Analysis Overview
Threat Level: Likely malicious
The file https://create.roblox.com/landing was found to be: Likely malicious.
Malicious Activity Summary
Modifies Installed Components in the registry
Downloads MZ/PE file
Sets file execution options in registry
Executes dropped EXE
Checks computer location settings
Loads dropped DLL
Registers COM server for autorun
Installs/modifies Browser Helper Object
Checks installed software on the system
Adds Run key to start application
Drops desktop.ini file(s)
Checks whether UAC is enabled
Drops file in System32 directory
Checks system information in the registry
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Modifies data under HKEY_USERS
Checks SCSI registry key(s)
Suspicious behavior: AddClipboardFormatListener
NTFS ADS
Checks processor information in registry
System policy modification
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-30 21:01
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-04-30 21:01
Reported
2024-04-30 21:31
Platform
win10v2004-20240419-en
Max time kernel
1799s
Max time network
1684s
Command Line
Signatures
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589845089250948" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffe3eacc40,0x7fffe3eacc4c,0x7fffe3eacc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1980,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1976 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1904,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2428 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2140,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2588 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3144 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3112,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4600 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3684,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3448,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4628,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3500,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4436,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4464 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3104,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4644 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5040,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3120 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4616,i,4294170378566454536,10812990879775735200,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1044 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
Files
\??\pipe\crashpad_1748_KJUKCIDSJVMOMAGM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | d8c7598fedd902b4d1eeacc553076707 |
| SHA1 | 2aace841c012da4808d01dcca228f2476909c8ea |
| SHA256 | 7fde883578f12e678f566297e21822e7545431166bd4790a578060d8a01f5de8 |
| SHA512 | f5f59fd7dc2cd289f2a382550d86e366d02fcf3e7fc44f592b50e0e9e2cb20eed7428037ba656f27bbcaa6d9a754a08aff4f3fd433a9d6b0d18846d364e0a28c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3719b9f608a42f94a45b880686a4baac |
| SHA1 | 718105048ee98120fe3f5a990d9f50bf540b3c36 |
| SHA256 | e13052ac76bfe8541597746e7a31495336c4dda3cb8278bea6c48955be5e3929 |
| SHA512 | c79f80208b2941f3bbdfcf0dad670202474b32ed43f646e22154fccf93c0ba22f43401a74588435eb78f51b7a3e8cb2949194cc8550950d6b2aec72a76d31c75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 598c6ded3238eab1a82670a6c7037bb7 |
| SHA1 | 37df3199b91a43c91b9326653ba79ecb21571606 |
| SHA256 | 97b33e2df8421266f94b67c9bdb323d5bfee35b1afb86826262e4c656ad6e9b4 |
| SHA512 | 3b7fb7b742f1d5c1f3d90f9b336d9245fee5024743d32bebc69e510819ecbf072208f4723906ae11b83e180f4da3b9b6cadc86bfa7f5b7c3b7f51d76a2456bfb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a5f1b7511e74b24f0cff015b8d7f401f |
| SHA1 | 7ac62356118a924da8160c5cc3fe85ec7bace02d |
| SHA256 | 98e56d3730a1a6239ca0aa83aa12cb947a5cd04ffcec8be6e6ac3aba7caaace8 |
| SHA512 | df8d4502d4f5becb1ee39c906b2be989acb0b59b8e521286e591484e953cd744b89bc049f08d2ab64ac7058ee75f339944f26b8582cb6c5106ab78ef54578513 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9c371b498ce7acfcf85b34d36fce1c2b |
| SHA1 | 84ec064482f987aa60f1e86a4b4fa39a9aff8ece |
| SHA256 | 9b1b092f8417a061eea9c1efb7ded8294de4d3a80dec87869f807d65951d60b9 |
| SHA512 | 35de23b353f3c6810f405b028a50fe373bda33529238cfc941b72ffb445d1af5f2af041a4c2066039a7722728a946552e33749b30a00433c087ca7eb0cb10538 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f02f72024932934a81b38339ba689d6 |
| SHA1 | 6ce128997e737fa5f2b84cd98140173ccc04743c |
| SHA256 | ccf9907e28c56fd75cdc85a98fc3c99c2e0a405742ef8c13e09dcf2c881f0875 |
| SHA512 | 6e975115ddd82a97f955131f4cdf4d7cbb5342130d7699ccc0542371a32161a4c29e2823b7a0990080c1ecf2ba01ba28c94d7a1c1ac43dde62becc30dae666bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\53bd5f4f-6d9b-495c-b36f-8a5b96107319.tmp
| MD5 | 65f278239f600a54dec9ab54c4f7d137 |
| SHA1 | f6d2e524845f62ac8ba77030773fb621466444cf |
| SHA256 | 2b307550742d746cd74a5417ecf1f47d2ccf3c957e999cb61a84a1459e2bba66 |
| SHA512 | f47e2e6c1c756de957cc3baa8d6306e1a657e522095f55aca6906d6a325b5b88ba7d702827cc4c10414e340d748bc6b96efe72098abae1887aa08a0d67a4280b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c25996b0030d4e02925f77fd2a59d9c4 |
| SHA1 | 637c677d14ff43fc807eee5f8c8f1e66682febd1 |
| SHA256 | 7983104118cf8f0acd72140b686985f1621fe48742c8ded124923ea81faedc9e |
| SHA512 | e83cced32815ecea4b10de67a960fac625c8237f8888dc555be885b49682312f9123b14c60bc483e711cfe8e7dd084feda18a139ec96100ca6d72c45f2338ff8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ccba84dae83854b98f56733ff79dade1 |
| SHA1 | 1432c9a09a7463c24ef3d1109eeca801d740cda8 |
| SHA256 | 4669eb936bab97d567784b5f14f49d9bdfced10203c13d656d2d087ec0d7984e |
| SHA512 | ab3be52a48ea8496a0786657e00c012e0ffed6ff2b1931226a69588634613091960d6b8546ca3dc4d233dc1929023a304f379317831ac9d9cee772732ff42799 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f836e49b9fb63187d572a7c844b611e8 |
| SHA1 | a36e2d79d86c9a2916572ccc39c6e5b0a24540c7 |
| SHA256 | cbf9bf114a1d8dfbc4479040fc77e40c4c1726a33f9dc29654681174d943d0a3 |
| SHA512 | d7564dd607869ad788023e5eec187b0998247219fd865c2d3869a35d02ae18485fb3d00095c0e13e3d4764b02d13b57c7036850fae2adad4564b8b39ddfa2647 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ff79c9eb0c98c083ae54aad2ce2e72c1 |
| SHA1 | 0d07fb36b2337fde29d9e0b513c9e5839af52d41 |
| SHA256 | d92a7ef76f25afd7726314db80595d690e87bc4ccf2c83ca75aca5e9f9f2612a |
| SHA512 | afa1cdaa85e697caa0bdf9031f78fd2d166b7141e7a0ec32181acbd561119b3d49bbf506a0659b909b1e2e745565970d569df523d4bec82524dd23780fede7c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c454540e7eec40668796c3f727d7320e |
| SHA1 | 2f5696d0b181fdc9d30e937cbb31e20a46b5a2b1 |
| SHA256 | 025466c1fda01be1dfcbaaa41ba505880f39f6706c7ac18f9b6cd9669bfc82a7 |
| SHA512 | 4ed038ee95ac175c48599cc599f0fbb63064532bb7e83e311d89c30ca9e0ea0b9a7bc99ad2888c36b3878f0fcb20b1877fb63a54212fba25f57e5d7c50e214d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6215ac1e1ecfa195d8628d648d4c0e05 |
| SHA1 | f18e641f614acdac16c7761736f4f5ab7a0f627e |
| SHA256 | e15c6abb741da289243aee27d06f0d3db3e5982092c27b1390623190513b8193 |
| SHA512 | cce6791418eb549ae87bdcf3f0fd8ea87267faf2b424b0e3f4056103c3fc76579edd133c4998b62c305e25446dc4ee0ac2e0a82d72da8988fe331d4369a4148b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dd3d7666f399e7f9239bd2b7e94636fa |
| SHA1 | 17a9fe246fb872211528046c4328ab411ea5de2a |
| SHA256 | 04f4c5a45bcfc432e122c0525cb3a1b795e3849d08daa426db9c8d270f0010b1 |
| SHA512 | 0bc9f70fc11ccc35471069616e4f23a99f7a78b912a9b605377a64b1c327ed2d049e0c5a7cb7d48b64b56eb8a063843a348bc871da6d1965c1c04a0e0b4da1e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 82eb871fb6b3a99880f562345c46dce4 |
| SHA1 | cca5e049dce80f38329b41344fb3cd9743b92e0c |
| SHA256 | fc5fb59bfca3f5c63bad160f878667ca07f8ceb83bbcf2e642a89eb6de35704f |
| SHA512 | 37dfdf1b9d07246ac709a23ee702aa837a693c0267df54eea547e89bfd915c9a6fe3bfeb3b60f652dd8930401d70dd8858f37d19947e592cfbcaca4695feb826 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db3d72d61c91c4cfd08b5894b1499c04 |
| SHA1 | 7bf8d1b47e3a3616cc514866fdced8a3b67f547e |
| SHA256 | 5f8c46008a94ed86feb6b17b607d5795be2b3a817d84b4e2e6a562af3418bdf5 |
| SHA512 | 989c822208a87df0892e71b7992990befabf17a91f99a5243a847dffb48cb3b7243c65ddb7a76451c55ba1c86ea234ba47e1c2d83a6242229d9177ce698c0323 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 12386dac88ea45c5549050fc9fe29e52 |
| SHA1 | 88bdde71f420ae72204cc371ad96499d52c4d808 |
| SHA256 | 640de106cb36ad77425942b905f39644dd72b86ec86064d4afef47d16ce4a3e4 |
| SHA512 | 425181df92df00db7b5c00382a862882c62b15acec447a7bde8f42b94116a0d389a8b330a48fa3835ea932c5ec30773bcb5e7fa28f0f3da50c648a6bb349fd14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a66e4996ee5487f9c1ab17bbb29f6b40 |
| SHA1 | e40eeac8f86747ed8f7c54fd182ba8c23919b556 |
| SHA256 | 388fe8b77d1bfb131457e50a2c7289469e2eb5ac028451c772b39592a77dc509 |
| SHA512 | a5ede32016f649eafce908f93a26df139b1346a03364a27a8ef1185a5ab2f5ba42117dfcb4af5e48767a36aa9ef9b1da06762ff7819588a472b30f024be685b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34b43ac3255a940b64ebccf8b63c4f7e |
| SHA1 | c060b846d3d96aff8c54863af60b9320e15572d0 |
| SHA256 | a9ddb565c7b4b49d10e2b6f518c5ba1d00bb3a30a220549cc2eed81a96cf104e |
| SHA512 | fa7418ae8ef7903afd1dba09da66c708a00bbd6d572c08afbebc0ca979551071bbdc68ee945736a032544e8c4c0600d3d87ef46b167a0d1bc1dde1378842d532 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 916819701eb195d378bd37e71415d8bf |
| SHA1 | 7edc2efeab5060aa3ee6cb1452aaed758aaa305e |
| SHA256 | 77ecd99b1be0bbb7b18298dea64df1d12a3ca9f8b12bb2fded2e3a100ba3b5e2 |
| SHA512 | d20a0fed372ebf11806be0bcbfd512565be7c8ce2b862420b7bc44c190fe3bfedc44c8bbd49ab98e8920984450e84f35f7da93b2b0219fbb0005fc32e9eea51a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4fb72a29ff2420df3a6d44e10384d73b |
| SHA1 | c7512d8ca441c9e1f0bcdaaf89cb7017c04e26ff |
| SHA256 | 33aa0b9af4d0453fc0ea875fdd0bb14a3911e86cb47a251fa22a733bd936f929 |
| SHA512 | ba740c3b4245c32b4d17ee39b67d5be820acbf6aba218e353eefe1143914aa117be7edc35962c9a5c628be03b4a1793dca6daaaa5b2d4554e10cac7d84502521 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ba21a45fef90360b334fee5e1860ab1 |
| SHA1 | e42809a5e8153772236d7f6fee49c3d2c87a2fec |
| SHA256 | dde3d38ec0899abe8196a700956594f8cd773aebccd4c15accbbff72e1ad020d |
| SHA512 | 57b4bb29fdf48919b56be0609ed0f50efbecdb9af70302e1164e55956cf86cbf09170fd4a62336d9a4299d8472c94bb3aaa411c5fcc6e075618b42d35077d893 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60caf9a0f92cc0a16a5c5d07a21c3ad6 |
| SHA1 | ef2f5d37ce6d6b48cbe6f403879afbe64e9136ac |
| SHA256 | 8f9fcea3906f7637d0eace3cb295b7ec1061ae1ee417350e8915402008b415a3 |
| SHA512 | 8724b5b692ea4159ef0c6db829a6c5ed4085a40db61a56b65faa0765d7874efc559e3c25b953b7ba042785078beb82332bed8bbe63f30592197bbc72e072bfd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f739b87645633beea0ef7a25abc4dc0 |
| SHA1 | 127c9ba01aa2dc4950b01a78c7f00ce3b315ba5f |
| SHA256 | a0d4f65a6400fb78222e3c7adec9c606228ce5364eb85325fa6c2942795238a3 |
| SHA512 | 26113e0f56d56456cf041e5a8669727839c1c0abed5c84e83aed0e43c50adfba46f8219ed939c52344838878165101c12ace971a17da770e6ad41a0f320aa7cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b4d1131e14690cb8df34db4a76223f05 |
| SHA1 | e71ab341264773434ea176368982dc4d5154b6d0 |
| SHA256 | c5047ab119790cfbf68619cf7d2e936167c678c8ffbd60a7f17e12f7517ba992 |
| SHA512 | b2021bd0269521114fee2be95ac2a605945a85de69318b7f1c878e3a01bf7b0501cd01ffbd6a313428e08d282dbc16c7ca28c84d759509989e62bb0c9f82e84d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 418d01e69b8a7263416d39f39ce07ca9 |
| SHA1 | d3997fd8695b026a6aeb095494d3e9f68e1032bb |
| SHA256 | 86f7a5116e29aaefba5977820e131e5180bd35b4ff00c63ddc8d56e1ac44f64b |
| SHA512 | 2e3583f850659aa0bc9713eb5e9131d313113dc6e2ed6ba0805205585bc2a018b9acb76b7b09fd132d94e08ab8611d5e59f1dcf9e053cbf5c0785e1d5134987e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0423fa7c3dc1f4368328a3c4bcd4b35e |
| SHA1 | 15c8a61da8e53b626c005d383f842b66bf8dcf92 |
| SHA256 | 961ed06eba8d6ef6699731058e45190a767e6675bdb3af8a19266043ebde4fca |
| SHA512 | 6360477211ab5801709ac1f4130571b05e731b2bc46a8c2834428a9478985b25451e8ba5ff589cde5f7971cf4fccadfbd2dfb11a28c395c504287837247d67b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6fdb3abbfeedddc67d3b418dec53b6fa |
| SHA1 | 1feb5a3ad2b40a129a8864d1b9a48fa11d0d6b83 |
| SHA256 | 9b0d44580da2eefd571fd17ad04862657612e24b7111704627961756c73396d1 |
| SHA512 | 64cc52eb7a2fc2b269f0607214821bfc1e3a2618547a962c2f682278debb006630a276e94b7fc9ea9cef3efe7d877d76174403ef11b1b224176e34248335ff59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ed4ac9d5bb1a41838854e0d0983e9d2 |
| SHA1 | f436629c042fa233542276a83f486115ef6076de |
| SHA256 | 2970a1ca72c34de680a7d527043386b3937169026c54ee6c5058afab9e3334ae |
| SHA512 | 331d4f6bc34b3d6444239f36ccf91e8141d7a2575f30a5f81817e458d8196f35ab7cf92e8aae53c177798426bb9e95f19bdd969f4add57e1a002f43c4b7b9ff7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d178c886aff96964f277d59a0508b80b |
| SHA1 | 36575faef48e6e270d849948f90cbfa4ce3aa7f7 |
| SHA256 | ab26292bdcdbbc195cc0265459372118ff5fea3145a616a2be81a84a05bb0521 |
| SHA512 | e5db8327ea4ad5261ee6ca6eb81721eb54e967a6cb94b4ace4619dee55549ffc85dbd47a3d4bc57382e8ad6ccfed314a8824273a1011e1a0a12fe278e40a894e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9b0794e376a823a91e6b11a73460810a |
| SHA1 | e3fdc6a9a4736f6d6af625e7f75a88e8145a6c31 |
| SHA256 | 6b81f14654090be5f3034b0b5e74232ebc79b3aad462e9caa555cdc91d3801bf |
| SHA512 | ab2ce63f323b6628a9f3b118c628ef4d4042d83eb64a8ca30799f9d3ef262e8eafdaf5565d55bdc1f021b4153fb2822877122034166d5f44c4cb0b4232fd05e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dbfa28a1b8e11c1b7449cd2a03cf1080 |
| SHA1 | da940898ac93e3a481a1f1204b8d548b013ed4ed |
| SHA256 | b7a01fd159e2c70bb34da274a77ffde90bf7446cb91b79500e118a2722f0c021 |
| SHA512 | 315196b391613f10568099a8aab4a472065968cff3a77261a4d0549929084df2e80d91d8cc251ba28f71827104c1b830200458d2958a9a40eac200779dfde4dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5bd09e63f5e1929b6aba22139b498b25 |
| SHA1 | a3001a15afa9289187aa040be8688d4dedd454ef |
| SHA256 | d53e0f64eaa42f9cff9b670cc0ab6cd8357dfac37fee1f0ff8a7eae5c85304cd |
| SHA512 | e0fc1299657358953a6fd3b50768719681034652dbb78cb4c26b2d222267159155140907e0969ee0143b52857d6127df7756102240b219bb6007c45bfb060199 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0c0f599b4e454de82cd2320d53c4a2ef |
| SHA1 | 6139f35765ba8a864bcc840a8a61ecb959c9bd27 |
| SHA256 | b49d35d0be102ff8c55535c94fd2266af8d3c0ee78e8fbee1f5596a0723dbe5a |
| SHA512 | d1526b5f958e9e643c90b370c69145f3781d48c5a8536d3b2e501b15cecdd8817a99caefcfc704a1ae21abbdbd1b7528df808bccea7327bc6b41c9745bd51eb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a4206ef2e625ac79fc687689d6dc38a |
| SHA1 | 38f58834c85f59364bc65c4a38e4b2a5a9b8731e |
| SHA256 | 7d92ea5a1058350d8e12e541f9acb325b3dd957c5d064ea3db7b5a5010322bad |
| SHA512 | b791ea4eaeb3157efcb15231ca840eea2a56ac0c0e31e5afdb23fb00c22e7f240ff94e53ea9289149ea3d78cbd82e43ac289e105550fda8b1e03ed733605fac4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9cf79caeaab1664da70c6e8531daea10 |
| SHA1 | c72c4dead98e7beac35c183ca5a17ab7904cd3b8 |
| SHA256 | 911907f9076a1fca8713f2a3bc30392983210fae65c35f34de177442a968d680 |
| SHA512 | 729a31d3861a9c492f3d8e24e8df4ff8e8b962fdb30449def1e37dbf10550c22018d37540b30d15114c8964de1ad0ddf61b7f23db6defa0413b78245903c7b56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1e14efbbd141979512de4b690638545d |
| SHA1 | 7a94d60fbcd8948a3a59beabf016f6f57566833a |
| SHA256 | 1ffb44189d50a0ed3f7d6277f9cc958c94b3bf4007ece3a97b5c48bfb05019ce |
| SHA512 | 79a19d5bca81f53d71747a73290f32aecc7be10ed78647146f42c3e0d71538d9676aaeb333874e892c59403461e9c2c9e74db7e8528e030e02993f012c9ee82a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8487f8e17e423cc927316727a954338b |
| SHA1 | 2664bd49f8eeed7fb3622293a1e66c6753c3a556 |
| SHA256 | 4e82452154a37b8f3842ba11c9084a51b3e1c509bf17d2f8d971368373c5955e |
| SHA512 | c4313db192865d86b704c843d99d6a61f4928a81a08af8a6e8f11681157223a500919aa2d2a6ebb4fe15453dd9dae447cee489cd8936e93a12de38ee2db744c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a15d8829d881b983649c0e80ad966933 |
| SHA1 | c50a002568ccf559ad0c1c414bc5221beb23e514 |
| SHA256 | 84690812263045dda0c851225345d0722d85ae0ad31eb436ada3974f9bf8e48c |
| SHA512 | 9399c830235291e45eda2c266ba312ef84c98eb08f0c62d126d8b3f77e33635ec9e1064fd30902e72e15c097807766de67b03b47da65aaf70b6cc01e0eb1ce81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e93010daf9a0d0ec4259ae1d7b2a8576 |
| SHA1 | 2f14c4481ab1a5a41a257794287c01868be304ba |
| SHA256 | a19681c03e29ac0f2e524f4955628680bd6980a89d4840814f5709bf8fc25060 |
| SHA512 | 6ea627daf1560cc0f8da926fe1ce98d2961f82102029e5825b930e5d03fe350fce26c62031204101b2030816d9276ad13f887df9853e0d12b77ff10d7255f244 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 712945de88f768b7db0d1aa8bb6bf1cf |
| SHA1 | 2f3df66c9f0d5a3bb4f156b2aac9a3f3fc1149a4 |
| SHA256 | 75ed230fc286f56eeb02f112ce279fc4171cd694be7dfc4c3ee6eedc040c6fdc |
| SHA512 | 5b8c7aa77b0c3411330135fae79512f3e1a186fc759bafc62306f9b5f6c6b5847dee47760656a9d7c6d6093a973a995e0f388c872a22407587678bb4e47dc4aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c68bec457d0db411dc89f53064244e4 |
| SHA1 | 144d98a3a01a389c40b7aa0f6df6f95ea00c4dbb |
| SHA256 | 7c86261593514543237463c225cf8dd4543d959bfbdbb2c494e816b5f6b5f4e9 |
| SHA512 | 7fe74a1bdb68ff9a2c980f952e34aaa19cd04f09a036f2bf9770769b8c628d4b522a6e175829ef1022da0323a6b278df87827c8947ec0e6d526a64055398b668 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27bd49657ed441e98740272d65b8834b |
| SHA1 | e65f274d605021f6d7f43110eeb227c5610f45a0 |
| SHA256 | 8041918e0bc33af8ae915a240d28b7049c15f4a51286899a50e84309aa626d3c |
| SHA512 | 364748277b20611abb5be5abc77e315cc548ca1e59c23729d758dc7b8a830fcc00efcd8a212659229610cef0a83167244ac0fbcafe9a748127144ed05621e027 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7847839a0619b423cd0900a3aa5b77c1 |
| SHA1 | 08c59a4c7b96a9073212382822ec98e5692fcec2 |
| SHA256 | efda2191fd0eb61baf2730699cf4a0ef76841c3d1468ada946db8e5973dd14c0 |
| SHA512 | 40de135bb4952cfa8a64c87dad0730533a8683cc6c88e664fa4077e5f30650b4efbf6f9681c74c61c8459a24fead473b8b2b0a8df3f52cefbe0d7aa86536849f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2bff44411d08fe33d554c5890128f51c |
| SHA1 | d4068566c3f9a8847f57708431b03162dc47a2dd |
| SHA256 | 9cba3fe257c99e6fb552d829727edf374d49179513ceae59c661299416881756 |
| SHA512 | eaf1ffcf75b8408088ad2b4b3015143e09b3a06abfd1d912937bf0662e2c35fe90fe3a944fd4fdaa3d0d4b72c8e1716ab7f32d9f379050c3dc500842da87b8c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 57f2ea62672484067a4fe52af3401df1 |
| SHA1 | afa404908384d5bf0252cdd8d5c98e83603b6451 |
| SHA256 | e166f1cf9c40e36fa9725ff0c875e19127940750d25659e6b247332cef065da1 |
| SHA512 | 214f59929bc94667236c9ba1b43f2ef1d47ad890dd04c88a231b36060897d7d50abcf2e066e34c082a0bbc0446c00079dc5be90f86f83e045c931bed66975461 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e15a691022941fb73511719a2e367673 |
| SHA1 | 6f372fc9b7849461799952dd1e28730eb9bac4d0 |
| SHA256 | 99dd952cb861575988089a1a06ab12b5e022629956cd81019f09fbd05c637892 |
| SHA512 | a836a926140b39fccb0272fbe935f6912712cd3513ef33b91ea84c5a34fe67eaf0bd35a6d9d5eedce7563cb4099bddbe092718293f8bf980b00c4996aaa204f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e30c6b2103a2bd96d6d092cc59d96045 |
| SHA1 | 630e864071e9bc4fd1b6b11eb8cdf66a0cc2463a |
| SHA256 | 8c2288de8072774dde412d5ce83d1d12e760d7497bdf1f7a27d2aa5ed11f4080 |
| SHA512 | a45bcc82d3bd470fcd1098222ee970a177d43fd79dcd022e44915cd13ea905e00b3c9d0457eddcb00fb574fd3938b8cbf880ad2ec94365af95f936a0eb2135db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa1112cbf01f6cadcfee640664ee10dd |
| SHA1 | 5bbbd6d77b5deab3ee43bac849074499b0461079 |
| SHA256 | cf0b4f4491cb09f04920c2c969b10cbf603e9c2c24e2ea192d02fcb0c47d807e |
| SHA512 | 758da18b3530006b150596bfb6e215d66239d5a6f9f166b8238f0abd5d2da6ddc39faf3577b97c3358c2ac5b78dcaa5e050b2a9a01043a16ad7dee0f949f25b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c2e187706f3e04e32fd4d9793a742340 |
| SHA1 | 5fe9ef32903b96e0b10f50b06f601e80e8ce6abb |
| SHA256 | a6bc3c32fa44672fcaf214b7f376bb1248b022d165e6de0d28876f587b08c5e0 |
| SHA512 | 50b9daf7a849d182dee21c023c04bbebcd1fcf74aaa29be6ac1c99c0cca69b36358a311ac1ebd10f48ab607f594726d0c1dd966a83dc00586b816323650b303d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd642f660149459a9fa14bef6d090d83 |
| SHA1 | a66aa13ea1626332c0e7d15afeed950f94c5b768 |
| SHA256 | 4a68ae2aab2400301467b646b0098a7ee4f082f41480404efca3a6bfc6178106 |
| SHA512 | 91fd1f0242780521f73319e6b8665dbfcc5674ec94d60cd6f93d559d7fae61af2273ddbc5bfe7ee8033dd8413c7733d1a4d52f4589d62ed586369907de37bde6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ab3c503663451126330172737761501 |
| SHA1 | 826d1e2903a71e6b40a7ef65e158677fca36f137 |
| SHA256 | 139ae544524a3822ae3b059e69b3ffafffb3051b806b2f3a34cefca500f719f1 |
| SHA512 | 228ac3b7e90d96067b7544335ca1cc47ff7c86676ef899f4c21383c4db9ab0edda1157a008d96e09a3c9365558dd92ac36beab53298f477affc492823bb3784c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 449c497b34b2ec4155562b543568bbc5 |
| SHA1 | ee0c8bfe682497015d1fbba3c4c8c4816cf71a4c |
| SHA256 | eeb78165833c86c9bbc8d619744f166c18f515c2c0905bfc2a3c8cb6054aeb4b |
| SHA512 | 64d5d4b485cfad3b50be6ecb477d783e9468d3f083a4db6df36ff3e22edb8629036c39ab65ae1ea4950679d158627160317139e8e2be2313f04141df422f4f86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2610f5a6ea32907d41aad57d983855d0 |
| SHA1 | 8f30d014086c0098b5675ad7a9faef723f19fa6e |
| SHA256 | 110ffa7f5872cd50e9b6a842adc6e03cc6005d9b91af84d8b7f51e755ddbfab2 |
| SHA512 | 3efdb1386167f8668341f8338d2552f85af9e0c99d4e4bebdf65739101954b9e519524dca5e4b136914a68e405b1f321859450b03b8bdc3a8c49779fd9376019 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6bf59a2c497a28dae4f0ff5383d3b44c |
| SHA1 | 7dff55212d40f026b8ef1da7a23ddb912c8ef00e |
| SHA256 | c1dfcf35b06b308f25d6bf67743b2cab692eb3a2fd799db800d232dba3ba4477 |
| SHA512 | fbd9fd21bfac9a1cfb4f6369d1940b80287887e24fae6ca9cace6c0f6d575e30766183fd0366eda8d748d00bcb841a90fe26997ce4282bbfa7901de97e164bbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 79f462d3fb48b3cf22c1975d8866d9d5 |
| SHA1 | 8c4e4848b92d1dae21c4bf03edcfc6561efbb96e |
| SHA256 | d5408113abbe34a42296e7d19c07d4ef455de87beb0a62d2827339386259368e |
| SHA512 | 24ef485692e41ce2fbee449c85b5618999ee8f01b8de053d1d35fed61b1245e36c043de7fb9d4c7387e270bb21bd8c60a3f98708e12cef4a3301c17a8f2497aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5363a5dc1ad677b60617e54aa80449eb |
| SHA1 | 09c7e89b14e3726d5f0d85862122c6085f6ac3a1 |
| SHA256 | 5b40a6b723cab71538d20e4307b95f12d08578b470bd0bf060a15aa7b6ef470e |
| SHA512 | e1fd0d4c2027326f582f7bc603c154e3d80bdf388392ab985878a419eb54d16121dba9ac53c45a4c8bfb59f879f3e60c7ad4b766b74856e79e6a61264de5fb3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f560eeb5fd5a01d4d830eb817e408f69 |
| SHA1 | 0eab2406b71c37894a843192b0ca48ddec19a24b |
| SHA256 | ebf414cb79164d56de5eb7f2df922bb4bc6479c775f3189578d99d86fee25465 |
| SHA512 | 25497046df3dd49e5369d0b651e275bc9eb1981b3f01a2e5a1f4fa21e247fe766b530ec77ee2473c7ce5c151a10f2f8c09e9d87c97eb82bb58b24866bdb43022 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f3ad4417488fa7ea635b38c27a13adf |
| SHA1 | 8b4e6128135fb83f8d0d47ff985c59a4fbb61726 |
| SHA256 | f6d890c48aebf3b62c8799328ac15697d47d6a5431702f859b62efd2e287ba6a |
| SHA512 | d79c831b95ce4021e8ff3ac4cc741c9e8cf8590e6928828dfef07027765c1e1fcec7bf9534b198ed49c078702f84c231b606acd86f2a1cb12925aa171f25be37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc2531a7b4618a0e98b663fafedd9cb6 |
| SHA1 | 9a493058c0b6be8c8f05d8989271f5939e40b228 |
| SHA256 | 3a20a6dd1dcfc63f6a2f8c7f84da77ec17359799039af5429f57d4d67c65f8fb |
| SHA512 | 71fd4e7a4b03951ee2fd229ac4c225e05b5143379f53fae535369563a079f022d8db45c18c1692a1491421c38e1a666a1e806257597de341136351bba1fa3247 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a927af303235b817421da8254860d952 |
| SHA1 | 8d0e8f980cc5ff2171d6c2ba6be95882aea11f30 |
| SHA256 | 708ed4a20f862de72026e445155f1beb4317029c0c06e18faf77b12acf5ecf75 |
| SHA512 | cf7eaaff23932440d51cebf5f83d677a10d5145a262f297824c0d2c65eee4f71422c3d49bb7a83873d380b3409bdaa22b310b957590471a385044255d107f164 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 727ba3a7ce79633e84cce701349ded4a |
| SHA1 | 0c03089059f7fa8aa82e4df2505e6174f9a94e02 |
| SHA256 | 88fe69599b5ff66642414ab7d4c5ae323064fc0081b9ab7c828c36293ac49ad5 |
| SHA512 | 0eb1d6e2ad837e88475652e885f53809f3be51b179a41fa5f35aff4e90b3fc1e70eb7cf6b22687007cf0d22eaf205328bf543507a18052eea3efc56e7bbe347d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 004165c65f03faead209f69f91d3ef39 |
| SHA1 | d351f40ebdef9307382133bcdd5d9afcd0aa2a4e |
| SHA256 | d51be0bc9b63a51793a280e1c48e6a22b0b587e3b44defb93980824847c9e536 |
| SHA512 | f8e75f1631ca980daf1b8362812f700b7917f5e45e60207fdd8b39454fde4bcd4da90b05f8287110628e8c6ad0268f2eace343b08fe66f02e338ec630da77144 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 79a09f1425e0088c174b6afdb022fe8d |
| SHA1 | 88c2a5f2a8a07cbc8a74fc3ff5b3bd9dbcee741b |
| SHA256 | 25c51cd3efea5df533cb6154c6dfdbf37ba844aaf9f5da94078c72dd7ef8230a |
| SHA512 | e2e517c5dd778fae80a4301417b60eb00ab9bb47c28f4206e51668caf369b0d2ba2b66b98d766b58a6e26a004f7087df2cde92a6ad9611e612fe0af66b8652b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 558de3b4c108b68f674e609a56185486 |
| SHA1 | ddf2453c714c91d249c7ccecdc2314499e533f5c |
| SHA256 | d6f33df93ed21169e51a0df85610954364b80cae845190167e3e1c28f9b3c53d |
| SHA512 | 62800bb5e23df01910b1647731e6c677adbfd1465bfbab5efd4f6ce8b7b0fe687480c96f0fe811d5dd3911645c316ec3048621e66ec0fd2e2df7db72f3b8ef17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18e865d9b9c2fd3ffec92e0a332f7dc4 |
| SHA1 | ebfd096bd0c14a34cedd5ecc3bb0fbe66674d6b3 |
| SHA256 | 37ab4eb149f42f5d2cd25b4d4b873b8ef919d61a4e28803864a01ec28764132a |
| SHA512 | 1b85bd97c55cd849b511d8653f289bae962a5a0615cfd28ecd3cc79f104777f6a40b4a57bd093452f58f64b6ad6e9e8735e6c6a011b22d24437db7c41654ec1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3bd0a0574a69beb691a11cda72cfcd0c |
| SHA1 | 789b69f624228722da0776406913efb3727231c6 |
| SHA256 | c7b753fcbb41870a5a63c7a06c82bb9d4f083c098b80959575a79b107456ef43 |
| SHA512 | db3c6d667aaa22091572c972cf8e0aaf3bc3b6f18cbaa9c55011fee9fb23bb6eb18cddf0c242028194476421799e0b17394f53212ed612dca2cb92e274726b8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a353e85c62bba93b20d7bf175622aa8 |
| SHA1 | 7fad15dac17f3e19470e6543eb30495ef55b190b |
| SHA256 | 9b6512de7dd3e72d89361ea0e459ed7284352eabb8b9dcb8a1a65685f0b6ec1c |
| SHA512 | 270fd3596b7a8a0c6aa3bee95e4f59a419785eee002b74a1a820428b02997b2e2052ef65fd898400801643ee9dc0a169e9fafa5dd8a45f2231c716167f84ad48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7da0017f4225b68225435e7f8e2b7a8 |
| SHA1 | 5a74a9d4f754baf007e7996444ccb3ec96134caa |
| SHA256 | 09e36b508710457d64b6b2321b3370c1e5517821fc4c166c19a8de9d33c34f75 |
| SHA512 | d00637b0ef1b0729595b154d49c0602c1f2ef0ec2de5595fd341706f288d474db711815cda90ec785c972504d18e1db4c0c293b8cfc704aa7c3bd89728437702 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-04-30 21:01
Reported
2024-04-30 21:31
Platform
win11-20240426-en
Max time kernel
1799s
Max time network
