Analysis Overview
Threat Level: Likely malicious
The file https://www.google.com/search?kgmid=/m/045c7b&hl=en-US&q=Google&kgs=aaa6c4dde0a95d37&shndl=17&source=sh/x/kp/osrp/m5/1 was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Downloads MZ/PE file
Sets file execution options in registry
Checks computer location settings
Registers COM server for autorun
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Installs/modifies Browser Helper Object
Checks installed software on the system
Adds Run key to start application
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Drops file in System32 directory
Drops file in Program Files directory
Enumerates physical storage devices
System policy modification
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Modifies registry class
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Suspicious use of UnmapMainImage
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-29 13:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-29 13:44
Reported
2024-04-29 14:14
Platform
win10v2004-20240426-en
Max time kernel
1799s
Max time network
1802s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=437965BB3C244275AABA892D0F36CD4D" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\mr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\GrenzeGotisch-Bold.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ViewSelector\right_zh_cn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\hu.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TagEditor\TagEditorPluginIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\MicLight\Unmuted60.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\fi.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_15.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\identity_proxy\win10\identity_helper.Sparse.Canary.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioToolbox\AssetConfig\public.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\TerrainTools\mtrl_leafygrass.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\PlayStationController\ButtonR3.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\marble\normaldetail.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\water\normal_01.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\icon_friends_16.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\PlatformContent\pc\textures\sky\sky512_rt.tex | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Locales\uk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\tr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\DenkOne-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\MaterialGenerator\Materials\Grass.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Emotes\Small\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\WindControl\ArrowUp.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Trust Protection Lists\Mu\TransparentAdvertisers | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\families\Fondamento.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioToolbox\AssetPreview\pause_button.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\mojo_core.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\PurchasePrompt\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\SpeakerDark\Unmuted20.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_nl.dll | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\AnimationEditor\icon_delete.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\RoactStudioWidgets\slider_caret_disabled.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_zh-TW.dll | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\id.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\kk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\sky\moon.jpg | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\AnimationEditor\img_key_indicator_border.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\DeveloperFramework\checkbox_unchecked_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\chat_teamButton.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\lt.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Trust Protection Lists\Sigma\Analytics | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\MaterialGenerator\Materials\Mud.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\icon_premium-16.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Settings\Help\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\LuckiestGuy-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\DeveloperFramework\icon_backward.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\GameSettings\search.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\ExtraContent\textures\ui\LuaChat\9-slice\tag-bubble.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\Trust Protection Lists\Mu\LICENSE | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\fonts\Montserrat-Medium.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\GameSettings\friendsIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\StudioSharedUI\audio.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Modal.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\VoiceChat\MicDark\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\Controls\PlayStationController\PS5\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\content\textures\ui\PerformanceStats\TargetFiller.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133588718960361429" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\CLASSES\MIME\Database\Content Type\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "Update3COMClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods\ = "6" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\LocalService = "edgeupdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\ie_to_edge_bho.dll\AppID = "{31575964-95F7-414B-85E4-0E9A93699E13}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\Application\ApplicationCompany = "Microsoft Corporation" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgeMHT\shell\runas\command | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe | N/A |
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.google.com/search?kgmid=/m/045c7b&hl=en-US&q=Google&kgs=aaa6c4dde0a95d37&shndl=17&source=sh/x/kp/osrp/m5/1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe5a3dab58,0x7ffe5a3dab68,0x7ffe5a3dab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3060 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4012 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4180 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4524 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4836 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3132 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4172 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4968 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4696 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3168 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=3460 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4168 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4376 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=5488 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4c4 0x3f8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4612 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1648 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4588 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4828 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5068 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=2276 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=device.mojom.XRDeviceService --lang=en-US --service-sandbox-type=xr_compositing --mojo-platform-channel-handle=4848 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5728 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4304 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4604 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5956 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6072 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4636 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3580 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5988 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5864 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=4360 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5596 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4292 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6024 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6020 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6120 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6000 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3580 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5632 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUVFQzI0NzMtQjM5OC00RTE5LTg4MjUtNDU1MTVFQTQ0NzE1fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4NUJBRUIyNC0wQjNCLTQ1RjQtOEY1NS0xRTg2MjhFNkQ1Qzd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODIzMzIzNTExIiBpbnN0YWxsX3RpbWVfbXM9IjQwNiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{EEEC2473-B398-4E19-8825-45515EA44715}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUVFQzI0NzMtQjM5OC00RTE5LTg4MjUtNDU1MTVFQTQ0NzE1fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxNkZCQjBCMi1GRUM4LTRDRTctQkExNS02NUMzNEU0M0IyQkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODI3MjUzNTA5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C47BB8A8-EB60-42E6-8284-BF29C527049F}\EDGEMITMP_497EE.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x108,0x104,0x100,0x258,0xfc,0x7ff7e43688c0,0x7ff7e43688cc,0x7ff7e43688d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUVFQzI0NzMtQjM5OC00RTE5LTg4MjUtNDU1MTVFQTQ0NzE1fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDOEMyNDIyQi01RjNELTRCRTAtOTVBQy1FMUU0OTYxQkFGNUR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA4MzgxMjM2NzEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDgzODE1MzY3NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMDY5NzkzNTM2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMzFiZDVkNy05YzY1LTQ3NmEtOTA3NS1lMjQ5NGY4ZGE5ZTQ_UDE9MTcxNTAwMzcwNSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1tb2NNTzJlV3RrU2VRQVY3T25KdUVuOW1Ma2dMb2lzdTRCY1kzSXBCb00lMmZMTmRPUzBDbEhjWSUyZmlIOWZqRGJvbkd6SXpObGI2cjVUJTJiTXlvUXhGODBadyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgZG93bmxvYWRfdGltZV9tcz0iMTY3OTYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTA2OTk4MzY3MiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExMDg0MDkzNTI0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTUzNzQxMzUwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjcxMiIgZG93bmxvYWRfdGltZV9tcz0iMjMxNzciIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDUzMjgiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6296 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:fjJ7GBZ9vfsFk11AR88ic7EYfi29doIrLU57bqZ92U3rUZpHO5CuBQhZQQu3LeblVzi28lJKnodiOPaJdQXO5XCTL7g-cc4UgB-pPcv4snnXT5IRHAzN0mIEheFkz0RHx275lIgB-EnEB6_60v9nOcVRpeNs5GpCElL1mKwGzY_8mLikJ89FNHTs32kYtR6_ntMUYnHVt6p_Vtm46WaUfF2GROTskgXjMk5LSbUp4G4+launchtime:1714398832054+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1ccbafb-ff27-46d0-92ac-b9e5e9ddfc76%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6728 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:fh_azOapYf6e1niYMpv3AWXONd60ygd1cC7NedQfTSif11Tyc1s0lABI2yYKeT9_744P1-u14WrVJqB0Hc2Re3CdgrGCs2TwM0Jb8H-XeYQQYCVX-evPm8xP-xmmf_MnE6sB62PmEXsFpLwNw4FjoOH01-7DzkDh_YXxXTDeOwFJY1V7J3afHmnv6PmaMTc9-j_O0LTo2ycTRhtpQfCvYeYYWiD1xPWOisfhDD1PTJA+launchtime:1714398832054+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1ccbafb-ff27-46d0-92ac-b9e5e9ddfc76%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6132 