce1640aeda1397f82c826ba764d08e
SHA256 218106e2f5ee44e8ae3ecf62e5c2cb1c3db50e5825f4737c9d13bbd48114ed0b
SHA512 443328c44f0d4203c1d7ffc0cce0883c279db9a820e53c5ef4e4711fac451563b4f2ef114c21a4c947212def9f4218ef852ca0e9bfe8a8655668c757f591883f

C:\Users\Admin\Downloads\Setap-Filess\vcruntime140.dll

MD5 16b26bc43943531d7d7e379632ed4e63
SHA1 565287de39649e59e653a3612478c2186096d70a
SHA256 346f72c9a7584c2ab6ce65cd38a616c77ebddc0bbab2274c4e89dd5e62237517
SHA512 b5b7b4b8c5ab4276a34956e43f586272b1803ec3609253fee1bcc0a549aed7ba11d47404b023f7b67af701726bab95cca55738e7bd5bca272eca5ac71bb418cc

C:\Users\Admin\Downloads\Setap-Filess\msvcp140.dll

MD5 71a0aa2d05e9174cefd568347bd9c70f
SHA1 cb9247a0fa59e47f72df7d1752424b33a903bbb2
SHA256 fdb3d86c512adff90967cb860d02a4682850ab96727f0376e4d4836504c50e47
SHA512 6e65520528facaa4058720eb16d6bfdcc7bb36923b7e8e6551f3526709f0fabafab123999e618438e6abe7efed4a1332547cfc988f2b24b0e3d91198b95a911a

C:\Users\Admin\Downloads\Setap-Filess\garret.sql

MD5 ccae01c00a7bba0bcffc9b1124b59dc5
SHA1 2cc8eaff7984a83da0dc81db7f0a97746dd58418
SHA256 c9d728b10c339685bea1c182c41dfefa105850d422f4f9d47d66ce058a0f9998
SHA512 910138e01bc14f4e8e7679e6997651e8ba4e946a16b9cbbae127a00d82d394cbc06becc7e390395c00913e2fe781a464d3cb45a98af71ccba0f45514b4bd6c1e

C:\Users\Admin\Downloads\Setap-Filess\toughie.txt

MD5 bc64e726ff9f079309711bbce16038b4
SHA1 ccdd42ce09d6a8b29a696f2c9924167bfbcc6f08
SHA256 5335f7aa5c4b96e7533990e22a81dc4d6e19262dc100074262dcf612d3d3c058
SHA512 92f7df5683c73475dd7fee405ef2c8f13482df75078e108a1337461e98c349b9c3e6efba1ce8a448cd54046368fa3f8bbd22c2ef9224b95d5f769c35788dfd68

memory/5440-1796-0x0000000074190000-0x000000007430B000-memory.dmp

memory/5440-1797-0x00007FFC72010000-0x00007FFC72205000-memory.dmp

memory/5440-1803-0x0000000074190000-0x000000007430B000-memory.dmp

memory/5440-1804-0x0000000074190000-0x000000007430B000-memory.dmp

memory/4720-1806-0x0000000074190000-0x000000007430B000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\dee6971b

MD5 3d357ab3d03bc74a84b169dc056331c5
SHA1 823f04645a6815e9aecba03f28b47d84131e1cd3
SHA256 0a0aec7f3cd219dea3a6c4691ea672ec9a6295cd8f900bb06f5b134435375552
SHA512 67ce27208d78f1f02ac56a90dd2401f4d7d2c8c233af4ab0f0df4e02b3be7f89e3a874840e67ec36ee8027959e0257bb7acb5fbc305320188bd5dd99710df06e

memory/4720-1808-0x00007FFC72010000-0x00007FFC72205000-memory.dmp

memory/4720-1810-0x0000000074190000-0x000000007430B000-memory.dmp

memory/4720-1812-0x0000000074190000-0x000000007430B000-memory.dmp

memory/4720-1814-0x0000000074190000-0x000000007430B000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\RcClientBase.au3

MD5 c56b5f0201a3b3de53e561fe76912bfd
SHA1 2a4062e10a5de813f5688221dbeb3f3ff33eb417
SHA256 237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
SHA512 195b98245bb820085ae9203cdb6d470b749d1f228908093e8606453b027b7d7681ccd7952e30c2f5dd40f8f0b999ccfc60ebb03419b574c08de6816e75710d2c