1798s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=3109941D3B0D49BD845E7FF6062317AF" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\system32\svchost.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsMenu\Dev\GraphQLServer.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphQLServer\Dev\RecordPlayback.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\StudioSharedUI\videos.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\IAPExperience\IAPExperience\Generic\U13ConfirmPrompt.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\Scheduler\Scheduler\unstable_mock.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\Core\Style\Validator\validateColorToken.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\EditProfile\RoactAppExperiment.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Settings\LeaveGame\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\TopBar\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\encodeURIComponent.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\vcruntime140.dll | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Trust Protection Lists\Mu\Advertising | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\pt-PT.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\SpeakerLight\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\FileSync\Dark\Large\Export.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PlayerList\Components\PresentationMobile\TitleBar.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoactNavigation-067f4e4b-660967ca\RoactNavigation\utils\TableUtilities.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ContactsToast\NetworkingUsers.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Emotes\TenFoot\SegmentedCircle.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Flags\GetFFlagBubbleChatInexistantAdorneeFix.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\util\createAccessorySchema.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialCommon\Dev\Rhodium.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\avatar\unification\testScripts\CodeBlockTestScriptOneLine.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\AudioDeviceOutput.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Server\ClientChat\DefaultClientChatModules\ChatLocalization.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\VR\Recenter.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\NetworkingFriends.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\Core\Config\Config.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-2.4.1\JestTypes.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Extras\Private\CircularButton.qml | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Debugger\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\Interface.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestCore\RegExp.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\WidgetIcons\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\Memory\ClientMemory.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\InviteFriendsPage\InviteFriendsPage.spec.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\AvatarCompatibilityPreviewer\Light\Standard\radius.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\validation\validateProperties.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\NotificationsCommon\NotificationsCommon\default.rbxp | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\OtaPatchLoader\Dev\JestGlobals.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VR\chat.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ViewSelector\front_hover.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Settings\Components\MuteToggles.spec.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ucrtbase.dll | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\AdPortal.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Controls\Styles\Base\images\scrollbar-handle-horizontal.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\StudioSharedUI\menu.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\BuiltInPlugins\DepFiles\RoduxDevtools.d | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudio_license.html | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsLanding\RoactRodux.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialContextToasts\RobloxAppLocales.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\Qml\QtQuick\Controls.2\Universal\CheckIndicator.qml | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\Chat.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\MaterialService.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\Core\Cell\GenericSelectionCell.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Flags\getFFlagEnableShimmeringIconLegacyChatService.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\types.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\PremiumUpsellDeps.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\AppBlox\SharedFlags.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
Drops file in Windows directory
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\System32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "1" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "6" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "3" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "10" | C:\Windows\System32\svchost.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\shell\open\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --single-argument %1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\shell\runas\ProgrammaticAccessOnly | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LoadUserSettings = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb3369ab58,0x7ffb3369ab68,0x7ffb3369ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2156 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3124 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4252 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4224 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3084 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3096 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4800 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4824 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4396 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5068 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2420 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxStudioInstaller.exe
"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTE2REMzQjAtODE0QS00NzNGLTg5MzMtNTJDODQyNTJENjU1fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2ODA0ODIzMy0yMDhBLTRENDItOTE0OC1GNDdDNDU2MjUzNTd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMjIxMjk4NTEiIGluc3RhbGxfdGltZV9tcz0iNTgxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{916DC3B0-814A-473F-8933-52C84252D655}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTE2REMzQjAtODE0QS00NzNGLTg5MzMtNTJDODQyNTJENjU1fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEQjMxQUQ5NS0zQTE2LTQ5MzAtQjFDNi0xMDExQjM2RjNBMTR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUzMjUzMDk3MDUiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88C0AD10-71FF-4C7E-8D13-2B0E0DE8D127}\EDGEMITMP_5F140.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7b5a488c0,0x7ff7b5a488cc,0x7ff7b5a488d8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5336 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=2536 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTE2REMzQjAtODE0QS00NzNGLTg5MzMtNTJDODQyNTJENjU1fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFQzkzRjRCRS04RjVBLTQ5RkEtOTk2NC03OUI1RTZCN0ZGMkV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1MzM3MzY5ODM2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTMzNzQyOTg5NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1NDIzODU4MzgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzEzMWJkNWQ3LTljNjUtNDc2YS05MDc1LWUyNDk0ZjhkYTllND9QMT0xNzE1MTE1Nzg3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVNMUnNPZDJWNTlnRjVGN3ZqTkVhcVYwd25pR3NrT2d6alZ4RDhLMG9ZRndtYndKN0xmbXJ4cFlXdUZ1S01yTXZZeEhxeFVLOFlZNEUxUkFReCUyYnhLUXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIGRvd25sb2FkX3RpbWVfbXM9IjE0MzU5Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTU0Mjg1NDYwMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1NTY5MTczNDYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjU5OTQ4OTUwMDUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI4NTIiIGRvd25sb2FkX3RpbWVfbXM9IjIwNTI5IiBkb3dubG9hZGVkPSIxNzI3MjM3NjgiIHRvdGFsPSIxNzI3MjM3NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQzNzk4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=828.4976.17537780850572878666
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x17c,0x180,0x184,0x158,0x18c,0x7ffb1b8eceb8,0x7ffb1b8ecec4,0x7ffb1b8eced0
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1760,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1748 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2024,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2036 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=2080,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3492,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3516 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3792,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3660,i,10164307306478898323,17210001735975952194,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3640 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004B8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5508 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2992 --field-trial-handle=1796,i,6745642144760853895,10639129406688437185,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714511134736+avatar+browsertrackerid:1714511033097003+robloxLocale:en-US+gameLocale:en-US+channel:+browser:chrome+userId:4155035591+distributorType:Global+launchmode:edit+task:EditPlace+placeId:15350820071+universeId:5294748261
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88BB5F44-A5D5-4051-A6AA-3371503EFB13}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{88BB5F44-A5D5-4051-A6AA-3371503EFB13}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{0A9B2D79-4DF3-48DC-A857-524D0C02FCE7}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEE5QjJENzktNERGMy00OERDLUE4NTctNTI0RDBDMDJGQ0U3fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5RUUwNDE1Qy1DREY5LTQ3RDQtQkJDNC1CNkE2MzVDQTRDRjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg4MzU0NDcxMDYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODgzNTYwMzE1NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NjA3MTk2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzcyZWQ4MDg3LWVlOTgtNDI5Yy05MzMwLWNhM2MxOTNkNDFhZj9QMT0xNzE1MTE2MTM3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVlhdzVtR2FzaHVRMHRYaE94YUNPSjg0cEdRSDdrSFp4UGhtbWROdnNERFF2UGY5RjdzTE5jWExEc3h3dkJPNjZiaWRVb1hpTUVPVzJGWXlHWWFRVjFnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NjA3MTk2NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNzJlZDgwODctZWU5OC00MjljLTkzMzAtY2EzYzE5M2Q0MWFmP1AxPTE3MTUxMTYxMzcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9WWF3NW1HYXNodVEwdFhoT3hhQ09KODRwR1FIN2tIWnhQaG1tZE52c0REUXZQZjlGN3NMTmNYTERzeHd2Qk82NmJpZFVvWGlNRU9XMkZZeUdZYVFWMWclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iNjk3NTAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NjM4NDM1OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NTgxNTQxMjU4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODYyMDE2OTg5MTcxNTAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNC4wLjI0NzguNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk4NDY1NzIzNTc0MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0Q5OEExQ0I0LTNERDAtNDEwNC05RTYwLThEQzIxMjZBRjEyOH0iLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUD86.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{0A9B2D79-4DF3-48DC-A857-524D0C02FCE7}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEE5QjJENzktNERGMy00OERDLUE4NTctNTI0RDBDMDJGQ0U3fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7OTQ5RUIzMEUtMzJFQi00ODM2LTlDRDQtRjgyRTY0QzRBMkMzfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQ1MTA5ODQiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk1OTEwNzE5NzQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzA2NEZBQTEtREM1RC00NUMxLTg2QUEtQ0YzMUJFMDUyQkNEfSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QUJEM0FFOUUtN0JDOC00QzlCLTg0NTctRDA2MDY2NTNCMjAyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjQiIGluc3RhbGxkYXRldGltZT0iMTcxNDE0NTU5MSIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU4NjQzNTIwNDAzMzQ2NCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNTkyMDA5Mzg3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BA6AF376-247B-4171-8057-6A700F5092FC}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzA2NEZBQTEtREM1RC00NUMxLTg2QUEtQ0YzMUJFMDUyQkNEfSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1RkU3RTE4Ri04Q0Q2LTQ3MzctQUMxNC0xMzYzNkQ4OTc3NTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNjA5MTk3NzYyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI2MDkzNTMyMTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg1MDY4MDk0OTYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNTExNjUxNCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1GcUdtOU5GbFQ0TkpTdTBtRGd5aHAzM0FvNHFKaDZmYTFIR0R5dnJiV2hlajV6NzVCS21DTFp5ZHRNanFrQnklMmYycDZMbFlsN3AwVkoydzE5QzR4dnRRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODUwNjgwOTQ5NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUxMTY1MTQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9RnFHbTlORmxUNE5KU3UwbURneWhwMzNBbzRxSmg2ZmExSEdEeXZyYldoZWo1ejc1QkttQ0xaeWR0TWpxa0J5JTJmMnA2TGxZbDdwMFZKMncxOUM0eHZ0USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjU4NTMzOSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTA2ODA5NDk2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg1MTI3NDcyOTEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODUxNTI0NzA0NCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwNjIiIGRvd25sb2FkX3RpbWVfbXM9IjU4OTcxNCIgZG93bmxvYWRlZD0iMTgwNDQ0NDgiIHRvdGFsPSIxODA0NDQ0OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iMjE5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff60d3988c0,0x7ff60d3988cc,0x7ff60d3988d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff60d3988c0,0x7ff60d3988cc,0x7ff60d3988d8
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7fd7788c0,0x7ff7fd7788cc,0x7ff7fd7788d8
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUMxQzZGMTctRTRBNC00QTc0LUFFODQtQTgyRjY3NkVGQUQ4fSIgdXNlcmlkPSJ7QzBENzIwRTAtMEMwRi00N0RBLUEzNkQtQTlCRjcwRTRERTAzfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0QTcxNkNDMi02NjYxLTQwM0ItQjlCNi0zRjUyRDcwMzJGRTR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtEeE9iakhHYStuUmEyYXRDM3dvK0lFcEM3OCtaWWVBVWJrWHBEQzJjajdVPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg1LjI5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldjtQcm9kdWN0c1RvUmVnaXN0ZXI9JTdCMUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwJTdEIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjQyIj48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0iezBFNDlBNzlFLTBCMzEtNEFBRC05NEIyLUUwMEJGOUZFNTdGNn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODYyMDE2OTg5MTcxNTAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTUyMTIyMTEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTUyMjc4MjQxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTc4MzcyMDk2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4NTkxODA5NTQzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODk0NzU5MTAwMSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwNDciIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjIiIGluc3RhbGxfdGltZV9tcz0iMzU1NjIiLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzI5IiBwaW5nX2ZyZXNobmVzcz0iezQwQzRDOTI4LTA2RTUtNEM1RS1BREE5LTM2OUIzOTdDRDE2Rn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBjb2hvcnQ9InJyZkAwLjk1IiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk4NDY1NzIzNTc0MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMyOSIgcGluZ19mcmVzaG5lc3M9IntCRjUzN0Q4NS1ERjUyLTQ0QUItOEEyOC0xREIwMDgwRTQ5RDZ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| GB | 18.244.155.97:443 | create.roblox.com | tcp |
| GB | 18.244.155.97:443 | create.roblox.com | tcp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | users.roblox.com | udp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| GB | 99.84.9.116:443 | webblox.roblox.com | tcp |
| GB | 99.84.9.116:443 | webblox.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | udp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | 116.9.84.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | udp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 13.224.245.123:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.123:443 | setup.rbxcdn.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| GB | 13.224.245.62:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.62:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.62:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:49975 | tcp | |
| N/A | 127.0.0.1:49979 | tcp | |
| N/A | 127.0.0.1:49982 | tcp | |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 2.17.251.23:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | udp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| DE | 128.116.123.4:443 | roblox.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 2.18.190.83:443 | apis.rbxcdn.com | tcp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | tcp |
| N/A | 127.0.0.1:50673 | tcp | |
| N/A | 127.0.0.1:50691 | tcp | |
| N/A | 127.0.0.1:50694 | tcp | |
| N/A | 127.0.0.1:50698 | tcp | |
| N/A | 127.0.0.1:50702 | tcp | |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 216.137.44.24:443 | images.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| NL | 128.116.21.4:443 | roblox.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| DE | 128.116.44.4:443 | metrics.roblox.com | udp |
| DE | 128.116.44.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 2.18.190.83:443 | apis.rbxcdn.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| DE | 128.116.44.4:443 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:51176 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:51367 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| GB | 18.245.253.41:443 | c2.rbxcdn.com | tcp |
| GB | 18.154.84.72:443 | t7.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| N/A | 127.0.0.1:52600 | tcp | |
| N/A | 127.0.0.1:52602 | tcp | |
| N/A | 127.0.0.1:52604 | tcp | |
| N/A | 127.0.0.1:52617 | tcp | |
| N/A | 127.0.0.1:52620 | tcp | |
| N/A | 127.0.0.1:52734 | tcp | |
| N/A | 127.0.0.1:52775 | tcp | |
| N/A | 127.0.0.1:52784 | tcp | |
| N/A | 127.0.0.1:52794 | tcp | |
| N/A | 127.0.0.1:52801 | tcp | |
| N/A | 127.0.0.1:52816 | tcp | |
| N/A | 127.0.0.1:52823 | tcp | |
| N/A | 127.0.0.1:52865 | tcp | |
| N/A | 127.0.0.1:52867 | tcp | |
| N/A | 127.0.0.1:52869 | tcp | |
| N/A | 127.0.0.1:52871 | tcp | |
| N/A | 127.0.0.1:53047 | tcp | |
| N/A | 127.0.0.1:53053 | tcp | |
| N/A | 127.0.0.1:53055 | tcp | |
| N/A | 127.0.0.1:53057 | tcp | |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:53081 | tcp | |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| GB | 99.84.9.28:443 | webblox.roblox.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | udp |
| DE | 128.116.44.4:443 | auth.roblox.com | udp |
| DE | 128.116.44.4:443 | auth.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 18.154.84.15:443 | t7.rbxcdn.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:53249 | tcp | |
| N/A | 127.0.0.1:53256 | tcp | |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:53259 | tcp | |
| N/A | 127.0.0.1:53262 | tcp | |
| N/A | 127.0.0.1:53271 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:53274 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54516 | tcp | |
| N/A | 127.0.0.1:54518 | tcp | |
| N/A | 127.0.0.1:54521 | tcp | |
| N/A | 127.0.0.1:54535 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54538 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.33:54130 | udp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| GB | 18.154.84.72:443 | t7.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| N/A | 127.0.0.1:54541 | tcp | |
| N/A | 127.0.0.1:54543 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| N/A | 127.0.0.1:54729 | tcp | |
| N/A | 127.0.0.1:54733 | tcp | |
| N/A | 127.0.0.1:54740 | tcp | |
| N/A | 127.0.0.1:54755 | tcp | |
| N/A | 127.0.0.1:54757 | tcp | |
| N/A | 127.0.0.1:54759 | tcp | |
| N/A | 127.0.0.1:54761 | tcp | |
| N/A | 127.0.0.1:54810 | tcp | |
| N/A | 127.0.0.1:54812 | tcp | |
| N/A | 127.0.0.1:54988 | tcp | |
| N/A | 127.0.0.1:54991 | tcp | |
| N/A | 127.0.0.1:54999 | tcp | |
| N/A | 127.0.0.1:55002 | tcp | |
| N/A | 127.0.0.1:55005 | tcp | |
| N/A | 127.0.0.1:55019 | tcp | |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| US | 205.234.175.102:443 | t6.rbxcdn.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| DE | 128.116.44.4:443 | auth.roblox.com | tcp |
| GB | 18.245.253.95:443 | c2.rbxcdn.com | tcp |
| GB | 143.204.176.43:443 | c3.rbxcdn.com | tcp |
| GB | 108.138.233.69:443 | t6.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55036 | tcp | |
| GB | 18.245.253.75:443 | t0.rbxcdn.com | tcp |
| GB | 143.204.194.74:443 | t1.rbxcdn.com | tcp |
| GB | 13.224.245.117:443 | t5.rbxcdn.com | tcp |
| GB | 143.204.194.74:443 | t1.rbxcdn.com | tcp |
| GB | 18.245.253.75:443 | t0.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 143.204.194.74:443 | t1.rbxcdn.com | tcp |
| GB | 13.224.245.117:443 | t5.rbxcdn.com | tcp |
| GB | 99.86.114.128:443 | t2.rbxcdn.com | tcp |
| GB | 99.86.114.128:443 | t2.rbxcdn.com | tcp |
| GB | 108.138.233.69:443 | t6.rbxcdn.com | tcp |
| GB | 18.245.253.75:443 | t0.rbxcdn.com | tcp |
| GB | 18.245.253.75:443 | t0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 117.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.114.86.99.in-addr.arpa | udp |
| GB | 108.138.233.69:443 | t6.rbxcdn.com | tcp |
| GB | 99.86.114.128:443 | t2.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55044 | tcp | |
| GB | 99.86.114.128:443 | t2.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55050 | tcp | |
| N/A | 127.0.0.1:55052 | tcp | |
| GB | 108.138.233.69:443 | t6.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t3.rbxcdn.com | udp |
| GB | 18.244.114.17:443 | t3.rbxcdn.com | tcp |
| GB | 18.244.114.17:443 | t3.rbxcdn.com | tcp |
| GB | 18.244.114.17:443 | t3.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55080 | tcp | |
| N/A | 127.0.0.1:55082 | tcp | |
| N/A | 127.0.0.1:55084 | tcp | |
| GB | 143.204.194.74:443 | t1.rbxcdn.com | tcp |
| GB | 143.204.194.74:443 | t1.rbxcdn.com | tcp |
| GB | 13.224.245.117:443 | t5.rbxcdn.com | tcp |
| GB | 18.154.84.72:443 | t7.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55159 | tcp | |
| N/A | 127.0.0.1:55161 | tcp | |
| GB | 108.138.233.69:443 | t6.rbxcdn.com | tcp |
| GB | 108.138.233.69:443 | t6.rbxcdn.com | tcp |
| GB | 18.154.84.72:443 | t7.rbxcdn.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| N/A | 127.0.0.1:55409 | tcp | |
| N/A | 127.0.0.1:55977 | tcp | |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| N/A | 127.0.0.1:56048 | tcp | |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:56051 | tcp | |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| N/A | 127.0.0.1:56054 | tcp | |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:56057 | tcp | |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| N/A | 127.0.0.1:56062 | tcp | |
| N/A | 127.0.0.1:56065 | tcp | |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| N/A | 127.0.0.1:57234 | tcp | |
| N/A | 127.0.0.1:57367 | tcp | |
| N/A | 127.0.0.1:57369 | tcp | |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| GB | 18.154.84.19:443 | t7.rbxcdn.com | tcp |
| GB | 18.154.84.19:443 | t7.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| NL | 13.95.26.4:443 | msedge.api.cdp.microsoft.com | tcp |
| GB | 104.91.71.144:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| GB | 104.91.71.146:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| NL | 23.62.61.104:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 104.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
Files
\??\pipe\crashpad_3044_ITOMZPCMXCSDGMUU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 08546b70eb5a841afd23987b15ba2fcb |
| SHA1 | b010a7a713aae54d652a32601ac243a00ac7ebf0 |
| SHA256 | d3e82a238d05541c510892462d9b55a0f22bd8921cbb26cd026bfec8d5ac6594 |
| SHA512 | 4778a3d6d5d051c7424c32fbd7330ca305ef4907f2f85a0dc925d86100bc98b406c76109c74fc70f17e1261e8df635fd71f5238f0e658d592b16f53da1543fbd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3bb38429bb191ea6a95759f70710504 |
| SHA1 | c0eb3d678f156e4ea4a2a5291e3b96765b5aec5d |
| SHA256 | 7f20178012d8fbbd53f1264f80d1551c9da604291d97f7b27c6ee621542b8b0f |
| SHA512 | 2126f04668575187b360dc25a0407c38b9816de1965af0e316d1406c47a22c72289d5b50bbbf98f99f7521a322bf788ee6320bb652659e8fe2011f5880ac561d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 064f7521899b2f571bf381ffde1435a9 |
| SHA1 | 4046b64b6cb5a4c1aa02c2678496c0787b06ea1a |
| SHA256 | 42036370b2ef91c3989eea615400c741d1540dd4d5d04b8ef4eded9c0b5c77d1 |
| SHA512 | fb1a2e914895d15fc6cdf49e3efe9d823278c3241b977ff20f65e34297762fb25e0ef7739bf5a67b16aa7be16ab75b6e66ed54c7df0edab783a6559e20754d81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 21b7d66c9d91c0071d7a8ec0104326c9 |
| SHA1 | 823a3da0f9671f5c728987152135d44a74843725 |
| SHA256 | 4d0a8f93dd42f37a572f581e6fdac095bb2c7192d1a218ef0815525392e6a90f |
| SHA512 | 865bbe9a6b37d3290bdbf6edc613337e67a319a0b2cc0b20530b2d13751731e3a101e8351b0841f5ad6534dce8a3d288ca260a3c48a3c0cd0759cf2c6a2aef3e |
C:\Users\Admin\Downloads\Unconfirmed 773002.crdownload
| MD5 | 911c020a364b10fe1de664c01de4534c |
| SHA1 | 8731aee51722d2e1604864eb8f03abe3e6d35441 |
| SHA256 | cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591 |
| SHA512 | 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a12b222e9871f72589876aa642a29c8f |
| SHA1 | 53f411ca38acef4113a8a918eb45f793b112982a |
| SHA256 | ad7914a59c162f4dfeba3c2b54ab93fc232423db52be7b4ed8f758b8161ff4cb |
| SHA512 | b008cafa367278112bd62a8d88e190076eb594f992baa7c1fc0085cdd59f0349e4b9d86152f0e6b66ccac152ccba99812ded5a380ba78ff7493298205c00ac85 |
C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7edc5572f82e009eafe96a1bf5d24de7 |
| SHA1 | 69387637a55620107d6df26284b4d81af6f4b178 |
| SHA256 | a0784dc8b0c96156125f5b3b603265a3aa743092e66ff7952e62028e779acf30 |
| SHA512 | a55f074dbb59dd4a5f5e3ff48e2c4abf507bd9ea5cf15e2757eda749776ba244e032d3eba86338e80bb941fba7de3a88f488e4d31fcf3ccedba90e1ff5e5ab32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e86e1715603ec2c835a60f467cf4ad3a |
| SHA1 | 09d160a5b7b19159a4c119bdc88c6ad6fe2e4c92 |
| SHA256 | 74bddbb186dcac84545a6a842906dc31d7f30016c65e3708a25ff5c1d5f6f3b8 |
| SHA512 | 573f3f96d6774d88be91cbbfca1f0c2ee6e46d8e01f986a2a3c10bd29bd28c0b5c32ade4d9314000002a1f09601b269cd0c85963d605d3c749234247dde3bff7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | aea07c96747c7e0299d3d23a47bdfdb0 |
| SHA1 | 0c307deeacd1bda06d45f906a91c5d3d45af3670 |
| SHA256 | 0a817a9c9c53f694353993c82d09b7dd7d6c98ed73c4c8477e29fd213cbd4d66 |
| SHA512 | 15dac9b82cec711b94b53ad9558869195e2cbff668e70a5ffa56f13d426f485fc4714940f976766b15bbb20b4dbc11eb1acac6d2854933ee2b437608ab8bd271 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57da81.TMP
| MD5 | e9cb15247381fa79319ed194c2d267c6 |
| SHA1 | 3c2022bcd128221d2e4b9611dfce8a7c2979900d |
| SHA256 | f59ef9af4de3f34c31735a9c3452df557c7961a8a93eba9d9e1f8395c8dad7ab |
| SHA512 | d04413730ca0176268a12cf2bd63369671a382c7bfe382ce292302d2cd4fc9abbddfe31b0fa496bd7aeae5b33c5f07361e8feca36daae6701bb7f373dba4775d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | a607fc74ebf6fe2fa9c047f5aef0b29c |
| SHA1 | 955cad4cc934403d6fc5b05e1c322cbf0ef4021c |
| SHA256 | fd39beba495107e34039712626bc23f3be8e7f667999729b2539698be75e8a56 |
| SHA512 | 669e2ed6f9dbb600901fc823eb28ac633b2e005acdfbd6742f579cd7e15575e1744fd65fef607a01989ba93a2b6aaab869e2f1e6eb53b9859f1cbf219759c2b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 90af94f12ffb28f89e73e995e05adee6 |
| SHA1 | dc8117c41523711e90e6ae4060adc5b80c920c3b |
| SHA256 | 56d7b09ce1cd4b2626a8fdeb36c686e8ac899ffeaecc887ebbdab5404c126c47 |
| SHA512 | 7d9d985475b65a7c6ecd14745264eb7c048aa590150b5d9e56eba08c3623149e6a054500e1f625e08739ebb4e6212cc97a69ea1f5db33c25b00282c61b9be51a |
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ga.dll
| MD5 | 3b8a5301c4cf21b439953c97bd3c441c |
| SHA1 | 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a |
| SHA256 | abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0 |
| SHA512 | 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_id.dll
| MD5 | 03d4c35b188204f62fc1c46320e80802 |
| SHA1 | 07efb737c8b072f71b3892b807df8c895b20868c |
| SHA256 | 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95 |
| SHA512 | 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_hu.dll
| MD5 | f4976c580ba37fc9079693ebf5234fea |
| SHA1 | 7326d2aa8f6109084728323d44a7fb975fc1ed3f |
| SHA256 | b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791 |
| SHA512 | e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_hr.dll
| MD5 | 0b475965c311203bf3a592be2f5d5e00 |
| SHA1 | b5ff1957c0903a93737666dee0920b1043ddaf70 |