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:0eDmAuJ6nfPdp7CzrqgkzS-44rwZdu9DoCNaotaA8-EiW2W0djErYr-KpA8cwB5Yc8xnpXkn0p8fdz70pA-fX30z6CuFEMuTnRLWaWdOr89rww2fZaqW8GwQNR3_G1W7pOvhoOdksDdAZlIYvwMbL6CzjsG36OdDFA8Od8Yufg3psBcJewJWhMWX_Tyok0NWyD-7HDo6jjBZgyzlqsIc5qZnzjSKYFsw5PeGY2MPiwA+launchtime:1714398832054+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1ccbafb-ff27-46d0-92ac-b9e5e9ddfc76%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6728 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:tlVhuISn3SQX4t6wlLq6fIQkUGu5HAlJA82VgdeLbDPw2voHBvL2ImGoza1Z202NPQM9smEC3vYbcExhYkGgB5NbdOzaidSEMrts0ShjiIaG4E9X8cHsgKFi4tRrykeT2qpQFeLwa576zNwc_pZeTcxTYDlKtfMeRIHNDnEIJJTunAXyRErOngCNBoChrfmit29jWi2hqFXqUbJcTdY4WltFKOH1t6BEa5KFDoxNKVg+launchtime:1714399078131+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1714398656959005%26placeId%3D1537690962%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D002e6b63-2f2f-429d-9c73-00a8082339e5%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1714398656959005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=6752 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=6676 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6780 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7080 --field-trial-handle=1896,i,671468440166685400,17571618260807996779,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4B0A5DFA-F340-4DA0-A12E-1C77BE682BB5}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzFBN0JCQjUtMTdFQy00RjY3LTgwOTUtMTNGNEUxQzJFQTc0fSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntCMUEzQjdCQy04MEU5LTREQTctOUI4Mi0zRTRGMTg3RDU2RDZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzgzMDc5Nzk4OSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzODMwOTUzOTczIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NDMzNzUyMjg2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUwMDQwMDQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZHZIRXhqVG05JTJmRzFYS1RRbXZhTWkxSXhsYmwlMmZVZ2hoU2NOdUtkN2dGdnJxWjFud3ZjYmZxb0E4RlJrbUlqSUtoeWZKTTVzbjJZNFh5RGFzYUYlMmZqUUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMTUiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDQzMzc1MjI4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUwMDQwMDQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZHZIRXhqVG05JTJmRzFYS1RRbXZhTWkxSXhsYmwlMmZVZ2hoU2NOdUtkN2dGdnJxWjFud3ZjYmZxb0E4RlJrbUlqSUtoeWZKTTVzbjJZNFh5RGFzYUYlMmZqUUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSI1NTg3MyIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NDMzOTA4MzAxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ0Mzk4NDYwMTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDQ0MTI1MjExMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijg5MCIgZG93bmxvYWRfdGltZV9tcz0iNjAyODAiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjE0MSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0828C763-AB66-4B3D-9E33-A10C8936AD6D}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0828C763-AB66-4B3D-9E33-A10C8936AD6D}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{5AED3171-4B20-4521-9197-0A395685AF5B}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUFFRDMxNzEtNEIyMC00NTIxLTkxOTctMEEzOTU2ODVBRjVCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2RTFEQTY3Ri05NTI2LTQxMEEtOUZCRi02MTI0OTFFMjlDOEV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjMiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NjA4MzczNzQ3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NjA4MzczNzQ3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYyMjkwNDgwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MDA0MDgyJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWZxQkpIYUJWS0laTyUyYlFrRlBuMW5sY1FNRVlHSmZDUHBJdEhBanl5TzdnOEFLYkIlMmIlMmZTaFZEOUdCYXN3VWRFRXBhcSUyYkRGY0ZSVk9RWlJjSTl5djVlJTJidyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NjIyOTA0ODA5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTAwNDA4MiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1mcUJKSGFCVktJWk8lMmJRa0ZQbjFubGNRTUVZR0pmQ1BwSXRIQWp5eU83ZzhBS2JCJTJiJTJmU2hWRDlHQmFzd1VkRUVwYXElMmJERmNGUlZPUVpSY0k5eXY1ZSUyYnclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iMTM3NSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYyMjkwNDgwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYyODIxNzczOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9IjMiIHJkPSI2MzI1IiBwaW5nX2ZyZXNobmVzcz0iezdFN0Q4QTRGLUQwMzktNDM1RS05MjlCLUIyNTUzMEY5MjUwNX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMyIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTg2MTI0MDA4NDc1NDcwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iMyIgcj0iMyIgYWQ9IjYzMjUiIHJkPSI2MzI1IiBwaW5nX2ZyZXNobmVzcz0iezMyRDU4RDM0LUYyMDMtNEI2NS05M0YwLTEyNDZENjBCMkM1Mn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzI4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NEU5NkUwMUUtNEE5OS00Qjg3LUI0RTgtOTFEMjUxRjFGMEM0fSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUA426.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{5AED3171-4B20-4521-9197-0A395685AF5B}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUFFRDMxNzEtNEIyMC00NTIxLTkxOTctMEEzOTU2ODVBRjVCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NkJBMjFFMzgtNzQ1RC00MjM2LUIzMDYtNjA0RTU0REFFNkVCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMyIgaW5zdGFsbGRhdGV0aW1lPSIxNzE0MTM0OTMzIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDYzNjgxMTE1NSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUJFNjgxM0MtRTY0OC00NTMxLTgxNzUtNTQ0NDQwRDFDRkFCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MDcwMzZFQTQtQUNDNC00OUFBLUExM0QtNDQ0NUQ4RDU0QTk4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0R4T2JqSEdhK25SYTJhdEMzd28rSUVwQzc4K1pZZUFVYmtYcERDMmNqN1U9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQxMzU5NDUiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1ODYwODUzMzAwMDAwMDAiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI0IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzcwNzIzMjU1MyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7331c88c0,0x7ff7331c88cc,0x7ff7331c88d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7331c88c0,0x7ff7331c88cc,0x7ff7331c88d8
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7b65c88c0,0x7ff7b65c88cc,0x7ff7b65c88d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUJFNjgxM0MtRTY0OC00NTMxLTgxNzUtNTQ0NDQwRDFDRkFCfSIgdXNlcmlkPSJ7NzM4QjA2QkYtQjI5OS00MDZBLUI0REMtNDU3Q0I0NjI1NjQ2fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins3NDBBODEwOC0wRDAxLTQ3RkUtOENCQS01OEJDN0NENTNFQkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMyIgY29ob3J0PSJycmZAMC44OSI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMyOCIgcGluZ19mcmVzaG5lc3M9InszQkQ1OTUyMS05RUMwLTRDRTctOEFCRS1CNkZGM0Q0NzM2OUJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIzIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTg2MTI0MDA4NDc1NDcwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzcyNTUxMzYzOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzcyNTY2OTc4MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzc1MTc2MzY2MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzc2NTIwMTU3MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTgxMTc4NDg1MjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMzI4IiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjM1MjY1Ii8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMyOCIgcGluZ19mcmVzaG5lc3M9IntGQzE4NkYzNi1FRkEyLTQ4NUYtODBERS1BMEI0RjRBNkNBODJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjMyOCIgY29ob3J0PSJycmZAMC40MCI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMyOCIgcGluZ19mcmVzaG5lc3M9Ins1NkI3MzBGOC0wMURFLTRDQkEtOERDNS1GNkZEQ0RBNjAxQTR9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.142.123.92.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | www.snapchat.com | udp |
| US | 34.149.46.130:443 | www.snapchat.com | tcp |
| US | 34.149.46.130:443 | www.snapchat.com | tcp |
| US | 8.8.8.8:53 | static.snapchat.com | udp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| DE | 18.66.192.14:443 | static.snapchat.com | tcp |
| US | 8.8.8.8:53 | 130.46.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aws.api.snapchat.com | udp |
| US | 8.8.8.8:53 | us-central1-gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | story.snapchat.com | udp |
| IE | 3.251.220.163:443 | aws.api.snapchat.com | tcp |
| IE | 3.251.220.163:443 | aws.api.snapchat.com | tcp |
| US | 35.190.43.134:443 | us-central1-gcp.api.snapchat.com | tcp |
| DE | 18.66.182.248:443 | story.snapchat.com | tcp |
| US | 8.8.8.8:53 | gcp.api.snapchat.com | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | 134.43.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.220.251.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.182.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | cf-st.sc-cdn.net | udp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | tcp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | tcp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | tcp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | tcp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 8.8.8.8:53 | 4.248.163.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sentry.sc-prod.net | udp |
| US | 35.190.39.56:443 | sentry.sc-prod.net | tcp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 8.8.8.8:53 | accounts.snapchat.com | udp |
| US | 34.149.46.130:443 | accounts.snapchat.com | tcp |
| US | 34.149.46.130:443 | accounts.snapchat.com | udp |
| US | 8.8.8.8:53 | 56.39.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-kit.snapchat.com | udp |
| US | 35.190.43.134:443 | api-kit.snapchat.com | tcp |
| US | 35.190.43.134:443 | api-kit.snapchat.com | udp |
| US | 8.8.8.8:53 | snapnet-cdn.storage.googleapis.com | udp |
| GB | 172.217.16.251:443 | snapnet-cdn.storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 251.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | iframe.arkoselabs.com | udp |
| US | 104.18.33.170:443 | iframe.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | graphql.contentful.com | udp |
| GB | 172.217.16.251:443 | snapnet-cdn.storage.googleapis.com | udp |
| US | 34.149.46.130:443 | accounts.snapchat.com | udp |
| GB | 146.75.74.49:443 | graphql.contentful.com | tcp |
| US | 8.8.8.8:53 | 170.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | snap-api.arkoselabs.com | udp |
| US | 104.18.33.170:443 | snap-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | sc-static.net | udp |
| US | 104.18.33.170:443 | snap-api.arkoselabs.com | udp |
| DE | 108.138.40.243:443 | sc-static.net | tcp |
| US | 104.18.33.170:443 | snap-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | tr.snapchat.com | udp |
| US | 35.190.43.134:443 | tr.snapchat.com | tcp |
| US | 35.190.43.134:443 | tr.snapchat.com | udp |
| US | 8.8.8.8:53 | 49.74.75.146.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.40.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.143.109.104.in-addr.arpa | udp |
| GB | 172.217.16.251:443 | snapnet-cdn.storage.googleapis.com | udp |
| US | 8.8.8.8:53 | accounts.snap.com | udp |
| US | 35.190.39.56:443 | sentry.sc-prod.net | udp |
| US | 8.8.8.8:53 | aws.duplex.snapchat.com | udp |
| IE | 108.128.110.172:443 | aws.duplex.snapchat.com | tcp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 8.8.8.8:53 | 172.110.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bolt-gcdn.sc-cdn.net | udp |
| US | 35.241.16.93:443 | bolt-gcdn.sc-cdn.net | tcp |
| US | 35.190.43.134:443 | accounts.snap.com | udp |
| US | 35.241.16.93:443 | bolt-gcdn.sc-cdn.net | udp |
| US | 8.8.8.8:53 | sdk.bitmoji.com | udp |
| US | 8.8.8.8:53 | images.bitmoji.com | udp |
| DE | 108.138.36.75:443 | sdk.bitmoji.com | tcp |
| DE | 108.138.36.75:443 | sdk.bitmoji.com | tcp |
| DE | 108.138.40.243:443 | images.bitmoji.com | tcp |
| US | 8.8.8.8:53 | 93.16.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.36.138.108.in-addr.arpa | udp |