memory/5128-1816-0x00007FFC72010000-0x00007FFC72205000-memory.dmp

memory/5128-1817-0x0000000000140000-0x0000000000190000-memory.dmp

memory/5128-1819-0x00000000006A0000-0x000000000077F000-memory.dmp

memory/5128-1820-0x0000000000140000-0x0000000000190000-memory.dmp

memory/3084-1821-0x00007FF6058E0000-0x00007FF6059D8000-memory.dmp

memory/3084-1822-0x00007FFC63730000-0x00007FFC63764000-memory.dmp

memory/3084-1823-0x00007FFC542E0000-0x00007FFC54596000-memory.dmp

memory/3084-1824-0x00007FFC67970000-0x00007FFC67988000-memory.dmp

memory/3084-1826-0x00007FFC62DB0000-0x00007FFC62DC1000-memory.dmp

memory/3084-1829-0x00007FFC62D50000-0x00007FFC62D6D000-memory.dmp

memory/3084-1828-0x00007FFC62D70000-0x00007FFC62D81000-memory.dmp

memory/3084-1827-0x00007FFC62D90000-0x00007FFC62DA7000-memory.dmp

memory/3084-1825-0x00007FFC64230000-0x00007FFC64247000-memory.dmp

memory/3084-1830-0x00007FFC62D30000-0x00007FFC62D41000-memory.dmp

memory/3084-1831-0x00007FFC53EE0000-0x00007FFC540EB000-memory.dmp

memory/3084-1833-0x00007FFC52E30000-0x00007FFC53EE0000-memory.dmp

memory/3084-1834-0x00007FFC62CE0000-0x00007FFC62D21000-memory.dmp

memory/3084-1836-0x00007FFC62BF0000-0x00007FFC62C08000-memory.dmp

memory/3084-1835-0x00007FFC62CB0000-0x00007FFC62CD1000-memory.dmp

memory/3084-1837-0x00007FFC62950000-0x00007FFC62961000-memory.dmp

memory/3084-1838-0x00007FFC62930000-0x00007FFC62941000-memory.dmp

memory/3084-1839-0x00007FFC62910000-0x00007FFC62921000-memory.dmp

memory/3084-1840-0x00007FFC628F0000-0x00007FFC6290B000-memory.dmp

memory/3084-1842-0x00007FFC61C00000-0x00007FFC61C18000-memory.dmp

memory/3084-1841-0x00007FFC62830000-0x00007FFC62841000-memory.dmp

memory/3084-1843-0x00007FFC61BD0000-0x00007FFC61C00000-memory.dmp

memory/3084-1844-0x00007FFC5F410000-0x00007FFC5F477000-memory.dmp

memory/3084-1845-0x00007FFC5F390000-0x00007FFC5F40C000-memory.dmp

memory/3084-1846-0x00007FFC61BB0000-0x00007FFC61BC1000-memory.dmp

memory/3084-1847-0x00007FFC5F910000-0x00007FFC5F967000-memory.dmp

memory/3084-1848-0x00007FFC60750000-0x00007FFC60778000-memory.dmp

memory/3084-1849-0x00007FFC5F0D0000-0x00007FFC5F0F4000-memory.dmp

memory/3084-1850-0x00007FFC5F0B0000-0x00007FFC5F0C8000-memory.dmp

memory/3084-1851-0x00007FFC5F080000-0x00007FFC5F0A3000-memory.dmp

memory/3084-1852-0x00007FFC5F060000-0x00007FFC5F071000-memory.dmp

memory/3084-1853-0x00007FFC5B240000-0x00007FFC5B252000-memory.dmp

memory/3084-1855-0x00007FFC54CB0000-0x00007FFC54CC3000-memory.dmp

memory/3084-1856-0x00007FFC54C90000-0x00007FFC54CA2000-memory.dmp

memory/3084-1854-0x00007FFC54CD0000-0x00007FFC54CF1000-memory.dmp

memory/3084-1857-0x00007FFC52CF0000-0x00007FFC52E2B000-memory.dmp

memory/3084-1858-0x00007FFC52CC0000-0x00007FFC52CEC000-memory.dmp

memory/3084-1859-0x00007FFC52B00000-0x00007FFC52CBA000-memory.dmp

memory/3084-1861-0x00007FFC54BD0000-0x00007FFC54BE1000-memory.dmp

memory/3084-1860-0x00007FFC52AA0000-0x00007FFC52AFC000-memory.dmp

memory/3084-1862-0x00007FFC52A00000-0x00007FFC52A98000-memory.dmp

memory/3084-1863-0x00007FFC529E0000-0x00007FFC529F2000-memory.dmp

memory/3084-1864-0x00007FFC523D0000-0x00007FFC52623000-memory.dmp

memory/3084-1865-0x00007FFC522C0000-0x00007FFC523CE000-memory.dmp

memory/3084-1866-0x00007FFC529A0000-0x00007FFC529D5000-memory.dmp

memory/3084-1867-0x00007FFC52970000-0x00007FFC52995000-memory.dmp

memory/3084-1869-0x00007FFC521A0000-0x00007FFC522B3000-memory.dmp

memory/3084-1871-0x00007FFC52160000-0x00007FFC52172000-memory.dmp

memory/3084-1870-0x00007FFC52180000-0x00007FFC52191000-memory.dmp

memory/3084-1872-0x00007FFC52140000-0x00007FFC52153000-memory.dmp

memory/3084-1868-0x00007FFC52950000-0x00007FFC52961000-memory.dmp

memory/3084-1873-0x00007FFC520A0000-0x00007FFC52140000-memory.dmp

memory/3084-1875-0x00007FFC51D90000-0x00007FFC51E8F000-memory.dmp

memory/3084-1874-0x00007FFC52080000-0x00007FFC52091000-memory.dmp