| SHA256 | 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0 |
| SHA512 | bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_hi.dll
| MD5 | 34cbaeb5ec7984362a3dabe5c14a08ec |
| SHA1 | d88ec7ac1997b7355e81226444ec4740b69670d7 |
| SHA256 | 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9 |
| SHA512 | 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_gu.dll
| MD5 | f9646357cf6ce93d7ba9cfb3fa362928 |
| SHA1 | a072cc350ea8ea6d8a01af335691057132b04025 |
| SHA256 | 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150 |
| SHA512 | 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_gl.dll
| MD5 | 84a1cea9a31be831155aa1e12518e446 |
| SHA1 | 670f4edd4dc8df97af8925f56241375757afb3da |
| SHA256 | e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57 |
| SHA512 | 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_gd.dll
| MD5 | c90f33303c5bd706776e90c12aefabee |
| SHA1 | 1965550fe34b68ea37a24c8708eef1a0d561fb11 |
| SHA256 | e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c |
| SHA512 | b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fr-CA.dll
| MD5 | b534e068001e8729faf212ad3c0da16c |
| SHA1 | 999fa33c5ea856d305cc359c18ea8e994a83f7a9 |
| SHA256 | 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511 |
| SHA512 | e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fr.dll
| MD5 | 64c47a66830992f0bdfd05036a290498 |
| SHA1 | 88b1b8faa511ee9f4a0e944a0289db48a8680640 |
| SHA256 | a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961 |
| SHA512 | 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fil.dll
| MD5 | 7c66526dc65de144f3444556c3dba7b8 |
| SHA1 | 6721a1f45ac779e82eecc9a584bcf4bcee365940 |
| SHA256 | e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d |
| SHA512 | dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EU89AD.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | b08f0d0d7e0f5cc7c4f315c72910ae03 |
| SHA1 | f39fda8b277246c21a77fdb72d5193765ca28a61 |
| SHA256 | a1bb69103b337134ef3d6c03e2da5627defe8c3288ccb233f8191348e9ff5688 |
| SHA512 | 74bab3005a4a13e787f46b28c7b9758f93d865005b81fa76974629012d30e4564fb1a4265d737698e60d5253edbf94097cd9f52d0a014530320ac65921d3b56b |
memory/4688-493-0x0000000000D50000-0x0000000000D85000-memory.dmp
memory/4688-494-0x0000000073200000-0x0000000073410000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe
| MD5 | dabc3160a804b9fadd89ceb0fcecf388 |
| SHA1 | b52f15e866a18637683bdf0ea4eaa326b787396f |
| SHA256 | 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe |
| SHA512 | 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431 |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | 91d81a7c2e62b801e3bec6c5aabec5be |
| SHA1 | 088c1797c55e4a3a09b20851b5d62ef412f8797c |
| SHA256 | a7b9df14f5b6c90db7dbf440550fe0579838e697c956d9e1eaaec38a885d1135 |
| SHA512 | d4d5181450128b8fef38497723c4a39f74e2193fe81af0c5dad6693573db8608c453272cbf971061490176185fa76e7f8c3f08a2e601dc839691c4e5b7d45802 |
memory/4688-522-0x0000000073200000-0x0000000073410000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe
| MD5 | c31297188ec9fbaa60449f769339963e |
| SHA1 | 8502d9e0cef18137529f0a46ad6e69a1577e6cae |
| SHA256 | 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9 |
| SHA512 | 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bc3158c0f918593e75dc3a1b90a7d822 |
| SHA1 | 3ea1f9f603fba822bae44a8c9088d4dd60647d8a |
| SHA256 | f97990b1b41c072598821e41a05f2ea6e1ae169f13a3323435bf3f4ea9aae9a1 |
| SHA512 | d90eba46554a499808e0eee2ebf9b60e1a2c353a1293c51d4c114504a3319378f3261d3c22d8403fe1ccf580b83eab561362960c905188d416d9d5f1527a6c4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | cd20125da8b1b31ff6191fb4ef6ca297 |
| SHA1 | e2ec82956f12a2ea00ffc9c0b366f9121f213055 |
| SHA256 | 2d4b08ed86c965ae597238be3aa0e944d7385baf049826c8e6ffe9a5f46220aa |
| SHA512 | 2c5f0b3b6c24828c0d8b86c36fddc26b843a512e90b7f7c23b75fdc6e0288b053bccfc867b0621954f813c4aa169df399037b72d00e60dbe6223c777a2c2d65f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d0e75b526f80b069cfe6352dfd8cda65 |
| SHA1 | 086ada6a7be5180285904c0ee7b040246e5c16fc |
| SHA256 | 3e8cdad4a99d89ede6063b738b5594f6b2d8a21925f76ae49e33f20170472881 |
| SHA512 | 0e107858a67d67ab2d581b5604d846639c6405895dad85d24f4da1e53161a02a96769e97bd64d720e5efb32776ebe31829dde9a4ce52f4d770236c0158061b87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fc98904ec073e5a336f3a98196c7e901 |
| SHA1 | 1f7678be51a3d78e30219e699a2d1ad2cb535ba0 |
| SHA256 | 7bdb706cd1af204d6ed48c2d75f21d0311668ace6c0f9bf8923c55087795f258 |
| SHA512 | baa409d008ea2bb4eb77e68532931ec8abedda1e8d9e3f51809cbeb5a256c5b8b5d6522d8c1de165f348bf446dbb22a14f155bfea1c8f7ef99892c1f8dda0dbe |
memory/4688-850-0x0000000000D50000-0x0000000000D85000-memory.dmp
memory/828-855-0x00007FFB1F910000-0x00007FFB1FD12000-memory.dmp
memory/828-858-0x00007FFB1F910000-0x00007FFB1FD12000-memory.dmp
memory/828-857-0x00007FF633A70000-0x00007FF634A70000-memory.dmp
memory/828-856-0x00007FFB1DF70000-0x00007FFB1E4BC000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fdd12bef1f2b4e7458382387cd32d8a9 |
| SHA1 | 306ee5fedafe403f76e534f00e1949e136a5d50b |
| SHA256 | 44c4b9e821168705ec81184a744a441837a2d0c972502d72462436629203dc35 |
| SHA512 | 4847d8c2b38011e0cebec7a49bcca2b4bc4958cbe77a707501aeed9acc92f32d7a3c3fbf6299167763dcf2124d0679fa727e5ee6675d3b37f8d4fa88bc8b5877 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 245d4af56589ff0e46a9bfc9d86489db |
| SHA1 | f54cb6d7047f4e7a17e1354d6922683c5dc14ea7 |
| SHA256 | 05f8430ece2b9a130aaa51d427f3b23bfdcdc1ab81e97f0b3b551141a7a71b3e |
| SHA512 | 4676d4cfddc09ffff5d2344728e804405197f2a3067f7a71a44515e6b049a5d357c8b5041d1624778091eb0faccf071cf2fb99d86815fbcb481ddde49891c428 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | 3f0e017342133764a11504f22af580ee |
| SHA1 | 62a6543b077ed523e7d8436850a2068c02b03beb |
| SHA256 | 5238a28de3577ca46007946c92475cf9962123cb51403d275e11633bd1af1093 |
| SHA512 | 9e65a9776c11cc0f437ef0988144bdaf9b9e51c741f2b194c6bd361a082cf4f9a385e8a6dc961ad4f895b1f546d0e89455572095c3f475358bc0d9c8c75ed156 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | a6aab5f4983a468a4b2ee1f91161924d |
| SHA1 | e784baa1f4db8eabbbb759d5dd9c50de4657b305 |
| SHA256 | 77020cdfefb9299e26e5d5c081b22fa62b090aa00a086b0e2c4e76680897c472 |
| SHA512 | 904513b46f8e1468f52a34c95b262416d03d3bd4ba50ad50bd7afc3f699dee0f2823ec7d2ce2a6124a5c0d809207978a5071f5af981e1302297112b09809757c |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
memory/1540-1001-0x00007FFB41DF0000-0x00007FFB41DF1000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe59aa9e.TMP
| MD5 | c10c609bceb6d030c0fc5822858db60b |
| SHA1 | 96e04f901ed6f93da3ba5bb2c493a9b3655c378d |
| SHA256 | f3406a28758850c408849a7afcd283ccbb7422fcff4f05c3ca82b0572487e949 |
| SHA512 | 4c2f07a6eec00cf2268ca390cdb63a24c85624b385b42e6c600c98250903899fbabcc2167340e91d4942dca022da8c3f4cbd695a7858cac32d2707ac11198cbc |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Site Characteristics Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
| MD5 | f18d5d8346c5a1259bade97ba50d513c |
| SHA1 | 15e5d714fafd055aae1e27dd769a46d98b3075e5 |
| SHA256 | 2cd0593fc507bd38f684fd5ac7d5e0a1a852c55c1143d7ff9a69651ff26c299b |
| SHA512 | 19cd3e4d0e6d17a205f7c36d89b4754abcbadfa9d12f8ff2ad75ee5918d31c5e6bef22a43d74f2e08daf4841a63d260d16522774f19f53cc557d3a5da73f420c |
memory/2136-907-0x00007FFB41DF0000-0x00007FFB41DF1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0d823a340eaeaf7e3f9a0ff43ca08c73 |
| SHA1 | d3a1ed9afb482616884a508d6a1a503253003873 |
| SHA256 | a1edd171a7d51d2f7ee927b4fe30bcad8e49d5640deaa452b3602546f77c1478 |
| SHA512 | 27bb491caa7d15272665511195cfe38ffd2bc16c4f23cea79381d212e489e6584f48ad218d49cd1ea79b65d4742578d5fd84a8b1e405e84692714873ea9355cb |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | de8f09449c7e95a3f0f655db6124e3c8 |
| SHA1 | 8241c78d866d14af8048ce6ba5f6edcfd82ce46e |
| SHA256 | 5ea58392c760e159ce0daafe6bbb7d37da34f4789550cd0cbe38cb7af04221b0 |
| SHA512 | 4fc9b68ac4c6bb64f358de1757520cd4a6b3f170657e06fb80c4b00f19d30fe1eef48fc4c2307acce6f903597b03593aa4411223268f72fb195d78dde436a05b |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe59fd52.TMP
| MD5 | 2e58d506602769d07b6d4035fb896135 |
| SHA1 | d562168952c9663ca8b23ba9e759d17f7325927d |
| SHA256 | 63e50e5c52c6bb4f8c71be82386632b3103c6f6ed67f660ae797cf8eb06057e1 |
| SHA512 | fef051f749a4bbc27f572b159569b85f4cb27e0160ecfcb5363add52eac8da926f81cabd5d16daf081ae44f5507122e36af89b4720faa6c5d0684fb017feb128 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
| MD5 | 47e80e9114a2ecb2f0de16b76781f88e |
| SHA1 | afe5f934204d323c2868b7fe67afc94523424b48 |
| SHA256 | 127062d96de8948fabd82d039df75686ef66cfb30cb8f5ece7bb8af3160de212 |
| SHA512 | 16c56495d91461c9a9d39274a6a56da413b5796e4ae311a9af9b4982641ff7548b6568a86c12f95f7fc77e476883ece1087c089c80153995bde8335e3fe41c4e |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe59ff84.TMP
| MD5 | 175c57e94b7e52c4ef6fc25902d5dc63 |
| SHA1 | 067fc4fe43cf234b0d75ab6f6b833c106b4d2bdf |
| SHA256 | 1fc416291fee951a3e24e54af7869aa51785ae176b5ee80e82287a039d20432a |
| SHA512 | 950ee3015bcaf93fb4b6b365c6175646d5268426cf1ba5fe38e5afd979248c909fce9c8b655d3e76fc7f57552e79e402d2d07313fba31761ae696b286049fdf6 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 737cd8a59e16dc3504bc1efb479f6003 |
| SHA1 | 9278a11598b1613fe9f9e259a77a933b1b9d2323 |
| SHA256 | a56ee32f5abba4be3071717fa8a3aa0de0f8d7733271f0f4711369238b9777b7 |
| SHA512 | 0eaeab4af190cefdeba1beb58b2a71e29522d45bfb2627ca04a1187170e2ff60cbef4c1b8407be36c55b4b1d03fd3024e34e7cf5ec636328b1473670938e8e7e |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
| MD5 | b9023aa2e0521b432b72371254eb1a26 |
| SHA1 | 98cdb1fcbfde47a6a6f56fb3a00dd20f36d9510f |
| SHA256 | b5e48f351d51b9c18ee281c7eb7a018164f4a96ec649db57676e42fe13f67eaf |
| SHA512 | 7cad51782b757268bf35f0313b797f443d6f17893f0658b8f3bf0f5237b592d189825000d130b92f810bff29a5bd285680c2f4ebf71ab820ea9414013def13b7 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5a0531.TMP
| MD5 | 3b721cebeb8b3884ea046ad42e929061 |
| SHA1 | 0cb2cf6f57bbe36f403484ad0c5c9554b1c23e50 |
| SHA256 | e2fa0a65e3be2945111c3644b11e5c3827c5ed1fe5969f64dd82861b87a5f626 |
| SHA512 | fddf7bf15cb3322f9ec49bfac9bf544f3d0fab0e37e466a17cf7fc7b698e325d7b57e095b7c4032ce08117f98d0269adec0bd589120ee373d67b10fdba9ad29a |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | 0027357c266910d9c79338565f695ac4 |
| SHA1 | 4e00caf2315d7fbb0b457991492197a56fbfa1e3 |
| SHA256 | e5ce00e2329b76c8a9a3c51882c3746317853e691f3a877b8b1cba78bc0f7033 |
| SHA512 | 0c9664a956547890ab128894b99ba9c62196f62d1707078e237ead780e2998a0da927282fea7c149a7eab7d82baddf2825f1087268131c2630288879334e1b01 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
| MD5 | f456e4829a3e6348430f8dd7ffc0c79f |
| SHA1 | 8752dc4ae5d29dadf6f70b85a242c455178b8aeb |
| SHA256 | 023ddf9f322537d0102b8e8b6815366519ca863a5416bcc475a0fbaccc06af9e |
| SHA512 | 9dfcb567a159cd5cac52a4afe4829124c349f014090555c83788eefed277bd8aacadbd181a85a14882d799e4c5bc5c15f9162a9753b4999821342ef8a55b1276 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State
| MD5 | 181be7c83dfb98d644fd8915b9383982 |
| SHA1 | 67be79723df238b18ae54704da1d7a0bc6096edc |
| SHA256 | 0056cadfe424863c0ab44a8d5b5122c599ab17ff3ce20be839cb6add775dc359 |
| SHA512 | 3989d5aa4360e59a25c694dba6f87572b90dc3f1d0527dedbf943b9ac434878f2906d391f59252e1240fb38185846e3d513d09c207ba913394e60a9a88c2d372 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5a3a5b.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
| MD5 | 9047a97c913a3590f5e097899fde7a28 |
| SHA1 | b8bc52c6aa96f8bd65a5dc4419fbe31c351556f1 |
| SHA256 | 7078a52a93a16a74e7af9e27f9666b6db534751d47a776200627ef8a4358f85a |
| SHA512 | e27b8959b830e4dac4b87a1578e6edcb6e7c6d98eb2ea33e340004c1cd91ff0af2b5fd1a0099e7715bc1552dfebb2bb9aa2053fcbea87910bf15e4d5d5ab7476 |
memory/828-1507-0x0000013923C80000-0x00000139240C0000-memory.dmp
memory/828-1509-0x0000013912910000-0x0000013912B10000-memory.dmp
memory/828-1516-0x0000013912B70000-0x0000013912B71000-memory.dmp
memory/828-1517-0x0000013912B70000-0x0000013912B71000-memory.dmp
memory/828-1548-0x0000013924150000-0x0000013924151000-memory.dmp
memory/828-1547-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1546-0x0000013924150000-0x0000013924151000-memory.dmp
memory/828-1545-0x0000013924150000-0x0000013924151000-memory.dmp
memory/828-1544-0x0000013924150000-0x0000013924151000-memory.dmp
memory/828-1543-0x0000013924150000-0x0000013924151000-memory.dmp
memory/828-1541-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1540-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1539-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1538-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1537-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1536-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1535-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1534-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1533-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1532-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1531-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1530-0x0000013924140000-0x0000013924141000-memory.dmp
memory/828-1528-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1527-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1526-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1525-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1524-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1523-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1522-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1521-0x0000013912B70000-0x0000013912B71000-memory.dmp
memory/828-1520-0x0000013924130000-0x0000013924131000-memory.dmp
memory/828-1518-0x0000013912B70000-0x0000013912B71000-memory.dmp
memory/828-1515-0x0000013912B60000-0x0000013912B61000-memory.dmp
memory/828-1514-0x0000013912B70000-0x0000013912B71000-memory.dmp
memory/828-1512-0x0000013912B60000-0x0000013912B61000-memory.dmp
memory/828-1511-0x0000013912B60000-0x0000013912B61000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1f1d96b68e3261cf312b541611c5539
| MD5 | 3adb865c801399c412bc73840d3d8241 |
| SHA1 | 267f8332eb7486bccd7a6730cfb4f5c2152b11c0 |
| SHA256 | 10fb505b7ce30ce4bf5582248b17dd47f6a39635007bb77dc5d16b963baf9905 |
| SHA512 | 609793331ce25c6667067b3616791f3ece470500f797343178948e4b7af18f275fdde226f542610d957b397651e12191aed58dbb88bc1c59eff4625e550160a5 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 30c7b2bdc35c650d2b65150241646816 |
| SHA1 | 94d466a5f5159784155b6adcc9555bfdae4710c6 |
| SHA256 | 0784d39379f0a4f971777844ba07550aff31a3d5e32ce1d1eff6f4c7d49b90b1 |
| SHA512 | 8d51ef924b6c8f46a7ced69f188f2ea583ef3feb7fd84f51a8af8810c51e5099052e2c1513f15ac6fb83fecbef8c984fb4e124ff524c2b20a437943dc127465d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | c9e90f55afd2efab58fb014cfb0f479d |
| SHA1 | a17fac9411e865b1b1dff38ede10ec7e6a61923a |
| SHA256 | 86037f2d58cd77fe3f22791cf411cf7ed449dc36a2686049217f94f7756f88f1 |
| SHA512 | 85e6a097940beebcc624df47262f9fe2ccba75737f91be6918d44b2081a2a599551be2420bd60aa82556aaa2aa032cdca8e881beff2e61c68cf65772c1372a54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 8a032debb86142493319489f851d866c |
| SHA1 | ccd11d0801056806727155a3a8aae9630b49fd65 |
| SHA256 | 48d5b273974563856fa91171e899ccdad8e2ae8a08d8c99c4460b5c88ae75719 |
| SHA512 | d310d4017b0a7c9fedf4061641e95eba5807bf509042daaa50b96f715c451d688d427954aa366da420dd9607787d979a8e2b6302302096f8589a5d3f458ece9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | bb00548405ffd7163c91873b7268ac94 |
| SHA1 | f4d42c296bbd540aecd640f6a39284e9d56cb4fe |
| SHA256 | b894c9dad8df7fe247018f8d8345b7b294d9b247efd5717ac48102a72328ca4e |
| SHA512 | 92b6cf17d8cdb2b7e8e7817b5f260ac8b61f8ce7aa4cac1e69c3d6b86b1811c225b0c0df7e616c5e1f021b42b9a792b83e9b48d811416daaadebd0f612ff94d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d4775dd15a92d256aadd434eac2ea948 |
| SHA1 | c945839e8e8bb094f3d15b50c88f6517a0a4861e |
| SHA256 | 214aba49574eabe6310df08c50dabf3cdf0d66eccbf70af4837047e79b4b71c8 |
| SHA512 | 86191deb0eb66384fa9e2c8724a3d20b52dceb64d1bdff078c847ce8f26a6cd409cdff85e85816044d2aaca03a60fecbef93679e206769596372195a6c21d843 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fa01917db83cb3b1caf7a2f5fb15ae4d |
| SHA1 | 4389204ac21082429d8be0fd80d72f319fbfe031 |
| SHA256 | 565331ddc51e94dcbc443ce5efe3f6d0476f53b2dd6cb6ac8c1ac1b209ed43cf |
| SHA512 | c5f14ffc06628526fcb14a6d51baba0dc3057671edc0fb573713b00c1c20da17c1a1405cc8cafe16610ceff071b212bc0293e4f4f55e094ed769be7a413d9adc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 96e18a916f4598eae22eebb93e93e6e2 |
| SHA1 | 446dce387440244d1d024d754e309a51c412af10 |
| SHA256 | dd7eb24cec65b723a35740d59f5298ffabb3d49b5423c9212ee50429afa34334 |
| SHA512 | 70bc8eb1c9fbcb487b96cf6605e5f3ac6f8460301ef7bd968c2c3244f581ecb245ba275bbe35c31bb8dd1cec93d476d0775c726dc2973e592dbdab61ae976ade |
C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\Downloaded\OTAData.json
| MD5 | 7a39cae24c1d13e38fd10bcef98c80ce |
| SHA1 | 58d8a40b4d16215399749b563ba610c5cd3e4159 |
| SHA256 | 72de5cd3124d642aafeb64a4562c31204bb506a5c4fe37de302849aef41f0d40 |
| SHA512 | 8f51f5fe9890099039ef275e5148299a87bcbbc1a9aab5c279105b96efd795ef445803b4422060964b3b010c180c9b4526c82f84433669e4e365812f9642c80e |
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7f9647fd1ce5d57301f203be3ceca2c1 |
| SHA1 | 5c11eaf7e8004fdbef16a284ccb5295c5f5c884f |
| SHA256 | a7c0d5585351298e24e5fd05af3430d93c62ceac54362594b82c18ed282f2f70 |
| SHA512 | ffdc035a9722994e275d64294e08c09b0ff4528cbbdd5134118e9d65964c472b6ce6f7e62b44e637ba88249203a9f14c708372d727d1f9aa60b21b6ac02affa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 6eb7805739ce5f7d6f42037825be7ed3 |
| SHA1 | bcc90e4804dfcd7229b1b6ea67eed0eda16761cb |
| SHA256 | b8d831c581fea9c414febd99630d68f5b6f11216323076495bbc216db9d8cc19 |
| SHA512 | 6df5badcf29d85fc8e1b394a2ba002830c3ad0310555c50ec1c8ada01826d25c794153178457983af1b5a1e4d477d0b5076b7390e20d674c75b33f8a08ca25e2 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2
| MD5 | c76ac26f80988d0fcf03874d625b86af |
| SHA1 | b04a5e95018f8eca571daa4077e66626b9ba0de6 |
| SHA256 | 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab |
| SHA512 | 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a
| MD5 | 38b25c1089062288a7a9a8876138e465 |
| SHA1 | d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c |
| SHA256 | e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29 |
| SHA512 | 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d
| MD5 | e6bf3b994b7bd85aa47c17406d367d2b |
| SHA1 | b18be2803acd9576aaa72bb19116b09680f0cbd0 |
| SHA256 | 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa |
| SHA512 | 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f
| MD5 | 2c65a49f36fbe81aed88d7626a0112e3 |
| SHA1 | 832fc429cd021f288f5ef9531e7dad6c9c6507fc |
| SHA256 | eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de |
| SHA512 | 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d
| MD5 | e3690a37568ee9fe7f191a17a47e2146 |
| SHA1 | 476c939e0ca065001820946509e36ac2842fb1fa |
| SHA256 | b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28 |
| SHA512 | c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8fbe2ad68bce1f4933b291c365e04e75
| MD5 | d6a9f27b18ba6c1cd064cfee32420a8a |
| SHA1 | 3eb4fe70132f76c96bf7f951070f437ba176fc40 |
| SHA256 | 612baaa3a5eeebe00562f3ecd4490073f3313811613ead2948c1626128191506 |
| SHA512 | 1126e9b53315742eedcb4e28bec6330c03cbeff2d311c9bca1e8280720ded31b6ad7f4f4b6899aaf23656ec46b19fc2ea6566226c1fbb1ded1c3790832d9fc1a |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | eaef4b677b2babd4fb7b29da0f065bf5 |
| SHA1 | 655dc02137cacabfeebb0705832c3378062b1598 |
| SHA256 | c5a33fdff10981930005746e120f5cab8bd1321ea949ea5cd1b2e34a88f7aaf7 |
| SHA512 | 7ddab6aac206bbd23350667487335e674466d66b3f0c425ec3789a62749bd6073eea1e1f5785ca539a0b7e0bbd8a83605191508d97c8280644088cc7d8161aa3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1a1d7a8fb35b007494a82bd5304ba1e9
| MD5 | 2414d644ab2dc0d3c58d8546b4cd7ea0 |
| SHA1 | 77a854549c69f719657f5d404ae9391c705d88f6 |
| SHA256 | 28be75fd24c5225fe212cbece08722d92c4d2816e5c3a0051294826a5fe79458 |
| SHA512 | 02bc18971dd372438e6f93b0db0e29a2b647b7e1acc5e8d8321f73857b746c5523e7c720ddadb96363664fd5652c30d5e396f7128813dfc0c30fe7ea4086a229 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ac0ab8f16fbb1afe5c7b089b5d5698e6
| MD5 | 5bff0b6da657e8e4ed652a4a5faf57f6 |
| SHA1 | ad49b5a7c4734d26061b0eea4496fc41949bc5b2 |
| SHA256 | c80ae50ae40768b21e62b593515865bd729b4c0712a006cbaf374a66f14f956f |
| SHA512 | 146a0ca1c20471f2921f1c911692223b77c4f528f2de47da9df54c1620242230998b86be05b436a725e64665a008cfc21715e114fb0fd1b9e0786288ad20ff24 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3e2504bf31b5aa0ab48a8ae5f1dc5f1e
| MD5 | 6abaefefcacaf36071c43e9dc51f1bda |
| SHA1 | a562a7fc46cec9c90e86fa570267864ef2249a20 |
| SHA256 | 55941590b6aff4d570b3531c493c14c46eb687ed9e4de19200de1681987f75ae |
| SHA512 | 5fc4b6db68c03630673789ec5f5d017709e5a9011f25575c0e428f4a21c30e1f6664faa9e4ed456ae79c7ea0fc45db30b8d45ad9b4e2e94f49b27c50237872c3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\cb8a45c1430998ec1304e4c79176816a
| MD5 | 933b1f5dc544d9868d257d80e517c112 |
| SHA1 | a8d55f9cd5f79ef7f6fa1ffb229d8bcfb30ce348 |
| SHA256 | 51a66f59fb6018efd308234879746581b50566d967cf1fbf63fd3fb6917f1295 |
| SHA512 | 6e03ebecd629ec937171a7a2d11a88c83c0267c0f153b86194683fc967f0e1c827e6393a39af735813a1cb3fe2297cd6582d2f7578355e797a5152dd92d6e600 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b80d47fd48f8d137ca2aca87e1d00059
| MD5 | 7dae317d3e65c483f462a48cee3002cd |
| SHA1 | 330c91065d277740b721b723ffae4e5511e8da2c |
| SHA256 | ad244e68f3ae289677897bd171703b8ab65bb03b17621b3c8f61594b906f8b78 |
| SHA512 | 966a981204a7979932981d8870704fbe3d4afc2a0306cf149117eeb30a54debf852c8ef04fda90fb2d1d1261daec60db390a4c9b9fa77740d14171335384ecc9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e0fce80600a43748c6cbc0ac23f6cfa2
| MD5 | 3bf49259291542dfee0f89d587c177f1 |
| SHA1 | 22328c74fce75f7918f6c4b3ca5ad9e1921db437 |
| SHA256 | 971101824fc41a26f9b1386d72750a69298f4725f266edb3c93b21f9600d2916 |
| SHA512 | 20366e5775f42da8e313d67ace54bed3b2a010a84d9b3422276a8b544186345683c00663ce4f541c9890f906344ca3400015bef988d4ffa7dd4bf1c38161e271 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0d8b0fd3715ff57ba968ae5740d39a12
| MD5 | a3366bed53be5f4fed574fc819a07072 |
| SHA1 | a79b59561cf06c8a209fb701567a67376d83924d |
| SHA256 | ec5c1697be4eba9851b9a413c13e1a94f9846f6dba1d8d0fa33e1ca7292e8030 |
| SHA512 | f8424133bac79bbf7547bf7076cbaf0bd0767f220778275c36878bb982bb69bfe64aede42d67c9db009047e66bcf5eb9604205f6b0aa9a801f6827e2034399fa |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\175af5595dfe9780b5b7b10ecb943336
| MD5 | 0c9078c249c45630688d2af7e0574c25 |
| SHA1 | 8fae18c0c69cf3a58abddcc9a55fba6d81aca2b2 |
| SHA256 | b0e7f0945d5de86014379ede1d9a9528a8c944534ab33e58c7b3be1b5706500e |
| SHA512 | 24e0cfdac58bc3714541bd39f6992bf0a4bd4c47e492edc40b72d045b4f06573d582d9f4e50e0c23f964ec678d857752caeec6a65ef89b70e2ecbefe749b21f0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcbcf8ab7914469e06c8fa6ee80f2201
| MD5 | 958ad6c1423022b1905d452d8772d16b |
| SHA1 | a1c5aef3f0d7550f8a9ac31ac1e295696477c02f |
| SHA256 | 8965deb3f4a35faba9f087defdbc2fb071e006f283ee7e6b1ce250c6ec12a49f |
| SHA512 | 5185a342c83ca7770ecb1103d95d061cc17c80526f755ebfac53305947b09765515221ba65b43a98eff3860e47bfc7a15f51e67d0636de7596a6859ff20804e5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\31e8a63e8fa08c8135be1c5384c3e0a2
| MD5 | 1221a85cb03fd45c001ef47af9935e7e |
| SHA1 | f209b998e8972ecf158f58270244b831d107ace1 |
| SHA256 | e7c79bc6240600fc94d67a9c0e9c1f563a3f30698d7cae3d19b1735865835d4e |
| SHA512 | 2e6846a2ea3bcf0892703f3f2024a0acdf277251c55ad9c65e61fb5a8780c67ec707d42818b3d98103504dda9984c109ec0f8e393fc063f734bbc7bce168ad90 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1daaef2a5ce0ea927443fd099437bb55
| MD5 | e4a239995837749223ed2039a40a3a21 |
| SHA1 | b1cc97f9ffc3a367dd3a55a1a3342d59cb610403 |
| SHA256 | 36ef28d0243f78f746ddc7abb74563980829c81dcfb91abcdaf6459bc7d374af |
| SHA512 | ad81fe4cbaed589da0a3b97c20e7e5fc0deabf5910b1c41dc7d6e6e8b8f22486f71c9577886689739bdb87e34b330ce43cb60fb2e3c1305d77984ec78cc0879b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\32c38bb4f4a560d621ab93aeb6ca5d7a
| MD5 | f7b60787135cc235066319d2412e77e0 |
| SHA1 | ff9e626cfeeb124bc95d830d20e13b15c6427c77 |
| SHA256 | e815d7145b898343e81a796bee29e8a71a678c9c3475a7b1107cdbefeefb6152 |
| SHA512 | bb21ace97ed300299a276844630c2b30aa0aab87a3a8684391bbe37a0ce7761c82011035f741cc1f596136043f1871d16b0238249d3b943b2c08fdaab8c0d762 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5b794cd8b1447c984ba301aa73a6625d
| MD5 | 2740a9a1a4020c08f3ae9fce5509416d |
| SHA1 | 371eb56fa91013a45a38486d5d77ccc12ad03990 |
| SHA256 | 239bce8cdaa04b7e91497dc8fad14e5af36ebf244712d7a04e37c2be5a0e0a38 |
| SHA512 | fbbad878010bb317d5ddc6de48c87d838db393fc52c564555883d07e62b77cd37a3584414566977fbaef792ce0d2a00cf851ce871e880d1cda34357d2fd4682a |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\4dd9b09ac0d9a7bb380a273db7cac4ac
| MD5 | d97f6e22eba42d95c89cfd439f36c1d4 |
| SHA1 | 3a439aff0b80708f6510643f70997b897500d2bd |
| SHA256 | 25f91091126b2855bcb9c2daa26fec21fe7cc6d25319925a95a55a37cc840b6e |
| SHA512 | 52ca405f845e8313b0a04657eaa9a22d1c4fbcf758d5796d2deaf41c7ed6abc28e3597dc1f5d803c009360a63db4e686e6622fac669c252b09d2a3d8dc451e72 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d8b4554062d011287069393d07af8706
| MD5 | a0c28b8252eda35f15ff0931e1817ac9 |
| SHA1 | 3fa429b9d0b8926907abc63b81a301bad2442eef |
| SHA256 | ee880812bbf7cc1f00cb363632e9746e7342cb5048765c483d56f4284e555a0d |
| SHA512 | e49af44a8fa6e0c0fe4a5f55df2910ff43a6a9360d6e0ba507375487526fa4fae8c974763e4bb757e0907036141123920024adfb312f9d53703bf6d45a83956f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\9fd0b17a3402934b24f3b349c8d753a2
| MD5 | 59e7e73fef4a9df2680ff8fe1722014f |
| SHA1 | 2b9d42140ad6207b1e3f5cf8d66b345109cb1098 |
| SHA256 | 05f280e512673a8f1358b88e8706bf5a763727dc16e8c43abe1be6129a820b57 |
| SHA512 | 49edc88448345ee5bbb1093bbb62bb49b0ac3c1c0a29d4a862be76845fbbacff0347ea457d66e40f721dccb8071c18e4ca7f41cbce88d57a64a02ed400f4f783 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\706b550a2be783fb6e220ca8181485e5
| MD5 | be4a508de308b15bf9c711a769ed61a9 |
| SHA1 | 2b980f20a1466d2f1508bfaf8dc2a2558450c1d9 |
| SHA256 | 0ac514138710cda19cc114cafa8a3fce046654dda1cce0915f525c6f5ed0b812 |
| SHA512 | dc71cf06e2466f17b843b96fdbec856b3b67df95105895597e73fad455340d4237f1b7cf91ac2906efb9efeac89515deb79a045859a0651420edecabfef8cf8c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc27c501541df155b6fb12496e5bac70
| MD5 | f635924f866829484247044f991b14ec |
| SHA1 | 39c6f43e94e4b0d0ce9c30da5b78aab7fa5086f5 |
| SHA256 | 30b18b2546442b630f0fb8c6a7c26419a9a73988e8e1a118dae5b7241e98074b |
| SHA512 | ca145397fe454c2623651c9ccaf86fd15212fe83d758fab2f8de35e4ea00f8eb8f58aeecb2fc95a4ceda07c9bfa960ccc29b1a56c2bb317c94297c24a366be68 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7948b73360f27446739cb67376a2d7bf
| MD5 | 6c261f23c63795849eba5b1ef6f17cf3 |
| SHA1 | 464f91ce49db8b5546722bd62c4f59aae33dfc20 |
| SHA256 | e4274c467ca592398736e990eaa97a937f209768239400cd90ea59f9e58a27fa |
| SHA512 | ab6f671b1939df79ee60a873148a1763c06fa880e2f17a23c9e09c5401120873167905e49be3abaf546b9fee33096b76a5573a473b72de3806c38a128ab91ab9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5477b96b8c7694aaab08397c539323cd
| MD5 | 74efd118f986358ad4cde9a57e61dc32 |
| SHA1 | 0cfe0335bb35298456edc9ed791e019b70266c31 |
| SHA256 | b973558fa71e5b3a07fe6ca6180c5bd0cffdb343af3a0d2e4e4e89b40b194ee5 |
| SHA512 | 357ad98fcdea45563ac733ff39aae16b103a1327a063445b6febb89616a61fbcd140c2148eeef122965cae78c2158bb39bd3eacac6d6c70a58546489687dd733 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\78e2b6ce1224c7617a6a8c90174aa783
| MD5 | 22b25a819c414b6c626e5306888142d6 |
| SHA1 | e7d68968d0848af0e5203409227a1980dfeb4a0f |
| SHA256 | 275eacbd4554f5b0e4a4266514243c661edb1e4eea694a2fa01ac20a531dfcea |
| SHA512 | bd04fe05aedb2cf10fef09648566834b019d40a6ec8532b19edcbb2348059984dbd5c04d6fd9579dac55f99a6b4de820cda159256d236450b0d0a51594e3b15d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\77b3cd784a40d8349719b23b5c0e414b