| US | 35.241.16.93:443 | bolt-gcdn.sc-cdn.net | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | lens-storage.storage.googleapis.com | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.190.18.2.in-addr.arpa | udp |
| US | 35.190.39.56:443 | sentry.sc-prod.net | udp |
| US | 8.8.8.8:53 | cf-st.sc-cdn.net | udp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 8.8.8.8:53 | bolt-gcdn.sc-cdn.net | udp |
| US | 35.241.16.93:443 | bolt-gcdn.sc-cdn.net | udp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 35.190.43.134:443 | accounts.snap.com | udp |
| US | 8.8.8.8:53 | accounts.snapchat.com | udp |
| US | 8.8.8.8:53 | cf-st.sc-cdn.net | udp |
| US | 35.190.39.56:443 | sentry.sc-prod.net | udp |
| US | 8.8.8.8:53 | aws.duplex.snapchat.com | udp |
| IE | 108.128.110.172:443 | aws.duplex.snapchat.com | tcp |
| US | 8.8.8.8:53 | api-kit.snapchat.com | udp |
| US | 35.190.43.134:443 | api-kit.snapchat.com | udp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 3.163.248.4:443 | cf-st.sc-cdn.net | udp |
| US | 35.241.16.93:443 | bolt-gcdn.sc-cdn.net | udp |
| US | 8.8.8.8:53 | gcp.api.snapchat.com | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 35.241.16.93:443 | bolt-gcdn.sc-cdn.net | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | 13.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| FI | 64.233.162.94:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 94.162.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| DE | 128.116.123.4:443 | www.roblox.com | tcp |
| DE | 128.116.123.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| US | 2.18.190.134:443 | static.rbxcdn.com | tcp |
| DE | 18.173.187.32:443 | js.rbxcdn.com | tcp |
| DE | 18.173.187.32:443 | js.rbxcdn.com | tcp |
| DE | 18.173.187.32:443 | js.rbxcdn.com | tcp |
| DE | 18.173.187.32:443 | js.rbxcdn.com | tcp |
| DE | 18.173.187.32:443 | js.rbxcdn.com | tcp |
| DE | 18.173.187.32:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| DE | 128.116.123.4:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | 4.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.187.173.18.in-addr.arpa | udp |
| FR | 128.116.122.4:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| DE | 128.116.123.4:443 | apis.roblox.com | tcp |
| DE | 128.116.123.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 2.18.190.83:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| DE | 18.173.154.114:443 | css.rbxcdn.com | tcp |
| DE | 18.66.192.35:443 | images.rbxcdn.com | tcp |
| DE | 18.66.192.35:443 | images.rbxcdn.com | tcp |
| DE | 18.66.192.35:443 | images.rbxcdn.com | tcp |
| DE | 18.66.192.35:443 | images.rbxcdn.com | tcp |
| DE | 18.66.192.35:443 | images.rbxcdn.com | tcp |
| DE | 18.66.192.35:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| DE | 128.116.123.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | 4.122.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| DE | 128.116.123.4:443 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.46:443 | google.com | tcp |
| FR | 172.217.18.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.18.217.172.in-addr.arpa | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | tcp |
| FR | 172.217.18.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.46:443 | google.com | udp |
| US | 8.8.8.8:53 | gcp.api.snapchat.com | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| DE | 18.173.154.83:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 83.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| NL | 104.109.143.29:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | lms.roblox.com | tcp |
| DE | 128.116.123.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| DE | 128.116.123.4:443 | thumbnails.roblox.com | tcp |
| DE | 128.116.123.4:443 | thumbnails.roblox.com | tcp |
| NL | 104.109.143.29:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| DE | 18.173.154.83:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| DE | 128.116.123.4:443 | trades.roblox.com | tcp |
| US | 8.8.8.8:53 | bom1-128-116-104-4.roblox.com | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | lax4-128-116-63-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| IN | 128.116.104.4:443 | bom1-128-116-104-4.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| JP | 13.113.181.253:443 | aws-ap-northeast-1a-lms.rbx.com | tcp |
| JP | 52.197.175.207:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| JP | 13.113.181.253:443 | aws-ap-northeast-1a-lms.rbx.com | tcp |
| JP | 52.197.175.207:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | 29.143.109.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.102.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.104.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.181.113.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.175.197.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.50.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.63.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | followings.roblox.com | udp |
| US | 8.8.8.8:53 | 176.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 8.8.8.8:53 | nrt1-128-116-120-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| US | 3.20.87.127:443 | aws-us-east-2b-lms.rbx.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 52.26.51.94:443 | aws-us-west-2a-lms.rbx.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| DE | 18.173.187.126:443 | c0.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | gold.roblox.com | tcp |
| US | 8.8.8.8:53 | cs.ns1p.net | udp |
| DE | 52.58.114.95:443 | cs.ns1p.net | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| US | 8.8.8.8:53 | s.ns1p.net | udp |
| US | 8.8.8.8:53 | 126.187.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.87.20.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.114.58.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.115.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.51.26.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.120.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.97.116.128.in-addr.arpa | udp |
| DE | 52.58.114.95:443 | s.ns1p.net | tcp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.229.164.12:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 12.164.229.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| DE | 128.116.123.3:443 | gold.roblox.com | tcp |
| US | 8.8.8.8:53 | lax2-128-116-116-3.roblox.com | udp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.99.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.ns1p.net | udp |
| US | 8.8.8.8:53 | 3.116.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| DE | 18.66.192.13:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 13.192.66.18.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| DE | 18.66.192.61:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| DE | 18.66.192.61:443 | setup.rbxcdn.com | tcp |
| DE | 18.66.192.61:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:56954 | tcp | |
| N/A | 127.0.0.1:56967 | tcp | |
| N/A | 127.0.0.1:56970 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 135.47.7.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| NL | 104.109.143.5:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 5.143.109.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| DE | 128.116.123.3:443 | client-telemetry.roblox.com | tcp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| N/A | 127.0.0.1:57444 | tcp | |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | gcp.api.snapchat.com | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | accounts.snapchat.com | udp |
| US | 34.149.46.130:443 | accounts.snapchat.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 13.67.191.143:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 143.191.67.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.19.161:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 13.67.191.143:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | gcp.api.snapchat.com | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 60.129.102.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | accounts.snapchat.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 8.8.8.8:53 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
| US | 34.149.46.130:443 | web.snapchat.com | udp |
Files
\??\pipe\crashpad_3912_IOCYQYBVXSPKXLJW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | a484f2f3418f65b8214cbcd3e4a31057 |
| SHA1 | 5c002c51b67db40f88b6895a5d5caa67608a65ce |
| SHA256 | 79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6 |
| SHA512 | 0be1bb8db08f6e6041a85cfee90cd36a5b595afbca34d52a125465454fc806b4bb7ae569eaf4c882922fb1b962b6060534e597791cd0ad23483be5981d9be85c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b856fe89c0d2118ae271048acd0ec344 |
| SHA1 | 2bf02f18d7cc9697288756de3617365b02360bd1 |
| SHA256 | 247534ca24a198fc4feb89b814475e802dd87ae54f6f64dd581e0b209b5be4bc |
| SHA512 | 57566e009b2da420b9adf3060202fa3b17cc5f08dac06f4ecc020a4e1359e80beecc022c4fb078ac9424fb8f798baf4d5a0b067e5f3a763ae6f752f4e8484bc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 557afaa33f7df356c9dd187ffbcb604c |
| SHA1 | 2ba495dab169632308d210f3c36e79a26a8044ef |
| SHA256 | a7a88de5385cd2d710930f50c0ba8cd4620d3d417172326b2783995d4de7140c |
| SHA512 | ea8e5cb7786276244a1fbfa2f3398a2e7910c830de8d967b443a011c375c6372937da804620037b4e145391cedcde2ddeb9eb0bb8aedb0415db657e95fcf4e2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ee6b447141b8b4dce6fd0ad85e0d40c9 |
| SHA1 | dc362c822d1f16568adf91732766902aff9a923e |
| SHA256 | 13a4e7f3dbae4109ebc3a7e0231d98ba844ab2b538e3f9604a9ba19f46ebd939 |
| SHA512 | ca90aa69ada95124e779b2affd9bd95ee9d622d02d328cea39a87f198efc6e3a0dc49997cc5d2708d390d48021fd2dbbda1d11d75dcddbbed21aab4f2a270242 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ac4e4f76376fe1a802c3bb337044e8e |
| SHA1 | d23e7149e579fa44a17ccbf376aa539dee373f6b |
| SHA256 | 39cf538d686e5194cba22bac953323a1b9a5cf0d8587b8f5cbcf2ca41742d91f |
| SHA512 | 3f405e633868f0f78efe28c8f1f4d53d96e4c5e4f88971ee69358c6975af93faec6081f384774f32fc1e207c3743e691b8e3f3593c75b906299d8deeb053123e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt
| MD5 | 5f565feb2ca3d6ad03dfa2bf00403ee4 |
| SHA1 | 3de1234b5e00aadddc614edb50c8783263779dad |
| SHA256 | fb8b157eaf9bdeb7b6676d3c383021c0ff747e81e9c07f681bc1414cd0d3c973 |
| SHA512 | ec249b4ef4e1e04b43757abff63f4a2de280df2b9a741e24b06484e03115c822b283de454cb146f08c5cd0b9864d151a26aadd891cd169b219ef48f76e834ced |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt~RFe57db3d.TMP
| MD5 | 0fd001ae1959c948e31a599d65839ebc |
| SHA1 | 57454c915c436bd9333f71ee159363d9d190fea2 |
| SHA256 | fa19fc87273f144ccf6d091e48ec8cafc1a89e9e9cbcd8b0d91a099d48a5c2e5 |
| SHA512 | 486cf65287a2be578f1231b13c319e84dbb0ecf6f7856418e2d0d1d683e1874e20a03e1f5ba6a4cbd1273e14f64d47c3ace10270f91be1821c1ed0fb6ca00c54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\b2beaac8f0d59565_0
| MD5 | 253f1c844e13379e479920a403ad0948 |
| SHA1 | d25ea967ca957e311ce862f48d6d0d89251f8735 |
| SHA256 | ff08850027aaa9ec05cf1914f19faee2696749c51d1816d3d21eb77289cc88a8 |
| SHA512 | 7d5336e72f8118e3449c2ba67533f5650a6687f88c04bfe42819797a8ab35c2096444a2eed0af8125fc54321425832e225fd973ab0e17428f3e2eb19febdafb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 492aae1ef1fd4a8bc6352cb58e8651cb |
| SHA1 | c19ad5803ce36ae30a029284f8272075ae8776eb |
| SHA256 | 68d1ba2398cfe5f2df65b94a8db1286dc6dccd065a6f24f36c373a0d47f49850 |
| SHA512 | 848c5736454dfa43ab87ea4b5924a104573f9ed0950f3b29f4f20e391db0a070f6babf7e133aa9455bb7bcdc1aef9a454252637c469767872ab97e181f6150f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\909e4fc2fdb38e45_0
| MD5 | c1cf1756716ed46c9cc1c63ac3ce6091 |
| SHA1 | b1647a792318d1c231d6817f8b9fb736aba42f94 |
| SHA256 | a5e04b5aae0a91b5a0ac9c937a675394f4851ff08d413ad348cdbdafcbef2e13 |
| SHA512 | 14fe4fe757a6da693ce15bc867d9f3620a0f917fae0c4cf466ca19bb81ce76c9bdde70ff61e07319147b37e9899be8e783949866d2454b0f61bc998d599d053c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\cfb437cfefc22d68_0
| MD5 | 26ba354bc727550e4bbb9533c949426c |
| SHA1 | a9e6a2c4918856c1da07a53d2aff52a804163b73 |
| SHA256 | 2fd97f7217e7043e8d88b5f3980e46b33cde74598b29b21a7e5c95f3577fba09 |
| SHA512 | 84e093f8dcb0e68f4f59e027d26452104cb69f437bb4f5fedee858c9464d023ed75f0ae550d4f478a4adec214a96a22bd8ebeab7df88c894944d742c44abbe79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\17418f9155e01b91_0
| MD5 | 203f5f2b7c261c93610e1b2d3884922c |
| SHA1 | 350fc332c3615b2fa2682532a64b7af2deb056e0 |
| SHA256 | 5302c97927991c708c07a941f199feb38d642ab74cba177d84e51174ae8573a3 |
| SHA512 | 6a53dd7c15a54e27437e2492163329af46dd5fef7bb92dce7d9e183f88ec76f8f9e147f97b1457ab07b781d347e5c650f959c52f801941c5e8a9e07dbc4ec176 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\cec615a85ad19211_0
| MD5 | 1ec952651f142db7b775843862bab044 |
| SHA1 | 48d08f6fac95e82de0d77a7fb1560e3cc413aaa8 |
| SHA256 | 6efc21e93e58e4d7668ad3cc963db22f746ad957e2afa5b4dce5729a7a1411e6 |
| SHA512 | e18ac2ad82f85bd25c8a5ca0e7fef9ddd833cb67ec5efcc3688876f251003baff04eee7e37bb09785e5ae94ae69417c0fae1347576067b4bdf612a9313738bc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 5764d7948f6c1253d76293a35691a746 |
| SHA1 | 4b412294c701e5ef031061aace7f556911bdc2a8 |
| SHA256 | 4fa2cd6bf832e4dd7222530b2f21844e1105f4f333d72557d57cac9f24a69730 |
| SHA512 | f9b5c789d6a06131001bff1fe5bee677105500ff74a5d038a84c40a2859f72d436b318fd6af75297a0a80d9edcbac158d9d4aa14ce251048708cd0ab3a96d109 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cf68763b3486f108008a7d59203ef25a |
| SHA1 | 3ebe951d4a865976895abda96b2eee08999bf8c8 |
| SHA256 | bec7049cb9394bd03ae1bd597bf9165fbbb0eda87f128844eae241db5d027429 |
| SHA512 | 5a6308be1f9d3a66819097c4b5e678ce13566bf93cb0caadd3982f312ff2c9914df8fabf4fa3c92c5d1e74ea927b24907ae4285860379b144e11e1976a79759e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c8cf2d77ef098cb4a06aff7d886e556 |
| SHA1 | 60e6ed8108793062f6aa80d1d632416fd281e011 |
| SHA256 | 5fc19e7fd4302a700eff2210ca88e9f0808cfa1f2969cf9fe098ce89ac91c864 |
| SHA512 | 4f0e43fbcbf2887b3ad0b43755183f1d629ba98dc50676cd42d5267ba7fc465220e0413b864c3b854f55d1e7eb2fa7cd16a0e06adfbbcd79731f90a6fa3c2122 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | 1b15151f04072b735636f0f75b3396d0 |
| SHA1 | e15192dcb3fcdcd3fddc9d4ef9d2abe1d1ae1543 |
| SHA256 | a194407e7f1287b168f81d14402daddc04c97529d9af1eac407c1bf66c027ace |
| SHA512 | b2fa69c791e0689556443df38a178771e6484d847490266af415ba3bd3456a149cf02d6f6bbc00e3729a7889f22cac78a2c28bd429e9def80192d087d18e731a |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3e55ad12fe877a832137652f655857b5 |
| SHA1 | 8e5c4fcf12977a70dcbcc729da60e4b78667e0ca |
| SHA256 | f801cb156028d7ddda2cbe364e509b1df4a0124a1d2f28beb9a0fa45cbd15fd1 |
| SHA512 | b0490bba69f9c8081c01b9e4ff2f7fc7368931bf2e160068ab77841002f7d9b90a829233a28cb023faddd8defc93e7af3b8711ad9e6c0e440b958f944eaf4526 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\8791d6e674c5351a_0
| MD5 | 9db5cb12ce733e99adae3ef46f5672e6 |
| SHA1 | 33cd9474d099e8030dd85df13ef48779b6099de6 |
| SHA256 | a8005fc9d6fc748553ffb49133ddda329471a7b02650c61bb9fda6915b104f11 |
| SHA512 | 30931a21bba25c5d5d91d17e0b082bf61b820e8cf67e908ef34a36ef148f8de53806fa264c67ec6136c4638133ff2e0f6ea65924febb52a41920cd71930c7ba0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d41e2a7578bdcbd269ba95b9097732de |
| SHA1 | 5da0859c2ea3e49cb59084077ec599d8ab63818a |
| SHA256 | 00a724d4a961514de9c350568163f6deecd6da939fce5ac96b343f1791c4c083 |
| SHA512 | 9ded35765e722533a0fd401ce9eb97ff61cc2fa84212c4da7681407899bbd4457b4b85dd7bcea74a029fc22a0564ffdda9362f391bced7b0eba48828793f64b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc8b9dc78cb9374c63bdbd18ca2de6a7 |
| SHA1 | 6a82fbbc1ff8bac788c2998ccb3415f6d0b92f2e |
| SHA256 | 0e5158c22cd6b5bcc06915d64dd23fb4d55f331d1f45f72d51eb8f1173782c25 |
| SHA512 | da19ceea39a79eb049c45ae94072d506ccb31fb19893f7c94ccb7df96a6564ab62c00cd18b03c01cda7e71c7ef1e137dfc3078bdd110f5788fb153dd034da173 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | dc4c721ea81523571faf485d8dc6b9b4 |
| SHA1 | c736246c7a6f930f6e6c4571d27f92815eaae389 |
| SHA256 | 89e82ab770f9df4116ddb5b1e1d0021e3f7b4d6e3b82081fe9a1de9fd22560e5 |
| SHA512 | f86b5a8badc5acd10645afb198ac9019e0a912381678187e2275fa69025ef54e49fdd8e1c8c49012aaa17be414fe871445b7ea06cb8466325365a6f33f804ad1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe582aa5.TMP
| MD5 | d6bb4ff5f0a8c322cfde55a5e240c55a |
| SHA1 | c6226d1dbd0025b2f1dc00ed42e9fd68c4f6ddeb |
| SHA256 | 33b413e3302e353dd8dc79de0558ed334558be531224e4435878b1fe34add33c |
| SHA512 | 39c03722d2dca6b8b0c6b1183048707a3c094da07169af55c3322e8d2adaed5c8bbf87c0cadb4138be1878662adedb092585703efb38820ab5b5b9a5b4832513 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e7f9aeb36c6eeca29e86008e3be62185 |
| SHA1 | fa911831f6a6944a67b00bb5e9fbabab711ae1a1 |
| SHA256 | 07b0f304215d31c9abd59315441d390240b33216e3f89cf21c7cde95f395530d |
| SHA512 | b5c5320725b43f293a0537563b23296460f5fef38f2cb673954e14e970e53a503b05298733c3c91910d19e36c828856885657d87bf5835d5f2306744073302a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\index-dir\the-real-index
| MD5 | bf2e82accaa0a16abb21274dbe2583b8 |
| SHA1 | edd7053a9215e4d4ad70852bbbc9470efbbc90a9 |
| SHA256 | 273dbe8d20f23fe871de12731e1b2ef42168b5ec4e0a669e880134315709384b |
| SHA512 | f68649cb4820a5165447693a37265c79fac4744cc0fccd573bec5a014ec0bb1b058d05ec2e2860721d32250572e33d33c58395ea01bf34f8a3bfb4bf68432864 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\index-dir\the-real-index~RFe585e28.TMP
| MD5 | d976d5fc69156bb7a3eeaa39dce9bbff |
| SHA1 | 42876c10bc25ba4f4f2b73f623a1732727884aa4 |
| SHA256 | ba188b132db2ecc1167e3e0788bf060dd6e1c279996199c7a7182c9a96a7a63e |
| SHA512 | 4ee2d27b462b81d0a019f5b32c59866ececcb82ec01ddbf8272e5e498037d823927d30bef44d4e2ca54b23d55e72ad9793d073996286fce396e5cc9399022388 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt
| MD5 | 57b4cff3e35c21156fbf8a0b07a0fb4a |
| SHA1 | ca312dc00e61698c250dfe8e3490e45a412984a7 |
| SHA256 | 7938d5e31ea106b0393d2e16d7664621d38e119a34bda0fd82cbdd77ca064eb4 |
| SHA512 | 56b8ed3b779a6de125eaa689dd01caca30480ec0355b9efe0480b767afb7918cb516443cafd77cb60775912456718c5c55d980d7be76412bebb4ec4cc13afa09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b9895684ab696c1a82bc38d8843cc92 |
| SHA1 | c8f587a5fe7c8730fdd5224934753e211396a03e |
| SHA256 | fbecb30d497b107dbbd5e9f7e01f4d1b9e488b5fafd286f7ae988901c43b4552 |
| SHA512 | 12cf1e607a12002f2a0f07f16e575d5d4951593f4002fa36d248f9075b8a1efad633e888ceb97a936218c130d4928353de7a99c66e4b8e0d34cf3d6ee8f4f84e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4282ba21f9133aca633bdeb014fdcdf5 |
| SHA1 | a9f8870da97ea4441d44d83bb42921e53f1343ad |
| SHA256 | 9d591b7e707149e3b6008e8b02ebf269525c517470ac28ba454f06fa3376a91a |
| SHA512 | 8ebd1d4bf52e76a91bf845e95aae7ffeb0f3267a61f8df09da903e25aabf7a79bc9e4e510357bd70f1c02861578545f4c2a0a3f31b19d4d5021c63438e9a7cb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 82928ff4b7d4337a904128e1bf222703 |
| SHA1 | aababf8c77bc3bef331fdc28cddb9e3a1cc73d6c |
| SHA256 | c0eaaa83e28f5c13ae331761d2020546eb7038d06458221a76dff371debe9cca |
| SHA512 | d4beb6e486b202ad510ceec23693d91bacc58c47cc0b86e856637039d17e531e3067a75e048007f68aa94d6e8368258a86cbbc5e1f7577870853ce569dbd7286 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 429437d5c613c6c0512f8fe6950e539e |
| SHA1 | 19b367fd01e148d03232101ca1bb875018ed1a0e |
| SHA256 | 9ddf695e3fc9adafd808d8ff26dc7194169e9422f41b6a949d48f8f9397c1828 |
| SHA512 | f973bf5ce383ba522d6e0997047a31abc6aa219d897d2ad7ff2c6280b742724a29a5e5adbdc9c84c08c936c4b611a31392fcfcdc0c084c9b2b256f1122db4772 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5dec48479a88b56533ad582facab8ee0 |
| SHA1 | 95c13c42b9f3b8a64dfc8cf52a6db860f715e9eb |
| SHA256 | b16beae1c2b4b6ea0da1ee3883850c8336cad65e436d79ed8a23ae4150df3236 |
| SHA512 | f41d25db06eb01d1e3d524800711d3cd221529f25975432979c22f32683a643b43cd3d8b0e9a706f266b89d56fcefce339000bc77b65dc53513bba32ea7154b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f3c206d9dab3c52a4db49af962e11c58 |
| SHA1 | 8329eca70941055ff635795bb769b5e420f37939 |
| SHA256 | b00cd5dce937c73519f3a915a9863adbc298dce20de2785b79891f36f54ed8d0 |
| SHA512 | 2bc2886262b95ca0914175af8d810fcfd8e30ba3460f21268a2fdf8b942479637f3593f46db85a3225a2d5cba1e9a0766398fe2065929ea20306ac8e7ed7ff5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1236ce99ee2ce2b12a7c047247cf97de |
| SHA1 | bb03c275450c1ff5a63e17bf7a423cfff96dc777 |
| SHA256 | f8c2c5ffd5b6098bf5f5f12ffd21275c4e35f0a4bb6ca31aeffcc766980c5f06 |
| SHA512 | 1e8ef076b9383d2227f890e49b8baccc1774596bb109b6d56fe1cf950987f1ea84ee4bcf6505c5f7dea5b1b7bec8a6838f287073c3e54146b49abee55ea798e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fd220068b6c57ab049a30314a2708f72 |
| SHA1 | e8bd43da65cccfdeed1a13d84f9a67a1abd01114 |
| SHA256 | c54bb28ed295d7235ff8f7f942a901fb8fa35206783e3207e31bf47cb208bf11 |
| SHA512 | f46ab1f8cf9e3aeb65d88b187182552338a76f988f9881765d75017cdf1171aa9b1aaaa2d03053dc579880c618f02b3d86ce1db287cabb820f3728279d782c5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9a2548000eda971bbe6768a5dd50d417 |
| SHA1 | becabe8007975a124f72efd7f74a87f5473c4f65 |
| SHA256 | 7c8cc2db0c40a15d912f8c3bc18115e6f924a9f43f1f036457b04df8bea36320 |
| SHA512 | 56b64d42e7d540313bcaaeb4fab3b93d1d11396bde3d20545de1ca3585f4b9d45fb7e40482ed089fd2adb7eed367363a03fa3c149931754548b2ade42b2afa43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | da31ac899c71a65af60d46832a6819d5 |
| SHA1 | 5f4c3fc25b47f394758004202dbd2ea957daaaa5 |
| SHA256 | afe440349de9656fb868c0535abb15625e9bae39da7f990d9197b8af11367df4 |
| SHA512 | ffacee132913553ef8473dcb6a87d7577e18558dc951246252338d3aeecff9c5cef064b6b5dbd1138f98d027af5c6dbd25a878d6cae81dfaa8d109831acf4dcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d07bc8b054262541fd9529af50d2fb77 |
| SHA1 | 31b7b5929415da8c4efda43e5714d88f6e4ed164 |
| SHA256 | 93b7848f9486fa8ff2cba9114e99ed57a154b62f9f137a47f4c90d2eff9563b3 |
| SHA512 | ea31323478266a5a5dc94a54baa8ce4b5874ba465d4f487b2c69d9049e4b8abbb64c2ee561ea86c3bd7d5001893ed5570b4350ebf17b7287c3a43a242fbb239d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fe87436910934cbda3d7360b54e31731 |
| SHA1 | d857a1d662aa966991d29070229da785558db906 |
| SHA256 | 1c322cc0e2b965e918c8d50c5182e06ea4bf6381b3158aacaf528699e9304cdd |
| SHA512 | a655c5662da831ff7d87029720cd6d7c0a1b7786c37f4e239a253e2166d3e3822ec578d196d17f704dc94b54426d5318b7678d69d7e7132bf38ac17ee1c6e8e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 034081d9c142d626cc9459a834141bf8 |
| SHA1 | 365a6d89b19fa8608610810696d8abbd4d5ef265 |
| SHA256 | 0ca080eb1fd8a3cfcefbc7243dd6722c753f0186438addeb3d3318ef8f9199c0 |
| SHA512 | 437e8d0cf9a5e9bd9ae926ba8c3f3de129a712b2d70d62a1c0b94029f4e16d4bbef0dc30af0576af0ae8b96c97c82b73b494bfb67ba0e9ee7a3bfe9bc82a81ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\8969217121be6eaa_0
| MD5 | 1771bcf612c3b5236467fb0db71a5b3f |
| SHA1 | ab25b648bd6b6ac1f2fa975d12ea16ffe666b105 |
| SHA256 | 97789dcc2be178623265558692ec395f1b79130387ec3cd9a77fb297d3c57a80 |
| SHA512 | 64e4d351490f853c336080825ab023a34c3e6713f5f9036e32d9b63db04a232a4aaf1f0dc9f9ecaf0b0fe8050f3ce6eb45454db70a5ba339456f30432d875896 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 83a3d46dd3ee601c0c33e1a5a298052a |
| SHA1 | 3f2b333a2bcf7105a3dbc18d1af286c8d44497dc |
| SHA256 | f907eb770292e60c35205b5428af3b57ae197d231a9a25b2a68be67c878279ab |
| SHA512 | 3153a78d3fbc45f9599c2f6256868704a461c5a20094a6e0dcab33c50bd6605b6c46d558fdf25bb0278e6ec649e90f8af8a6d0a114df35841ce4b703e0efcab4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4b4f73382a22d37655c909cb638e1f3b |