| MD5 | 05c43f778ddcf81fb06a2fdfb4f7624b |
| SHA1 | 616dade772feb66bb1b8dee218c7a5a39d43de06 |
| SHA256 | f4a00d60cb52477dfdb2eb264470e5daffd44139c118b73c80e8fdef16f9dd45 |
| SHA512 | a2443c678bc019dcc50fd7a49d5c19dfa0c45a7c43fffa24ca225f0f24b6839865288b2fe843bb233752fe59c712c54bff8d9b5c4e8ef5ff4ad8ef20b053feed |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0b39eb4053e10b7ff21430e80432eed8
| MD5 | be1dacdbf4fea39b16e7c11e286b7205 |
| SHA1 | 28ae9237170d6fa225c54e7a36e35549d191d450 |
| SHA256 | 3a6d14f833f7da8ddf3139d42e41b2b83d1ea0d4570db39d9c10dd98e33da800 |
| SHA512 | 72cef9e399c0652a340cb12dd239cc0dfa14a2c832fa63f76dc442308ee9f91b41ddff62fb70331895716b61fdccd332f75c0ba2003f818900e3e6f260303176 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d132016b6bd0b89da2690c24749f6ff7
| MD5 | 2e2350147bec3587e3bc14b7a1e32c2a |
| SHA1 | c275f45e728f71d24ac6d8b496865c218f972b41 |
| SHA256 | 7ddec5794d779b1ad88ffec41f00c793f21046d18c930328d662a3c2d1c27d84 |
| SHA512 | 670d3893ab1503dea9437b61b2b1488238d84d3703f94b74b5c20bb7bd26eaa0479e6d3d91319219bae1c1c357c6807101c5960ee2f29ff48475c0e6d9ac3adc |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\848d350916ab0af9758cff8167a2aea2
| MD5 | 0042d3425d57e55a4e8c899aa911012b |
| SHA1 | f260334951b11b4ace9af45974e365ecbc6cb9cf |
| SHA256 | f312918dae9b5ebf3028f14575ac8bdb78e7f152061fc59d0885ab7acb3e9581 |
| SHA512 | cbab405431b5a95ae3c9d3816b4a1c4d4a07cdc4dfcf64d0977ec80533a6029329db101ac36361114288fa18c769c85a3f238b13f63d2e1e83ef4ef64ae45521 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e526d6628fea4b1243fbb953bdf85ac9
| MD5 | 3964c0c8b23c560175f4b299e1a9605e |
| SHA1 | 6c155c8a5ece5d5d7340ee4ff0fcb730e4d2b0fe |
| SHA256 | 20dc4a3272ebc6ff5edf0494d9e6e2d06c690bb079a36bd04e074818f16a2dbf |
| SHA512 | c6f53903aa3a14f3187bcec1afba4b5b07c10ebef6dd10a710f400996f2214703d29d58abff6e7e0025ea91a78ed2f799f69c542bea006dace570464acf90d64 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0af1ae578b1c58a0e785712d31028c1e
| MD5 | 4ffc139d6996c3eba2d40053423d07fa |
| SHA1 | 6da7d02805c626596d055c20cf084aafed9b9768 |
| SHA256 | 0445b87f48bfd12bf0dae91d8dd7c20ee924212b4cc8be782c0a54193546f43c |
| SHA512 | 5af3417cdb0d099add05b22090b5aea9ba39069c4704d000aa323b859e47ea67328f616ab03b7b878ef8cce0d528ac0ff5c0f8fe305175b952e840368e0d4a81 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f469136d50a09240f313e4f48b35b40a
| MD5 | 81927a5a1612202db2ce511c62ced773 |
| SHA1 | 4414e92b078a515ca699a82cc3bc64a1e264e4bb |
| SHA256 | a8a2313bedad3d93a06ce01ca1abb579013d083e2fec866cc22342713b7b6b2e |
| SHA512 | 33918119fc071674aac79062c0e4bab978d04cc957189cffdb8c1bb1c7add1bf7d9a0ab03b08d9e997bd8734266bcbc7a312b316f8303347e2aba876022e7cad |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\571e70bdfa73e0cdaa28fdbd2ca19ddd
| MD5 | bd289aae66f24d373fe9d4388f8ba9b2 |
| SHA1 | 4d248d4f9aeffef2fdd953bffbacf81ff3ac8554 |
| SHA256 | 78561a946c48755de0fce9695d30ab82d9e5dfce2eeb0ef6a0824282bc88a0d0 |
| SHA512 | 50666175b0955dbdf933302016675f035df38deeef6b4a0e8d0cf40b6e3d2c3e4a089a5b78d75015e0048b2e7f91d81b69857004d55436437d3fa0754d1ef8a0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\be241f3cbd5449b0c30c651c4834e3da
| MD5 | 2866f1aa81a7f9c354d34be6a58aa88e |
| SHA1 | c470d8ad431f9876d7966796a503c15440a35345 |
| SHA256 | 38baca61b0de1abef8c3a97557b6e246fbf9091d1193e3732f6011508e5f0a27 |
| SHA512 | 1af43841070856ee4c509080c286285ef4850d9dd8507381a5045ed748ffdd09fc32843c0d18aaac70621a8ec88064f0a3b74036cbdfe91be207594f55b24ef3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcece68795e396ad03d6e2608d740126
| MD5 | 0ba72ed050100e6779ea0f1c713ac441 |
| SHA1 | ff585cbb4b671bd3a04f3bdb2512a896ff07883b |
| SHA256 | 0949d1f525ea9da560f02a0447eb12a33ac6db673e89754b8f3d230e24ccfd06 |
| SHA512 | 22c09e80f4af164d94ef40999572d2ce35bfb1dfacbd1762b380c9685889d515ed9aa064db4f8ab6746c8a26ea4ecffef9337014293905abb2f0cece7344b851 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c36700f9b5f405f69b210d702f6087c
| MD5 | 94b44243d9e420ff19ff04f4e434b83f |
| SHA1 | 04687ed0f779c6873da97da0f16f042b2b459b69 |
| SHA256 | f76c45b8c4831588b971b25431b7b85f529a7214f99103ed82b4c2e97d9919e8 |
| SHA512 | b7778206ef730254f469214ace61b13f7031d0c4c751b2988decee93dd5a6c8336c40974af74b0aca6d42874d54e23dfcdfc743f5d633610aab2f05e948bea6e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\09f04b99b82b262e105a232e97395311
| MD5 | e3a0c050904f457b02b36bfebb1c0b6e |
| SHA1 | a611605082957d8eb5dcb83939e1b6bd3d870bf7 |
| SHA256 | 02c51e5a41d473f8e0befe8e5fb49073f0dec0ca88ee83e0e6a3c0ba3e18d399 |
| SHA512 | f2b6b3a7c193a951feaa1d5abeaf52316773d7895284e806f7267708672f6a7baf37191a244d2c044c785fe967d416353ab83517b28932b9e521172b89e22275 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e385854d0ae9ba50e28a7a5629fa28be
| MD5 | 0c889bbbf77ec231120674d4843ee0b4 |
| SHA1 | fd29658b2fa416059cb30a6729030b6a6b125e92 |
| SHA256 | 5006fa1587ba1da5b7696daea22929c490049bc0f10661d9c79322b0a647efc6 |
| SHA512 | 504d43f9104b8c56ba12ae9533ad3554858ebfb4f5b4b8b1692ba339deed831a66f5441a1e4706015cc59f4de4729c0128fe7da2c8c3d095b2993e92eec378f6 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\73b0a5d180fa4202c3e9365c3d577fd4
| MD5 | 2c2e29b04e1f7144017730d5b5ed8b87 |
| SHA1 | 8a36310825cfb7d8ea6fd487afa46dde29147199 |
| SHA256 | 6026fca2672513a7a42dc67687850d630434b2260621f77ef5b2634486048d5a |
| SHA512 | bbd5097d544d3bea8b5e97f3262a4f7765b13d5c742c9df8fd07e6a56e7c021a41de575dc1c24749631eb1003db0b9548c634eba7d6d2701fe4035f0a5880615 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2d5ee01099db60480061c57d9831c261
| MD5 | 839f812fb19680ae8e62c2ebe0355e4d |
| SHA1 | a256751297a9f82a082bc4d5ef08d5d9d89a2c17 |
| SHA256 | b414e1186136cb1f46c6cdc69dc5b637ac5de6a390d67cf25907907c61b364a4 |
| SHA512 | f2209d8bbb8f7ce1e6b675cdd2da3a10bb450d50b4f73a596fc0639f201999f32d3c1a2418e0b92c918c0a667a5750ef122e4331361e0022b66a2fc5e489e5ed |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e665da7061b12f952145852fc21ef7ec
| MD5 | 4cfd979bf14b07dfed01ef9a3b1279a7 |
| SHA1 | 2e7aad8b8909d3117bb151bf4d34b608e3ab9c56 |
| SHA256 | 589b00b0a2fbada62af8b7daa8755ce68420a009bf6ce7a53e0865fcf262f94f |
| SHA512 | 79a25e0af653d6ecb5fd1908c3652c6fc8ad3d0cf1e00510801bb369728dcbe3c5e1e66f73d058c511320badca3c8ea82f2baaa5e0682f304235b68f622685cf |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\be58ec8ab04ff195247b1536cdfb3d44
| MD5 | d1d2f476fd075d55fa0e77b3c507cb0d |
| SHA1 | 5976cdae821737161f6debcba500a2842f988f8c |
| SHA256 | 650bcfb9e1c7855d2b72865695c2f4d4212ccedb53584f089c26e2087cc65d41 |
| SHA512 | 958c07812ae7e89143874ce4effb112eed3bec3436fc0b71ee70de38298130d08d89f6bce42d2b0696839f67be260791d121e81f46a4935f3985e241aec7b0df |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f9cfb35c8f272d46d504f99d9c00054a
| MD5 | 5a67e8e85c0ad7280e9f1ca86f138b77 |
| SHA1 | b9fc6b3311df7710e1251114946b93a72dd5d5d0 |
| SHA256 | 09e7111ea12f1236be9b1da699f8c93eb68127d0a98f2ceebfc5c2d7b25f0ed2 |
| SHA512 | ac5e400ce21e5e2503a11642cf401ab5ad4e625a01ac87f1711a02a415fc924556d0d3e50386d17e29ec20bb99b5d3a2d0496dc2ac1fc1381b29774b826cd9ad |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\697aeac1e8e025f05cf4b76086fb70df
| MD5 | 749deb1ff197b5082e2b07aa55a33d31 |
| SHA1 | 08b4d7441ffa13b8dc3610d74a56d8eb11d8acb0 |
| SHA256 | e593f31edc529b51f9b253994d8aa93d8ab0bc8faf433e737b0a09e80cf2784a |
| SHA512 | eff256220d72675ba4b23344191b963f7acdce9743af8be81020e2a74662d2f3f1b2735e686806b73198463c550b2d18921840271d515dca0b2d4ce226954d0d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\90d821a0b7efe2541659a0ff6b31b88b
| MD5 | 6f0ea4b31f2f55764db79b43833bf83d |
| SHA1 | 2522c29622377d611419babb3eba2e8cb13fe0e6 |
| SHA256 | 08f380d19a3cf8307b098cdb5e9992ed1d29e5d15226340758a1af3cb4300c64 |
| SHA512 | 6a5437574ce2db6feac98928a22c7002ce526501335ac00444190febe302dcab5f18ba33a5ae00bcd83f469b5f1cd356474c8cfd31d9992d186fdd0846db5641 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d27efcc314894472628caf798daafe01
| MD5 | bdec8723e953241ac3edc46458a6ed7e |
| SHA1 | 783605b1587b096807a81e32c488be272e0ad581 |
| SHA256 | c31b000a001faa6e08026a24043899ee4941371ce464146a9c78befc2a796e4d |
| SHA512 | 221cf258c9c88c857e34fda1da4290c67c3a34459f86b828ab968f5e57b2be53eb4f7aaced83151576fb843a7f1166c267de0efb116740ab2ac2b37ca0cd4d93 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf8e7398be5b1007fef514afffffa6c
| MD5 | 864c04942289c1dee2c1aa18ea77f1c0 |
| SHA1 | 1be7f1b6c2f1472adb9b34fb6f7a51d3d1ba161d |
| SHA256 | 9855931b8e0500c6753d77200447963d1981fa7f7b4fb34067bfedbdec0db442 |
| SHA512 | 6f3934ea3ca2317756e45bcf065abae6cf34ab7c24e1847023ecee8e404294420f5cc978af2afcea986bf160eda88c020fa1b799f5ad75a5e3991e7268192dbe |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6443205f8638cd85aaa1caed016b8ac4
| MD5 | 20db412bf509b564fa765bbc0b917fbd |
| SHA1 | 938513617f173454649543b7c014ecc762ba5b5a |
| SHA256 | 8b7281d0d0576ed2b73ab842080238d7e006e1524ed48f423f61a86cecf3ad40 |
| SHA512 | f6c54fb0478c2df40776125a920621a1789d02239a78cdd3de8eb83a27a00464b2aaf8714776897a4b3ae5488da664befa604ec836fe12010a046d48eaa519a1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d4f8d4ffe8696350702fd146346140ac
| MD5 | 084a09f4a178b2533a56610f28f252d4 |
| SHA1 | 70c343a804ea4674a214d5ca8e24bce33cf662f5 |
| SHA256 | 91b1a39172d8f6f0c98a2a3aaf8c137b29dcc4ed4c1bb4a3bd449dc16fb45e97 |
| SHA512 | fd8205ea2edc70743247666bf8ff414ef6038f6ec03bfc7590dc037024ca66eface1f3cc559511919058754a5dfc2224ca04368ed31df8aa942a7d9022b93e5f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c9d72083ee0b41e11170f5a9845c3060
| MD5 | 92e9669fc7c748554c057eccb11a97e0 |
| SHA1 | d3fd8c1e136a2ebed238d95bfbfbf3ce61a385b7 |
| SHA256 | b29195912662d71be85e0db741dec5ef005d744d3aa0913dad8ad1e51c3aeff2 |
| SHA512 | cdc3a1b4c596fd3c9621e53887a9d503205a0d5f8663e1ee3366129ddbfa83f2b15bedef155eda2949f24d1df615ead664114310e3d3dd03f9fb2d95df2e29b2 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5105c207d9317b50c40470887ccfd3aa
| MD5 | 481555658adb9b672941de82171b343c |
| SHA1 | 7937e7bac46ac99e1897c00285fd23059828dc12 |
| SHA256 | 5069797f8a4b926fcc5bcdb668c1f67ece5d5e8f05d6f19a260c55c9a67f289b |
| SHA512 | aa9aae6ac82a3e320ce9c1b83883263d547a82369d8f31d3db0ce6d6bc5cd07ef96157ebf234d6e31b40b32e276c233f7c2c0856394a70d183bd64e03720737d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8aad44a486e1e94cb992a6a0e230f735
| MD5 | 451b527070f0cfb1431ff5052642059b |
| SHA1 | 6021d49e6b87b9ae8fa64c3cfd0180d625c7d761 |
| SHA256 | b9391062d160f5bd861cf7e5ecda919954e84a87eeb3b000bf9b93c068057c9c |
| SHA512 | 3ec22e77061670685a576d96cc3897473d11c45c24e581688da54d8700b186d3583ffc23cc2c3395fd93af36afc45083058a2bad9cffb1362be8bf4edb20cef5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\aa3db4232d83f97f5e078c526e25a6e2
| MD5 | 3e1ba08877dd32fe4178a730b0ea5e19 |
| SHA1 | c020afb22c7cde0c77a9d1d6be18ac8f1e62973a |
| SHA256 | 1a6447007e90d27fc71fa7bedef2219bda30eebc33447c2929e4488315e19641 |
| SHA512 | bad57ec1a48f686fbc5842a291c95f01db413600828b198b55615857bb1e50e4b3b6031d5896c8d7b9d6753c290c0253ddb83482f89c7fc348b8b80194a07286 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\77fad0fb4662c6b81630ee443153aceb
| MD5 | 183fe999017d5e5654364c0d8fd895b8 |
| SHA1 | 64cbdd4bfac3c60803acfb2871a9fc8da27d318c |
| SHA256 | 3622ef17da158e25761124720a642153fb6eee615b54da286e731ca2920216ed |
| SHA512 | d5026e42d343185e14360a292c6d13131dbdf081ba44960598e12652d99d999b4f5c70c5c02335596d18302b1cf64128a8bd06273237a48e2cc4eb0267d12307 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\251c7269a8dc64cf406e8c2d5f5cc688
| MD5 | 7e7342c1c2e3602906a1fd64acde7735 |
| SHA1 | 357de58a6c39a0fe4d7e4c13c16d8c1d25f9e649 |
| SHA256 | 24a5a23ded1de17bc3170afbe5eb7debbb47f0ed7b2a4b5303bc899e927a99e9 |
| SHA512 | c6313b65687a5ce03772ff6f1edf761aa91f07a29f8b61db7edebf1beb5c548fbc53aba721ede32d4c4bbdd31361dc724c676d41c06278904291579d25d93202 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2da892c80dea8811c616fe5e0e6c010e
| MD5 | 0dbe0b49a06c4093d004ec7d44303fd5 |
| SHA1 | 2bac861a6075854f8dc8db470558936c36201aee |
| SHA256 | b136004ec10d66b813386e21fc6c5f86d37071e01e8a82437676902eb3e63e8a |
| SHA512 | 1d306115aa97102b5d68552b591f5faeade373ff3a718d9f39dbeade32892e47fd921cd78e5dd71e91072476e5ad933ff9659ee5ea1d07133b55745f00c22828 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\993f844b48dbb84a0eece0b1d1aad326
| MD5 | c05764b76e6db0114c1d6200b56a3588 |
| SHA1 | 5f96252b5a83e5c0810e4ba604dfc433ee449639 |
| SHA256 | 427939d6cefb89facb6e71e082e42ed184f0883db715e0bd8ca832a316150430 |
| SHA512 | 4c6c06afb99e99d6a7466ba40146b7fd02f83de16e5c89acbe64179860547f42dad0562b2a281706cfc6acdc5558e8fba5647874ff15d2778f3f6d8c1cd983a7 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\83eeeca932186715a9107df83747a179
| MD5 | e7ee77fadd485e9a35a1bfb4be99691c |
| SHA1 | bf1aacc9fe769fd1dd111a1009473db1dcac7399 |
| SHA256 | d98e995f0160e551443de0eba015bf29192aea408469c2fc2d9c93a5c1c82cd9 |
| SHA512 | 3ae849a12cabc409e435da98308db2ec0b86f8fa8624a23632ab0ea836a0aed001853eef600bb99f67f8f907dbb641c9c6bc37bbf959dd12c1bf2ad9c8147460 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\74f7241d43fd3efbef367cddf2de0712
| MD5 | 1e996f012273818bd88129d26108d8f9 |
| SHA1 | c193db2eca6d190e929375e617f45790cae442bb |
| SHA256 | c7c8ee23804c70ae96b1399c2f6730543f10f7678f5e3ee36fcbce97245aa8c8 |
| SHA512 | 40ea7f36824cb96dace8ff41b1e92a03e0f7e61cac33a3a81c81cba12714812504554eaa0f4344d30061ce1d89f231ab21cab164a008e1f68d18ccfcf5525173 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\28c39719e7218d9c2d686d4daccb1b72
| MD5 | 25a0b3d9ce5e6e1cc4cc7f4cdb328273 |
| SHA1 | 4d2dddbe9502a5373e6ea99771bb1de6e828b95e |
| SHA256 | 013275e837c61c631932167d47d5d9b838ba8b9863915d39f06d8ba4914df147 |
| SHA512 | 20df5153edab7085594382f80b5d7c6afa5f2a84741efb46961e36331c94369a7c7302c9799676e18aab171cf398dae8f314395c22238de6f8450726c4c992c7 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\584bbf8c27b2f156742be22b280cc8d6
| MD5 | 7c0764a501b7f8f1eab14fa7f9337a4f |
| SHA1 | 2e17a9b6d5bd740c4dc91af9311e4a6e77bd55ce |
| SHA256 | dc0524c0d7f9f637466570c86adad7021f9316e42e69745bf8d27081a98f09d2 |
| SHA512 | dba17c07bc4310c556ef62f157dfd3a0ea1a617ffbbc4324f9a046bf47be9a2bd500921bf02bb79d9ac2df1aeca3745ee1cbd7f33bbdb80fe67e1adaa0bd82bc |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b39250833fce2d9f0655b124db089d4e
| MD5 | 639a9c5f588be3e48a6bf5601215f027 |
| SHA1 | 1ab7c1d3d5df21a05324853fb235b848945c351f |
| SHA256 | 4fd48841bac69eaaeaa9c936347395f5eab6fd4f5549d65cf6fc541884a4b2d7 |
| SHA512 | c3aced88385dbd9b10841f72c422b17cabeca80ad11af01222f8901b950be3b42467851d5ef61fa3a1d92f7977724926f765b8bc594655e93e116d04223497dc |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c677a51b0924e108a9b1485dbdf883da
| MD5 | e1e4307ebd3e7f8280c75be0ccd3b5bd |
| SHA1 | 3f2a56ac3ee57082ebcf4a1ca21001821286e77e |
| SHA256 | 10dcbda8315ffe2e7215b8d61dbd26b0553b438fe94b1bdf005758b1b96d9f94 |
| SHA512 | 7f3ef600e2ecca826fc163d9092bfc10fcca9a9e6206ef29fe5d61902e3e9625bb2bcc07a58ab480ad19354bd0a1c56dd9f13c4e62aed22d87da146252144ef4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\4130cf898fa8b448f1568bfb61305e94
| MD5 | 86df60a0980b57864a2e2d68f857e0d8 |
| SHA1 | 60c24af81c8406f05ee1721b374ab8a466d878a2 |
| SHA256 | ccdedffa29231d609157ccf22019e03a721e9ca248eabf12be511b76f795c247 |
| SHA512 | c025bcd3d21ec036712ad8e40afa7da973db770bf5b9b019c73ca8b99202c8e37999e6daaeab3f1c2190f84434a5e4657a8593e8a59066e0feaf38fcd8bc41e1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\477a618fe08d138e560e0c8eab9f3583
| MD5 | 4f9c826223fb8d7fb603bac0b294a706 |
| SHA1 | 44a185bf8edbfee521dc92ae012e6ed18cfae3a0 |
| SHA256 | e12f126277c8b35c48dc15cb2f37850ff5ab0816e5982eaeceb571c99bd17502 |
| SHA512 | ecf987dc0d416a7fb1779289a0bd9ba55625abff41491ec3731fd77950e91d5b454b17573be388766b20fc630ee3f125d37feda44e068d2ed0cd2a87be021fda |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ecc495a0b2b0470e25d688a9077fd977
| MD5 | 741a45f09ceaf9cba7f0ee5b8aac236a |
| SHA1 | aa6b59bba687981191db42af8a8b17dc0fc9150a |
| SHA256 | 92ee9b175404bf4aa4e346ebe4948ae5c0ee7edf5693778a5e6a4a1bed508eac |
| SHA512 | 97cb36fc2281753eb7a42f762c8ad5cdef7c14665214a71f33518f88cff24ec5e91267f834a6ea5ab0206457c7e9c730dcfb4f7a2ec527e3ce48877e2f34be6d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\388a60aa5e51ff44455d359825078031
| MD5 | eb62ee1626b44f54b2c444a487ef84fa |
| SHA1 | d3d918dae048e4ee9c9626608693d69c4c4ae55c |
| SHA256 | bf2f079ca21684f382d094af52836d83862c93800e8e054c2f6bc0838c442d86 |
| SHA512 | 68022f2ac538c51acc24065480cd23670efff68d56a4b5dec2c28316726ab82c81b48fbfe76c44f32dc32b0af75fe3e203aeb40610f34e2e5d75bc684f712381 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\afa231f024ffddec5f9d2963d20c450b
| MD5 | 64c05df26d12845b64880218a48e1b3f |
| SHA1 | 6ae26e09d6c23ea9ba5ad92d3d40790948b36141 |
| SHA256 | e41beb094c8bcc0d8825e031ec9ca5b13e45b94f3c93601c31c10955cfdd8da8 |
| SHA512 | d6925cf4d6eeb5275a7c008723410edfe1dd24b9097656e8573f749864f8fc7c61dac61b05230de13a7b9b7b866528c04adca85ad83e8e2831c43b46a70d4c27 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc70073e6562a1a0cb99b092be4629f8
| MD5 | acc9db15cdf0932e73bfd20b9857b80e |
| SHA1 | cb6455b641cdaa693de88e9b0d1f422744faa35e |
| SHA256 | f0e15f7608b3829d33eb8e057f31f21e931d9d2ab4814891b11ecf47494c141c |
| SHA512 | 7ca5152691d595acc0f0398e26f82c4cf491bea98f2c81e7a972af8fe763ef5926a716ea44112c2fa257ba0109b8848f8611f071b88902901bdee1d32a315913 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e5ba3b6fc7c95f933bacb9db38c93e80
| MD5 | 0de2eda8831ddddda130102597e758bc |
| SHA1 | 0fa49f0691a4ae61e422a22b07fd4e5def0ae5b2 |
| SHA256 | 2d60885d3492996ffe223ec6dfddb240eba00a9e03ac0506d3489edc4822e1ee |
| SHA512 | f466e1ea3867fae7618b76a2895cccabb0f646f54bf8c4cb6cf6a5c2eaf4b8e31eb4f8b42971ee53c929241d9f40af6a684647cc09395cfd709774503f274b75 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8ead55fcc97d21deacf012df5c33fdff
| MD5 | 16e22cfdc829405af27279c364ba2f8e |
| SHA1 | 0c75b97959d7df1586db85cd1166f99c65603c68 |
| SHA256 | aa2f6c8bba8aec6b84f7ef8a7d8c30022097b784236806e63da1f0417124a3d7 |
| SHA512 | d1f6695e255f5b7ad498ce177a16591757d5570a4ea45d396f3fa159f5658bddcb7d524c102efdd982fd9ccfa557d984280c27e57484b8f61be512ce994d7964 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c288ffb1fe759d2618c218fa0d2bee8
| MD5 | c914fc7a80c8ebee4ddd7216cb8e63e3 |
| SHA1 | 2e4bbbe23167be5f26e5f3e9f1e1b2409b38e7ef |
| SHA256 | c718cff1df66ac36549451bc6de0535c3f2f9e74b4fcdcea38af9eeecc42a674 |
| SHA512 | 7564812cd051e0970b3d06aa1bb839c8fae5d1e95e23615eea42d2f12b6284d06f2936cedd947e9d4d33c4656fec00494121d58cd38ddaf1ce2ad8be8685d0fd |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6d1b0fd2905f7655bf0108dd4e655991
| MD5 | efe7165d72ce56eef26da49dbefa586c |
| SHA1 | b2441c50e501f7121277d205876ec6a5811c4e67 |
| SHA256 | 4e12e3ed0da10924a1dbc49e464b0b07c017970c839f1c1cb4ecf5a8019d3ae5 |
| SHA512 | 195b3d7954627b571226a4d5293b19dd0b7b565d4b295b494361ed81f3d9e1c193533dd0e53b2ededa326278294694286669095147d769c5de343aa611ab0238 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f1c2eede7a115f0fd9ddcfae03372516
| MD5 | 08ba91e62331009631f755289dcf7324 |
| SHA1 | 03786d766cac0b39437b98cb61e65c25d16325bd |
| SHA256 | c50ad1d35d0b3e81ef6780da13361923d7525a39db5c9cbc6c5344a0bf5e1380 |
| SHA512 | 3fe207322d4249f92893d0eb7a93f455374849ca583dd0fd00c79790ab7bc7f0699fe16de332b767689e0a104fb272992ddc37e002b6962cdb6c66a63618e3d5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\252921e7f19d826cf6778747e86132fd
| MD5 | e06fafb3ee051c215c7118dcb4a75354 |
| SHA1 | c72b3e0f2bb1139344053256bcc3ac48f590174c |
| SHA256 | ea771a4652058a4110a95a6fa24c847e7a50cdfdd711f57e02f9c7caedda7908 |
| SHA512 | 83008fcb8a91bb42f76568773c98e5dcf6658b0d7972d595eb7059b5a598faf80fcc8492351e9e98a6d3a9ddfc17fca742f07ffe4af644d99c087062ed7b14b0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc86756c9d8f409a887054cf26a854b3
| MD5 | 70461ebd3bf0f7a0beafcba1d52417ab |
| SHA1 | 53dd7894e76f0fe7c02f378d7c67107ed4a03d45 |
| SHA256 | e3ef21dd9efd05fd1260691d6dd47f76155bd0b5ef1ccb62ef1e588dca161fd7 |
| SHA512 | ccc18b368873c76fb25c97009bfd17e4456d488b16da511e61fe1dee031cce48bb25d507d7fb1237345bdc2191085bd384ce45ca98a5864d10b65b28650e553e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\23f316746f014ce443f0b0adb0d9d90d
| MD5 | 4843f2fc4404a016a8a7b7f5c352f877 |
| SHA1 | 1446153b0498dd65dbb53b417d5ce5db49f0dec5 |
| SHA256 | 46ec4647b950351b091ab0bb34d1964bf24b0eb58760175def7a4a1d7a4e09b2 |
| SHA512 | 8d5198bd48be46a6aec5cb5d9eb6e75828f88742f12102a1f5091f9c8b51167fd6db13981fb875b032795b9407fa64cf3aa54224a64008262084dbfd3d98dc27 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\98c582bbf5493f077bd8f59567067f24
| MD5 | ed3f4356a5aa9295ec58f77ab387582f |
| SHA1 | 99f94109e03097ddf835c06292ecb6142c93fdea |
| SHA256 | 60e6db5121cddd5bc13b1019c85b5d962599e2548c347ee3c7d944cb20ff01b7 |
| SHA512 | cc7869759564fe9d5e1580be978727c4b0da340c052db74f677bf7cc24d93da0b837d01ae0199c6404e02b49d08fe47a2fec7165cfad841f1b6fbb1d7e8d7fc4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd52b35df5f543d23b7f35ae9e845be
| MD5 | 2de5aeee01688c41f23b2ddc07c0b442 |
| SHA1 | 68bd21cd4284ff390c1f4f5f4b61c9ff3b8f2268 |
| SHA256 | 3ceb6af768ce708d114195ea3521c71370ee69172d4d0cdaeb1efff406571d73 |
| SHA512 | ce845ebebe20efbfb1a0565e69cea69e3a4f3e71289ec68379565052a2e8a3e5ac873b52e74ea26f2afae7ff64c789c348b4b9d4426ac0c0d6547d9f12290090 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e4317e6c6a87bdf6f00c6c80866345fc
| MD5 | fa00f598036aff7c2e4728ff840efdd6 |
| SHA1 | 7873ee7205e2817fc8fdcb3afdc275aab494ea91 |
| SHA256 | 18fecafdfbf34c5b261f4acbd607c439e35177802c8002a0d88221258108abb8 |
| SHA512 | f72faa02c263ed200f7a296ed86ef5da614911c1cd212aedd12923ba551aabc44b33cbced8dac80aae67dc09988d53ee191755afe3d51383ce885750bb00a944 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f40c00885cbd0588eebf8bd59a345579
| MD5 | 9c0241f7306bbf3cd085509dd7840c99 |
| SHA1 | 21c2a9c916d0e537c5662db2acb565615ef79962 |
| SHA256 | e2afaf1d969e104e2ffc22494e2f7e2ec4a0bda49b9de0dcb3bbaa3da9bc8655 |
| SHA512 | afdf2c9a29559645e08604b15f023475e8610f41f650f3527a4c2199fc4bda9c291bb24e2f337e00cfac6a5347fae125d8055f0af6eaca38b92ec408343cb9b0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ca8206460663e9e944ccfb414623b40
| MD5 | 816be237e27ddb79f9fe0c46efa0119c |
| SHA1 | fe0af06e1155ba784ed6ce8b97849eb3fffb5f9c |
| SHA256 | ec6063b82a1adc4187ee0e01f413d4b5ed10277605f741295658acd3f0ceabcc |
| SHA512 | 5ca3c5bca3f5559a500de1262c133a972e776dba7192e6cade152245c0e1118fac41c48a79dd0f15c78ef177294867f041bccd3eece6a388eadcc32da8efaf00 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\852240b4203e72d7bfa66fcea2e589eb
| MD5 | 547ffe689cd0af21ec616bd935f78b14 |
| SHA1 | 36e70f429bea53fc2c8dd76eaad82f7bf9f3742c |
| SHA256 | abf9ebe04321f9b8926304bc16041965dd79405783b7d3ea56d5fc802863bd9c |
| SHA512 | 3683baf37d3da8ac536ae4d2d852acfb49039b3c9d4ab42d972c23e2df6dbfd178a552ef023f48c43c6887161313d516914d26b7cca0c022e2741875d62e38d2 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\16f7441682caf62a1789b9d3e75ec170
| MD5 | cb94125a0b01b9335f3c3c9a9c6cd60f |
| SHA1 | 85ae6cca4c661270b389c00299bf7f5d81fc3943 |
| SHA256 | afd92a2c0ea64515200f7dd1c6237f18b6d1bd2065296939697d34a3d4e1b0d4 |
| SHA512 | 649155baa2d26fc6afd0496d11f37d9dcb588726806eec89be58faa54fcf3b90d1becf114c4e2f3964c98e93399b87bf5bb87709a7bd9a3540c7ddb56e2da555 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0407c8d6df198f6864381d3e595ae971
| MD5 | 703dee4351832fd18ef5b85c6e1bf992 |
| SHA1 | bdea9dbbdae401cd68814d9815a17bab6f3870c2 |
| SHA256 | 8fb57fee0d1c996a828a3147fdd9a38e8d1624163dad101e4bc1d44894bc3d68 |
| SHA512 | d43b5dc41be38f5fbe30a51c1abcbbc5c606c9d911dd164b5106fe2bcf0310ae8b641299c5491bbd5ba66433d87ebd17dc8a487d88d56d0ee8e81309533ef0b7 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\06bf3774b39be975c53ba2193da7f90d
| MD5 | 29abb94b78b9a73db28b7ba825833346 |
| SHA1 | fd6da6bc273d4a44067d8c2b625980ab8cc52aca |
| SHA256 | d929c9d2ba98883044b81894da3e921de179d5915e1f92ca9d4df9cc89f1424f |
| SHA512 | d5069ac2996929a5d1622f65ab450bd152130978b049f672b1a9f28cadcf724e317024bd95a11109e0ae488834ab184f5e4b10f6a21ba3329cf056a0b7139613 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1489d1b06ae2d917aae075e6fa9b8f7
| MD5 | 5420558b929446bbd89f3d35e72b5836 |
| SHA1 | da46e5c797831b47c4d62fb9321c420c6b0ba50c |
| SHA256 | 12d1d581ac394291754c5b042baec0904c2f3b3be6a17e0a8761b32b6e53d507 |
| SHA512 | e125c8d668b2c73d583c528f6d35bf8a1c9558c594cb3aee98e25eda051f621a6924626d845f200442da65034dd77aa4a51dd1668c07b26611909f76cf9174b4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8550d05ebb82e2c3691bc35b7c166899
| MD5 | f3e7b2683bee3c3628f500d157a7184c |
| SHA1 | 17aa34cf9e45a2a10cc370ef0047d6ec844053dd |
| SHA256 | 66d177f97d367d8181feedc6db9f92f71dbabf58cef1355439559005be6a24ac |
| SHA512 | 48994f038f0cca5a1ad783d05490ccc209ac4ff2a9fc3b508d5225348d2202f9760ac6c0334d12f74ab8227eab5a412370459ab328f44177729f8fb6b8911088 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1cb6044427da36923148711b8796b750
| MD5 | ccdd89dadb2a17edd97a48f05de218ab |
| SHA1 | c8829afdfda3e414304f09f588a9e00cd43de4d0 |
| SHA256 | 8ebad66a66dec464ea8f6a70c240e6fac36d2155ef5460b2f1cc80451e9949ec |
| SHA512 | 79976e6623479c42c3b9babb2bbec208a8f13b580dc19419df33639e3922ab973e740fcf33c94841e833ef3ca8209b5b149d2ba5c064f08e3b6a526a651432f9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c536340229d1bb052a390124806163e
| MD5 | 8dda220de3bfd073f993acca9cce3f19 |
| SHA1 | c78e343e500f592bfc59de89dcf8548cd6fa1f71 |
| SHA256 | 21710259e1dbf800de1bd2dd8e19f33cf70dcf6ad306f7738a23300e40d385e3 |
| SHA512 | d21115712737f5d51c7fc887a14bb7b9dda4b9db295ecf429623a20eee02b2868956e6d66907997f100395625c42464218c36e750224e02fe0245c0292fc9e1c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ec9a7853aa53bb67f2099830ce97922a
| MD5 | 0ab1d8c6659dc5952cb81416c8d9a85a |
| SHA1 | 16d889c645dd70901f87cc86f6db8a632b8518a0 |
| SHA256 | 1ebc2f03253024917e0b562d101603c2f9e04aa70a05accc5e63eed9976ea0b4 |
| SHA512 | 657a549264297c42e4783cdfc76baff2dab9b5b9c1f991b3aa8b16f2b8f87ccdb0c1a56edc23713ea7f34ffcc4cfc95b7fbba8d5fa06ea443610f06a00433f36 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\38b0d496d6e95d4a4e1f049ecb71b4d1
| MD5 | 60dc54bc02627b188fbc37f3c81899b3 |
| SHA1 | 7065242d6e88ff9ed0e0cb891a9a6f6db2be5334 |
| SHA256 | 35fd7f2804d4edd74c14cb7bb1534edc993ab7ce9e2d64be997b12ffa8ee5b16 |
| SHA512 | 2b43c5d1f2ee4621055d94f3e04cbfed24371eea9a7c719f8392a993464e7d05635f59bf230e294c60de5656f421f4661bd5b1b8f286c4c15e79bf9c57d686c5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\05e6fbe7faeaf27e476e2247265bd7e2
| MD5 | 774331951556eabf4930f06518bfe5f8 |
| SHA1 | 79a7b332357aa2b18cf400033bfeeb5db7614627 |
| SHA256 | c4239a4d05bd3e427245f920cd4eba313e0af75c819f89553c7b6758da9b4d57 |
| SHA512 | bf67dd1c1d57779578524ee404de1648d9a4d8ed7f524fd49643ec49c3165b9321d64bda2216cfb8617c32cb500eacc2966263dc03841af51ee37facb2b1724e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX2CACA95700A149B989B752A5D8696EB7
| MD5 | 643d56f3cc2d206fc1eeafd601a0e287 |
| SHA1 | 0e55be4bc02d884a40a586b44d5728f9e8fefa6e |
| SHA256 | 637c7f57eea4b46821e968a691bc2181ac0ed00252691845fefd947a4c594f66 |
| SHA512 | 10cb34ff5d98467c3de396ef4993a11c7db2545329ea473eb3ffe387f2663cfda6d21d31299f87aa3f298d2bfdb88d705b9236e9f71c48c22970713c2c3f75e6 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\92ca8d0a36e9ce06a1c3537675677ffb
| MD5 | ae7d26697baf4e3c0a4f7e4fd800f89b |
| SHA1 | 4f2472e39c964861701d80139cdc33bb967b2c34 |
| SHA256 | 58c1370bf264ecee15638ab670a0af85f8bc3b974670875c757751fd116f4833 |
| SHA512 | e93451a30c74751ebd6996efb038016e28370de37bfbfe2fafd1f3c3817f2e720bc3b7d96e1c0e346f08e3c581d13f77a535c30c07a487f2c4a13b4da9970a0f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7df53404f56c9f1787b277ba9d17049b
| MD5 | ecaba5cf9469daab7c05847af2da45d7 |
| SHA1 | 78d9c8d289db9815482249769dea663f4999cac2 |
| SHA256 | 23946e247fe3bb06503a06be2b8e154d724a8c2e86fa4f441fc09ba1e5781121 |
| SHA512 | 4204260b2efe3b4c95584394b30ad7957b154229828f0ac90a04e5167c7eb78f254777fad0d4fce9c5675fccc390dfccae2ecbd8d17e0e73bb0a6933605df7d1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1f571bce12b3689efa5586c78436d68a
| MD5 | aa1cb968768ba580f7e7d559906a49de |
| SHA1 | 1a6a0906ac3c68f859790103094a617e0439d77b |