| SHA1 | 58b0e096d2f6f4ce5f825d59e1bcf3f95a83121a |
| SHA256 | 06ca32999a525b2556d86b5fa0772c32effd961706abef6ced771f6fa86ee71d |
| SHA512 | f2000db5c49468bd876133da59f643d234239e182244716fee1ecb27b30170c0f3218968c45a19f16d985d9767dcbe463c958d0b7afd56c22ae03cc797a4c6ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\index-dir\the-real-index
| MD5 | 40c13b93f9535bc5f207b3ddbe24a43b |
| SHA1 | 2eecf01665c3a9734213988322f682fdedf10df3 |
| SHA256 | c413c605f876d3eaec1c22b038d38e9182a332b116e36a1f7dc5b6adf76b9308 |
| SHA512 | 12a7bdbaaad5a3b4ed13b88d327e8376d43035eaddd0b47ecf31fff83e8b7f1fdb1f75bb4379e8f8c7e544c06f93df344b2a08c60d77a69cbe75a87e6db29126 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\index.txt
| MD5 | 45ebf9bfb4402e1a9e030f9f7420d545 |
| SHA1 | 90e4f8e8ad5824fc5a583436cd80b1debf366d8a |
| SHA256 | 33c1651d039eeb33730e23a9f1a70940741d5dfcb1ad91b69f5d705b51dbace6 |
| SHA512 | aa2af11c488daabe1e1f93d08e721ddacbdc62da6a822287a40061176dd054ad381bf6263ab40d040046448d243de38ab7dd269afe523b5e7fe211cf4e897fbd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000077
| MD5 | 8dc08524b631aaa76d2469552975682f |
| SHA1 | ba8cf0840520119fc58797b0530e98ed5916d4c3 |
| SHA256 | 33c83473a52658dc8cdabaac0d6f86dcb790ebf4ea17a53a034858bd802e6941 |
| SHA512 | e609f67f618e87e4a88dd4f3953ade125809835eccda0621cc31336477aa726b98ca58b86c3b8a7bfca146c5275b2f8faa0e2ff28694c9c31ccf447298b6cee5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076
| MD5 | 23a56506bd3524021b39ee0244cbdbaa |
| SHA1 | 5411a7184bd21fe9b6bbcbf90736dc30254b981e |
| SHA256 | bf9279e457c657be65a34db2f7b30ae6ecd40e8e61868176527767fee6ec7d4c |
| SHA512 | d9a688bb6a3febfe4e7e908c0755d009a103d99b03678a1c53191377359f7eb56d51e6834fae585d1d4d75448ff55ad3fdb005f382d3febc57194b2db9b09578 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e541e327dc4d158b097f45613b69f2ec |
| SHA1 | 86ab42bfe15105312d404a5769d19cd11abf4261 |
| SHA256 | 05528846244227769997b42c1fa6d44541c153c1f117dd1d8b2b10d74a732ba8 |
| SHA512 | b85ce7c4894f9eea40509618d11756562261c711f4783dc584722763f5f308d1e013a0f8b6073b816a7eb4a132d0849d21e5ea0bace0aeeb0c0f5ee68a5f4a09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e4fd7b53a8ae08236fcdd42a53322c05 |
| SHA1 | 3fa4fc417f2930612ce6783259631fb226cff03a |
| SHA256 | a81623d4d99236e312f55a87ea72379afb289a6986043781c213b9f2fd411a7a |
| SHA512 | e3cc8d64ce366f26e5297d19132433c551cbcad62f6806080bdc931fd362cee59f8e545f0a21c8b4027eea32e58fc5d365267a7f613c1669e1c0e5a552fa5aac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5d335b610b810c2dcd99621c46ee2beb |
| SHA1 | 6abd0338917b3b973d0af0a7b6bd87ebdf5e205a |
| SHA256 | e98011f4f6087591632fe2046618ece60ef06ad23ff4a08bc84f4ef572d5038b |
| SHA512 | 8f19e1422d732b16e2da112b3d42e5a5f681746eacb380bbc1e4d9acbce2c8cddd378dfe9b6f5f11fbe6ec8934c3e3d787db8cb0a37b2085de801ede688b953c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6e4c1767c8c248ff7c287f335ec19dab |
| SHA1 | 500e8b97235468b6bc45a802f01b2daffc7ec397 |
| SHA256 | a2e129184f7b5f4a7e1e927c64011f78adf6402455374847e1e14b3e23917f82 |
| SHA512 | 459367afaba027fe3cc8a65864d279e9d46a5eccce541be70508cdd348a5b7dba183bfd8a777e1b18bf03f065795e0791b5181047e0b0417e80f7c334f7c46f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9720eb1657d004c5d559e19f4c22bee9 |
| SHA1 | 09279a31f970d0c3caed2ff94b9bd9373f36637d |
| SHA256 | 60ac2b8b15d121380b2227da4fccb77bff66f52f9091e09fd8409d9710dfb97a |
| SHA512 | 9fb87af39df2d7bd85e09b73e05b3e13185db570fb6cbdd4681bb8a5301a7eba6700644865624b2eb545872d0e185ce335ffc43a080161914b0e781b1530b25c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | cb86419192f8afce2246236d4f4987a8 |
| SHA1 | 8653dbe785e9612f18d33ed05f3257bb2fce05e6 |
| SHA256 | 71309582752dd3f9e7823de98ef3039c957161599b21fa15c03eee38e7bb748e |
| SHA512 | ad68413f06d4c917ee65d0b39554e980b6e8dfec4fb901c18fe5aa94396c1e635a4ec6261b4c626294d6734d283a904b7f5a266c09755a709013bcbf355247af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\99b39c2a4e67e3b166fb70fb244a5ba14e44d5fb\4b828b93-aedc-45cc-bb54-07208ac58d9a\a7a934c50bc1dffa_0
| MD5 | 73ae17c16f881f8e5e8ef4b45ef0b4be |
| SHA1 | 6299cefd270d5f552405e8a7bf22514aa0c399b0 |
| SHA256 | 36be4c3c346b86f8194bf4f505553a4ecdb27f2b5127a3d4030a821a45012e0c |
| SHA512 | 58249c9ba486fbee85c18ed9279fae14263e85b860a791618b8499ed1413fddb0fdae0229808e328de7f511fb71a014b2841471f031ec305c64e473969750520 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\LOG.old
| MD5 | 2002bc01e072acbadf39e03d54a58153 |
| SHA1 | 81c8b7910a89c30decbdae82fa29a4a4a586512e |
| SHA256 | 99b4515b262ae27a8318f2a143c2cc47365ba238f1dfc5afa4e66b08952e2e8b |
| SHA512 | 152fcbf562b8b9c3a35da6e0c88ec86eba55558f34c755dced2d4bca24df41bd6a4117c83c41856f3bfe24c982b63e6244ac532623ea76d7d3540eaa2d8f696b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_web.snapchat.com_0.indexeddb.leveldb\LOG.old~RFe5ac536.TMP
| MD5 | 9808a49a0fda13e51a73f92e4c16ff0e |
| SHA1 | d5a7e633b029977f62b299c32625d5e48433c320 |
| SHA256 | 9ea378887dabca335548196125704925c19f22aad86a10e28248c974f91d1571 |
| SHA512 | d271e1dc77eb4d8bb17a6d9725931b48bbc24574ca0d8d4fdfa5b2d90239f2eb235cfb8e39bb9a87f8d870f6a234a06016f94fc4b3b042014cc958fa5104e411 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | fbd838466dc9788428a9d4fa8ccdff10 |
| SHA1 | 25c93908a18ad24f7d32ebede8734c8ff55ccf90 |
| SHA256 | 18e2776260a39e8c37090037e2bd8ee8989fb08d0599504bd88b12ea8dc3ccb5 |
| SHA512 | de3556c2e6ef3501719a53b59e21cb1eba8e9e939fba69de5f0a4d662608cc7c4689d0da292d5eb468375b93f448462ff97d838464648f99122c6831078c4ec2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 23ec36dd5bfa3db40ba5d395d45d3196 |
| SHA1 | 56926a51f24c68954b2990389b692354b2ed6038 |
| SHA256 | a449595869e601c4632ae2bf546a82bd7536b85ea170bf5061fa6f46ecd08d37 |
| SHA512 | cd10d1fb2bb976d4f7468b347aff47b1b3fb40a9c86ac2e30612195e06e8b2f7ba0b3d7bddfbcc7ef9a7164f0b0e39bccf0bb99b2940a09c33e730edcc74112c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 97ccd63ca5d6f4115d67ba2f87ae8c97 |
| SHA1 | 6da15c70a2ff3de00cd24fee75dd5da4821af129 |
| SHA256 | 1ec35c499c03c58d8b263cd16023951cfcdaa3d3cf245643055d65e054f856b9 |
| SHA512 | 1d25fee90b80521a63e34d12b5e661dbca8fcf8738d4e47e0e6f1a5ef722f246fc6b74bae2d3671c222a98d4617f8a36a7002ba3d1f418d507f71ff4f63c4175 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 002e0b86fe9cb354154fb05ffdb0bcdb |
| SHA1 | 1ddffcd01de85c5fda6b37bd8220f51244076ac4 |
| SHA256 | 10d95d16d5d723208a05f6686fb25ff0cd48f0f77750032b67e279eb4dd9c627 |
| SHA512 | 67b223dd16d1dfca4b8346f474ce0eb68109f3a57abaffde73ac79aba9b6e37a900815c98e90e12c9077568ea25fa1ea6ce9b6de02c4e07309d888583e9a53ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fe7baae5cce3421ef7e73d77ac13338b |
| SHA1 | ee6a0853a41d2805247f5ad3d627288e25aaf8ab |
| SHA256 | 95697ea1c11f045f1d3e9e1504c657ad350ad40ed5e8dc89d1381fd6815de22e |
| SHA512 | ba43ef8dd1648e3b84f7cdaa11d3d671f08acbc5f6fb8dfed95f3dcbacae7d634dc18d23c25928babd6726eac633a98ca9e6d4d0d1a117d371dbeda18ced4059 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 20f7890a13d5a173b94b24d2f0b441a8 |
| SHA1 | 4ee54845fd6330f3da3942ab8ad695ca42ff03b9 |
| SHA256 | b3198e4ab4f2e6066be23f070cdd842092886607a178bfad62ab273125fa5cef |
| SHA512 | afa7969092bcd8b45b580422e266c9970484471268be559c32b10b9317fbec9de6f110811e71e9ffb527823c65012e83cdd463ce70f2fb40ecffc04fc2e95f9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 388a1222e6a7d4acd29ea6def04c8f2b |
| SHA1 | 489ef146c92ca340ebc1cfe3e724f2ee98088eef |
| SHA256 | 7bb07069b941b8e5ba0b646e8d7df78330378cec2b9d45e6bc714e928dc1cc07 |
| SHA512 | db3abbd1a142dc12883b5f17ec2e0cc58f7c1f2155d7b60081b454b79e5865097987898d1637fea34e68ca926b33a5b9ecb12c280fc7b3e38048fd4c02d7de5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3facc03a326a3c2ed0c04795e68237bd |
| SHA1 | 416c280dc2a5bed2b6b3219f345d70d95825072e |
| SHA256 | 4eaf70e5c0d859b33cf0ede5ad674c955c161778324b800941f579a8bd78e408 |
| SHA512 | 6c3575de8f7158f1bdb4f18d8133f2ffe2e902688df165b9219432c78589141c44c337ec94b80dc85c77d94e9aa6def5ece2fe0d4dff7c6421d7b745c67809de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7ba4e8bd4fa280cfd4e038f68f23b0fc |
| SHA1 | 93f705047c5de9268def0eaf711ca67e92ecc4e6 |
| SHA256 | c373a09be27a996033d85a8cd1a0f19b18135b8616a097f665fc943a1860c909 |
| SHA512 | 8ce40076fbf9d4ce9d6ff5b5aba3e14a98ff0c21abc5cba5de9d5830093e65e1505e76996eca12d88f2960d397d99d0c50f6450bd6705585b0b22520a10115f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 47d78b1f72aae08dd1f7681f4a3f3cae |
| SHA1 | dd04a3009a42dac41c411edd99638252c7968d99 |
| SHA256 | 94b64f0458138fa7ba60fc491877cffcb5c2650620d7367df59c7440db7d027a |
| SHA512 | 3a47d604d9f7ee3ae469a32618badf62828fbca4879cb2782d640d782c450fca892f6ef33f3edfe7e7c262ffa41a35247eb2ee32f08337250254962fdc671ebb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 31f8d969e6cf43559573d724aeece238 |
| SHA1 | 0bd99f09450d1753e4c4b9685c7b165684fd19bd |
| SHA256 | 562985cb46ceb9b193b1284a4facf7fda72b7185d0f0476d81604ec384f690fe |
| SHA512 | 49df02fb39a65d7ca1d7004467dd9e4589048522b2ad7307f9d6a15d1b618fbcd3d342cf831427a6e3a6bbde04d13850e99c1bc4915cc4b460b26eca7250c390 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 97ede45b6c7fae492ac2574e81fada52 |
| SHA1 | 0a95f2b7ccba76d976939469eea2bea66b4b7879 |
| SHA256 | 631dbfb57c38edd2e3387c9d2407889556398b1d0d27a198f7d5f2bf4cc5f771 |
| SHA512 | 4294e8d19551d2573795de2e6dec2729c60d55654c28eea2fb70b6e55cd2d8d5567cb02aafa3aca0dde19350c82009ec4ef547aa6ecd83deafab71c97e11b77c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 261a4b8e26e5f123b086d411aa0130da |
| SHA1 | cd7c790786008e201237cd07683f92d7a6b0dcc9 |
| SHA256 | 36f80fd6f0d4ddd1f63126bd6a58e750426d5b2a10f2dc6b13c8c26d69de1014 |
| SHA512 | 4c77a50850645137fdad9cefc7469f8568f79ab718fd2c98ada65a3d8e68d3457852cd84cf494411614288b2d16cee7de52405ca03d2032dd831d520e616a97b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d7179f9b2906dd27a43cdb2e55580698 |
| SHA1 | ec372dcd287fa881b9f3d5d3d136e8da5c2f8048 |
| SHA256 | 04a48c96f06a1ca29b0324b0e9772cd533d1208d7c35088acf436e8ff6ac2f01 |
| SHA512 | f30b2c362d7f04e026a3b5015f13358e8ebc55768d1792c6b21c58fdfe4209869bbeac3dafdfa53908c565babf15c18cd5e832ad4ef36eeb439bb882d5781362 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | af4710bfad69bee637d5b6eeba619fb3 |
| SHA1 | 9e9dd1a16f6ee4136fb2e69acced2458902a70b5 |
| SHA256 | 2386cd9ffdd337b95adf935a4ad2d5aad34f8f229a2fb1dc27f79e9daedbdf1b |
| SHA512 | f11081cad603b92b5b3897cda27e0cc4fc037610e8ddb4d366db9bb8ce7ac5b7e345f25bdf7a38ab57baa9c19fb0f17ffbaa97186786b2000f77eea62b2dbba0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fd2c3b1082167567b39ed367ca095e0b |
| SHA1 | f52190c6be2a195c5c8697e136d910a0112fc9ca |
| SHA256 | bc152a78585e629df999a7ec3c49f30e1e689122a4fb8664f5e68696f4e349b2 |
| SHA512 | ee0e49fefd3c1ce73fd0e8be667777c28749f200d83b1704091e4a1fb84b38788eb4256c97a190595a0aa4ff6ee8a3d9ee32cf935f868d62e5119d6e5ce45db3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1d657aef8ba9ab00d090be46f913c1ce |
| SHA1 | 34d09c2e35de14026c814662f157760891169aa6 |
| SHA256 | daa7375f9210e136fb8daa7966df18068952f493204a9f38e9fa3cb4faca55af |
| SHA512 | e5091c80d0bb076a9909e7ce9593a039da03af164182263b72b576575abde1092545e7c716bfa1a9c99a6954eb33ad22415d45c70022081b40668bf7882172fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f704cf7d9ba2071e517231e1557be4dd |
| SHA1 | 5efe20d57429449f13021ca904b990b20b45247c |
| SHA256 | 410b4b7a758a9cbb7768c26c35d0dece4001ff3c8b660a016419dce0afa9eeae |
| SHA512 | e769855fcadf4067f9cd0373d314826fa22decac47383c301faf180f24ba9381d24c73fbbd9a1e82b7b4766e1ac9c142e2c534411197da9f4d7a8e0beb19c33d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bcb77b6c1d485db33ec57ad4fb905125 |
| SHA1 | f03cbfd0aa320ca9a51997de0dc12ab5791b5ebf |
| SHA256 | fdebeef2415ff92e912e115732bd06e903d015cccc33f3bbb0fa8e0c2be18667 |
| SHA512 | b669cfd642fed1304e8a7a1cf02765f42d4f2e8af1b3bef39aac65059db9f737e4f15f809da8244472f9087d8ca51447f665677e01fe56de878e62da2c01b13c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3524be75c01a0958320d7e79b308eff7 |
| SHA1 | bd4b88b7825543247435d9eb017397de76e9d523 |
| SHA256 | 4dd206633f3839c22b8f9f31666e074075eb3697cec1e13e05ff6cb9d35275c2 |
| SHA512 | 3b104bbd6467b9024819eeecf032137b1d32d6acbe1fe506b838bdc1078105bbeeeba8e6706abd277654fd1faa47d7228f8637ac9960194c0a3a00bb940d4ad4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2328944867847a1dfcef4c0683f23364 |
| SHA1 | 616ced6754924fce77c16ea59df006c07a27f65c |
| SHA256 | 664d72cd089c73b7480122277f65c2047889fb06e830c87993ffbc4a0938a684 |
| SHA512 | 360b006531abb99394a9b22e71b621d9151e01b01c763213c7a3b7463280d8f656fd9e9d28216d71b8e1842d56fffa9dbd59fdf0e61cca36ddd1366c26da4880 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c1c1b64ab2a4d37e6c7a591212b6cd81 |
| SHA1 | 0334b3c7cbe795443107a1826591e271a0d2321e |
| SHA256 | 1ee855d1c376295d6694bc92258f709dae1cf42ad79c0168552412258e9364a2 |
| SHA512 | 4e4347831a2eecf73b804e980c7b0491937316828b99e812b846d9f1ab321b36535847e4670e273172d33171d3dc0dbcc4eca956e530df21deab28bdfeb27e6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
| MD5 | 03cbdbd07f6a5bd5f2779ee7ac877818 |
| SHA1 | e362b9045ffe0e3ee494c3e5891973a256a1e533 |
| SHA256 | 1a509a8c2d3c33f5a6ac5cd7a0365a3af3cb3465ae7c924fd043cb5c6f6a9a99 |
| SHA512 | 93dc52d9ed191c591c4b6b67cef6fad1f2162498577c87604f35f4759c1fd62cdc1e58fb00fee96ff5ee6206bc8c2a06bf3a0960eff0c0b83f7a34e1dc12d635 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 31e2851041172093c5cce6e815aff43c |
| SHA1 | 831d088319d2c858243c27d2f7e6133f80cae83c |
| SHA256 | a7d0e92639c64898a3268a6fc1b9cdd3b6214451951705bb28dd06b9a9f0ee32 |
| SHA512 | ccd72b93ce3ab8897d8522e6d69106c5dece69c2a455702f8b6f9cc2790996543f9f2ed1ab3b9d36fd58d9f25bc154fbade776d3afcc073d457e9a539fd9aecf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c1390202e18f352f054f6f10bf214e9b |
| SHA1 | 69830ed22036aae7e15b8be73d60e8f9d7ae61b5 |
| SHA256 | 4198bad204ee382f6e50184a35a8d47900f83f0e5f1405aacec448ff11b33676 |
| SHA512 | 3672c613d7ed3e7088a68f367525285dea4521192de977583436dfc024a9f3bebf3c86f95e2a6434a8ac232574c2929c1175677936b1a28e2bd4e42a9117e73d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 80e09978619391a5d7a59e5784ac5674 |
| SHA1 | fc4f45f1fdf067b2ed86f5cbcfe248a1b3ac6766 |
| SHA256 | 1cd726952e7b25b7eb209f6b909eed60a75eace21f0f521e46a660309bab85b9 |
| SHA512 | c6856cb71100927004c1b0455975b08378f6c22d240b3a78f8a6608bbe042026e7b676d060f7eb28d860b6b9264653338f38d0648bb8204c8be808993a27d02b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 88aa69c53e6a10d52af1a91ac326eb27 |
| SHA1 | 0fe024a6ea261de3ffa48d67a7ca01ef304a0157 |
| SHA256 | edea0a9b8487451cffb8c79993b0525f28b3da04d3a815f62de9a7c85109c879 |
| SHA512 | b81452b3d4c6395c95e9c315a84bdd8ead3465c103a96457deb470e4e4d15a61ee1c94e097611351258a4b663d521fc08a2c54f0ddcb531c98d372dec91eb6f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bbe2dc708869613761081a6c6d46ffb9 |
| SHA1 | a70b408752925bb74db86ccaf11f9775f989b47c |
| SHA256 | 4266a5f3d7aabfc066ad30cf46b6764fde68f76e7a0e83ac79308255d8265144 |
| SHA512 | 04742b48e2451229ea03359a392de1b4bda4557f590821a75a2d723a4fc9db0f11d31ddacf1d9955b59c87faafea4c393cc5371c7a6f2bc80eb4a9eb74c76dcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ec
| MD5 | 17d77d4f4b89495b263b9c3d6d91e1f7 |
| SHA1 | b1ef1fbc9eee833a6b04aa57c535064469172115 |
| SHA256 | 2fb39785237113ec4eed896bcfa92540fa407dd33a6ee20710d1204f9b7d67c5 |
| SHA512 | 80ae8fd30ce1599970ada0001d4b0fc39966ac2a46925b64bfd9829ed90e1a6f58967817f15645cac51256921d741be5ff3f001372293ea0c2d99cc6fd7942a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c578170bae731b4d97178657cd8a1a56 |
| SHA1 | cabd441ab1e31a1c1491575ed22b16e181a0d422 |
| SHA256 | dcb98bfdeff97f0dc964579de93a3c8ff1e9bfbca32c6407808ff353046afd17 |
| SHA512 | 97c0ed87c7fe827b53a94aa823baa1ed327707a23674b110307feb29d44c799f0f435c53f98b43ec699e97f84b7977c5cc6a5a93635edf2d3eb96e91f0187903 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5c1a27bd37b916e37f5280a574ed64a8 |
| SHA1 | 8a2498fc8cfd88a973bd925cf2e56553c997a1e5 |
| SHA256 | 86de4a72dbb0dff994ae2435ae40aa814772d1db2c9ea9f409d29ec81a00e4d8 |
| SHA512 | 1046fb63bd8d892944b95425c7078307514140a7c7069f6177c782c48c0d746ed2b39b68d169fd5948d9bf09ad4505e619ee48c30c5a56454db3ee9d176eb671 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6b8eb83a5fdcbc1d7629b6c67c1559c9 |
| SHA1 | 73b9be1e745f134bc270de0874ac28e215d4ec60 |
| SHA256 | 3332fe52df2f3cf33e3936688452e5d766a9a54ba081dafa4328d11cfe8d4cf3 |
| SHA512 | 69b8f5552b314b7bd679bd11732cf2307003f030f21836a24f7e6df36c4a2fba8de8cce73224982485534f0efbd0602b635a55c3a340562bd18c7a2f127ac2eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | df1ada4e6e966311f8437c31459dbcb1 |
| SHA1 | c829afc32306fd12904074a52e3512bcf667a13b |
| SHA256 | 71ae9cb0846a238f66cde371d0461e3278b786cd34bcb051b42102cc1b699750 |
| SHA512 | ce33c27b72fc8df609e43820b0a13f76b61f63f5ff5f36e991f71077e7f586c3f52d324fa17484f5e7869bca5a10a75dd9d0a2fa7520477c9c6d32d63ee68e1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 692f6df70e0143a4c084c36606e36400 |
| SHA1 | 485c1705384a626ef6fe5e0544c8333e2d2d79e4 |
| SHA256 | 60e0a100b0dcb2dc20ccdfb07f72c9dcfcb59412cb6caf3e3272e0b096426bfa |
| SHA512 | 16f68d0f154c4a62e4d7227ededd6a256545789d1cb9ebcaead4919d7f8018e77e5ae883a7ebf740945f0acad517216eeb24f49370e49e73af98c933d6ac56ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5e6465.TMP
| MD5 | d00c23fcac048bed43e50b077063d7a0 |
| SHA1 | ca389c0034289a5b3d4595d3b00b60fbd1fcfb92 |
| SHA256 | c6535cb1af73388a5df6255012bcbd04531a3e3e198e34b637d41d8111701c6f |
| SHA512 | 98e13a0e10de38ff2f65044f022ba3071791afa605021ec2732f550c1ff02ce89c1eefa9ddd89f5b961ad60745f04b49e9e24f2631a2c263361dfe3c4ded3e82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1
| MD5 | 144ace42a04db59e16c7a80beaffa6ee |
| SHA1 | a27f293aa985a15b65d1c3693fdb8b6ed977e907 |
| SHA256 | 1a5d8880342529156a8be75473ef282dc3a596b35b84c86f83945533afc7ba1b |
| SHA512 | b28784a9f677aa9b2b8201f0f5dea574e1ab661b0350769ab3ed780bd045c529f190418a41f5fcbc3a8a9713c7d1d0541f9ca5f8b27adedeb88c08823629237e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6aa6ef56ed8d423e4e2f4e1a7f72bc18 |
| SHA1 | bcdfb7402ba5e5df382374459992170ef719ba1f |
| SHA256 | d3840f9922b8d3d082b5ce146d575f5e2d34bc2bd6a798f9c69656800eb0f963 |
| SHA512 | 969bbf9e682a9b7ae92aed92296d528d956cc3f34b33d1fd248bc3ed5d6e7b7e6297e82705862e785473dd94f3022e1c2ba8b1a37732c5d5ec1975f406edf10d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e0dcd61c17bea011db78cd2da596ae46 |
| SHA1 | 2281d423eb487ee9ca185936568278a9e28eca71 |
| SHA256 | 2b5f7af3f0608dee9ad8347f7291bc294acf329486fe849ed9f757ceccc8a674 |
| SHA512 | 470eac29b1bd59a15fed5f034fd6a3a2fc685fd8eda2dd5ffc94106369d9f58c815d2706cc83ae267ec94df163974f842d98826c6d5d91faeebd9b36d8fa3538 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6241b70548a45c351dc49fd52df7a3ae |
| SHA1 | 8a6e2b10194b77433366b9645646a352ef387792 |
| SHA256 | d1f4f720c56c1dcc925a4c1f77bb94f9d98443b10801acfe3962c1fd90eb292c |
| SHA512 | 8583add3b1076b7773d18bbdd0b9ccb72592bcdbfdada040e12bb193e0b0bf57b1ad3a263e09a4f61a0ba16e6a6e5922145b4b81f8acc704cd3989706878298f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ea
| MD5 | 8904561783875be156c55708f34632b2 |
| SHA1 | bf064a6c8bd16f1bbfe14e3919984948b6a7d39d |
| SHA256 | 69e4943e6f952b304c4d11e422d015f2337f491dc109be9ece42f4bee33828ac |
| SHA512 | 407c74d71199c82126b86715a32202d32a6704b34148b295098d3dec343d04643b0c6905e7ae480e98897d76924698813cb1d13c83ae8a475723192009bf43eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb
| MD5 | a76576559187bd860a577710d26ae7b8 |
| SHA1 | 1ec3012089a6ab4500df94db55ca692aa4f9e4af |
| SHA256 | f5ab38c1a17138815b290ecf011fa13f8182d229db71171768496c597731196b |
| SHA512 | 9eadfe7959d2eb935c69db64bcc19605994394dd2c0611e82f0240e7543caf971fdf43a76d53b56493cfb9dd02b2a71439923744e9577af929ac6667e6ef9c39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c7b69abfa826b043_0
| MD5 | 077e6aee37712e9f48d18500455f0a31 |
| SHA1 | 13059d73be12f5aecd58c0b150e54f0054674731 |
| SHA256 | af6d93dbdf4c1e1a48e63997037297926dbc94f0d2398d1e3d95daafbae5bdae |
| SHA512 | da14f54444cf4d3bf7240b499c1558167956fe58135a3ab0fc7bf806ceb1cd17648e8d23bb2a63ad70fb231a17bae763b4e648adcd4340def654966e39326dca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2db8655a5875d91_0
| MD5 | 11ea25bbf48fe8ce45822b27915b9d01 |
| SHA1 | 8cb1b8bd59ea985096e55223ec7cdd97c9e5986d |
| SHA256 | b933c1d55dc6da4ffadf32dfe7adb653edb8133f8c1569a7808811c5f4b52ab5 |
| SHA512 | 4acf07682b52a6c51a7ac9001e8d51410fc0d2699b004b020d265db67b1fa27988faef8d2e75376e64a447f98afd24e6a7e82bb5320b2d3d0d04f061c4c4f041 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ef
| MD5 | 2f00e4424409ee433260aafd63b465dd |
| SHA1 | 43c37bdd3784f1e4e04cecb08d13e0c62e319000 |
| SHA256 | 8238fea3585d4d3376c6888b5202fd26a7868d9d1225503dbea04463a04eaf0f |
| SHA512 | 61e5be949c5b263fbe7c7c9d0ca31f1cf88f4d8d18621e8e553d4b6ff3917b723537ee53a0025b37474d41a7494b04c69692d2e6ceca7b3747e17d5392649075 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ee
| MD5 | 014146f2b1333cc13178da8e64b7a133 |
| SHA1 | 6f8840aa60b0825bb6f0faa1d9fcc3a1debc3fbc |
| SHA256 | c21cc0e976dd2f9c434b046b564afe0944de5b67956af3c03442980441ecc60a |
| SHA512 | 069ef3f6ca40be882148921663d2f3e9b559f2ef89457526c9281664015e8cc0241dee629a21dcd27fa4f65611389c35fb8ac958b7aa33354a303506824c0688 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ed
| MD5 | 86ad3d64665e79f482e5aca008dff829 |
| SHA1 | 31564e4afa34c9accd422bf25d3c2bf9d55de26d |
| SHA256 | 932a5e2548b1989c9ccc5def1b963e18d54db7a3c22ce0534915196f1489f017 |
| SHA512 | 0f9e240ba566cdf3f8e9791acfe19487ecdcb0837abd891117b411e2d515af946f9ef76b00a11202db29aa509d80c97c5603a11a791d67409731889a6a91308f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a242848b390467b541c51a751cbd0288 |
| SHA1 | a2af5f8622241a33b000fcf7b8edab23e2feb856 |
| SHA256 | fe5db058d82ccda5dcd6e1012ae32cb16f2068e12cf60d3d67c99f8640c52df0 |
| SHA512 | fbf79f21401584d1167944d77c2b982bee0ebfe800fcf8911a5bbc0d7bec331349405873cc5285a9b950e174c3faec016b45f53ec81edf388ca5b8eae6b26d2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f1
| MD5 | 3738fae53a165cf966aa5d58a4b8e2d6 |
| SHA1 | 13e60afb7d1cf08503e47fbe331084f3145fbe77 |
| SHA256 | 9b1647d4f752bba713bd4a11d9228ec5bb0ae7ca4af1ac78bf65fba3712da8e8 |
| SHA512 | 91ecce0f2a01d885a037746a17b0f11cda9de68a6b5a7a9eaaf013c92c53042da8e5b405ea778ea021465d8de76be18ef9f9fb919ef05298115f15f1c6b6079a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f0
| MD5 | d2b79a1d0bd90be2d432b7fbf831ec47 |
| SHA1 | 5eed73092ede7dd2eebe1ac41072668ee46bba9e |
| SHA256 | 3f9daaca584911b4dfa7e96539469abae7d6b95d24be11b9525ddf51c1707731 |
| SHA512 | 1d730dad5700403bea2c8b8a5ce526709298ada0cf0fb17af264d3ce153433640b31261362c9cf53f0c832a020ca95387368f6a0e3cfb75872f231890416cee0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9604509058667c63ce34d255158531b3 |
| SHA1 | 8b3c020c03680cd7329927962135e91998614ed9 |
| SHA256 | cdc7366ff03bf932e70e614e5ef572ce13878f8c52e35b5da3e579eda4a48690 |
| SHA512 | 7f5e98cc17c298da9d68bbabdba2e4f341b37cf9ccb50ed288299d7e21a8f4c0f905f3cec47e51b127ada5826f75c07dfc7b7b65f2baa5ad20c4c04583b8353a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ca8daecb9da4405b047bca0fc75081a3 |
| SHA1 | 8bd3bf097c1cbfeabf137c55fa5eb031ce92de6f |
| SHA256 | 4b3a9bbedea1817ac474708fd3a825cf3e03080aab079dd973a5cd3dab7e310e |
| SHA512 | 0deb0e9e46ad85ab38004867dfbcd5c80eb78754a5a43fab5bb47a0449d7edadd5616737018b2d6a15ccc8923c080b20fe604c71d2249ba98abc86af0221837e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5c0e01b554c48a170fe5028ed8129bbb |