| SHA256 | b9e49fcb7d0be8aac8bf1d990f2277363077dbd34af7f5109a14bea85b9fd35b |
| SHA512 | a72d7246405dea401b6e97963ea624772f65a7b20eacf2c358fdb73d7e5c2afac79b5cd39cd548ea8c43f14b5f03cc38deee8a495e9c7a1f264c1ca7de4f2411 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6e62dea9b6f892b37a40251f84c9e0e3
| MD5 | f48177bf38c02c3a2cb322b77d627f23 |
| SHA1 | e207f206d2f707e7feddc32c02883bb71015d23d |
| SHA256 | 4a8a4eb5baa01e72889b67caa16b69a4c2e8a07aa12f84ade87376f344b2fbd9 |
| SHA512 | bb3c4ba048199ddd3cf5d554a90c279d7b868871f1a0eea4ce27c641556fb3e483cf839e3f9a27a092021783a25d604c952fb1ea34528d722db9930fe48e38a8 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\234369d070cc483f7122fd415837b73a
| MD5 | 51d45f80859fca2ea5720897d7f1612a |
| SHA1 | 2a7d736969502784b96328f4fd1fc7697a099273 |
| SHA256 | 5bf07b195c3902c69653ca0294f2bdbf9124df501af426b14d6bcdbb87d70745 |
| SHA512 | 059455bc829431130377e4c8cee87ed3652b712eb46afa6f666d9e4aff7401b59068da840b91f4914d0752880cb2ed8c64a90e79e37f45b4b90996e44f2932b5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b597c88ce139f36dee5c4afd7d80a2c1
| MD5 | f195c3e8ddb6711a2feaad4aec69b8b0 |
| SHA1 | 20b1011f280842fe6aaa58117a05f57cc17b6c69 |
| SHA256 | 9c263d2a5db10ebc2d543bbd0c125bcc5da6c2245ed133fe0abb1b308f343a71 |
| SHA512 | 52ed2e19a2b991880336b6b1694016f4c8e5a5e92a9dc989ab317f7f743f38dddaeba8fb5764826bfd9aa145028a1b3f9fa34a02f39c1e5162aef7ad282b0632 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5a479665357e877c36a8bc4ebab8ac84
| MD5 | f5366499a754da1e3317be61d63cc243 |
| SHA1 | 8689a3cc6a2e1af5dbd2b6c23b488283362bab0a |
| SHA256 | 14873e016597bf69824fb29a219f6d81befb11b19fe2e505544115b33f030e6e |
| SHA512 | 6920f31ed14ef4621559e67c75a69ecdb7832aac639c40febd98dcf9b7c02402510e983b84cd309bdcd7b0438b394cd6b1d11bd4c32c58488d24a5d38db930c5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6105c4318cc0c25a63a6c9b8db84bc28
| MD5 | 6badf7314b5d440a6ec8dea899d7872e |
| SHA1 | 003170f75f86922af2aa5bc4b2c3c41f5f14106d |
| SHA256 | c13071122b4ff111c8ee877e0d8bde8f34ab3569df48fa81f6f4f1b0b0ba855a |
| SHA512 | 5fd8098470eb97e06e62f6d8753d3dbef34d8db6b3ff463cdc964e61e765ab844168170a64c837fa5d60c029a79ac0fe7cc661b9bae07acbaa2400120037aa13 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7deb7c677f433c0b6c649020e88fe58a
| MD5 | d76037dbae4ae81158187aeced5816b1 |
| SHA1 | 7858adc6bdb9f9b03fcb28746d7a0d08c297d058 |
| SHA256 | 8113ac3b2c1f9a16f7c5a9be473b64abfa8c9689afcbcc30750aeb3077e3e27b |
| SHA512 | e9e1b515c621e760968098b8e0a16e00cf1fc17b74065efd2f8793add04d5e506205df5d65be1db885fb958b9c5879ca728528963b4048bfe073d4249c0dc6eb |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed
| MD5 | 808cb55c51b6fc55fa6cdb17892dc876 |
| SHA1 | 4487b86a3a42ff05e109800b1827c100390245c0 |
| SHA256 | eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d |
| SHA512 | 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a116d80baa851750ec02ad98f6a28052
| MD5 | db41d22b9f9f4a43ff8916ff8d513da0 |
| SHA1 | 00dee570785465bff97ec8a96ebfad3d21f1d248 |
| SHA256 | 31e6f7d03515207ae87b2f9e9594fc94db77038fcc28ee3990689c6590b7547c |
| SHA512 | df4e09d0f24ec1cf13ffa1a062f9d28a5d36d99b606f27f7ab757f82e4202e51ff4e033b6554b763e6f97c73bbe77b9d133b4b842469b96056654cc2f202124c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b00de5dcbb5ba1d0d58ba82e9c2f97bc
| MD5 | 9a3aa49a6c57739a171e507a3b0a90ff |
| SHA1 | f3c154299bec91f215954c1df2b03f68fa08efa3 |
| SHA256 | 6d61517c2a006e117a5d5032dc1be0f993f275b6d0c8a0fbef25bda8cfc12691 |
| SHA512 | 0a02917b5eefba73d3420852a5c66719bae97bc3c8f9adfb2dcad89dee9caf5852f660a3e787d84e9b86e3793ae0605b2db10c0a1463e0f09a733b614d2f4c1c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\68119f28ce3eca78171a6a8c8822e1bd
| MD5 | 35e84ac53c5b6ac5714c5589d7d79153 |
| SHA1 | cedd01f0263fc9e5718b8e77b3467c14a35a1b53 |
| SHA256 | 47da60997e22feaa88bff58bd2db6320534331990a14e2b64b6d665df77b931c |
| SHA512 | 7cbdf8f0eaee0c4e00e3813d1e558cc5aa305d6e9861255d721bfb655cddbf08c70fe61f686e79154f1c36e7a4b5c29f2ecf2776fee9eb0b7ac1da8c87e75dff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 16b5acc8860f1de9a3da96b4ebd61ebf |
| SHA1 | d67472faaa951a66c57485accaffc0ef558b8de3 |
| SHA256 | f6a0966a8e64a61f62718ce12585b2cc44e5e019ddca40bcac434af8b17f22e3 |
| SHA512 | 05647c934d91995f3889718a7f3904d188eac93d8efcd54fd996900d43f9a4601248a351ccfde49fcbc4dfffc30faf8058a4ad7cd51c9635a4f251261c4b43fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b6843820-6ec8-4abd-b2b9-07dbaae978a9.tmp
| MD5 | bc285590ebd7f52ef089c455fc143be0 |
| SHA1 | 509f3ecc6785d6a18785c621778cce9332f282c8 |
| SHA256 | b3fa7d2cb47d73cb3943a034ba38fd5bd897fa305e708f9a93274d76b8a22398 |
| SHA512 | 4a21e102e0e252913f3743ab6bf78b06a36eb1ce9ba52581ee2fb00e20459a84d564aa16771cef710aee259af4dc6980c4e6976fc69256502b6d371c6315421f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eb17895116d0d0f579b2ce02e8e07569 |
| SHA1 | 025eeeabee89fea030859d2eec2cc726291c3a28 |
| SHA256 | d0df918d3e4202dad3deac3ca202a72aa3de066f57a2816edd24d759e8a224c3 |
| SHA512 | 53f40a1099684a4e5cc2e149dca32610ae6dbe3cc567d508f90272490b8991c7c2232d0b6ae7630b7274574395e3b05c179a5ab629a72dca7c16dd43569aebf8 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 31a96e5887399089523a54e6540560be |
| SHA1 | c74c2067d487089656333cd57aae67655299ccf8 |
| SHA256 | 9133ced3e3a9592bdd4717e1a01c083a423f7c5581306883543aa6807b1135b3 |
| SHA512 | c6a339c7d1789b951a1612602f5e3985bff84205c6712a51cbdc7728a341dc3b51fc778ee0aa19e2d6c443be20a3693317038a1ded9d143f9c65d65e32b11971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 88b3ec7a2f17bfeb5217e138e5cec557 |
| SHA1 | 7e319a640414912abfc1f07e5bede79e7a48c675 |
| SHA256 | 8a9d0bd5837a2dd16604cf8110fe7edd98f15af88f75fe3f46d912d6f0ddd2d5 |
| SHA512 | dcdf3fe62cc3d6ceec034b63accdb2e6f82e60b9eb25cda681da6ade7e2c52ef70a262c98352e16acb09cecacc79602285dfe7faf71c6fe1558f67d936bec6ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e7b872ef38f028911b0a87bb2337fbc7 |
| SHA1 | cf97f58a19b49e3b718a2a83422e2bcaa239d5c7 |
| SHA256 | 4d703ee2b26339057c36c2f603a659f39d6d0b43a1ecfe5983cdd1d5dcf77cef |
| SHA512 | f1bd2e4792c0eba4c480fa8a8df7d74b48e5e3b1f6cec800d6166df6298575ecde938d7b06a68b56a27ddd59a9eff244eb1ab896a07371361700724a13ae63f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 90c48756ea58106c2e34f083c00f6eb0 |
| SHA1 | 7d19138fd55011627c2f24efd89ce41a9828d718 |
| SHA256 | ba79487952861d756b6401befd0d1b465ecc7f347ab7cf18abe9408534b9ef8a |
| SHA512 | 3589cf912c91f4795978088bdfc745468986c8cc09d4fc90b8c5f6cdb6596da91ac81f39775f1343f7cd16d7ddb55370241a9f457db4d75cd80d287db1cb9889 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
| MD5 | b18c705b3c68cc49d9bf3649abc75c24 |
| SHA1 | 6dc8963dea0f3185368790dee2a346301b4fa24c |
| SHA256 | c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa |
| SHA512 | 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe
| MD5 | 3f208f4e0dacb8661d7659d2a030f36e |
| SHA1 | 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff |
| SHA256 | d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b |
| SHA512 | 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E5AA5747-7210-41DC-8C69-687D5ED8572D}\EDGEMITMP_CFCE5.tmp\SETUP.EX_
| MD5 | 5070a34dbada1aaa375cc572b5fc7d0c |
| SHA1 | e74b7ef714755870976abe3d2b4a7db0b9cc21e5 |
| SHA256 | 03e7a32e1f10fced6a07dfa4e6cfd92510d4bf6929d423798e4fb5ca91fe6c20 |
| SHA512 | fed3fcbb64a59070b0efd677ca2edc982d28e37cdf7283f2777af8aca7d3760a7eefb8d01b3c2bf4b4ec3708a74c3412f0dede91e31dca1b6f8a4e4edc673aa7 |
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
| MD5 | 28f5cf3c1d590016d7e5ecb1843571f5 |
| SHA1 | 406f6637234211764c4e13753272caf704ffec2a |
| SHA256 | a975a3a4ee010fbcc6a60c8c1798a19a1dd795655b4b629d20053bac9c5a3da2 |
| SHA512 | 0e1fe3d1cbc9eb36c41a534b26ae95603bfad4e2f593fe1a8df9570209924772a0668d3c4a20006fdb700fed1decaffaebb189f34b8474eae0346ae924c6e938 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-30 21:01
Reported
2024-04-30 21:46
Platform
win10-20240404-en
Max time kernel
2699s
Max time network
2701s
Command Line
Signatures
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\System32\bcastdvr.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxSquads\RoduxSquads\Models\SquadModel.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialCommonTestSuite\ApolloFriends.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-2.4.1\PrettyFormat.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoactNavigation-5e891f46-2818f7fd\RoactNavigation\utils\TableUtilities.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxSquads\RoduxSquads\Enums\ExperienceInviteState.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsCarousel\Loggers.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\error\__tests__\init.roblox.spec.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UGCValidation\UGCValidation\validation\validateSurfaceAppearances.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Button\StickyActionBar.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\GameIcon.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestUtil-edcba0e9-2.4.1\JestUtil\globsToMatcher.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\ReactTestingLibrary\ReactTestingLibrary\__tests__\auto-cleanup-skip.spec.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Clipboard\Light\Large\Undo.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\UIPadding.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\DsaIllegalContentReporting.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ToastNotification\ReactRoblox.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\WidevineCdm\manifest.json | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Thunks\PerformCreateOutfit.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PurchasePrompt\Utils\isLinksAllowed.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\TestMatchers\__tests__\toBeNaN.spec.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ReactFocusNavigation\ReactFocusNavigation\default.rbxp | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\fonts\families\RobotoCondensed.json | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\Toggles\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\Flags\GetFFlagConsolidateBubbleChat.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\textures\ui\LuaChat\9-slice\input-send-message.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\PlayerList\Components\Connection\TopStatConnector.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\PlayerScripts\StarterPlayerScripts\PlayerModule.module\CameraModule\VehicleCamera.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestUtil-edcba0e9-3.5.0\JestUtil\setGlobal.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\PrefetchProtocol.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\Notifications\Light\Large\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\PYMKCarousel\React.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.4.2\LuauPolyfill\encodeURIComponent.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\DsaIllegalContentReporting\Dash.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RbxDesignFoundations-4f0cd42b-a744f1a5\RbxDesignFoundations\tokens\Schema\Types\ComponentType.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Settings\Slider\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\fonts\families\GothamSSm.json | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestDiff-edcba0e9-2.4.1\lock.toml | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Components\DataStores\DataStoresData.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Actions\.robloxrc | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\JestEach-edcba0e9-3.5.0\JestEach\init.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\App\Tile\ItemTile\ItemTileFooter.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\AnimationEditor\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\VoiceChat\MicDark\Unmuted40.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\LinkingProtocol.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\PlayerContextualMenu\Http.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\UnitTestHelpers\JestGlobals.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\WidgetIcons\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\SocialLibraries\SocialLibraries\User\init.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\identity_proxy\win11\identity_helper.Sparse.Internal.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Lua\FileSync\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\content\studio_svg_textures\Shared\Scripting\Dark\Standard\PluginRunContext.png | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\RoduxAliases\RoduxAliases\Selectors\init.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CentralOverlay\CentralOverlay\default.rbxp | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\BuiltInPlugins\DepFiles\9SliceEditor.d | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\NetworkingAccountInformation\NetworkingAccountInformation\ACCOUNT_INFORMATION_URL.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Packages\_Index\SocialLibraries\SocialLibraries\Components\CarouselUserTile\CarouselUserTile.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\ExtraContent\LuaPackages\Workspace\Packages\RoduxContacts.lua | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\GamePanel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\System32\GamePanel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\System32\GamePanel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\GamePanel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\System32\GamePanel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\GamePanel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\System32\GamePanel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\System32\GamePanel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\System32\GamePanel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\System32\GamePanel.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\System32\GamePanel.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\System32\GamePanel.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\System32\bcastdvr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\System32\bcastdvr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133589845085387049" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0\ = "Microsoft Edge Update Legacy On Demand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Roblox.Place | C:\Users\Admin\Downloads\RobloxStudioInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CLSID\ = "{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusSvc.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\CLSID\ = "{8F09CD6C-5964-4573-82E3-EBFF7702865B}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{69E11C9D-4974-41A2-B067-9F26953CF52A}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\CLSID\ = "{77857D02-7A25-4B67-9266-3E122A8F39E4}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods\ = "13" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe | N/A |
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://create.roblox.com/landing
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa66f19758,0x7ffa66f19768,0x7ffa66f19778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2828 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2840 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4656 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4464 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3548 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2304 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4544 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1816 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5148 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1596 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5372 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3860 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxStudioInstaller.exe
"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0Y1MkEwNDYtMjAzOS00NDYwLUFCRDEtMDhERERDMDJCMzY4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1MTVCMEYyMi0zRUY3LTQyM0MtOUY3MC1DQUZGQzBGQ0E5NEF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjQ5OTg5Njk2IiBpbnN0YWxsX3RpbWVfbXM9IjU0NyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{3F52A046-2039-4460-ABD1-08DDDC02B368}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0Y1MkEwNDYtMjAzOS00NDYwLUFCRDEtMDhERERDMDJCMzY4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGQzdBQTMyNi00MTNELTRGRUUtQkNCRi04QjM1QzI4NjdDMTd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIzIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjUzOTg5NzM4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5628 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5664 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5812 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6024 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{17F1332B-CD6F-4B2E-A828-A1C68F0561AA}\EDGEMITMP_93E6A.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x210,0x214,0x218,0x1ec,0x21c,0x7ff69d7c88c0,0x7ff69d7c88cc,0x7ff69d7c88d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7M0Y1MkEwNDYtMjAzOS00NDYwLUFCRDEtMDhERERDMDJCMzY4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntENEI0NzQ0MS1FRDFBLTQ3MkEtODgyNC1BQTIwMzdCMjY1MDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyNC4wLjI0NzguNjciIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgzMDQxNjk3MzgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MzA0MjQ5OTE3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkyNTYzMTY2MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMTMxYmQ1ZDctOWM2NS00NzZhLTkwNzUtZTI0OTRmOGRhOWU0P1AxPTE3MTUxMTYwNzMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9SjBFY1ZyZkJkYlo5cUROd3duREZYQkJxM2lkaE91eXJsSnZxOEpkazA0Z0tuV0lXJTJmTXRIUWtBZmxhcnRjdkhWMWh3N1pYVGJFbG1WMFJTYXZoMmtkdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgZG93bmxvYWRfdGltZV9tcz0iNTgyNjciLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4OTI1NzQxNjU1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODkzOTU4MTY4MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTM0NjA1MzA4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjM5NyIgZG93bmxvYWRfdGltZV9tcz0iNjIxMzMiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDA2NDQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\System32\GamePanel.exe
"C:\Windows\System32\GamePanel.exe" 00000000000502EA /startuptips
C:\Windows\System32\bcastdvr.exe
"C:\Windows\System32\bcastdvr.exe" -ServerName:Windows.Media.Capture.Internal.BroadcastDVRServer
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=4592.2108.15773086174111696761
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=124.0.2478.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x12c,0x7ffa4e47ceb8,0x7ffa4e47cec4,0x7ffa4e47ced0
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1720,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1716 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=1612,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1900 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=1236,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2012 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3220,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3792,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3796 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3784,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3240 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4500,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3700 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4832,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4656 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 622, 0, 6220470" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --no-appcompat-clear --field-trial-handle=4836,i,1109333198927496350,318598929924948646,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4680 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x338
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5508 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5724 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714511425834+avatar+browsertrackerid:1714511280050003+robloxLocale:en-US+gameLocale:en-US+channel:+browser:chrome+userId:4155035591+distributorType:Global+launchmode:edit+task:Default
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\System32\GamePanel.exe
"C:\Windows\System32\GamePanel.exe" 0000000000060220 /startuptips
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4308 --field-trial-handle=1844,i,14929199080103147305,6296664882805606594,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\RobloxStudioBeta.exe" roblox-studio:1+launchtime:1714511507939+avatar+browsertrackerid:1714511280050003+robloxLocale:en-US+gameLocale:en-US+channel:+browser:chrome+userId:4155035591+distributorType:Global+launchmode:edit+task:EditPlace+placeId:15350820071+universeId:5294748261
C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\Windows\System32\GamePanel.exe
"C:\Windows\System32\GamePanel.exe" 00000000000602B8 /startuptips
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7511CA2B-0D3F-432D-B5EC-404CC2D7F20C}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7511CA2B-0D3F-432D-B5EC-404CC2D7F20C}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{ACA3EA24-F51F-4C66-AD83-381AFDE1565D}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUNBM0VBMjQtRjUxRi00QzY2LUFEODMtMzgxQUZERTE1NjVEfSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDMDlDNkU2Ny00NTAxLTQ3NDEtQjcyMC1DRkVDQkVENTlBNkF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDUyMzU0Mjc1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDUyNDg5MjYxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzgxNDM1NTk0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTExNjM4OCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1CdFB2aGNaaHZkVUh6Z091Y2RraTZyaUl6JTJiejdpOWEycDZ2V2ZNMXNWMmJDWG53SWVESXBab0VmJTJiNWRqaVZCaDk5T1R3JTJieEN4b1IyR0JzaGdPeSUyZnBBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYzMDc5MiIgdG90YWw9IjE2MzA3OTIiIGRvd25sb2FkX3RpbWVfbXM9IjI5OTA1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzgxNDYwNjE3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNzg2NzcwNjY3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzU4OTg0OTg0MTYwNDIyMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NzI0Qjk3NDktNjI5Ni00OUE5LTg5RUQtQjhCMjlFQjUxNEMwfSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU4F53.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{ACA3EA24-F51F-4C66-AD83-381AFDE1565D}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUNBM0VBMjQtRjUxRi00QzY2LUFEODMtMzgxQUZERTE1NjVEfSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MzI4NUI2QjktOURENi00RjEwLUIyNjAtQjE0ODg0NDY0NUU3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4yOSIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzI4IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQ1MTEyNjYiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyMDAxNzY4MDMwIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzdBODIyMjUtRkM0RC00MUMzLTg1MzYtMDQwNDZDMjYxNTg3fSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7M0IzQzFERTMtNzU0OC00NkE1LUJDMzktMDA3OTI5NjQyQkZEfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtzRzlESjZNM2Zaa1A3Q0VMV0duRHhDK3dhUmFRRXVFTHZMSWZYay9NQXRjPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMjYiIGluc3RhbGxkYXRldGltZT0iMTcxMjIzMzcxMiIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU2NzMxNzIyMTY5ODcxOCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQwNjgiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1MDgyMTE4ODA3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QzdBODIyMjUtRkM0RC00MUMzLTg1MzYtMDQwNDZDMjYxNTg3fSIgdXNlcmlkPSJ7RjEzRjkxNUYtNTM2OC00RjVBLUJERkEtNDY1MDg1RTkyMThDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0MzA2NTAwRS03MjRDLTQ0OTktQkIxMC0wOTdBOUQxRTNFMUZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODUuMjkiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGNvaG9ydD0icnJmQDAuNDciPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMjkiIHBpbmdfZnJlc2huZXNzPSJ7MTI5RkE0QjAtOTBDNS00MTU1LUE0RkYtNTA4RjQ2OURFNDJBfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjQuMC4yNDc4LjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGNvaG9ydD0icnJmQDAuNTEiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1ODk4NDk4NDE2MDQyMjAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIwIiByZD0iNjMyOSIgcGluZ19mcmVzaG5lc3M9IntEMUM3NkZBOS1CMzNCLTRBMjEtQjZFMC1EQjU2M0Y5Q0VCMUR9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| GB | 18.244.155.74:443 | create.roblox.com | tcp |
| GB | 18.244.155.74:443 | create.roblox.com | tcp |
| US | 8.8.8.8:53 | o293668.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | 74.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | users.roblox.com | udp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | webblox.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| GB | 99.84.9.116:443 | webblox.roblox.com | tcp |
| GB | 99.84.9.116:443 | webblox.roblox.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| DE | 128.116.44.4:443 | ncs.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| DE | 128.116.44.4:443 | games.roblox.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.9.84.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 2.17.251.18:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.18:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.18:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.18:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.18:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.18:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 18.251.17.2.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 8.8.8.8:53 | clientsettings.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| GB | 18.244.155.97:443 | create.roblox.com | tcp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| US | 8.8.8.8:53 | 97.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 13.224.245.123:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.123:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 123.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| DE | 128.116.44.3:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 13.224.245.39:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.39:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.39:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 39.245.224.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:50041 | tcp | |
| N/A | 127.0.0.1:50045 | tcp | |
| N/A | 127.0.0.1:50048 | tcp | |
| N/A | 127.0.0.1:50052 | tcp | |
| US | 8.8.8.8:53 | 26.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| NL | 13.95.26.4:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 4.26.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| DE | 128.116.44.4:443 | ncs.roblox.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| NL | 128.116.21.4:443 | roblox.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 2.18.190.76:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | 76.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | o293668.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| US | 8.8.8.8:53 | users.roblox.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | webblox.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| GB | 99.84.9.56:443 | webblox.roblox.com | tcp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | 56.9.84.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.32.239.216.in-addr.arpa | udp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 2.17.251.12:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 12.251.17.2.in-addr.arpa | udp |
| GB | 99.84.9.56:443 | webblox.roblox.com | tcp |
| US | 8.8.8.8:53 | create.roblox.com | udp |
| US | 34.120.195.249:443 | o293668.ingest.sentry.io | udp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | udp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | itemconfiguration.roblox.com | udp |
| US | 8.8.8.8:53 | premiumfeatures.roblox.com | udp |
| DE | 128.116.44.4:443 | premiumfeatures.roblox.com | udp |
| US | 8.8.8.8:53 | t4.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t7.rbxcdn.com | udp |
| GB | 108.138.217.55:443 | t4.rbxcdn.com | tcp |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 55.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | develop.roblox.com | udp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:51000 | tcp | |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:51008 | tcp | |
| N/A | 127.0.0.1:51016 | tcp | |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| N/A | 127.0.0.1:51019 | tcp | |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:51023 | tcp | |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| NL | 52.142.223.178:80 | tcp | |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:51027 | tcp | |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | 25.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| DE | 128.116.44.4:443 | metrics.roblox.com | udp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| DE | 128.116.44.4:443 | metrics.roblox.com | tcp |
| NL | 128.116.21.4:443 | roblox.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | 8.44.137.216.in-addr.arpa | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 2.18.190.76:443 | apis.rbxcdn.com | tcp |
| DE | 128.116.44.4:443 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.1.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.171.91.138.in-addr.arpa | udp |
| DE | 128.116.44.4:443 | auth.roblox.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | tcp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 51.140.244.186:443 | tcp | |
| GB | 172.165.61.93:443 | tcp | |
| GB | 172.165.61.93:443 | tcp | |
| GB | 172.165.61.93:443 | tcp | |
| US | 8.8.8.8:53 | 170.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:51607 | tcp | |
| US | 8.8.8.8:53 | users.roblox.com | udp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.4:443 | users.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:51835 | tcp | |
| N/A | 127.0.0.1:53070 | tcp | |
| US | 8.8.8.8:53 | develop.roblox.com | udp |
| N/A | 127.0.0.1:53072 | tcp | |
| N/A | 127.0.0.1:53074 | tcp | |
| DE | 128.116.44.4:443 | develop.roblox.com | tcp |
| DE | 128.116.44.4:443 | develop.roblox.com | tcp |
| DE | 128.116.44.4:443 | develop.roblox.com | tcp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| DE | 128.116.44.4:443 | assetgame.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettings.roblox.com | udp |
| DE | 128.116.44.4:443 | clientsettings.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| DE | 128.116.44.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | tcp |
| DE | 128.116.44.4:443 | thumbnails.roblox.com | tcp |
| US | 8.8.8.8:53 | assetdelivery.roblox.com | udp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t7.rbxcdn.com | udp |
| GB | 18.154.84.19:443 | t7.rbxcdn.com | tcp |
| GB | 18.154.84.19:443 | t7.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t4.rbxcdn.com | udp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | c2.rbxcdn.com | udp |
| GB | 18.245.253.95:443 | c2.rbxcdn.com | tcp |
| N/A | 127.0.0.1:53088 | tcp | |
| N/A | 127.0.0.1:53091 | tcp | |
| N/A | 127.0.0.1:53205 | tcp | |
| N/A | 127.0.0.1:53247 | tcp | |
| N/A | 127.0.0.1:53255 | tcp | |
| N/A | 127.0.0.1:53266 | tcp | |
| N/A | 127.0.0.1:53272 | tcp | |
| N/A | 127.0.0.1:53282 | tcp | |
| N/A | 127.0.0.1:53290 | tcp | |
| N/A | 127.0.0.1:53316 | tcp | |
| N/A | 127.0.0.1:53322 | tcp | |
| N/A | 127.0.0.1:53328 | tcp | |
| N/A | 127.0.0.1:53343 | tcp | |
| N/A | 127.0.0.1:53517 | tcp | |
| N/A | 127.0.0.1:53522 | tcp | |
| N/A | 127.0.0.1:53527 | tcp | |
| US | 8.8.8.8:53 | 132.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.253.245.18.in-addr.arpa | udp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:53563 | tcp | |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | udp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| N/A | 127.0.0.1:53577 | tcp | |
| N/A | 127.0.0.1:53584 | tcp | |
| N/A | 127.0.0.1:53587 | tcp | |
| N/A | 127.0.0.1:53590 | tcp | |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| N/A | 127.0.0.1:53599 | tcp | |
| N/A | 127.0.0.1:53606 | tcp | |
| N/A | 127.0.0.1:54839 | tcp | |
| N/A | 127.0.0.1:54841 | tcp | |
| N/A | 127.0.0.1:54843 | tcp | |
| N/A | 127.0.0.1:54859 | tcp | |
| N/A | 127.0.0.1:54862 | tcp | |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.132:443 | tr.rbxcdn.com | tcp |
| GB | 18.154.84.19:443 | t7.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 18.154.84.19:443 | t7.rbxcdn.com | tcp |
| N/A | 127.0.0.1:54976 | tcp | |
| N/A | 127.0.0.1:55016 | tcp | |
| N/A | 127.0.0.1:55035 | tcp | |
| N/A | 127.0.0.1:55055 | tcp | |
| N/A | 127.0.0.1:55057 | tcp | |
| N/A | 127.0.0.1:55064 | tcp | |
| N/A | 127.0.0.1:55086 | tcp | |
| N/A | 127.0.0.1:55088 | tcp | |
| N/A | 127.0.0.1:55090 | tcp | |
| N/A | 127.0.0.1:55112 | tcp | |
| N/A | 127.0.0.1:55287 | tcp | |
| N/A | 127.0.0.1:55290 | tcp | |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | assetdelivery.roblox.com | tcp |
| US | 8.8.8.8:53 | c1.rbxcdn.com | udp |
| GB | 143.204.194.13:443 | c1.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55321 | tcp | |
| N/A | 127.0.0.1:55324 | tcp | |
| N/A | 127.0.0.1:55327 | tcp | |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| DE | 128.116.44.4:443 | economy.roblox.com | tcp |
| US | 8.8.8.8:53 | 13.194.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| GB | 18.239.236.70:443 | c0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | c3.rbxcdn.com | udp |
| GB | 18.245.253.95:443 | c2.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t6.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t3.rbxcdn.com | udp |
| GB | 108.138.233.3:443 | t6.rbxcdn.com | tcp |
| GB | 18.244.114.60:443 | t3.rbxcdn.com | tcp |
| GB | 108.138.233.3:443 | t6.rbxcdn.com | tcp |
| GB | 216.137.44.11:443 | c3.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55357 | tcp | |
| N/A | 127.0.0.1:55370 | tcp | |
| N/A | 127.0.0.1:55372 | tcp | |
| N/A | 127.0.0.1:55375 | tcp | |
| N/A | 127.0.0.1:55377 | tcp | |
| N/A | 127.0.0.1:55379 | tcp | |
| US | 8.8.8.8:53 | 70.236.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.233.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | itemconfiguration.roblox.com | udp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| US | 8.8.8.8:53 | inventory.roblox.com | udp |
| DE | 128.116.44.4:443 | inventory.roblox.com | tcp |
| DE | 128.116.44.4:443 | inventory.roblox.com | tcp |
| DE | 128.116.44.4:443 | inventory.roblox.com | tcp |
| N/A | 127.0.0.1:55460 | tcp | |
| N/A | 127.0.0.1:55463 | tcp | |
| N/A | 127.0.0.1:55465 | tcp | |
| N/A | 127.0.0.1:55467 | tcp | |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | inventory.roblox.com | tcp |
| DE | 128.116.44.4:443 | inventory.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| N/A | 127.0.0.1:56851 | tcp | |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | udp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | develop.roblox.com | udp |
| US | 8.8.8.8:53 | gamejoin.roblox.com | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| N/A | 127.0.0.1:56899 | tcp | |
| N/A | 127.0.0.1:56907 | tcp | |
| N/A | 127.0.0.1:56910 | tcp | |
| N/A | 127.0.0.1:56913 | tcp | |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| N/A | 127.0.0.1:56922 | tcp | |
| N/A | 127.0.0.1:56929 | tcp | |
| N/A | 127.0.0.1:58162 | tcp | |
| N/A | 127.0.0.1:58164 | tcp | |
| N/A | 127.0.0.1:58166 | tcp | |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| DE | 128.116.44.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | gamejoin.roblox.com | udp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| DE | 128.116.44.4:443 | gamejoin.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | avatar.roblox.com | udp |
| NL | 128.116.21.33:61929 | udp | |
| DE | 128.116.44.4:443 | avatar.roblox.com | tcp |
| US | 8.8.8.8:53 | t7.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t4.rbxcdn.com | udp |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58182 | tcp | |
| N/A | 127.0.0.1:58185 | tcp | |
| N/A | 127.0.0.1:58188 | tcp | |
| N/A | 127.0.0.1:58190 | tcp | |
| N/A | 127.0.0.1:58363 | tcp | |
| N/A | 127.0.0.1:58366 | tcp | |
| N/A | 127.0.0.1:58381 | tcp | |
| N/A | 127.0.0.1:58388 | tcp | |
| N/A | 127.0.0.1:58404 | tcp | |
| N/A | 127.0.0.1:58432 | tcp | |
| N/A | 127.0.0.1:58434 | tcp | |
| N/A | 127.0.0.1:58436 | tcp | |
| N/A | 127.0.0.1:58610 | tcp | |
| N/A | 127.0.0.1:58613 | tcp | |
| N/A | 127.0.0.1:58615 | tcp | |
| N/A | 127.0.0.1:58617 | tcp | |
| DE | 128.116.44.4:443 | avatar.roblox.com | tcp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| US | 8.8.8.8:53 | 146.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.21.116.128.in-addr.arpa | udp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| N/A | 127.0.0.1:58626 | tcp | |
| N/A | 127.0.0.1:58629 | tcp | |
| N/A | 127.0.0.1:58632 | tcp | |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| N/A | 127.0.0.1:58637 | tcp | |
| N/A | 127.0.0.1:58639 | tcp | |
| N/A | 127.0.0.1:58641 | tcp | |
| N/A | 127.0.0.1:58643 | tcp | |
| N/A | 127.0.0.1:58645 | tcp | |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| US | 8.8.8.8:53 | t0.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t5.rbxcdn.com | udp |
| US | 8.8.8.8:53 | t1.rbxcdn.com | udp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 108.138.217.96:443 | t4.rbxcdn.com | tcp |
| GB | 18.245.253.95:443 | t0.rbxcdn.com | tcp |
| GB | 13.224.245.64:443 | t5.rbxcdn.com | tcp |
| GB | 143.204.194.77:443 | t1.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t6.rbxcdn.com | udp |
| GB | 143.204.194.77:443 | t1.rbxcdn.com | tcp |
| GB | 13.224.245.64:443 | t5.rbxcdn.com | tcp |
| GB | 143.204.194.77:443 | t1.rbxcdn.com | tcp |
| GB | 18.245.253.95:443 | t0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t2.rbxcdn.com | udp |
| US | 2.18.190.133:443 | t6.rbxcdn.com | tcp |
| US | 2.18.190.133:443 | t6.rbxcdn.com | tcp |
| GB | 99.86.114.5:443 | t2.rbxcdn.com | tcp |
| GB | 99.86.114.5:443 | t2.rbxcdn.com | tcp |
| GB | 18.245.253.95:443 | t0.rbxcdn.com | tcp |
| GB | 18.245.253.95:443 | t0.rbxcdn.com | tcp |
| US | 2.18.190.133:443 | t6.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 77.194.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.114.86.99.in-addr.arpa | udp |
| GB | 99.86.114.5:443 | t2.rbxcdn.com | tcp |
| GB | 99.86.114.5:443 | t2.rbxcdn.com | tcp |
| GB | 13.224.245.64:443 | t5.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | t3.rbxcdn.com | udp |
| GB | 18.244.114.60:443 | t3.rbxcdn.com | tcp |
| GB | 18.244.114.60:443 | t3.rbxcdn.com | tcp |
| GB | 18.244.114.60:443 | t3.rbxcdn.com | tcp |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| GB | 143.204.194.77:443 | t1.rbxcdn.com | tcp |
| GB | 13.224.245.64:443 | t5.rbxcdn.com | tcp |
| GB | 13.224.245.64:443 | t5.rbxcdn.com | tcp |
| US | 2.18.190.133:443 | t6.rbxcdn.com | tcp |
| N/A | 127.0.0.1:58672 | tcp | |
| N/A | 127.0.0.1:58674 | tcp | |
| N/A | 127.0.0.1:58678 | tcp | |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| GB | 18.154.84.20:443 | t7.rbxcdn.com | tcp |
| DE | 128.116.44.4:443 | chat.roblox.com | tcp |
| US | 8.8.8.8:53 | itemconfiguration.roblox.com | udp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:58758 | tcp | |
| N/A | 127.0.0.1:58764 | tcp | |
| N/A | 127.0.0.1:58766 | tcp | |
| N/A | 127.0.0.1:58768 | tcp | |
| N/A | 127.0.0.1:59062 | tcp | |
| N/A | 127.0.0.1:59074 | tcp | |
| N/A | 127.0.0.1:59562 | tcp | |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:59617 | tcp | |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.146:443 | tr.rbxcdn.com | tcp |
| N/A | 127.0.0.1:59619 | tcp | |
| N/A | 127.0.0.1:59621 | tcp | |
| N/A | 127.0.0.1:59623 | tcp | |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| DE | 128.116.44.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | c7.rbxcdn.com | udp |
| US | 2.18.190.134:443 | c7.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 134.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:59655 | tcp | |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:59672 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| DE | 128.116.44.3:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:59675 | tcp | |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:59688 | tcp | |
| N/A | 127.0.0.1:59691 | tcp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 104.91.71.138:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 138.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
| DE | 128.116.44.4:443 | itemconfiguration.roblox.com | tcp |
| N/A | 127.0.0.1:60148 | tcp | |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| DE | 128.116.44.4:443 | friends.roblox.com | tcp |
| N/A | 127.0.0.1:60159 | tcp | |
| N/A | 127.0.0.1:60211 | tcp | |
| US | 8.8.8.8:53 | inventory.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| N/A | 127.0.0.1:60213 | tcp | |
| N/A | 127.0.0.1:60215 | tcp | |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| N/A | 127.0.0.1:60217 | tcp | |
| N/A | 127.0.0.1:60219 | tcp | |
| N/A | 127.0.0.1:60221 | tcp | |
| N/A | 127.0.0.1:60223 | tcp | |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| N/A | 127.0.0.1:60225 | tcp | |
| GB | 104.91.71.140:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.140:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.140:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.140:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.140:443 | tr.rbxcdn.com | tcp |
| GB | 104.91.71.140:443 | tr.rbxcdn.com | tcp |
| N/A | 127.0.0.1:60227 | tcp | |
| N/A | 127.0.0.1:60229 | tcp | |
| N/A | 127.0.0.1:60231 | tcp | |
| N/A | 127.0.0.1:60233 | tcp | |
| US | 8.8.8.8:53 | 140.71.91.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:60249 | tcp | |
| N/A | 127.0.0.1:60251 | tcp | |
| N/A | 127.0.0.1:60253 | tcp | |
| N/A | 127.0.0.1:60255 | tcp | |
| N/A | 127.0.0.1:60257 | tcp | |
| N/A | 127.0.0.1:60259 | tcp | |
| N/A | 127.0.0.1:60363 | tcp | |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| N/A | 127.0.0.1:60387 | tcp | |
| N/A | 127.0.0.1:60389 | tcp | |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| DE | 128.116.44.4:443 | assetgame.roblox.com | tcp |
| N/A | 127.0.0.1:60393 | tcp | |
| DE | 128.116.44.4:443 | assetgame.roblox.com | tcp |
| N/A | 127.0.0.1:60418 | tcp | |
| US | 8.8.8.8:53 | 50.192.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| N/A | 127.0.0.1:60455 | tcp | |
| DE | 128.116.44.4:443 | assetgame.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| N/A | 127.0.0.1:60469 | tcp | |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| DE | 128.116.44.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:60476 | tcp | |
| N/A | 127.0.0.1:60511 | tcp | |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| N/A | 127.0.0.1:60554 | tcp | |
| N/A | 127.0.0.1:60559 | tcp | |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| N/A | 127.0.0.1:60603 | tcp | |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| DE | 128.116.44.4:443 | ephemeralcounters.api.roblox.com | tcp |
| N/A | 127.0.0.1:60638 | tcp | |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.44.4:443 | apis.roblox.com | tcp |
| N/A | 127.0.0.1:60643 | tcp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b9ba420423b3916356ad0d2398d3ac09 |
| SHA1 | dfc12a9f6b36ff4a5500d541b88c443611d3228f |
| SHA256 | 66126f3b725934303d8c1ed6ad982f6ff12eaaf1a846f1c32b23476b80f0a782 |
| SHA512 | a492efbfe608e20af029244fce36bc1af53b04013d3ba4872c0cfe82c5528f04530a00282f4d5ff9da58622020d76c616ed990f4bb476b33304b07c3ce503152 |
\??\pipe\crashpad_4684_ZLWCUWSNBNSQRDHF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c10cb9f0f97369dee1726f04425fd66d |
| SHA1 | bf730799489b7ffc0cfee7d75af770b756af5b7e |
| SHA256 | b4c8ee55bb7f1e7d4d46c87d05f8a5d7bc70ddcebef976c78ab48dc4d611546a |
| SHA512 | 53720dc2cd5139f90a1e8091035f68e3de0fccb6c4dfab525575d03f086da523b1838ef1fd38aa4eb954282727c754aaca1731fd1cb919123fe1deff5b895dab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 48a16bf409f05aafd354a216b549f7ac |
| SHA1 | 36f90eb2984df5825b987cfb3dd4217f21cf17c6 |
| SHA256 | f088a3500e4114026792fc1671049fb463da77991985cb26cb249ceb932f74f1 |
| SHA512 | bc829c394f2a94596241f11f6e9800ec10091c2da9b7a1d0208bd0e824b16837151caa4eac3f699c96c6014eb26fe4ac6081ab53cf4033b03f36d3136586d5ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f9f5e09eed85200ac5cac7005fd52d05 |
| SHA1 | 56496b432c40bb6007d4c27f396f85785a1cc8a7 |
| SHA256 | 3c5c2bb298feba14494f259db03768fbb4fc91c9978b4e55bea8a336bbf1e35a |
| SHA512 | e14dab15a1e15722fc4cbb3d5b6d881dcfb47bf67363140d90d688be16c0f7b169ef686afd23d1247980e58dca898def911e262fb1eebbc016f56cf45e379769 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 390039ca5cedd5a14510ca10b6e6aa02 |
| SHA1 | fed52224e06ae1b4efc47ed0a19fde47c67b45b7 |
| SHA256 | f8253253228a316e502fa0a668a4968a405377b390eadf0480324970343ae357 |
| SHA512 | 8795b681cc85956e44596dc0ceba25cc5ccf18a32c46104e105e3c55d38361f242eb6eeb53c94246b17cc899859c66c3e5d5a0abe73c72f4c2f3e2382dbacadf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 701a83d1483e727a4ab260dbf6e3f16e |
| SHA1 | 84ce840c3a5a5d45a80b5137580351bfc9118ca5 |
| SHA256 | d5aa77452486e273d10ab2a02c6f61a6cf85f96bb36346b6b3e99273fdfb6f1a |
| SHA512 | a945246fbd30a0a3769d21db2699dde84060de2456a8df1813610715500816774772dfb4a072c74f6ab30b817f5d775292f3b4991d27dacec4de5e486b10756d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5134706e36db0cd6b65df696cbcf949e |
| SHA1 | eee414bfb98661497d4157ef03c4d57139ff3ddf |
| SHA256 | dbd4063adfcb38d3c55ca5980afdb04e99e9405fc33f19a4877056efe12b6d4a |
| SHA512 | 9cd8fb822b0ae09ceff8a3e604fe7a7c5e0701eb1775ec373fbb36d047bd68e69b953570d831952e28efb302a675c70da98823d1f86d54e1a59631101c676286 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0521c2a091ea90e9f797ba4db495c3d9 |
| SHA1 | 7aa7f3bcbd0fdb83cfa8ad5a69c282a554586d4f |
| SHA256 | 79d2bae628dd39b675414cdf52d17a9b5930f0796e6020e0b197747b46bf9bd1 |
| SHA512 | 543336aa5738a92fd8b3c19bb4133ea6e52730997632ac499c514c46fbfae3d58601d9a43573ed4dce9bb6f27fa24d27deac4175b5bec3f43e75febbbdf2594a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4e368131b5eb355cf5fdbcc7b4f32a17 |
| SHA1 | e8921f18b4719fb2e2500247ebf44163fe66d9e7 |
| SHA256 | 2d9a503cb5617e83fc43cb84fe33014624bdbcf3e6c141167aab5662ac9ed0ae |
| SHA512 | fbd26e1457c63d8808a469fc76dc6fda3948a097fa2683ff3e439e1cdf075b9a91acd704071566d6b20275bd9a147bf664d303b8055370ff25d0450365a7b217 |
C:\Users\Admin\Downloads\Unconfirmed 388127.crdownload
| MD5 | 911c020a364b10fe1de664c01de4534c |
| SHA1 | 8731aee51722d2e1604864eb8f03abe3e6d35441 |
| SHA256 | cb84418aa6ff71e927125f05cd74b10cef07b40fe19a17f9ba5c3bd57f2d9591 |
| SHA512 | 7e2c2259dde1fcb1a10a3864b1e24f892fb28d1c0a9a8b1b32d6b512d9f49b031cf6119f55dad008f0b2a5dc87ae606ee0c2918fdc44fc307d56bc933537db7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 81eb3c0d7b1738fd0741a501875a9ab5 |
| SHA1 | 0a2293bdb62bf7c64cbe2e1a05fce9c77758cc24 |
| SHA256 | c711cad8c3f8c5ac1e40041a47951884fd242a94c57a6aa2c08682f14964f428 |
| SHA512 | af88fcc21c77cf62ace93e60c7795045ecbd8eb6629260ed8f16ab366edce47c9476926a6b59418e96254d385f4a779f0d8d5181609fb6f8e298f3324d732ad9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 01b344c6a86ebdc31e67c462b8acf2ca |
| SHA1 | 947afb1d63cb4fd71dfcd4ad783527d844e90288 |
| SHA256 | 5ed7dbb09a9ed65ec91b1c65edfed2a9074b965c673e7cc63fea438d74f5446b |
| SHA512 | 2a094093d779e4d9b4d17d94e42d437fbd74abdb4404ffa1e64b8d6a2c1543bbdb0294751115e50fc55a0eaaeb4810c4617979a0270167d60356b5846258277b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 61af8c7d332f9540391170dfcc4c41fa |
| SHA1 | bd77ba5c0d1c9598dfa2a7077918ce2279af1c8a |
| SHA256 | 3e3203978c5be42d2abdc2399eee8c7d6c51311730e27a42f5eae6483ac5bfc6 |
| SHA512 | 01d2aa44b34ba43aa03da56d47d4aa3e660125497626f07017609dc68d473eab3570ed8964571a06e86fad885224f05a564c14edf3cea51bd4d5cafec7ce060a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | c5c3bf142a9613a1c99228bf6138eea7 |
| SHA1 | 96c3707d8b85055c7f2e4158be03c35227653632 |
| SHA256 | ba7d429271f16e97a1e9060082b29c63df9aecda52d4a19f2ae918ea52799ea0 |
| SHA512 | 6b2b50ee3884adb976ffa23ec46b3f09b4f498cd3ec64ae0b3a021b9f49cef7c3f69786011a53d7786371747d41d3894f575d78da4cebec496428b7e4ef6a414 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5c8bec.TMP
| MD5 | 018369e4f4a0df5b716e7e633f6fb8f0 |
| SHA1 | d38b4f3edc7c0d85f7a27253bd6db251066a3386 |
| SHA256 | 48619f645e7cf00d05d678b79727b2b769698c32303191ddd6f3a3ec2d4595c5 |
| SHA512 | 032d6e7126f583e747b2635ecd66a1835dc2a02aae4e7bca62035115b1d7c063917482865626fd3c29b40a622800128fdb3ba5e5ed33f9921cd2fa9fba6c7807 |
C:\Program Files (x86)\Roblox\Versions\version-e2728ac197f84660\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fil.dll
| MD5 | 7c66526dc65de144f3444556c3dba7b8 |
| SHA1 | 6721a1f45ac779e82eecc9a584bcf4bcee365940 |
| SHA256 | e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d |
| SHA512 | dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fr.dll
| MD5 | 64c47a66830992f0bdfd05036a290498 |
| SHA1 | 88b1b8faa511ee9f4a0e944a0289db48a8680640 |
| SHA256 | a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961 |
| SHA512 | 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_fr-CA.dll
| MD5 | b534e068001e8729faf212ad3c0da16c |
| SHA1 | 999fa33c5ea856d305cc359c18ea8e994a83f7a9 |
| SHA256 | 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511 |
| SHA512 | e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_ga.dll
| MD5 | 3b8a5301c4cf21b439953c97bd3c441c |
| SHA1 | 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a |
| SHA256 | abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0 |
| SHA512 | 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_gd.dll
| MD5 | c90f33303c5bd706776e90c12aefabee |
| SHA1 | 1965550fe34b68ea37a24c8708eef1a0d561fb11 |
| SHA256 | e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c |
| SHA512 | b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_gl.dll
| MD5 | 84a1cea9a31be831155aa1e12518e446 |
| SHA1 | 670f4edd4dc8df97af8925f56241375757afb3da |
| SHA256 | e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57 |
| SHA512 | 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_gu.dll
| MD5 | f9646357cf6ce93d7ba9cfb3fa362928 |
| SHA1 | a072cc350ea8ea6d8a01af335691057132b04025 |
| SHA256 | 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150 |
| SHA512 | 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_hi.dll
| MD5 | 34cbaeb5ec7984362a3dabe5c14a08ec |
| SHA1 | d88ec7ac1997b7355e81226444ec4740b69670d7 |
| SHA256 | 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9 |
| SHA512 | 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_hu.dll
| MD5 | f4976c580ba37fc9079693ebf5234fea |
| SHA1 | 7326d2aa8f6109084728323d44a7fb975fc1ed3f |
| SHA256 | b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791 |
| SHA512 | e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981 |
C:\Program Files (x86)\Microsoft\Temp\EUE5A5.tmp\msedgeupdateres_hr.dll
| MD5 | 0b475965c311203bf3a592be2f5d5e00 |
| SHA1 | b5ff1957c0903a93737666dee0920b1043ddaf70 |
| SHA256 | 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0 |
| SHA512 | bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 8fb8a919ac41ef05f33b612e817bf770 |
| SHA1 | e1ed084e38b375061630c118b5c0fc7b414c8796 |
| SHA256 | 9d3ac6c13fbb864e090c12102053d128dda2df47eae3943111e325ca233eb5ce |
| SHA512 | 9221f407426b8b1b5748ae6bcb8885f62456ba55d29847c1cc054a81ca0e3e56556ed40ba66e59daaf78ea6c29a60a74b59c05a561549b240782fc0bd1f8ec12 |
memory/4124-548-0x0000000000200000-0x0000000000235000-memory.dmp
memory/4124-549-0x00000000732C0000-0x00000000734D0000-memory.dmp
memory/2812-559-0x00000000732C0000-0x00000000734D0000-memory.dmp
memory/3196-560-0x00000000732C0000-0x00000000734D0000-memory.dmp
memory/3196-724-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 53f9f7c3d35caece4e5d4b07e3deb5d0 |
| SHA1 | a601c21af1dba42b67252e77263ad49fc249a65a |
| SHA256 | d80c9f4d943b4f54f4eab128a8f583b2f1893307deaa166af4a86408d04d9203 |
| SHA512 | 3ecba18da891542185d244e7bb387226ba31ee78e1e481958377ac138e9de9b776c868b44cf4956b5ab595e80f70c7a2aedc4dadfcc3c89476622a7dc65da899 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab168073f387b9d36ebbda89abf037b0 |
| SHA1 | e9bdb9621520da5865d24dc16bf7cc3c27eb28ab |
| SHA256 | fd4e471de675c24cc079b44c1499f30d64a336836a1487a6f98fce593a8f50b9 |
| SHA512 | a14564ec3d28bdd1b45f0fe0ef6dfdf9fc235dd8f32f29b8d39deda540aa89931ae04c66e23acd6df5f21ef8b14f0e62608cb06bdb02b3a3f2de2c3300a298a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4406dc86f2b1daf83a386a0905fb8b2c |
| SHA1 | c3346b19878c98427ee5e77bec200a58c852d3f5 |
| SHA256 | a62cac2041fe87aa86fc73344736d3f482aa3af7f73d8141eba71b1552eb3ed3 |
| SHA512 | 2df033ceb814588a3e8d66ee4d9e88227183bd4ca76c9064339b000bff417c8356472679f1c3adfebfe8ec0b78b58939e80e929562bf143dacd4aed150aee19b |
memory/3196-873-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fb325282612627b7fa50bfbb0dd64340 |
| SHA1 | 0fd843b5b408e2f6281622f5d96a399ec5eccf0a |
| SHA256 | c005b3377438e4bb480dbb445d007d62d8f37fd6027b24fc0a85ae73fc341637 |
| SHA512 | deaac8d9941afad4dd8d03d61e94a285874c1f4965e91afd84b00516dd1ed83783f03c859f4796a474e449e35550561c3c605949a98f31f38eff3d0426731750 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 725701b1cecf8e788aa39a79e29352f1 |
| SHA1 | 71fdb4d4950a242a5fdf18495821d96ebfb83794 |
| SHA256 | b14c1cb3cf5799fe7a93dcc7ab21d5efc59de9425b781cc19ad8a441b0ed374a |
| SHA512 | 1e4e585a500e4eaf567dfdc6740c54fafd78c8e0e092fbeb8141e02ad31163d72aaaf8151b47a4b8d6d75b27697b361fbb4174c31635150bdd19c6e25b1a3af8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2111c130782d084dbfea32352c74f487 |
| SHA1 | 321f3b24e52e694441aab5d0e28acb274348b994 |
| SHA256 | fc75d03dcddd50f0f212da315d44af12ad328dbb9ad3f3d3e73a86b31a995b62 |
| SHA512 | fc6c8f2fc0eed637fe521ac46bd6430cf350d395426984a318974e49d34794bd5bca68823106df7e3399d6db745a118d53dd77eea3b6851098addf51b99ffab2 |
memory/4124-905-0x00000000732C0000-0x00000000734D0000-memory.dmp
memory/3196-907-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1a3b8cce1124347c7ba11aa524ee3fc3 |
| SHA1 | 3a63531fdda655845ba6997f22efcfafe1322f6f |
| SHA256 | a0ebacb553b2527b3e95c7d5468fb185cd69fb183851d1daaa4e2dca18185dd9 |
| SHA512 | 342f78f2dbf0188e2d4d6639f492a1730ebf56bf5cbfc86f46b1c80f24071c6e7ecc026de0c6347d6b3d198dec072bb19368872e02ac2172dbbd96282294550d |
memory/3196-920-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 088e87ddb2c40f3095994e339b594afc |
| SHA1 | 2cc12dba4f3494555599e694d50aaa3a1abd34a2 |
| SHA256 | ff9c95010b284c696a195b3ddb357b3e006dec26ee3e301b8e283e35d03f1ec9 |
| SHA512 | c471af36df5fa3ddcbcaf35088a795e3cdafa15b1de569db3e4763cdd1085fffba4fc847dc9a323ccdfe74a1a66ed1d9c3973177271357de187dcfaf8fbe2c3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 8adb35257977af9c83ec424616de9a01 |
| SHA1 | bc2b0f93895b081bb58aa6a873d8357dd683b392 |
| SHA256 | 5e53ea6453da517a15374a9864f231084387e9dfbfb711990c05ed1def7ed66d |
| SHA512 | dd70ae52f7199bc1c75d21159cc0ac91dce0feb529d115840a720479ab3dd0372742245d47fc9d196789574f617631f12b76a2032647cd5d84cc356a28d14472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
memory/3196-1035-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0e6de32fb54c6dc52b4d04a947e580be |
| SHA1 | d7cd07589f0d1795ee7255c24d265813d2b27933 |
| SHA256 | 609bdb6bc3f5a30583e70b9d420b28f2edf4bc35b17a83c8bb597b1a60ef861c |
| SHA512 | e1ba0e2768fcf8aaf4c8809cfeed3d76d672c8305487bcae41927de1d0d6a7c56f20545dd1e96b738e572f9962120cb8939f87f2482c59480bf14b2c3990e087 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\124.0.2478.67\MicrosoftEdge_X64_124.0.2478.67.exe
| MD5 | dabc3160a804b9fadd89ceb0fcecf388 |
| SHA1 | b52f15e866a18637683bdf0ea4eaa326b787396f |
| SHA256 | 53eb39a92ee0d2eb94f6d33c015097bddd9cfe5c4129d3ac9a9facbfb5087bfe |
| SHA512 | 74fc0f21d7cf99e07c079224e2af8a4a51bff98a97bc471cfedfbd3a28d3ee681fbd63fa7239948c3c0bf4f9af56dc582dd128f8c08b54cb73389e85f949f431 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 900946d326ed3f064ea69048cdf56e81 |
| SHA1 | 3d770eb686bd930fe266de3d25cb9a6b2946c695 |
| SHA256 | ae1a16b3fe0283e101be99bb0330d5659b2a2eda31a03f6b1ea5c17e75383b4e |
| SHA512 | 49412cae164ac2af63228e9377fefaa08cbc3581c65ea0a5f4c95168388ab6b926ed93e4518700ddb94de9ab95e3441e1be5b5a754c6a5b67212ffcbbe558576 |
memory/3196-1081-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe
| MD5 | c31297188ec9fbaa60449f769339963e |
| SHA1 | 8502d9e0cef18137529f0a46ad6e69a1577e6cae |