| SHA1 | fbdad4a978774fb23c613bac71219ed9f0ca9330 |
| SHA256 | 5ae3e30aa3951fb473bb562b81f5c289434a06a38cdfca1359fa3cae39e15b00 |
| SHA512 | 126b832f9df76b4b377ecb80f737a172ee208bee915d3584af14d27cfa2ab18385a1f2e238a075b4eee2a27f59779dde523e2874d31605894b6c2817dfc7f6c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 4f51352847b453eb87c9593a2228458c |
| SHA1 | b4e95be488c2691025fc49ff939452850170a44d |
| SHA256 | ce6ea9cc8fdaa51f3c9298199dfbaa9cfb0f2fdb7785d86df92cee1772212766 |
| SHA512 | 1d1e8b4849a7109a51c35221d59c1f525af26dfcecd8c94e4e8f55f2b2799dd17e663965ef4ea289cbde4d2a23a68809f591eae26a66685873d6105de860732c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5
| MD5 | b0456b99f9e4f97a7036c416652b53ed |
| SHA1 | b7c13e3e04a282f173929966159fcff5d146521c |
| SHA256 | 186a5a71995f40754a0b9042ed2399f4c085e1c038643bfea5d3b290ac34b7ff |
| SHA512 | e21595a46ca4c79389c88d6b47f13cfa8d774a682ca7051dc2ab1ff6152cd374752e5db3e7d960a23a7b05f2affd8fb191e72cdce587e2f1b84eba17a7d2e499 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d7
| MD5 | 20980bab135f476d48a3f69148762f28 |
| SHA1 | 75394cf4059ccf01a554278c554a5610dcb9b73e |
| SHA256 | e4219e58333dbb133997b1fa9b51e906b464190beb8d206f0f39f1db909f95f4 |
| SHA512 | ab291427fb1da8b8e6b47018d18de6b9267bceec59fea507cae5c43203e4099530e3a17a12d6840a231f9f5b3539dcf5a480573d61ddea14450dd48ba4caaf6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9aefdc98bbd16f21017eed482fdfab4f |
| SHA1 | fb4e10ee645926bc1bb602a4105d7c222890a4c0 |
| SHA256 | 4b4213aa7be8304f80a7338264236f16ac13431ce02b3b1fc648f84cff5498e0 |
| SHA512 | c86c91e96a24fec80a7ee9251e34fbc88f3dd953577bf4fab3409a7b65807ea7de8344d83d9f3ce75327d64455a755398e1739c32c1f5dec7d9dca5391060a60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2552c4ecdb49ec296d5d9e7150f3692f |
| SHA1 | f4cce7f7e087c55f3edc2dc654b691cc73fc7fbd |
| SHA256 | 36449db1e24f06301d390c6a23dced18a786158ae518d10fde8d38a7d634f119 |
| SHA512 | d9c3da8aef61999242cbd4c6c7ca1d11578ccaa7de183c5869bb63c50c383a34a28fd683918ca077739af9af425c787c724b6abd718f1fc00c04218f430e4961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | da19e1e6ab2b7de543bcb149824a3cd0 |
| SHA1 | 78d28f2a18c7938d2fdc8b7e6f53ce8c99cfe12b |
| SHA256 | 8f38bd6c5005d471dd0be8e1200e9f9ffe615219367cd0011f87bcf5944be0d5 |
| SHA512 | d328410f36d92280cafe7bb5307bc5eb8557661710f3b8920999afc6e761316dce23f654f1f76557945e8b090ea5e9b2d9079b66470c8ba2408601edea2694e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0439c37b012f2112282a2c30e33f0f6b |
| SHA1 | 73fc5b1befbfab2375f99554cdda3421d564c6b2 |
| SHA256 | 5a265c54cd430075e9a3f8e5e447367d6741e2d97ea4aff8a36d9b5f04d80715 |
| SHA512 | 3365d86f6857d0396ad64e3c923d1d02aaae5fe0f4b0d48e86471b60c5f859930f6682c1006ae1f99153543a5948d036f7c4bad10f336fb204a1b6a7c0185cdf |
C:\Users\Admin\Downloads\Unconfirmed 196226.crdownload
| MD5 | c52eec089b9dab56e69fa5f4d9350d8e |
| SHA1 | e89b321198835baa1313dcd1b7eb71fc75eac6b7 |
| SHA256 | d1a0d760bf92479e176dbddb70669d9c3bcbcf8743c5601517682ee300a202de |
| SHA512 | 894f3ece52ba0fdb7bf5eb3b4a473df66230be894fc47ba2f5189a06ec5db252f0a215d6062514c5b467cdb498555ef03b2dd26d6a8d76a25e121bff67fb4677 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 392643d3e4e2d5a9c43fc642f82c7de6 |
| SHA1 | 3efd4278737d3ac087f60052ba754275c55b5f99 |
| SHA256 | 3cf175860453795d42352f0bd4c36052576a1853efa72d974b622fbebf24d014 |
| SHA512 | a3bf5cad4505a0f2c3eb90fedfa1fab475e60258cbba554f73d619a475225016170b34d37d17cc3c78685abafed9fae8d2c338a376e5bb4c57270f2d68ca8bea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 989c7dc3d0a2b9619f6837d81dabc5a9 |
| SHA1 | 7e74cbf8d2acf6fba528822ae970dfd54ed3c7d9 |
| SHA256 | 3930a897c49ca6d1c8d24a30a2081f86a4a2f2e963c9a21708c9ec68bfb4251d |
| SHA512 | 51f1eb7ba6d196739555476b763f66844b0d43cda9cf030ffa816b0b654e3d1f50fb5d3a2420aac926075deee1092b70c485e745f098db702b074eadccd58abc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f45241ed1e910e5c703b37468fe0f1af |
| SHA1 | 2059ac481f6082ad218ac95f79839a87cf4e480f |
| SHA256 | 71f23d2d928d79f8984021c608e5a9d1b8eb598d231676cc96ecee3e83f68b3d |
| SHA512 | a6862cd975f52473015a5b56f036aba639667f09be444ec2c15df9b9f6b5572fade07cb8f7535704170c2f5ed2bacc4d014f6fb4d94713336dec459999408a9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 973b0836dff51bd2c9b495cad3792ff4 |
| SHA1 | 386678cee7e6f0e982a917f3bf074c713d42ed01 |
| SHA256 | 9d956ebf21162189474e047921529d6da05b42f99574253f951c306a4948a617 |
| SHA512 | 06167da6d0fdf8a2fa0bdd7a1a57fefd45d9a02aa8cf5b5b15e13f665d70e345ff275c72730d66d931ccd532fd8516938d228c7eb15614e1ed371f1bf093d9cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4fbd25d5128e91f6cb5832c05367b29f |
| SHA1 | 95de69eeb915cc2532327aafd689bdccbf058356 |
| SHA256 | 7a69463725d60821f7c6f61e4164d2677d739ac29ca5049559d8b4320055d7df |
| SHA512 | 19a3567906ad12ebea91e59b81383418b424618cdf7fa4a4fea6c626929e988270fdeb638d2ded608130b4add83f3a82e98fcba0b8c9a81f4fbe1aea9b500ac0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3df640ae96ecd073e4bd3ec4fc86d1b6 |
| SHA1 | 8002f8f25a9dca1300cb901d5312915ab2aa33a5 |
| SHA256 | 319eab5bd4bb890c4cf1d8b9c62417170cf09c7c1ee4e0c79cff273fd4a2e7f3 |
| SHA512 | cbbe42902e610633b8ac099e22075e14aebdb265355cd4a1101a5806d734168c8fbd74c3bdd3b692e551843380abf0a82045d51dd34a0e4134fb0a96507bb760 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa28ea9875fd3390a3b71081884095d0 |
| SHA1 | d605f16b45093b8fcec3040570877a5fc331d59d |
| SHA256 | 41841a6c3dfc412b91fdf697711c63b9e4e7e35dffbafb7a09ae9a33401530f7 |
| SHA512 | 8ffe7f97b39ce40fb1fa194c7d97ae9f004a27abf02974d1ae4989b4f78f5b9d8dff5e17f85ff54427c641755448f71a2560866d5fe767bccdbcfd0198db49f4 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 911c020a364b10fe1de664c01de4534c |
| SHA1 | 8731aee51722d2e1604864eb8f03abe3e6d35441 |
| SHA256 | cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591 |
| SHA512 | 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 6a9f1f92ec819b13d688c216f3812191 |
| SHA1 | cb8e6ec353ea04901fb3acbcb71b65d210f47d83 |
| SHA256 | 9e0d40243547db11fce254256a4f8fe9f68f916f1597c8017e1fa365a1911413 |
| SHA512 | 98f0167490970dd790c7d8fda6cfa099f2b6fb1e0f1bd7abee73302f34de2dfbddd5a79d1584ba0f6ecfdf98575db230fe651ab77b9892f1813df1d566ba9a08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c283a45ccfea35f19ab43fa769a45eba |
| SHA1 | f8e06aea824dce39306bb4b5ace588367c255e6d |
| SHA256 | 43cbe602a14fba664489b68ddcdbf036464c0188caf2ea54c29957c9128ffbf7 |
| SHA512 | fa86e6c209dd5b94427771e9e8b3e54acb3bb3817bc2015dd905efc9818c2dade7fa021809feb3ea736649ec28bd1f0c6c05b31748f2d5c4fab6cdd4c46642f8 |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\ff6b65de0e41d5bcb3b4ba09a6990c0f
| MD5 | ff6b65de0e41d5bcb3b4ba09a6990c0f |
| SHA1 | f962a1e4ec9c7d2ec4625be854fcb505e0be4427 |
| SHA256 | 41f6a727a284fc75e82310a6c7ddb1b609c89cefccf3a25196623d4f9c524e36 |
| SHA512 | d6f6d8d62ec74d6b3800480152b98d66d78d5c528e305064bf1347bbc18177c2708a626cf7969377e9abc6a4e018ecaba046b3042419001bcc239ad263c0d435 |
C:\Program Files (x86)\Roblox\Versions\version-24872f7beace4d0a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EUD267.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 427582a14b1f7b12aa3fc585f8ff3e42 |
| SHA1 | 534090d28514363bc3189049b4b08bd140d1e3ec |
| SHA256 | 7dea13b69d4e9d2830fd694889e33e38160fc7a502658a5e21697a6fae7d4470 |
| SHA512 | 516e620cdc52cfa38e8bb98ca8ebacb88b6cd40d00e8b9e1e1c0b07d6f844e4b084be91a816818f10bbf842557a7551653d649d66cdda0b925c9388d5e92e085 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c04d37d3054b81526152de65ad257906 |
| SHA1 | 5c5f80104e22bb68b41e3fea2cc5945fa92d425b |
| SHA256 | 13d29e9aaf3c8b5cf01826a7a5bff614f03303e6f8c362efc4927428bd31ceda |
| SHA512 | bd7178f7517bc00a8b543f623ca7ace1717f89631a0c264dfd8ea9055cc17c7eae565b7f854abb1bc2a44716a502742ce99c9bdae0655f678757921700c0e638 |
memory/216-3547-0x0000000000ED0000-0x0000000000F05000-memory.dmp
memory/216-3548-0x0000000073490000-0x00000000736A0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a8d2e2bacebf30d82dbf74a1d74e71ca |
| SHA1 | 8fda790edc6ee5892e784a9ffea3f46308ee4e42 |
| SHA256 | 1210bf990c1087aa7e06d1baf39f2744a1daed200d233b692748e73378917f57 |
| SHA512 | 9fd9c8bf4c11129b635ea4d8c63054b30edc27a342f7eb7f67ccb0e6fd3ec469b2a746e0b24075bd76829b57fb0ac08187148bf310d3a0666df368486f2e3185 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae4e356a34761c3475f7922028ca0547 |
| SHA1 | 181b745de63cc57d21d16cf19c4d963da99d213c |
| SHA256 | c6c271c14f261c4881041ec721a42778705bad0de6307b876ea8ac10ccccd422 |
| SHA512 | c07a74e72b5116f6e806ae470daed327a3be4fd9aef65b59ce332b0b341763439bd1af2d95b346894f5a1547d05986f4ff99d7b430e7af2b0092dc21224b0925 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe
| MD5 | dabc3160a804b9fadd89ceb0fcecf388 |
| SHA1 | b52f15e866a18637683bdf0ea4eaa326b787396f |
| SHA256 | 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe |
| SHA512 | 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | f1580e9f20d814b24617ce8a9773f6c5 |
| SHA1 | 98fc29e7fef8e6e9c27bdcd80b8b70575d9046a7 |
| SHA256 | 124bd8140e942d0c89fbfcd3c1db87571cca992f09b40e40ed96a43bb38da250 |
| SHA512 | da01c476e38a1a0ff19807602528a6bc8eb2071183abcb5dcd72930ad795578da920e9a83126a93bdd6960c94fe7a7faf09079214fd673419d71af63516ee558 |
memory/216-3603-0x0000000073490000-0x00000000736A0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7d25803d9aaf110f9bf5b90277af5bec |
| SHA1 | c870d8004eda9c0ef17703fb6e89a61600d5978c |
| SHA256 | 58973529ff0b40e17936910d1f3f65ac3f893e4c0c936725d9ecff6c2c058fd5 |
| SHA512 | 59d63e5ea9ac03d8faf2a9ea1c5c771fff1e98f0b17592968e91177f40d44a54399265c347937a8731bfeb9add184d2a04da0162f47daf838ac31a918c761e12 |
C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe
| MD5 | c31297188ec9fbaa60449f769339963e |
| SHA1 | 8502d9e0cef18137529f0a46ad6e69a1577e6cae |
| SHA256 | 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9 |
| SHA512 | 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 34d2ec8b523f895cd00655fa90f8d4ba |
| SHA1 | b8e47608db7f2742ccbff3fb8caa706cafa567f4 |
| SHA256 | c6c8b6733630f7305e34c6425ced921c52244639010fb7d4ea549012b9201752 |
| SHA512 | dce628f66d5c79c1e9fd12afe6bb77eefe8f9cc1ab1fdfa99d4e82dcbba679ab753e8b7229350eae2f800894624f44e8ee894eb5c9761c4941ef575212053b15 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1ce665d4-1cf0-4568-a1d1-9674f31fbd4c.tmp
| MD5 | fc34260888c3fb8351388d4b18f5b6bd |
| SHA1 | 866edfcf254bc373e97c7a15cb3c16517d063e41 |
| SHA256 | 5bfdbcee968f7bcd6dae741e0fcb893b4809140c115a7dddf3700f7f0e5490d3 |
| SHA512 | e922e21d0b48d053e124b2bc88339c5b7be7161a335ed7adc3f97449f5f018a21ce84a373dd60e97588af16361db2ef7c79f963e6b11127a316a9bd642155a28 |
memory/216-3664-0x0000000000ED0000-0x0000000000F05000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1116f8234f6b481dbba2f97291a347a2 |
| SHA1 | c5d993036a535c911210906c1af1803ba20e8b29 |
| SHA256 | 679a2b20a3ed4c3fb636534e856e91aa1f7581e2b15df9bfeb57a19ff6166f4d |
| SHA512 | f73e47f1e56760be949b6d8db0f640d663aaf9d79c0666fb77ff49b75d970ef040c19ba909a4b6e643ff4ebb58e024175b4c348dd5c5c38b3e4dcf047c08dd68 |
memory/1288-3678-0x00007FFE69150000-0x00007FFE69160000-memory.dmp
memory/1288-3682-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp
memory/1288-3685-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp
memory/1288-3686-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp
memory/1288-3683-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp
memory/1288-3684-0x00007FFE692B0000-0x00007FFE692E0000-memory.dmp
memory/1288-3681-0x00007FFE69260000-0x00007FFE69270000-memory.dmp
memory/1288-3680-0x00007FFE69260000-0x00007FFE69270000-memory.dmp
memory/1288-3679-0x00007FFE69150000-0x00007FFE69160000-memory.dmp
memory/1288-3687-0x00007FFE69340000-0x00007FFE69345000-memory.dmp
memory/1288-3693-0x00007FFE68040000-0x00007FFE68050000-memory.dmp
memory/1288-3695-0x00007FFE68040000-0x00007FFE68050000-memory.dmp
memory/1288-3694-0x00007FFE68040000-0x00007FFE68050000-memory.dmp
memory/1288-3696-0x00007FFE68040000-0x00007FFE68050000-memory.dmp
memory/1288-3692-0x00007FFE68040000-0x00007FFE68050000-memory.dmp
memory/1288-3691-0x00007FFE68020000-0x00007FFE68030000-memory.dmp
memory/1288-3689-0x00007FFE67F90000-0x00007FFE67FA0000-memory.dmp
memory/1288-3690-0x00007FFE68020000-0x00007FFE68030000-memory.dmp
memory/1288-3688-0x00007FFE67F90000-0x00007FFE67FA0000-memory.dmp
memory/1288-3700-0x00007FFE66B10000-0x00007FFE66B20000-memory.dmp
memory/1288-3705-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp
memory/1288-3704-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp
memory/1288-3701-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp
memory/1288-3703-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp
memory/1288-3702-0x00007FFE66C80000-0x00007FFE66CB0000-memory.dmp
memory/1288-3699-0x00007FFE66B10000-0x00007FFE66B20000-memory.dmp
memory/1288-3698-0x00007FFE66A00000-0x00007FFE66A10000-memory.dmp
memory/1288-3697-0x00007FFE66A00000-0x00007FFE66A10000-memory.dmp
memory/1288-3708-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp
memory/1288-3712-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp
memory/1288-3711-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp
memory/1288-3710-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp
memory/1288-3709-0x00007FFE67250000-0x00007FFE6725E000-memory.dmp
memory/1288-3707-0x00007FFE671A0000-0x00007FFE671B0000-memory.dmp
memory/1288-3706-0x00007FFE671A0000-0x00007FFE671B0000-memory.dmp
memory/1288-3713-0x00007FFE673B0000-0x00007FFE673C0000-memory.dmp
memory/1288-3718-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp
memory/1288-3719-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp
memory/1288-3717-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp
memory/1288-3716-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp
memory/1288-3715-0x00007FFE673D0000-0x00007FFE673DB000-memory.dmp
memory/1288-3714-0x00007FFE673B0000-0x00007FFE673C0000-memory.dmp
memory/1288-3722-0x00007FFE669A0000-0x00007FFE669B0000-memory.dmp
memory/1288-3724-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp
memory/1288-3728-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp
memory/1288-3727-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp
memory/1288-3726-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp
memory/1288-3725-0x00007FFE669D0000-0x00007FFE669F6000-memory.dmp
memory/1288-3723-0x00007FFE669A0000-0x00007FFE669B0000-memory.dmp
memory/1288-3721-0x00007FFE668A0000-0x00007FFE668B0000-memory.dmp
memory/1288-3720-0x00007FFE668A0000-0x00007FFE668B0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ffec03fa1bcb89dba56021193d4205cd |
| SHA1 | f413c7371d9f6b0aaa7b3c64abb0c00d0c155867 |
| SHA256 | 55a11149f5ccad6811b5442c06048c434984a475dd487a5aec8a72ef61db99ff |
| SHA512 | 40b3f55d7d1bf86622496aa9a1ac54b03dd1682383dba0006aef253f56ab9d1123b602bbf2d531fafcb4b6c637f0d2685511aea4e63d615641d4a53d9db34b64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d1895aa021c34c334d7202fd4fddd64c |
| SHA1 | f4c6f98dd7218e3630d3d2efcfaca41c9c3ac1c9 |
| SHA256 | 776dc37d9637857cbab9abe6e44ddea4595ffda9fe80d6d34c15874404cc9b42 |
| SHA512 | 4be1ee9c41c3a9b9660c706e3e9a936234bc38a5b24a666308c3733b92f99d2ca2257ee402d2293c1e290c391a67c1307ca63aa79116e5bf2523c00b5dbd4d12 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 112b8c7b7d0ca47c601a5f09cf0ec2ff |
| SHA1 | 2aadfadb4ba8c9f0360a069972ecd032fbea67b5 |
| SHA256 | 1c320aca30b9e2becdb959bc352f0b615284bde2f3b23719db83f5dc93959195 |
| SHA512 | 97e6be1e1fc4e03299a99bc750701be38a42bab2db86c04c8cb6695a0b5332ef7cc048dad24996567e477fd303f8e454cd3e96090112b29eed4b2380d30cc8e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3b782f91afea3beb8f08bbfd2f3efe20 |
| SHA1 | 196542f8167585d9fe16765cfa9035f6d5376843 |
| SHA256 | fc4f56a7568d65079d600706b11bfcaeec4dda4ae2bd5da34ecf524411d52a11 |
| SHA512 | 4ee1aa512ae172af27cd685fd7caebf461426898e95a7413e4da462a05b2a2b29bf4e310617d803d67615fcb2cf43aa996d4e6f7bb63e2c5d78f162c868718d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3168e84352302a904f6583cf5f658910 |
| SHA1 | cfce2157ba7a0bdf6ed4f6e151cf4e3974c7be70 |
| SHA256 | 78794314c1269f0132f07de764d88e3e7e97b55815e652ad2e44df883c33a3ca |
| SHA512 | fdbedec880e2d3605c2abc15d127998349f46c806a5a55e44ef39c5a670bff418503f264e0833d5fcf89992373ac5be52574a941b316dbd5597206b2e4c98714 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ce41bd7c01750dc619f9e9a43f5e98e5 |
| SHA1 | 49f2831a2d2002b74ea1ce9282f08aad4fb393a5 |
| SHA256 | 470cfe6d97d615563929136086e89a2167c8a9def2504017ab7dcf1b5dfde69b |
| SHA512 | 30514417c7e81024dc2326a693c510b38833d073e616581290e0e8631bc53b72a7e210adccc1477c44640740f6e6d4404d5d51d97445210879d80dd8f4d49549 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 87f66d0cd46758f8aeb309c25ff0fb43 |
| SHA1 | a25a14af3a0dc42b10a8d872c21cf64a067bf22f |
| SHA256 | 6c88a1767b526a93cfd0b48d00bea3e138bb872e61e608f1f618501dba8e1eb6 |
| SHA512 | 6d25b9f319d5c072f6930f35b29a34ae6b37763bda01503c2f40788406749d5abbe8cd6b6bb76555c4aba366d92cdc82de73979d0717a08226a919235d4aa2b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8c0d13232b7f626754f224628480a9a8 |
| SHA1 | 6043434e0ea677ea4d3f497e8b984870462b9961 |
| SHA256 | 3e248eb25d82f7679471623d7dae6c55c67180c58e592dd91decd69d96f14716 |
| SHA512 | 33caa8d63c64b764a4d51fc2439b8daccbc5d540713e5c09196ed66d9508f42f2e373981bd015e3c57a4c2b67401a3bc226487b7f23015e20dfb27e060dcbc76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ed022e04c4be6ee1e1169b16f9eade8f |
| SHA1 | 5e7fb7dd5508e8b16fa39468b8209b16b6f053a5 |
| SHA256 | 539edb07b8fe964a8a335ff93e933b1df06c76f9efc075e317901f3b5467ad24 |
| SHA512 | 98b617d86e4ea544d6da76efc36bcfb22dfb9d2fb084c29daa7d480adabadb95f272a9d759914bc3b97e47229e05d8072af972885e62f619cd5df79d46308c0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9714a0b515eb1ed88891e5907c800ee5 |
| SHA1 | 66546d9d192952893b368b9177878d44d132e4a3 |
| SHA256 | aab7b020d4eac24543cb50b8af90f60ba48fc17a60098baeab2eca3b23c1413b |
| SHA512 | 82278c71964b6311bb90da36c25e4f1c60b69a59253c00b29f3382748c6529daaf0575b2609f230fee8ca968eee2ad486a89b11156453608c50db6925732d732 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5d59ba31ddd6256c2a52a12260d2b97c |
| SHA1 | efbea0ff5d3fddb25e30e1bb6b0c3c1c78a46bd6 |
| SHA256 | dfca1a2bb4f9c8262d00d0041dab9b6160a7cc9d5aab4b7502be1fa99b016a5b |
| SHA512 | 82d383c326f0719b5ff9359bfd600735e0c5dec86281eec714da53d6b339c14894e8d0fb6405eb3fe8b80b4e4f8fca7da4980bd31568ec41ebe4f7f336d27d9b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | dafc6b47b09b5768e3dfad610be355d9 |
| SHA1 | 045a02024363994a9724cd5154fd7f9f33266738 |
| SHA256 | 43ef730d109e475a575e1e4bcf5278d417051627fdec896067c175b2735ad15d |
| SHA512 | b30f93bb0daacb1c6675303f2b40ac990806ea044c4ccc740c4b408620f66c7dd93125c98c7a1a88da6d63192143f3478964491bd18dbaacdaadcbdce54e27e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5dec18c3ff5bee914795022295128ead |
| SHA1 | d96c70d014c7f1efa67217e333cef508d816a340 |
| SHA256 | df683b50a8295655bd38adee820270666069324127be6e5d32e5a599ddf33f79 |
| SHA512 | 7c31db374489e1a21ad6274cd285b75fd2798c70fad2418edfc3bd820378daa45a6e3133afbff872a4834b2ec63cdfe423b6be9f5676d3eeab56ed3279f45701 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 357e8063fb9bf382bdef27568baa0f50 |
| SHA1 | 121c672cb9ed3098adc0ad6012f87ad206f08d24 |
| SHA256 | 13bf810035c14329a67f8ade9370e732d1a5132aaaa23fb16f6e2ebfab0886db |
| SHA512 | a64ccf10de7da4820f6248260d40e0a16d8f9db271136fd390650ec28135f4b91d88c0574c5c585de55224dc9236505bf6f7b6e1a3c48cd900db070baae25191 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1aa6c3756c1e54852646141b846a08b2 |
| SHA1 | 2a15a018499437945c28adcce406b3c371a9ee87 |
| SHA256 | 42d3a7223119e1abdf54822dffd44f2c3dcbeabf1dc480a22a9a504e6f5a657c |
| SHA512 | 7cd126b5953ca740b7fde020a06d3ad6108cfc3507a124230d4dbb5b9cea11ee5ecec3b367ae9d2734a42922e47e4ad6c48b7762a137aabe78f63cc732fcac5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9a5b66e933c4b363989e1a72b9a52101 |
| SHA1 | efef5ab6b3be7dda3a23fa87b389c6daa8c18b24 |
| SHA256 | fa65d1f708ee9a9e97144d04d2761218dfd8116c8ba2dc41cc164174b2d8fc09 |
| SHA512 | 150b12632102a282ec12a76f4c47a3b4cb27e44d3f5b1f30ec9a45e0ae5a4108887d2e6ada9355a6003336f8887eb9e78e887914fc25bceb3e0f52f45d2721e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eb65329ba898d39301a0177bf46a7f6a |
| SHA1 | 606c4c52b9473cc2c55bf96529f762e23276cd94 |
| SHA256 | 17346e6d38f5128689eba12e70263167bd9f818637cf8f6c71f887e74767f553 |
| SHA512 | d0193f4609855b418ac118b21b773ec10a3584b741404325bd51057f978798290316bdd796b875d355c55c2ff95f41a12ff9b37fc06525775069313f446015b3 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe
| MD5 | 3f208f4e0dacb8661d7659d2a030f36e |
| SHA1 | 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff |
| SHA256 | d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b |
| SHA512 | 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
| MD5 | b18c705b3c68cc49d9bf3649abc75c24 |
| SHA1 | 6dc8963dea0f3185368790dee2a346301b4fa24c |
| SHA256 | c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa |
| SHA512 | 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 38cb8cb1db013336a016c07040378bca |
| SHA1 | d5aa2430c13bac6fa11042e1796e88e9538454f6 |
| SHA256 | 206e71855fea0a4c798b161aaf7038cd865912cf5f3883bee77be057df7f8d28 |
| SHA512 | 3958bd8ea3edd51d34deb32735d661af69b6a5f0aa93cf052a4f714e4457875c1ba4d87239b17f6aa9aa88565ed91148dd1beb2d02f28cde757c2c8f70371db8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 847c72d3bb2d428b2f01d1b98a70e927 |
| SHA1 | 14536f7b7b198355faeb017f24acc438042a0999 |
| SHA256 | 3118aca5de7a0a95c55b5d7b28afa5c38880d230e9d0851abc97b66645baa548 |
| SHA512 | a769729632647cd1d07ae785db23cafecc99f3721b1447d17159e165e8542c1757e7812de9371bf2782d04839f0c9a5c91721b24cfac0bf6824c5ebb20a4b7a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7d21d1c9d2cf2355555137f42e3aabc4 |
| SHA1 | 6d40bea0b420ff41c434ecebcfabc23ac17014a6 |
| SHA256 | 66f988f0032ca954c829f48c4304653eefee17eeb5fd856c9e2f7fa9df24680f |
| SHA512 | c11fe25cce2823386df948275ca60b672881c7d68cf0b132e69619b119702c63091e0e21b4f7a807a1831a08aad0b1e236b7bae14006c5b5e63ad6683e6dca48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ba827aeecac96ee6c8e21adac42f3e59 |
| SHA1 | d3c75b196ca2d5f443c57d8d20890d5026817de9 |
| SHA256 | ca8b4b295c861b050fb1ff5d2957d1bbcf91d904d0998a83eaf2eafafec21679 |
| SHA512 | 6938e0ca6d6de131c4dfbed3aa957b5a6cc68a4624d09248b01c60f6bfc011fdedbe8a15bbb86a580704fb8fa4cb65f45d673e124e62abd49b5e9e0f08f3e2c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 55ab772cb58e3726bd14b081de8128f5 |
| SHA1 | de268f86f0afb637d26fe211d68ba736a64b81ff |
| SHA256 | 2bfd08f1dc061ab9a09ddbe33f958208f18b48f55dfc372b97a9b9ed38fb5022 |
| SHA512 | a469eaca4da490c53f41d10cf5d16e7ace14c7fa8bbcbc4ec0cb76df70db65ea11a227ab5b23a210a45137e319e24f77b1c3c35947c6462b3b23fbd2885c55c5 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8222D5DA-D022-46F0-9AB6-62765D8EC987}\EDGEMITMP_892DF.tmp\SETUP.EX_
| MD5 | 5070a34dbada1aaa375cc572b5fc7d0c |
| SHA1 | e74b7ef714755870976abe3d2b4a7db0b9cc21e5 |
| SHA256 | 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20 |
| SHA512 | fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 52a88e9a80210ff919d84b243ddfa4a9 |
| SHA1 | adc417de65009d0a65936b04f3d57447cf3d462a |
| SHA256 | d61c6c422cbeb6d19870645c63583312e16aece0033c40e0f7e0f3e5584710fe |
| SHA512 | e262343b7381ffa60ae78c74fc74818ecbec3898bf4412d511dd872d44da98d099c346b67cb974e49446589b1534b04e3287d884d0671592a865d67ff56850c3 |