| SHA256 | 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9 |
| SHA512 | 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3c8f3f4b9ab13beb5ee6bbcdd5651550 |
| SHA1 | 8d009574353a905f77f75e68623311d9d84aa0dd |
| SHA256 | e46b1c55f3947f30e2e1d197674a837de5a49a64b24aa8205dc313ddb80fb07a |
| SHA512 | e5463c5a4fc3a6ef198d376b0029f211e43ee9adcb8bc68b2a742f1c266eb6a395512fbf7d3fab58f00cdd849d0b60829efed4888bc1c3f5c35497bc5aa32b9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 23a3e15afb48791f898a86cf9b70843d |
| SHA1 | f57540b3e3c586fc123350256441cc2a524658b5 |
| SHA256 | 70d1cb614f3ba0ec48e77dc9e8b3b20022a7bc44e7284aad07338596c8d4813c |
| SHA512 | 6d47c96a8a4e5657cb19816f0f798938921c2d99612def8a450fe14190e7d158d748b521bdd0b8e0fbdde791e8d6cd15cc0b0d43cd81cbf0763b2e4a1d2768a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 136fdf3cd50305a0af3218a308181199 |
| SHA1 | 79b76dda3ebaba0358a3293480862275c176f898 |
| SHA256 | 6b362257ed4c3437e54888524fcfadeefa7253bdcf855b990963548b9b85cd06 |
| SHA512 | b3d0e834fdb05b33acb818022120a163510515421894fbba523c3e3cc862b5853008b65cfe5488dcd2b9621ff1be306623be4a6449b0d908e017031d96c0a58a |
memory/3196-1134-0x00000000732C0000-0x00000000734D0000-memory.dmp
memory/4124-1141-0x0000000000200000-0x0000000000235000-memory.dmp
memory/3196-1145-0x00000000732C0000-0x00000000734D0000-memory.dmp
memory/4592-1147-0x00007FFA53230000-0x00007FFA5377C000-memory.dmp
memory/4592-1146-0x00007FFA54D50000-0x00007FFA55152000-memory.dmp
memory/4592-1148-0x00007FF63F5B0000-0x00007FF6405B0000-memory.dmp
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Site Characteristics Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/664-1229-0x00007FFA72370000-0x00007FFA72371000-memory.dmp
memory/3660-1237-0x00007FFA71E10000-0x00007FFA71E11000-memory.dmp
memory/3660-1234-0x00007FFA6FF10000-0x00007FFA6FF11000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | decc5b6a965399a85c132902bec4b303 |
| SHA1 | e3ddcd4995c75e0fc7723a000ba73461a00382bf |
| SHA256 | e6618e90dc7ee813a79490833c69eec4cfc08cdaba420442c27b352dff1fd40c |
| SHA512 | 049c4bae23eba2c0f2395acbe2f3930f585a2ef19aa61852a1c2789d37c90275c0ed28bb94bf91c10fc58c5f6d015131bdaac37ce7ebd26792b8ea8984dac04f |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | b16e7d082024adbb0b55c2cadc931e49 |
| SHA1 | fb2dd23eeacbf4cd5b45b8a5409ffb6c28f7ef58 |
| SHA256 | 31fde70484f6b3f166952f71bd085f8b40673acd42f00dcda42b09747b43abed |
| SHA512 | 85a1fa46b29ba5950141a1514427c58ffbbcd1a4330295545ee76c85a5ee6f49ac3d82929a884c509412095f0f02404c01045c31737f1ca2ba7063ef61c9b223 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5eb39e.TMP
| MD5 | 43ae45ad1fe98438a534a8aa0ad7be82 |
| SHA1 | 64f78bf16791de630fbe68a0a420d27917cbffc7 |
| SHA256 | 37997a3c79754c8e211ccf2cb1f63fcbc3b5ca4b0007492edfa587e068db8e54 |
| SHA512 | d4d2ebe192d00b6a7810c0b5090cf7811dc4d3cdc76e1c230dc25f7ae5cfa4e5f41d9b3d10194fb143bb78d9487092c2faa3680e780af3c7fceeced6fb91c3d7 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
| MD5 | bd7fab506a834914686a8f13e5bd91c6 |
| SHA1 | e04208673d25e81a805b4bd6a817d8c4f9021b95 |
| SHA256 | 10b567d442d8532ca57dc127cbe547f4c3c1fd1a2c1ca178795a156367164054 |
| SHA512 | 5b2365961a416a929ccc7ec7d765bafae3a30e33832ab975b25edb945158139d42e289e1ba118ac1d4d950383230de0fd25ecd16eeb8bccb5ad0a3ec9ae3956c |
memory/5208-1309-0x00007FFA72370000-0x00007FFA72371000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
memory/5208-1371-0x000001CA67030000-0x000001CA670CD000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
memory/5512-1394-0x000001BBB6F20000-0x000001BBB6FBD000-memory.dmp
memory/1528-1412-0x00000000732C0000-0x00000000734D0000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | 35f078038de5cf94414a7a4578f3815e |
| SHA1 | 291ebdc1b34a916fe9604e26b1b8a66472e6bdcb |
| SHA256 | 19abeb518eb39f147e5a042dc9d1aba3b068849e723877ed9ec895eae85812d1 |
| SHA512 | 4cb8c99680c284061540cb120339eb9eb710cee862427e65c5c5347563ea0b216a250507116e6f527fe55932def0e667501129c1a7bf3607409bdbf145919eb5 |
memory/664-1609-0x0000011200520000-0x00000112005BD000-memory.dmp
memory/5740-1615-0x000002C43E8F0000-0x000002C43E98D000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\SmartScreen\local\uriCache_
| MD5 | 47d41a980668e9bfae197488d6d56feb |
| SHA1 | 8acd8919b112d637a18e4c2f79f61fd62d2a1e6d |
| SHA256 | 87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43 |
| SHA512 | 165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb |
memory/5824-1726-0x0000023D7A6A0000-0x0000023D7A73D000-memory.dmp
memory/5740-1725-0x000002C43E8F0000-0x000002C43E98D000-memory.dmp
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat
| MD5 | e38d690459707f8801fc22873155503c |
| SHA1 | 232651199a9fb40d1202cad2727bb446e6d64dcd |
| SHA256 | 08a47de3b279c528421afb96965bc1bcff136ba3eabec02c54927399e71b45c2 |
| SHA512 | e8bdedc59294cab0e45e78e1a33ca142ce418532a700fc0a6c66611bb28acbc951fd159d727d55b0dc706c1b8d25525426063ee4cba0a0106aeb69e71ecf45f2 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State
| MD5 | 5e1c0a4b2b266e2baa5bd5649b596706 |
| SHA1 | e6f0ce27463056dfd6259432dffc6701cf15560e |
| SHA256 | 55c538424cdc0a76abb9fb8d60a90293e703d42280c8fb20c6e29e4d21c3b67c |
| SHA512 | c483d0f50394f6e4b073a4fd24a5fabafd514dd727181f5ca5d8cd6048aab414457924bafd8bc93fc5eb7d0831b52c79ea4674df8bc55afea14103f321e604b4 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0b936182564717af4f46c03df728e148 |
| SHA1 | a9a5fbf22d005eccc796604996ff7e43d73f50d5 |
| SHA256 | 6e867e5b09aede579f4ab281e612a429bcbab6f20c83092bbe1cd1306efa857f |
| SHA512 | fddb4b262035bbc4104c2a3e8b27e37ef802f0461a3a2b50556dad369aa420b0eb5d9598b13e949a7faed5b8bb364fdcf7ea09b9ea4602c86f230bc7c594e33c |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 07d78c16ef87822b49748cafa407649a |
| SHA1 | 89648782fd778774baec2a26bf1e7bcc9554e3aa |
| SHA256 | 3d18227a572b0571caf4ab7e8b0c68c71939542941dbc016d6afc0c444bc0db1 |
| SHA512 | 3c22d472ea687ff5d5e4cdbd9ccf4a130d30ae34464b3bc7a627b8b45530f3883fdd0aa8344f1f9b6fb1aecb3f63e88f2b10e2566ef62ed671b54090bb7c4576 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences
| MD5 | cf5710072791b5c3f794192c4f208aea |
| SHA1 | 33f6f14b74ee954b60d25dacd8fbea921d3c6c8f |
| SHA256 | 1c95b85944a7a3bff9e00c98f6b2724c73437eab4a4c51fc2f7d26e1291d4b82 |
| SHA512 | b6e02434f9d589d8137d92ad5f82b44c35cf58ece37fa4bccd0abfe3dc670a315022d3d744f95c7d1ce63cf5b51e0c4e45d0018e37d6b4cbcac79ebfcd33e861 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5efcbd.TMP
| MD5 | b0a6497aede89d2e00f3baa93f4d5bbb |
| SHA1 | d3ad86a5cb9523322ac699eb0fc850bd9bbe7948 |
| SHA256 | 937b2614d279d1d34be4b03f5b4acfc9d461c001218f50b8efedf9e19da72556 |
| SHA512 | 87aeb50092ff4654211b8f24bff959fc9db4acc0879d1349f2c493605f137b3c730f46b032387e2eb4211c9cacc88337b1394f9239655bfa2ffe6824bb53c480 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity
| MD5 | fa385faa0165ce466f50df32e9e38e10 |
| SHA1 | 2a8cd6cf5c3e4dfcd2a05b92f61eb69171cd663d |
| SHA256 | 566c9fdb991d494d866afa13e0709c50ac499b3738fe387758a916e8d5e26129 |
| SHA512 | fd1338cdfaaa4624f867127abc306b9ebb4cc88218c90898085356691e470e43497b64146968732796c840e8e17c1c1affb15d84c8211621fc51dc971548d3e1 |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5efcec.TMP
| MD5 | 22b79f4ba5f2ea596f4ee98fb8cce1ac |
| SHA1 | 13c3908e2b4595d36bd447c6233cab06656bf4a9 |
| SHA256 | 8cc2ba777c3cee9b83de6a51680f53d68f298033ddfe05e088d6713a8b09cb22 |
| SHA512 | 324109fbd351d6e4384f18b62b0aa457a892d437a3d7d1f3c15b6704d14234c8e037500e3443b146e3b8a33a3e9389ff407ef92e3ec537553dd11e83d8632a3d |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State
| MD5 | 7f5b38c461a4b5bbde37d3c2608a8be6 |
| SHA1 | 5c37faf73a4fbe4090b67b65150258e31ff70dd1 |
| SHA256 | 904b6f51d75303411e83f91e95924c3bf7cef36cca33fcabde76b49f1a5a01be |
| SHA512 | 490211a02eb966d441f27fc202e31bd4941d778cdb163ac205038f04148625c04e8fa6c60c24e4456c2d928e43e4f23953df602dd7002f2e4d2290433d63cafc |
C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5efcec.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
memory/4592-1918-0x00000181511B0000-0x00000181515F0000-memory.dmp
memory/4592-1921-0x0000018129DE0000-0x0000018129FE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e1f1d96b68e3261cf312b541611c5539
| MD5 | 3adb865c801399c412bc73840d3d8241 |
| SHA1 | 267f8332eb7486bccd7a6730cfb4f5c2152b11c0 |
| SHA256 | 10fb505b7ce30ce4bf5582248b17dd47f6a39635007bb77dc5d16b963baf9905 |
| SHA512 | 609793331ce25c6667067b3616791f3ece470500f797343178948e4b7af18f275fdde226f542610d957b397651e12191aed58dbb88bc1c59eff4625e550160a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 48e1e9fb3be10738635d1983c96f55ab |
| SHA1 | 056de67e06ecfc7d7bbebf2a6a416a4884150f6f |
| SHA256 | 965e9607c7d2dc9cde037a19de2d796da03d4132c7c1f16de3c0554e20e66c7d |
| SHA512 | 9c900b1ba887335924bbd175248c96636182312d11c8cceb5b349a9ad5a02c0f13ab4e19725c9e7a8469262458758079ca8371704560f1fe3d1ce0cbd696e75b |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 30c7b2bdc35c650d2b65150241646816 |
| SHA1 | 94d466a5f5159784155b6adcc9555bfdae4710c6 |
| SHA256 | 0784d39379f0a4f971777844ba07550aff31a3d5e32ce1d1eff6f4c7d49b90b1 |
| SHA512 | 8d51ef924b6c8f46a7ced69f188f2ea583ef3feb7fd84f51a8af8810c51e5099052e2c1513f15ac6fb83fecbef8c984fb4e124ff524c2b20a437943dc127465d |
C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\Downloaded\OTAData.json
| MD5 | 7a39cae24c1d13e38fd10bcef98c80ce |
| SHA1 | 58d8a40b4d16215399749b563ba610c5cd3e4159 |
| SHA256 | 72de5cd3124d642aafeb64a4562c31204bb506a5c4fe37de302849aef41f0d40 |
| SHA512 | 8f51f5fe9890099039ef275e5148299a87bcbbc1a9aab5c279105b96efd795ef445803b4422060964b3b010c180c9b4526c82f84433669e4e365812f9642c80e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8d35aef231e002676a573e12dc26559e |
| SHA1 | 964efda20755fe5fe7d5a772483837624928ca2b |
| SHA256 | f4f72bb91e9093b95fdc601f965dce11dd799528224848b12316b16b126eafd2 |
| SHA512 | d404e0f2b50981c21abd6b579dd5140d2a7f4bf863b62dd7a75da38539a671b3f748096d06718a81022256527e0434a3288f67716dbb6d34a287d7bf55114796 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 9c6fa2ebd5478cfb7b558f64bf7bbe6f |
| SHA1 | 137f1cbc448f08be15a7eee3408773773862b9c1 |
| SHA256 | 66b0dc18bf4591e17c6fa8ed24b384779b4e6dab6410140515f1df6f8b612ec6 |
| SHA512 | 71fd26de5ecdcfc354ba202df6f7de76b7481852f8ec8d99711577dc83b8c12e59c4cadda81c0350f70abb3eb54e6f528e0500f92f472ac9b19e9489c3229b90 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5d34a1f5416fdc978c6e0c7edc7d67a2
| MD5 | c76ac26f80988d0fcf03874d625b86af |
| SHA1 | b04a5e95018f8eca571daa4077e66626b9ba0de6 |
| SHA256 | 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab |
| SHA512 | 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\95d98e1cfee595f720d12856399cbd72
| MD5 | 39be6457e3ff988375205765c4660895 |
| SHA1 | 8e946b84ba320df9c28aaa6e759e24719ec38aba |
| SHA256 | 1194e8aa1e2ff45887bca03f3ddee55de61436c660e162ae343ee64e7d146da1 |
| SHA512 | 80f75601d5887291d0f2884945dd2ca197090431fb30dab6e6ee9ef601076950922a75f23a577dc58824a8ea7f57c48c1a742cdbc13a28215bead6b2b0b47033 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b0cd0725ce628c802aea646becfd46a5
| MD5 | b7c03229a5a8d6586e4532281bf1bcf6 |
| SHA1 | e2cf4dcb1a5ed9ec90882b05fd92a1cb2d9b7031 |
| SHA256 | 2f68626defe72fe2f0f653e4f329dc40a4da28ec0b6805b7e372df74503490e4 |
| SHA512 | 4b33587bd1e348c0c3c90ab22556c1a1634c9c16a7986d5ca92cf409a6bc9a2d4ef6ff29f1c56fbaeea7ea42b9e6bcac980f3a13869c7321dfa94b3d4c68498b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed
| MD5 | 808cb55c51b6fc55fa6cdb17892dc876 |
| SHA1 | 4487b86a3a42ff05e109800b1827c100390245c0 |
| SHA256 | eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d |
| SHA512 | 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d
| MD5 | e3690a37568ee9fe7f191a17a47e2146 |
| SHA1 | 476c939e0ca065001820946509e36ac2842fb1fa |
| SHA256 | b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28 |
| SHA512 | c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f
| MD5 | 2c65a49f36fbe81aed88d7626a0112e3 |
| SHA1 | 832fc429cd021f288f5ef9531e7dad6c9c6507fc |
| SHA256 | eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de |
| SHA512 | 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d
| MD5 | e6bf3b994b7bd85aa47c17406d367d2b |
| SHA1 | b18be2803acd9576aaa72bb19116b09680f0cbd0 |
| SHA256 | 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa |
| SHA512 | 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a
| MD5 | 38b25c1089062288a7a9a8876138e465 |
| SHA1 | d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c |
| SHA256 | e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29 |
| SHA512 | 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | eaef4b677b2babd4fb7b29da0f065bf5 |
| SHA1 | 655dc02137cacabfeebb0705832c3378062b1598 |
| SHA256 | c5a33fdff10981930005746e120f5cab8bd1321ea949ea5cd1b2e34a88f7aaf7 |
| SHA512 | 7ddab6aac206bbd23350667487335e674466d66b3f0c425ec3789a62749bd6073eea1e1f5785ca539a0b7e0bbd8a83605191508d97c8280644088cc7d8161aa3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | cc48844c588d11dfafb5bdeebd6b091c |
| SHA1 | 01c73f282b4607b42502e1f99f12fd35c59cecea |
| SHA256 | cf5d62816bea41ca8af8fb5a3adf47260e1d534ef99dec6c74294a9d648a97cf |
| SHA512 | da0d881c8e5ed3eebd38a82a6abb3cef005fd6cfd842fa887b4369cbae283d442127b61c26fab5ab0360b39316244544a5ec697a5e5191181a3bdb2cdc21b595 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2fb128dd16864c66ce42fee9589dd771 |
| SHA1 | b7062f30b2d0413d124a3def5e74f82546ca3d21 |
| SHA256 | 3005e46a6101105628eee0e862e6eb444f7844a3fe2f85072e1e18b37ce02e01 |
| SHA512 | b13d091dbb9cbe6aab4ed9fe8f986e759ea73cceaaa62aef82b504198a5b7517ee6b9834d253d30bf73bff8530af0ff204178331067fb09ec8d8a00604d3eec0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046
| MD5 | 7d3226296e6f9a7f1e8aefb7fa16ad10 |
| SHA1 | 716c1e7514fa52ce0ed8aff4c728ecc10694f99a |
| SHA256 | f0e6dc11909bad0f8c4045561be9424a50788db103a13b17d0594eda5abacea8 |
| SHA512 | db5d70f1743d54f489183a39a2b324d1d0ac0beca5e9ae4e003bd3e20f845570dd024a1bc20b6a3b77497e21098d6965f116df7d7cae9410d7fcc17b3baaef45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 70aaaf736769e4a90cdd36b88b9fd97a |
| SHA1 | a698112feefdde7018505f9aabf106df7029d3bb |
| SHA256 | 52d6e7540c790ef65fd662fe2d440d77a7ba4c40bf47a38ce9624fe1038cf23c |
| SHA512 | 9d42cfc115a964764f0231ae0ddbd40129b237a1ed203a757c721549a66fea5904e9d807cdce17717b677e959e2bd80f4742489d3928ae7c72b33350ea8f0b17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8076770516db274f42602a01ce4f9607 |
| SHA1 | 73076a9eb52bfcad166b3ff514a9a42b909a07ad |
| SHA256 | 8b47aec189162313fec852118b97210fc7cec160b14d21d80aa5e533ba989ff9 |
| SHA512 | 48995b560686a9c75b4154490fa482590dfe526d4e80a102b3bfcc4ddc7bebe7fbd6a2dd22a6a7a1cb1001f6e2a58e0a28aa623ffa79b74c2d5669d507b1efe8 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\cb8a45c1430998ec1304e4c79176816a
| MD5 | 933b1f5dc544d9868d257d80e517c112 |
| SHA1 | a8d55f9cd5f79ef7f6fa1ffb229d8bcfb30ce348 |
| SHA256 | 51a66f59fb6018efd308234879746581b50566d967cf1fbf63fd3fb6917f1295 |
| SHA512 | 6e03ebecd629ec937171a7a2d11a88c83c0267c0f153b86194683fc967f0e1c827e6393a39af735813a1cb3fe2297cd6582d2f7578355e797a5152dd92d6e600 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1a1d7a8fb35b007494a82bd5304ba1e9
| MD5 | 2414d644ab2dc0d3c58d8546b4cd7ea0 |
| SHA1 | 77a854549c69f719657f5d404ae9391c705d88f6 |
| SHA256 | 28be75fd24c5225fe212cbece08722d92c4d2816e5c3a0051294826a5fe79458 |
| SHA512 | 02bc18971dd372438e6f93b0db0e29a2b647b7e1acc5e8d8321f73857b746c5523e7c720ddadb96363664fd5652c30d5e396f7128813dfc0c30fe7ea4086a229 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8fbe2ad68bce1f4933b291c365e04e75
| MD5 | d6a9f27b18ba6c1cd064cfee32420a8a |
| SHA1 | 3eb4fe70132f76c96bf7f951070f437ba176fc40 |
| SHA256 | 612baaa3a5eeebe00562f3ecd4490073f3313811613ead2948c1626128191506 |
| SHA512 | 1126e9b53315742eedcb4e28bec6330c03cbeff2d311c9bca1e8280720ded31b6ad7f4f4b6899aaf23656ec46b19fc2ea6566226c1fbb1ded1c3790832d9fc1a |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3e2504bf31b5aa0ab48a8ae5f1dc5f1e
| MD5 | 6abaefefcacaf36071c43e9dc51f1bda |
| SHA1 | a562a7fc46cec9c90e86fa570267864ef2249a20 |
| SHA256 | 55941590b6aff4d570b3531c493c14c46eb687ed9e4de19200de1681987f75ae |
| SHA512 | 5fc4b6db68c03630673789ec5f5d017709e5a9011f25575c0e428f4a21c30e1f6664faa9e4ed456ae79c7ea0fc45db30b8d45ad9b4e2e94f49b27c50237872c3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0d8b0fd3715ff57ba968ae5740d39a12
| MD5 | a3366bed53be5f4fed574fc819a07072 |
| SHA1 | a79b59561cf06c8a209fb701567a67376d83924d |
| SHA256 | ec5c1697be4eba9851b9a413c13e1a94f9846f6dba1d8d0fa33e1ca7292e8030 |
| SHA512 | f8424133bac79bbf7547bf7076cbaf0bd0767f220778275c36878bb982bb69bfe64aede42d67c9db009047e66bcf5eb9604205f6b0aa9a801f6827e2034399fa |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcbcf8ab7914469e06c8fa6ee80f2201
| MD5 | 958ad6c1423022b1905d452d8772d16b |
| SHA1 | a1c5aef3f0d7550f8a9ac31ac1e295696477c02f |
| SHA256 | 8965deb3f4a35faba9f087defdbc2fb071e006f283ee7e6b1ce250c6ec12a49f |
| SHA512 | 5185a342c83ca7770ecb1103d95d061cc17c80526f755ebfac53305947b09765515221ba65b43a98eff3860e47bfc7a15f51e67d0636de7596a6859ff20804e5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e0fce80600a43748c6cbc0ac23f6cfa2
| MD5 | 3bf49259291542dfee0f89d587c177f1 |
| SHA1 | 22328c74fce75f7918f6c4b3ca5ad9e1921db437 |
| SHA256 | 971101824fc41a26f9b1386d72750a69298f4725f266edb3c93b21f9600d2916 |
| SHA512 | 20366e5775f42da8e313d67ace54bed3b2a010a84d9b3422276a8b544186345683c00663ce4f541c9890f906344ca3400015bef988d4ffa7dd4bf1c38161e271 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\31e8a63e8fa08c8135be1c5384c3e0a2
| MD5 | 1221a85cb03fd45c001ef47af9935e7e |
| SHA1 | f209b998e8972ecf158f58270244b831d107ace1 |
| SHA256 | e7c79bc6240600fc94d67a9c0e9c1f563a3f30698d7cae3d19b1735865835d4e |
| SHA512 | 2e6846a2ea3bcf0892703f3f2024a0acdf277251c55ad9c65e61fb5a8780c67ec707d42818b3d98103504dda9984c109ec0f8e393fc063f734bbc7bce168ad90 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1daaef2a5ce0ea927443fd099437bb55
| MD5 | e4a239995837749223ed2039a40a3a21 |
| SHA1 | b1cc97f9ffc3a367dd3a55a1a3342d59cb610403 |
| SHA256 | 36ef28d0243f78f746ddc7abb74563980829c81dcfb91abcdaf6459bc7d374af |
| SHA512 | ad81fe4cbaed589da0a3b97c20e7e5fc0deabf5910b1c41dc7d6e6e8b8f22486f71c9577886689739bdb87e34b330ce43cb60fb2e3c1305d77984ec78cc0879b |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\175af5595dfe9780b5b7b10ecb943336
| MD5 | 0c9078c249c45630688d2af7e0574c25 |
| SHA1 | 8fae18c0c69cf3a58abddcc9a55fba6d81aca2b2 |
| SHA256 | b0e7f0945d5de86014379ede1d9a9528a8c944534ab33e58c7b3be1b5706500e |
| SHA512 | 24e0cfdac58bc3714541bd39f6992bf0a4bd4c47e492edc40b72d045b4f06573d582d9f4e50e0c23f964ec678d857752caeec6a65ef89b70e2ecbefe749b21f0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b80d47fd48f8d137ca2aca87e1d00059
| MD5 | 7dae317d3e65c483f462a48cee3002cd |
| SHA1 | 330c91065d277740b721b723ffae4e5511e8da2c |
| SHA256 | ad244e68f3ae289677897bd171703b8ab65bb03b17621b3c8f61594b906f8b78 |
| SHA512 | 966a981204a7979932981d8870704fbe3d4afc2a0306cf149117eeb30a54debf852c8ef04fda90fb2d1d1261daec60db390a4c9b9fa77740d14171335384ecc9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\32c38bb4f4a560d621ab93aeb6ca5d7a
| MD5 | f7b60787135cc235066319d2412e77e0 |
| SHA1 | ff9e626cfeeb124bc95d830d20e13b15c6427c77 |
| SHA256 | e815d7145b898343e81a796bee29e8a71a678c9c3475a7b1107cdbefeefb6152 |
| SHA512 | bb21ace97ed300299a276844630c2b30aa0aab87a3a8684391bbe37a0ce7761c82011035f741cc1f596136043f1871d16b0238249d3b943b2c08fdaab8c0d762 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 31a96e5887399089523a54e6540560be |
| SHA1 | c74c2067d487089656333cd57aae67655299ccf8 |
| SHA256 | 9133ced3e3a9592bdd4717e1a01c083a423f7c5581306883543aa6807b1135b3 |
| SHA512 | c6a339c7d1789b951a1612602f5e3985bff84205c6712a51cbdc7728a341dc3b51fc778ee0aa19e2d6c443be20a3693317038a1ded9d143f9c65d65e32b11971 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ac0ab8f16fbb1afe5c7b089b5d5698e6
| MD5 | 5bff0b6da657e8e4ed652a4a5faf57f6 |
| SHA1 | ad49b5a7c4734d26061b0eea4496fc41949bc5b2 |
| SHA256 | c80ae50ae40768b21e62b593515865bd729b4c0712a006cbaf374a66f14f956f |
| SHA512 | 146a0ca1c20471f2921f1c911692223b77c4f528f2de47da9df54c1620242230998b86be05b436a725e64665a008cfc21715e114fb0fd1b9e0786288ad20ff24 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d8b4554062d011287069393d07af8706
| MD5 | a0c28b8252eda35f15ff0931e1817ac9 |
| SHA1 | 3fa429b9d0b8926907abc63b81a301bad2442eef |
| SHA256 | ee880812bbf7cc1f00cb363632e9746e7342cb5048765c483d56f4284e555a0d |
| SHA512 | e49af44a8fa6e0c0fe4a5f55df2910ff43a6a9360d6e0ba507375487526fa4fae8c974763e4bb757e0907036141123920024adfb312f9d53703bf6d45a83956f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5b794cd8b1447c984ba301aa73a6625d
| MD5 | 2740a9a1a4020c08f3ae9fce5509416d |
| SHA1 | 371eb56fa91013a45a38486d5d77ccc12ad03990 |
| SHA256 | 239bce8cdaa04b7e91497dc8fad14e5af36ebf244712d7a04e37c2be5a0e0a38 |
| SHA512 | fbbad878010bb317d5ddc6de48c87d838db393fc52c564555883d07e62b77cd37a3584414566977fbaef792ce0d2a00cf851ce871e880d1cda34357d2fd4682a |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\4dd9b09ac0d9a7bb380a273db7cac4ac
| MD5 | d97f6e22eba42d95c89cfd439f36c1d4 |
| SHA1 | 3a439aff0b80708f6510643f70997b897500d2bd |
| SHA256 | 25f91091126b2855bcb9c2daa26fec21fe7cc6d25319925a95a55a37cc840b6e |
| SHA512 | 52ca405f845e8313b0a04657eaa9a22d1c4fbcf758d5796d2deaf41c7ed6abc28e3597dc1f5d803c009360a63db4e686e6622fac669c252b09d2a3d8dc451e72 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\706b550a2be783fb6e220ca8181485e5
| MD5 | be4a508de308b15bf9c711a769ed61a9 |
| SHA1 | 2b980f20a1466d2f1508bfaf8dc2a2558450c1d9 |
| SHA256 | 0ac514138710cda19cc114cafa8a3fce046654dda1cce0915f525c6f5ed0b812 |
| SHA512 | dc71cf06e2466f17b843b96fdbec856b3b67df95105895597e73fad455340d4237f1b7cf91ac2906efb9efeac89515deb79a045859a0651420edecabfef8cf8c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc27c501541df155b6fb12496e5bac70
| MD5 | f635924f866829484247044f991b14ec |
| SHA1 | 39c6f43e94e4b0d0ce9c30da5b78aab7fa5086f5 |
| SHA256 | 30b18b2546442b630f0fb8c6a7c26419a9a73988e8e1a118dae5b7241e98074b |
| SHA512 | ca145397fe454c2623651c9ccaf86fd15212fe83d758fab2f8de35e4ea00f8eb8f58aeecb2fc95a4ceda07c9bfa960ccc29b1a56c2bb317c94297c24a366be68 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f469136d50a09240f313e4f48b35b40a
| MD5 | 81927a5a1612202db2ce511c62ced773 |
| SHA1 | 4414e92b078a515ca699a82cc3bc64a1e264e4bb |
| SHA256 | a8a2313bedad3d93a06ce01ca1abb579013d083e2fec866cc22342713b7b6b2e |
| SHA512 | 33918119fc071674aac79062c0e4bab978d04cc957189cffdb8c1bb1c7add1bf7d9a0ab03b08d9e997bd8734266bcbc7a312b316f8303347e2aba876022e7cad |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5477b96b8c7694aaab08397c539323cd
| MD5 | 74efd118f986358ad4cde9a57e61dc32 |
| SHA1 | 0cfe0335bb35298456edc9ed791e019b70266c31 |
| SHA256 | b973558fa71e5b3a07fe6ca6180c5bd0cffdb343af3a0d2e4e4e89b40b194ee5 |
| SHA512 | 357ad98fcdea45563ac733ff39aae16b103a1327a063445b6febb89616a61fbcd140c2148eeef122965cae78c2158bb39bd3eacac6d6c70a58546489687dd733 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7948b73360f27446739cb67376a2d7bf
| MD5 | 6c261f23c63795849eba5b1ef6f17cf3 |
| SHA1 | 464f91ce49db8b5546722bd62c4f59aae33dfc20 |
| SHA256 | e4274c467ca592398736e990eaa97a937f209768239400cd90ea59f9e58a27fa |
| SHA512 | ab6f671b1939df79ee60a873148a1763c06fa880e2f17a23c9e09c5401120873167905e49be3abaf546b9fee33096b76a5573a473b72de3806c38a128ab91ab9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c36700f9b5f405f69b210d702f6087c
| MD5 | 94b44243d9e420ff19ff04f4e434b83f |
| SHA1 | 04687ed0f779c6873da97da0f16f042b2b459b69 |
| SHA256 | f76c45b8c4831588b971b25431b7b85f529a7214f99103ed82b4c2e97d9919e8 |
| SHA512 | b7778206ef730254f469214ace61b13f7031d0c4c751b2988decee93dd5a6c8336c40974af74b0aca6d42874d54e23dfcdfc743f5d633610aab2f05e948bea6e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0b39eb4053e10b7ff21430e80432eed8
| MD5 | be1dacdbf4fea39b16e7c11e286b7205 |
| SHA1 | 28ae9237170d6fa225c54e7a36e35549d191d450 |
| SHA256 | 3a6d14f833f7da8ddf3139d42e41b2b83d1ea0d4570db39d9c10dd98e33da800 |
| SHA512 | 72cef9e399c0652a340cb12dd239cc0dfa14a2c832fa63f76dc442308ee9f91b41ddff62fb70331895716b61fdccd332f75c0ba2003f818900e3e6f260303176 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d132016b6bd0b89da2690c24749f6ff7
| MD5 | 2e2350147bec3587e3bc14b7a1e32c2a |
| SHA1 | c275f45e728f71d24ac6d8b496865c218f972b41 |
| SHA256 | 7ddec5794d779b1ad88ffec41f00c793f21046d18c930328d662a3c2d1c27d84 |
| SHA512 | 670d3893ab1503dea9437b61b2b1488238d84d3703f94b74b5c20bb7bd26eaa0479e6d3d91319219bae1c1c357c6807101c5960ee2f29ff48475c0e6d9ac3adc |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcece68795e396ad03d6e2608d740126
| MD5 | 0ba72ed050100e6779ea0f1c713ac441 |
| SHA1 | ff585cbb4b671bd3a04f3bdb2512a896ff07883b |
| SHA256 | 0949d1f525ea9da560f02a0447eb12a33ac6db673e89754b8f3d230e24ccfd06 |
| SHA512 | 22c09e80f4af164d94ef40999572d2ce35bfb1dfacbd1762b380c9685889d515ed9aa064db4f8ab6746c8a26ea4ecffef9337014293905abb2f0cece7344b851 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\78e2b6ce1224c7617a6a8c90174aa783
| MD5 | 22b25a819c414b6c626e5306888142d6 |
| SHA1 | e7d68968d0848af0e5203409227a1980dfeb4a0f |
| SHA256 | 275eacbd4554f5b0e4a4266514243c661edb1e4eea694a2fa01ac20a531dfcea |
| SHA512 | bd04fe05aedb2cf10fef09648566834b019d40a6ec8532b19edcbb2348059984dbd5c04d6fd9579dac55f99a6b4de820cda159256d236450b0d0a51594e3b15d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0af1ae578b1c58a0e785712d31028c1e
| MD5 | 4ffc139d6996c3eba2d40053423d07fa |
| SHA1 | 6da7d02805c626596d055c20cf084aafed9b9768 |
| SHA256 | 0445b87f48bfd12bf0dae91d8dd7c20ee924212b4cc8be782c0a54193546f43c |
| SHA512 | 5af3417cdb0d099add05b22090b5aea9ba39069c4704d000aa323b859e47ea67328f616ab03b7b878ef8cce0d528ac0ff5c0f8fe305175b952e840368e0d4a81 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\77b3cd784a40d8349719b23b5c0e414b
| MD5 | 05c43f778ddcf81fb06a2fdfb4f7624b |
| SHA1 | 616dade772feb66bb1b8dee218c7a5a39d43de06 |
| SHA256 | f4a00d60cb52477dfdb2eb264470e5daffd44139c118b73c80e8fdef16f9dd45 |
| SHA512 | a2443c678bc019dcc50fd7a49d5c19dfa0c45a7c43fffa24ca225f0f24b6839865288b2fe843bb233752fe59c712c54bff8d9b5c4e8ef5ff4ad8ef20b053feed |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\571e70bdfa73e0cdaa28fdbd2ca19ddd
| MD5 | bd289aae66f24d373fe9d4388f8ba9b2 |
| SHA1 | 4d248d4f9aeffef2fdd953bffbacf81ff3ac8554 |
| SHA256 | 78561a946c48755de0fce9695d30ab82d9e5dfce2eeb0ef6a0824282bc88a0d0 |
| SHA512 | 50666175b0955dbdf933302016675f035df38deeef6b4a0e8d0cf40b6e3d2c3e4a089a5b78d75015e0048b2e7f91d81b69857004d55436437d3fa0754d1ef8a0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\09f04b99b82b262e105a232e97395311
| MD5 | e3a0c050904f457b02b36bfebb1c0b6e |
| SHA1 | a611605082957d8eb5dcb83939e1b6bd3d870bf7 |
| SHA256 | 02c51e5a41d473f8e0befe8e5fb49073f0dec0ca88ee83e0e6a3c0ba3e18d399 |
| SHA512 | f2b6b3a7c193a951feaa1d5abeaf52316773d7895284e806f7267708672f6a7baf37191a244d2c044c785fe967d416353ab83517b28932b9e521172b89e22275 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e526d6628fea4b1243fbb953bdf85ac9
| MD5 | 3964c0c8b23c560175f4b299e1a9605e |
| SHA1 | 6c155c8a5ece5d5d7340ee4ff0fcb730e4d2b0fe |
| SHA256 | 20dc4a3272ebc6ff5edf0494d9e6e2d06c690bb079a36bd04e074818f16a2dbf |
| SHA512 | c6f53903aa3a14f3187bcec1afba4b5b07c10ebef6dd10a710f400996f2214703d29d58abff6e7e0025ea91a78ed2f799f69c542bea006dace570464acf90d64 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\848d350916ab0af9758cff8167a2aea2
| MD5 | 0042d3425d57e55a4e8c899aa911012b |
| SHA1 | f260334951b11b4ace9af45974e365ecbc6cb9cf |
| SHA256 | f312918dae9b5ebf3028f14575ac8bdb78e7f152061fc59d0885ab7acb3e9581 |
| SHA512 | cbab405431b5a95ae3c9d3816b4a1c4d4a07cdc4dfcf64d0977ec80533a6029329db101ac36361114288fa18c769c85a3f238b13f63d2e1e83ef4ef64ae45521 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\be241f3cbd5449b0c30c651c4834e3da
| MD5 | 2866f1aa81a7f9c354d34be6a58aa88e |
| SHA1 | c470d8ad431f9876d7966796a503c15440a35345 |
| SHA256 | 38baca61b0de1abef8c3a97557b6e246fbf9091d1193e3732f6011508e5f0a27 |
| SHA512 | 1af43841070856ee4c509080c286285ef4850d9dd8507381a5045ed748ffdd09fc32843c0d18aaac70621a8ec88064f0a3b74036cbdfe91be207594f55b24ef3 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\73b0a5d180fa4202c3e9365c3d577fd4
| MD5 | 2c2e29b04e1f7144017730d5b5ed8b87 |
| SHA1 | 8a36310825cfb7d8ea6fd487afa46dde29147199 |
| SHA256 | 6026fca2672513a7a42dc67687850d630434b2260621f77ef5b2634486048d5a |
| SHA512 | bbd5097d544d3bea8b5e97f3262a4f7765b13d5c742c9df8fd07e6a56e7c021a41de575dc1c24749631eb1003db0b9548c634eba7d6d2701fe4035f0a5880615 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e665da7061b12f952145852fc21ef7ec
| MD5 | 4cfd979bf14b07dfed01ef9a3b1279a7 |
| SHA1 | 2e7aad8b8909d3117bb151bf4d34b608e3ab9c56 |
| SHA256 | 589b00b0a2fbada62af8b7daa8755ce68420a009bf6ce7a53e0865fcf262f94f |
| SHA512 | 79a25e0af653d6ecb5fd1908c3652c6fc8ad3d0cf1e00510801bb369728dcbe3c5e1e66f73d058c511320badca3c8ea82f2baaa5e0682f304235b68f622685cf |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\90d821a0b7efe2541659a0ff6b31b88b
| MD5 | 6f0ea4b31f2f55764db79b43833bf83d |
| SHA1 | 2522c29622377d611419babb3eba2e8cb13fe0e6 |
| SHA256 | 08f380d19a3cf8307b098cdb5e9992ed1d29e5d15226340758a1af3cb4300c64 |
| SHA512 | 6a5437574ce2db6feac98928a22c7002ce526501335ac00444190febe302dcab5f18ba33a5ae00bcd83f469b5f1cd356474c8cfd31d9992d186fdd0846db5641 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\be58ec8ab04ff195247b1536cdfb3d44
| MD5 | d1d2f476fd075d55fa0e77b3c507cb0d |
| SHA1 | 5976cdae821737161f6debcba500a2842f988f8c |
| SHA256 | 650bcfb9e1c7855d2b72865695c2f4d4212ccedb53584f089c26e2087cc65d41 |
| SHA512 | 958c07812ae7e89143874ce4effb112eed3bec3436fc0b71ee70de38298130d08d89f6bce42d2b0696839f67be260791d121e81f46a4935f3985e241aec7b0df |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f9cfb35c8f272d46d504f99d9c00054a
| MD5 | 5a67e8e85c0ad7280e9f1ca86f138b77 |
| SHA1 | b9fc6b3311df7710e1251114946b93a72dd5d5d0 |
| SHA256 | 09e7111ea12f1236be9b1da699f8c93eb68127d0a98f2ceebfc5c2d7b25f0ed2 |
| SHA512 | ac5e400ce21e5e2503a11642cf401ab5ad4e625a01ac87f1711a02a415fc924556d0d3e50386d17e29ec20bb99b5d3a2d0496dc2ac1fc1381b29774b826cd9ad |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\697aeac1e8e025f05cf4b76086fb70df
| MD5 | 749deb1ff197b5082e2b07aa55a33d31 |
| SHA1 | 08b4d7441ffa13b8dc3610d74a56d8eb11d8acb0 |
| SHA256 | e593f31edc529b51f9b253994d8aa93d8ab0bc8faf433e737b0a09e80cf2784a |
| SHA512 | eff256220d72675ba4b23344191b963f7acdce9743af8be81020e2a74662d2f3f1b2735e686806b73198463c550b2d18921840271d515dca0b2d4ce226954d0d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e385854d0ae9ba50e28a7a5629fa28be
| MD5 | 0c889bbbf77ec231120674d4843ee0b4 |
| SHA1 | fd29658b2fa416059cb30a6729030b6a6b125e92 |
| SHA256 | 5006fa1587ba1da5b7696daea22929c490049bc0f10661d9c79322b0a647efc6 |
| SHA512 | 504d43f9104b8c56ba12ae9533ad3554858ebfb4f5b4b8b1692ba339deed831a66f5441a1e4706015cc59f4de4729c0128fe7da2c8c3d095b2993e92eec378f6 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2d5ee01099db60480061c57d9831c261
| MD5 | 839f812fb19680ae8e62c2ebe0355e4d |
| SHA1 | a256751297a9f82a082bc4d5ef08d5d9d89a2c17 |
| SHA256 | b414e1186136cb1f46c6cdc69dc5b637ac5de6a390d67cf25907907c61b364a4 |
| SHA512 | f2209d8bbb8f7ce1e6b675cdd2da3a10bb450d50b4f73a596fc0639f201999f32d3c1a2418e0b92c918c0a667a5750ef122e4331361e0022b66a2fc5e489e5ed |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf8e7398be5b1007fef514afffffa6c
| MD5 | 864c04942289c1dee2c1aa18ea77f1c0 |
| SHA1 | 1be7f1b6c2f1472adb9b34fb6f7a51d3d1ba161d |
| SHA256 | 9855931b8e0500c6753d77200447963d1981fa7f7b4fb34067bfedbdec0db442 |
| SHA512 | 6f3934ea3ca2317756e45bcf065abae6cf34ab7c24e1847023ecee8e404294420f5cc978af2afcea986bf160eda88c020fa1b799f5ad75a5e3991e7268192dbe |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6443205f8638cd85aaa1caed016b8ac4
| MD5 | 20db412bf509b564fa765bbc0b917fbd |
| SHA1 | 938513617f173454649543b7c014ecc762ba5b5a |
| SHA256 | 8b7281d0d0576ed2b73ab842080238d7e006e1524ed48f423f61a86cecf3ad40 |
| SHA512 | f6c54fb0478c2df40776125a920621a1789d02239a78cdd3de8eb83a27a00464b2aaf8714776897a4b3ae5488da664befa604ec836fe12010a046d48eaa519a1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d4f8d4ffe8696350702fd146346140ac
| MD5 | 084a09f4a178b2533a56610f28f252d4 |
| SHA1 | 70c343a804ea4674a214d5ca8e24bce33cf662f5 |
| SHA256 | 91b1a39172d8f6f0c98a2a3aaf8c137b29dcc4ed4c1bb4a3bd449dc16fb45e97 |
| SHA512 | fd8205ea2edc70743247666bf8ff414ef6038f6ec03bfc7590dc037024ca66eface1f3cc559511919058754a5dfc2224ca04368ed31df8aa942a7d9022b93e5f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c9d72083ee0b41e11170f5a9845c3060
| MD5 | 92e9669fc7c748554c057eccb11a97e0 |
| SHA1 | d3fd8c1e136a2ebed238d95bfbfbf3ce61a385b7 |
| SHA256 | b29195912662d71be85e0db741dec5ef005d744d3aa0913dad8ad1e51c3aeff2 |
| SHA512 | cdc3a1b4c596fd3c9621e53887a9d503205a0d5f8663e1ee3366129ddbfa83f2b15bedef155eda2949f24d1df615ead664114310e3d3dd03f9fb2d95df2e29b2 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5105c207d9317b50c40470887ccfd3aa
| MD5 | 481555658adb9b672941de82171b343c |
| SHA1 | 7937e7bac46ac99e1897c00285fd23059828dc12 |
| SHA256 | 5069797f8a4b926fcc5bcdb668c1f67ece5d5e8f05d6f19a260c55c9a67f289b |
| SHA512 | aa9aae6ac82a3e320ce9c1b83883263d547a82369d8f31d3db0ce6d6bc5cd07ef96157ebf234d6e31b40b32e276c233f7c2c0856394a70d183bd64e03720737d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8aad44a486e1e94cb992a6a0e230f735
| MD5 | 451b527070f0cfb1431ff5052642059b |
| SHA1 | 6021d49e6b87b9ae8fa64c3cfd0180d625c7d761 |
| SHA256 | b9391062d160f5bd861cf7e5ecda919954e84a87eeb3b000bf9b93c068057c9c |
| SHA512 | 3ec22e77061670685a576d96cc3897473d11c45c24e581688da54d8700b186d3583ffc23cc2c3395fd93af36afc45083058a2bad9cffb1362be8bf4edb20cef5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\aa3db4232d83f97f5e078c526e25a6e2
| MD5 | 3e1ba08877dd32fe4178a730b0ea5e19 |
| SHA1 | c020afb22c7cde0c77a9d1d6be18ac8f1e62973a |
| SHA256 | 1a6447007e90d27fc71fa7bedef2219bda30eebc33447c2929e4488315e19641 |
| SHA512 | bad57ec1a48f686fbc5842a291c95f01db413600828b198b55615857bb1e50e4b3b6031d5896c8d7b9d6753c290c0253ddb83482f89c7fc348b8b80194a07286 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d27efcc314894472628caf798daafe01
| MD5 | bdec8723e953241ac3edc46458a6ed7e |
| SHA1 | 783605b1587b096807a81e32c488be272e0ad581 |
| SHA256 | c31b000a001faa6e08026a24043899ee4941371ce464146a9c78befc2a796e4d |
| SHA512 | 221cf258c9c88c857e34fda1da4290c67c3a34459f86b828ab968f5e57b2be53eb4f7aaced83151576fb843a7f1166c267de0efb116740ab2ac2b37ca0cd4d93 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\afa231f024ffddec5f9d2963d20c450b
| MD5 | 64c05df26d12845b64880218a48e1b3f |
| SHA1 | 6ae26e09d6c23ea9ba5ad92d3d40790948b36141 |
| SHA256 | e41beb094c8bcc0d8825e031ec9ca5b13e45b94f3c93601c31c10955cfdd8da8 |
| SHA512 | d6925cf4d6eeb5275a7c008723410edfe1dd24b9097656e8573f749864f8fc7c61dac61b05230de13a7b9b7b866528c04adca85ad83e8e2831c43b46a70d4c27 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\77fad0fb4662c6b81630ee443153aceb
| MD5 | 183fe999017d5e5654364c0d8fd895b8 |
| SHA1 | 64cbdd4bfac3c60803acfb2871a9fc8da27d318c |
| SHA256 | 3622ef17da158e25761124720a642153fb6eee615b54da286e731ca2920216ed |
| SHA512 | d5026e42d343185e14360a292c6d13131dbdf081ba44960598e12652d99d999b4f5c70c5c02335596d18302b1cf64128a8bd06273237a48e2cc4eb0267d12307 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\74f7241d43fd3efbef367cddf2de0712
| MD5 | 1e996f012273818bd88129d26108d8f9 |
| SHA1 | c193db2eca6d190e929375e617f45790cae442bb |
| SHA256 | c7c8ee23804c70ae96b1399c2f6730543f10f7678f5e3ee36fcbce97245aa8c8 |
| SHA512 | 40ea7f36824cb96dace8ff41b1e92a03e0f7e61cac33a3a81c81cba12714812504554eaa0f4344d30061ce1d89f231ab21cab164a008e1f68d18ccfcf5525173 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\251c7269a8dc64cf406e8c2d5f5cc688
| MD5 | 7e7342c1c2e3602906a1fd64acde7735 |
| SHA1 | 357de58a6c39a0fe4d7e4c13c16d8c1d25f9e649 |
| SHA256 | 24a5a23ded1de17bc3170afbe5eb7debbb47f0ed7b2a4b5303bc899e927a99e9 |
| SHA512 | c6313b65687a5ce03772ff6f1edf761aa91f07a29f8b61db7edebf1beb5c548fbc53aba721ede32d4c4bbdd31361dc724c676d41c06278904291579d25d93202 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\993f844b48dbb84a0eece0b1d1aad326
| MD5 | c05764b76e6db0114c1d6200b56a3588 |
| SHA1 | 5f96252b5a83e5c0810e4ba604dfc433ee449639 |
| SHA256 | 427939d6cefb89facb6e71e082e42ed184f0883db715e0bd8ca832a316150430 |
| SHA512 | 4c6c06afb99e99d6a7466ba40146b7fd02f83de16e5c89acbe64179860547f42dad0562b2a281706cfc6acdc5558e8fba5647874ff15d2778f3f6d8c1cd983a7 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2da892c80dea8811c616fe5e0e6c010e
| MD5 | 0dbe0b49a06c4093d004ec7d44303fd5 |
| SHA1 | 2bac861a6075854f8dc8db470558936c36201aee |
| SHA256 | b136004ec10d66b813386e21fc6c5f86d37071e01e8a82437676902eb3e63e8a |
| SHA512 | 1d306115aa97102b5d68552b591f5faeade373ff3a718d9f39dbeade32892e47fd921cd78e5dd71e91072476e5ad933ff9659ee5ea1d07133b55745f00c22828 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\28c39719e7218d9c2d686d4daccb1b72
| MD5 | 25a0b3d9ce5e6e1cc4cc7f4cdb328273 |
| SHA1 | 4d2dddbe9502a5373e6ea99771bb1de6e828b95e |
| SHA256 | 013275e837c61c631932167d47d5d9b838ba8b9863915d39f06d8ba4914df147 |
| SHA512 | 20df5153edab7085594382f80b5d7c6afa5f2a84741efb46961e36331c94369a7c7302c9799676e18aab171cf398dae8f314395c22238de6f8450726c4c992c7 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\83eeeca932186715a9107df83747a179
| MD5 | e7ee77fadd485e9a35a1bfb4be99691c |
| SHA1 | bf1aacc9fe769fd1dd111a1009473db1dcac7399 |
| SHA256 | d98e995f0160e551443de0eba015bf29192aea408469c2fc2d9c93a5c1c82cd9 |
| SHA512 | 3ae849a12cabc409e435da98308db2ec0b86f8fa8624a23632ab0ea836a0aed001853eef600bb99f67f8f907dbb641c9c6bc37bbf959dd12c1bf2ad9c8147460 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c677a51b0924e108a9b1485dbdf883da
| MD5 | e1e4307ebd3e7f8280c75be0ccd3b5bd |
| SHA1 | 3f2a56ac3ee57082ebcf4a1ca21001821286e77e |
| SHA256 | 10dcbda8315ffe2e7215b8d61dbd26b0553b438fe94b1bdf005758b1b96d9f94 |
| SHA512 | 7f3ef600e2ecca826fc163d9092bfc10fcca9a9e6206ef29fe5d61902e3e9625bb2bcc07a58ab480ad19354bd0a1c56dd9f13c4e62aed22d87da146252144ef4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\584bbf8c27b2f156742be22b280cc8d6
| MD5 | 7c0764a501b7f8f1eab14fa7f9337a4f |
| SHA1 | 2e17a9b6d5bd740c4dc91af9311e4a6e77bd55ce |
| SHA256 | dc0524c0d7f9f637466570c86adad7021f9316e42e69745bf8d27081a98f09d2 |
| SHA512 | dba17c07bc4310c556ef62f157dfd3a0ea1a617ffbbc4324f9a046bf47be9a2bd500921bf02bb79d9ac2df1aeca3745ee1cbd7f33bbdb80fe67e1adaa0bd82bc |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\477a618fe08d138e560e0c8eab9f3583
| MD5 | 4f9c826223fb8d7fb603bac0b294a706 |
| SHA1 | 44a185bf8edbfee521dc92ae012e6ed18cfae3a0 |
| SHA256 | e12f126277c8b35c48dc15cb2f37850ff5ab0816e5982eaeceb571c99bd17502 |
| SHA512 | ecf987dc0d416a7fb1779289a0bd9ba55625abff41491ec3731fd77950e91d5b454b17573be388766b20fc630ee3f125d37feda44e068d2ed0cd2a87be021fda |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\388a60aa5e51ff44455d359825078031
| MD5 | eb62ee1626b44f54b2c444a487ef84fa |
| SHA1 | d3d918dae048e4ee9c9626608693d69c4c4ae55c |
| SHA256 | bf2f079ca21684f382d094af52836d83862c93800e8e054c2f6bc0838c442d86 |
| SHA512 | 68022f2ac538c51acc24065480cd23670efff68d56a4b5dec2c28316726ab82c81b48fbfe76c44f32dc32b0af75fe3e203aeb40610f34e2e5d75bc684f712381 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f1c2eede7a115f0fd9ddcfae03372516
| MD5 | 08ba91e62331009631f755289dcf7324 |
| SHA1 | 03786d766cac0b39437b98cb61e65c25d16325bd |
| SHA256 | c50ad1d35d0b3e81ef6780da13361923d7525a39db5c9cbc6c5344a0bf5e1380 |
| SHA512 | 3fe207322d4249f92893d0eb7a93f455374849ca583dd0fd00c79790ab7bc7f0699fe16de332b767689e0a104fb272992ddc37e002b6962cdb6c66a63618e3d5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc70073e6562a1a0cb99b092be4629f8
| MD5 | acc9db15cdf0932e73bfd20b9857b80e |
| SHA1 | cb6455b641cdaa693de88e9b0d1f422744faa35e |
| SHA256 | f0e15f7608b3829d33eb8e057f31f21e931d9d2ab4814891b11ecf47494c141c |
| SHA512 | 7ca5152691d595acc0f0398e26f82c4cf491bea98f2c81e7a972af8fe763ef5926a716ea44112c2fa257ba0109b8848f8611f071b88902901bdee1d32a315913 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e5ba3b6fc7c95f933bacb9db38c93e80
| MD5 | 0de2eda8831ddddda130102597e758bc |
| SHA1 | 0fa49f0691a4ae61e422a22b07fd4e5def0ae5b2 |
| SHA256 | 2d60885d3492996ffe223ec6dfddb240eba00a9e03ac0506d3489edc4822e1ee |
| SHA512 | f466e1ea3867fae7618b76a2895cccabb0f646f54bf8c4cb6cf6a5c2eaf4b8e31eb4f8b42971ee53c929241d9f40af6a684647cc09395cfd709774503f274b75 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b39250833fce2d9f0655b124db089d4e
| MD5 | 639a9c5f588be3e48a6bf5601215f027 |
| SHA1 | 1ab7c1d3d5df21a05324853fb235b848945c351f |
| SHA256 | 4fd48841bac69eaaeaa9c936347395f5eab6fd4f5549d65cf6fc541884a4b2d7 |
| SHA512 | c3aced88385dbd9b10841f72c422b17cabeca80ad11af01222f8901b950be3b42467851d5ef61fa3a1d92f7977724926f765b8bc594655e93e116d04223497dc |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ecc495a0b2b0470e25d688a9077fd977
| MD5 | 741a45f09ceaf9cba7f0ee5b8aac236a |
| SHA1 | aa6b59bba687981191db42af8a8b17dc0fc9150a |
| SHA256 | 92ee9b175404bf4aa4e346ebe4948ae5c0ee7edf5693778a5e6a4a1bed508eac |
| SHA512 | 97cb36fc2281753eb7a42f762c8ad5cdef7c14665214a71f33518f88cff24ec5e91267f834a6ea5ab0206457c7e9c730dcfb4f7a2ec527e3ce48877e2f34be6d |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\4130cf898fa8b448f1568bfb61305e94
| MD5 | 86df60a0980b57864a2e2d68f857e0d8 |
| SHA1 | 60c24af81c8406f05ee1721b374ab8a466d878a2 |
| SHA256 | ccdedffa29231d609157ccf22019e03a721e9ca248eabf12be511b76f795c247 |
| SHA512 | c025bcd3d21ec036712ad8e40afa7da973db770bf5b9b019c73ca8b99202c8e37999e6daaeab3f1c2190f84434a5e4657a8593e8a59066e0feaf38fcd8bc41e1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6d1b0fd2905f7655bf0108dd4e655991
| MD5 | efe7165d72ce56eef26da49dbefa586c |
| SHA1 | b2441c50e501f7121277d205876ec6a5811c4e67 |
| SHA256 | 4e12e3ed0da10924a1dbc49e464b0b07c017970c839f1c1cb4ecf5a8019d3ae5 |
| SHA512 | 195b3d7954627b571226a4d5293b19dd0b7b565d4b295b494361ed81f3d9e1c193533dd0e53b2ededa326278294694286669095147d769c5de343aa611ab0238 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\e4317e6c6a87bdf6f00c6c80866345fc
| MD5 | fa00f598036aff7c2e4728ff840efdd6 |
| SHA1 | 7873ee7205e2817fc8fdcb3afdc275aab494ea91 |
| SHA256 | 18fecafdfbf34c5b261f4acbd607c439e35177802c8002a0d88221258108abb8 |
| SHA512 | f72faa02c263ed200f7a296ed86ef5da614911c1cd212aedd12923ba551aabc44b33cbced8dac80aae67dc09988d53ee191755afe3d51383ce885750bb00a944 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\23f316746f014ce443f0b0adb0d9d90d
| MD5 | 4843f2fc4404a016a8a7b7f5c352f877 |
| SHA1 | 1446153b0498dd65dbb53b417d5ce5db49f0dec5 |
| SHA256 | 46ec4647b950351b091ab0bb34d1964bf24b0eb58760175def7a4a1d7a4e09b2 |
| SHA512 | 8d5198bd48be46a6aec5cb5d9eb6e75828f88742f12102a1f5091f9c8b51167fd6db13981fb875b032795b9407fa64cf3aa54224a64008262084dbfd3d98dc27 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\252921e7f19d826cf6778747e86132fd
| MD5 | e06fafb3ee051c215c7118dcb4a75354 |
| SHA1 | c72b3e0f2bb1139344053256bcc3ac48f590174c |
| SHA256 | ea771a4652058a4110a95a6fa24c847e7a50cdfdd711f57e02f9c7caedda7908 |
| SHA512 | 83008fcb8a91bb42f76568773c98e5dcf6658b0d7972d595eb7059b5a598faf80fcc8492351e9e98a6d3a9ddfc17fca742f07ffe4af644d99c087062ed7b14b0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5c288ffb1fe759d2618c218fa0d2bee8
| MD5 | c914fc7a80c8ebee4ddd7216cb8e63e3 |
| SHA1 | 2e4bbbe23167be5f26e5f3e9f1e1b2409b38e7ef |
| SHA256 | c718cff1df66ac36549451bc6de0535c3f2f9e74b4fcdcea38af9eeecc42a674 |
| SHA512 | 7564812cd051e0970b3d06aa1bb839c8fae5d1e95e23615eea42d2f12b6284d06f2936cedd947e9d4d33c4656fec00494121d58cd38ddaf1ce2ad8be8685d0fd |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bbd52b35df5f543d23b7f35ae9e845be
| MD5 | 2de5aeee01688c41f23b2ddc07c0b442 |
| SHA1 | 68bd21cd4284ff390c1f4f5f4b61c9ff3b8f2268 |
| SHA256 | 3ceb6af768ce708d114195ea3521c71370ee69172d4d0cdaeb1efff406571d73 |
| SHA512 | ce845ebebe20efbfb1a0565e69cea69e3a4f3e71289ec68379565052a2e8a3e5ac873b52e74ea26f2afae7ff64c789c348b4b9d4426ac0c0d6547d9f12290090 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\98c582bbf5493f077bd8f59567067f24
| MD5 | ed3f4356a5aa9295ec58f77ab387582f |
| SHA1 | 99f94109e03097ddf835c06292ecb6142c93fdea |
| SHA256 | 60e6db5121cddd5bc13b1019c85b5d962599e2548c347ee3c7d944cb20ff01b7 |
| SHA512 | cc7869759564fe9d5e1580be978727c4b0da340c052db74f677bf7cc24d93da0b837d01ae0199c6404e02b49d08fe47a2fec7165cfad841f1b6fbb1d7e8d7fc4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\bc86756c9d8f409a887054cf26a854b3
| MD5 | 70461ebd3bf0f7a0beafcba1d52417ab |
| SHA1 | 53dd7894e76f0fe7c02f378d7c67107ed4a03d45 |
| SHA256 | e3ef21dd9efd05fd1260691d6dd47f76155bd0b5ef1ccb62ef1e588dca161fd7 |
| SHA512 | ccc18b368873c76fb25c97009bfd17e4456d488b16da511e61fe1dee031cce48bb25d507d7fb1237345bdc2191085bd384ce45ca98a5864d10b65b28650e553e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8ead55fcc97d21deacf012df5c33fdff
| MD5 | 16e22cfdc829405af27279c364ba2f8e |
| SHA1 | 0c75b97959d7df1586db85cd1166f99c65603c68 |
| SHA256 | aa2f6c8bba8aec6b84f7ef8a7d8c30022097b784236806e63da1f0417124a3d7 |
| SHA512 | d1f6695e255f5b7ad498ce177a16591757d5570a4ea45d396f3fa159f5658bddcb7d524c102efdd982fd9ccfa557d984280c27e57484b8f61be512ce994d7964 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ca8206460663e9e944ccfb414623b40
| MD5 | 816be237e27ddb79f9fe0c46efa0119c |
| SHA1 | fe0af06e1155ba784ed6ce8b97849eb3fffb5f9c |
| SHA256 | ec6063b82a1adc4187ee0e01f413d4b5ed10277605f741295658acd3f0ceabcc |
| SHA512 | 5ca3c5bca3f5559a500de1262c133a972e776dba7192e6cade152245c0e1118fac41c48a79dd0f15c78ef177294867f041bccd3eece6a388eadcc32da8efaf00 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\f40c00885cbd0588eebf8bd59a345579
| MD5 | 9c0241f7306bbf3cd085509dd7840c99 |
| SHA1 | 21c2a9c916d0e537c5662db2acb565615ef79962 |
| SHA256 | e2afaf1d969e104e2ffc22494e2f7e2ec4a0bda49b9de0dcb3bbaa3da9bc8655 |
| SHA512 | afdf2c9a29559645e08604b15f023475e8610f41f650f3527a4c2199fc4bda9c291bb24e2f337e00cfac6a5347fae125d8055f0af6eaca38b92ec408343cb9b0 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\16f7441682caf62a1789b9d3e75ec170
| MD5 | cb94125a0b01b9335f3c3c9a9c6cd60f |
| SHA1 | 85ae6cca4c661270b389c00299bf7f5d81fc3943 |
| SHA256 | afd92a2c0ea64515200f7dd1c6237f18b6d1bd2065296939697d34a3d4e1b0d4 |
| SHA512 | 649155baa2d26fc6afd0496d11f37d9dcb588726806eec89be58faa54fcf3b90d1becf114c4e2f3964c98e93399b87bf5bb87709a7bd9a3540c7ddb56e2da555 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\0407c8d6df198f6864381d3e595ae971
| MD5 | 703dee4351832fd18ef5b85c6e1bf992 |
| SHA1 | bdea9dbbdae401cd68814d9815a17bab6f3870c2 |
| SHA256 | 8fb57fee0d1c996a828a3147fdd9a38e8d1624163dad101e4bc1d44894bc3d68 |
| SHA512 | d43b5dc41be38f5fbe30a51c1abcbbc5c606c9d911dd164b5106fe2bcf0310ae8b641299c5491bbd5ba66433d87ebd17dc8a487d88d56d0ee8e81309533ef0b7 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\06bf3774b39be975c53ba2193da7f90d
| MD5 | 29abb94b78b9a73db28b7ba825833346 |
| SHA1 | fd6da6bc273d4a44067d8c2b625980ab8cc52aca |
| SHA256 | d929c9d2ba98883044b81894da3e921de179d5915e1f92ca9d4df9cc89f1424f |
| SHA512 | d5069ac2996929a5d1622f65ab450bd152130978b049f672b1a9f28cadcf724e317024bd95a11109e0ae488834ab184f5e4b10f6a21ba3329cf056a0b7139613 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1489d1b06ae2d917aae075e6fa9b8f7
| MD5 | 5420558b929446bbd89f3d35e72b5836 |
| SHA1 | da46e5c797831b47c4d62fb9321c420c6b0ba50c |
| SHA256 | 12d1d581ac394291754c5b042baec0904c2f3b3be6a17e0a8761b32b6e53d507 |
| SHA512 | e125c8d668b2c73d583c528f6d35bf8a1c9558c594cb3aee98e25eda051f621a6924626d845f200442da65034dd77aa4a51dd1668c07b26611909f76cf9174b4 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b597c88ce139f36dee5c4afd7d80a2c1
| MD5 | f195c3e8ddb6711a2feaad4aec69b8b0 |
| SHA1 | 20b1011f280842fe6aaa58117a05f57cc17b6c69 |
| SHA256 | 9c263d2a5db10ebc2d543bbd0c125bcc5da6c2245ed133fe0abb1b308f343a71 |
| SHA512 | 52ed2e19a2b991880336b6b1694016f4c8e5a5e92a9dc989ab317f7f743f38dddaeba8fb5764826bfd9aa145028a1b3f9fa34a02f39c1e5162aef7ad282b0632 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1cb6044427da36923148711b8796b750
| MD5 | ccdd89dadb2a17edd97a48f05de218ab |
| SHA1 | c8829afdfda3e414304f09f588a9e00cd43de4d0 |
| SHA256 | 8ebad66a66dec464ea8f6a70c240e6fac36d2155ef5460b2f1cc80451e9949ec |
| SHA512 | 79976e6623479c42c3b9babb2bbec208a8f13b580dc19419df33639e3922ab973e740fcf33c94841e833ef3ca8209b5b149d2ba5c064f08e3b6a526a651432f9 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6c536340229d1bb052a390124806163e
| MD5 | 8dda220de3bfd073f993acca9cce3f19 |
| SHA1 | c78e343e500f592bfc59de89dcf8548cd6fa1f71 |
| SHA256 | 21710259e1dbf800de1bd2dd8e19f33cf70dcf6ad306f7738a23300e40d385e3 |
| SHA512 | d21115712737f5d51c7fc887a14bb7b9dda4b9db295ecf429623a20eee02b2868956e6d66907997f100395625c42464218c36e750224e02fe0245c0292fc9e1c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\8550d05ebb82e2c3691bc35b7c166899
| MD5 | f3e7b2683bee3c3628f500d157a7184c |
| SHA1 | 17aa34cf9e45a2a10cc370ef0047d6ec844053dd |
| SHA256 | 66d177f97d367d8181feedc6db9f92f71dbabf58cef1355439559005be6a24ac |
| SHA512 | 48994f038f0cca5a1ad783d05490ccc209ac4ff2a9fc3b508d5225348d2202f9760ac6c0334d12f74ab8227eab5a412370459ab328f44177729f8fb6b8911088 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\38b0d496d6e95d4a4e1f049ecb71b4d1
| MD5 | 60dc54bc02627b188fbc37f3c81899b3 |
| SHA1 | 7065242d6e88ff9ed0e0cb891a9a6f6db2be5334 |
| SHA256 | 35fd7f2804d4edd74c14cb7bb1534edc993ab7ce9e2d64be997b12ffa8ee5b16 |
| SHA512 | 2b43c5d1f2ee4621055d94f3e04cbfed24371eea9a7c719f8392a993464e7d05635f59bf230e294c60de5656f421f4661bd5b1b8f286c4c15e79bf9c57d686c5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\ec9a7853aa53bb67f2099830ce97922a
| MD5 | 0ab1d8c6659dc5952cb81416c8d9a85a |
| SHA1 | 16d889c645dd70901f87cc86f6db8a632b8518a0 |
| SHA256 | 1ebc2f03253024917e0b562d101603c2f9e04aa70a05accc5e63eed9976ea0b4 |
| SHA512 | 657a549264297c42e4783cdfc76baff2dab9b5b9c1f991b3aa8b16f2b8f87ccdb0c1a56edc23713ea7f34ffcc4cfc95b7fbba8d5fa06ea443610f06a00433f36 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\05e6fbe7faeaf27e476e2247265bd7e2
| MD5 | 774331951556eabf4930f06518bfe5f8 |
| SHA1 | 79a7b332357aa2b18cf400033bfeeb5db7614627 |
| SHA256 | c4239a4d05bd3e427245f920cd4eba313e0af75c819f89553c7b6758da9b4d57 |
| SHA512 | bf67dd1c1d57779578524ee404de1648d9a4d8ed7f524fd49643ec49c3165b9321d64bda2216cfb8617c32cb500eacc2966263dc03841af51ee37facb2b1724e |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7209cd4fd5e4a48a4cabe7e3498368ec
| MD5 | 643d56f3cc2d206fc1eeafd601a0e287 |
| SHA1 | 0e55be4bc02d884a40a586b44d5728f9e8fefa6e |
| SHA256 | 637c7f57eea4b46821e968a691bc2181ac0ed00252691845fefd947a4c594f66 |
| SHA512 | 10cb34ff5d98467c3de396ef4993a11c7db2545329ea473eb3ffe387f2663cfda6d21d31299f87aa3f298d2bfdb88d705b9236e9f71c48c22970713c2c3f75e6 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\92ca8d0a36e9ce06a1c3537675677ffb
| MD5 | ae7d26697baf4e3c0a4f7e4fd800f89b |
| SHA1 | 4f2472e39c964861701d80139cdc33bb967b2c34 |
| SHA256 | 58c1370bf264ecee15638ab670a0af85f8bc3b974670875c757751fd116f4833 |
| SHA512 | e93451a30c74751ebd6996efb038016e28370de37bfbfe2fafd1f3c3817f2e720bc3b7d96e1c0e346f08e3c581d13f77a535c30c07a487f2c4a13b4da9970a0f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7df53404f56c9f1787b277ba9d17049b
| MD5 | ecaba5cf9469daab7c05847af2da45d7 |
| SHA1 | 78d9c8d289db9815482249769dea663f4999cac2 |
| SHA256 | 23946e247fe3bb06503a06be2b8e154d724a8c2e86fa4f441fc09ba1e5781121 |
| SHA512 | 4204260b2efe3b4c95584394b30ad7957b154229828f0ac90a04e5167c7eb78f254777fad0d4fce9c5675fccc390dfccae2ecbd8d17e0e73bb0a6933605df7d1 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\852240b4203e72d7bfa66fcea2e589eb
| MD5 | 547ffe689cd0af21ec616bd935f78b14 |
| SHA1 | 36e70f429bea53fc2c8dd76eaad82f7bf9f3742c |
| SHA256 | abf9ebe04321f9b8926304bc16041965dd79405783b7d3ea56d5fc802863bd9c |
| SHA512 | 3683baf37d3da8ac536ae4d2d852acfb49039b3c9d4ab42d972c23e2df6dbfd178a552ef023f48c43c6887161313d516914d26b7cca0c022e2741875d62e38d2 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\234369d070cc483f7122fd415837b73a
| MD5 | 51d45f80859fca2ea5720897d7f1612a |
| SHA1 | 2a7d736969502784b96328f4fd1fc7697a099273 |
| SHA256 | 5bf07b195c3902c69653ca0294f2bdbf9124df501af426b14d6bcdbb87d70745 |
| SHA512 | 059455bc829431130377e4c8cee87ed3652b712eb46afa6f666d9e4aff7401b59068da840b91f4914d0752880cb2ed8c64a90e79e37f45b4b90996e44f2932b5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\68119f28ce3eca78171a6a8c8822e1bd
| MD5 | 35e84ac53c5b6ac5714c5589d7d79153 |
| SHA1 | cedd01f0263fc9e5718b8e77b3467c14a35a1b53 |
| SHA256 | 47da60997e22feaa88bff58bd2db6320534331990a14e2b64b6d665df77b931c |
| SHA512 | 7cbdf8f0eaee0c4e00e3813d1e558cc5aa305d6e9861255d721bfb655cddbf08c70fe61f686e79154f1c36e7a4b5c29f2ecf2776fee9eb0b7ac1da8c87e75dff |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6e62dea9b6f892b37a40251f84c9e0e3
| MD5 | f48177bf38c02c3a2cb322b77d627f23 |
| SHA1 | e207f206d2f707e7feddc32c02883bb71015d23d |
| SHA256 | 4a8a4eb5baa01e72889b67caa16b69a4c2e8a07aa12f84ade87376f344b2fbd9 |
| SHA512 | bb3c4ba048199ddd3cf5d554a90c279d7b868871f1a0eea4ce27c641556fb3e483cf839e3f9a27a092021783a25d604c952fb1ea34528d722db9930fe48e38a8 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\1f571bce12b3689efa5586c78436d68a
| MD5 | aa1cb968768ba580f7e7d559906a49de |
| SHA1 | 1a6a0906ac3c68f859790103094a617e0439d77b |
| SHA256 | b9e49fcb7d0be8aac8bf1d990f2277363077dbd34af7f5109a14bea85b9fd35b |
| SHA512 | a72d7246405dea401b6e97963ea624772f65a7b20eacf2c358fdb73d7e5c2afac79b5cd39cd548ea8c43f14b5f03cc38deee8a495e9c7a1f264c1ca7de4f2411 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\7deb7c677f433c0b6c649020e88fe58a
| MD5 | d76037dbae4ae81158187aeced5816b1 |
| SHA1 | 7858adc6bdb9f9b03fcb28746d7a0d08c297d058 |
| SHA256 | 8113ac3b2c1f9a16f7c5a9be473b64abfa8c9689afcbcc30750aeb3077e3e27b |
| SHA512 | e9e1b515c621e760968098b8e0a16e00cf1fc17b74065efd2f8793add04d5e506205df5d65be1db885fb958b9c5879ca728528963b4048bfe073d4249c0dc6eb |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\5a479665357e877c36a8bc4ebab8ac84
| MD5 | f5366499a754da1e3317be61d63cc243 |
| SHA1 | 8689a3cc6a2e1af5dbd2b6c23b488283362bab0a |
| SHA256 | 14873e016597bf69824fb29a219f6d81befb11b19fe2e505544115b33f030e6e |
| SHA512 | 6920f31ed14ef4621559e67c75a69ecdb7832aac639c40febd98dcf9b7c02402510e983b84cd309bdcd7b0438b394cd6b1d11bd4c32c58488d24a5d38db930c5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a116d80baa851750ec02ad98f6a28052
| MD5 | db41d22b9f9f4a43ff8916ff8d513da0 |
| SHA1 | 00dee570785465bff97ec8a96ebfad3d21f1d248 |
| SHA256 | 31e6f7d03515207ae87b2f9e9594fc94db77038fcc28ee3990689c6590b7547c |
| SHA512 | df4e09d0f24ec1cf13ffa1a062f9d28a5d36d99b606f27f7ab757f82e4202e51ff4e033b6554b763e6f97c73bbe77b9d133b4b842469b96056654cc2f202124c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\6105c4318cc0c25a63a6c9b8db84bc28
| MD5 | 6badf7314b5d440a6ec8dea899d7872e |
| SHA1 | 003170f75f86922af2aa5bc4b2c3c41f5f14106d |
| SHA256 | c13071122b4ff111c8ee877e0d8bde8f34ab3569df48fa81f6f4f1b0b0ba855a |
| SHA512 | 5fd8098470eb97e06e62f6d8753d3dbef34d8db6b3ff463cdc964e61e765ab844168170a64c837fa5d60c029a79ac0fe7cc661b9bae07acbaa2400120037aa13 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b00de5dcbb5ba1d0d58ba82e9c2f97bc
| MD5 | 9a3aa49a6c57739a171e507a3b0a90ff |
| SHA1 | f3c154299bec91f215954c1df2b03f68fa08efa3 |
| SHA256 | 6d61517c2a006e117a5d5032dc1be0f993f275b6d0c8a0fbef25bda8cfc12691 |
| SHA512 | 0a02917b5eefba73d3420852a5c66719bae97bc3c8f9adfb2dcad89dee9caf5852f660a3e787d84e9b86e3793ae0605b2db10c0a1463e0f09a733b614d2f4c1c |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\a69cb57746105c17e5ffc24141320a40
| MD5 | e304b20b9ad1596ed700b3a772eda6e0 |
| SHA1 | 06cce004b98cfe26eebe94fa5c2970d04c4fa910 |
| SHA256 | 379a98d1e9bbf2f6b14592f062fd2a105b2890fe3b471d148600f94f83f3f06a |
| SHA512 | c575d3b3bffeacc1cb797491c44a4cefb739cc4aca18d0cfe6a1487503a633cd4fc9b6141cb8eb9831e48211804d54c29107a73524789c4ab3803e9b7afea65e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 82ad81bf9e9a2a1a935fcc7d0e5c6a9b |
| SHA1 | c278518caafc194b208c8dc2afe8d1fd5f69525a |
| SHA256 | 815cc52abec9f7f1a52a597ba32ef5876f5d788f42c9cee1b37dc7fc20b9d31d |
| SHA512 | 07521bd4e7cf2b1ae25ecf46c81e769d4ab38db0923835ddccd34fd9a1a40b44beeb3405ff9829a1dd456f63f446fb3f39bbf19bba612486386b309108f17894 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\2de8b71e249ec9f3feb3c539d524775e
| MD5 | cb8fc3d5e40fc8d7359b5fe5a2ae5598 |
| SHA1 | 14ffc44ab2fef36788db1ed3b6c7eef2d8e87195 |
| SHA256 | 7bf87857170b4373f60d87d0d9dccec03b4b40ad514b909b5f79eaac2bbb378c |
| SHA512 | 9c7ed34efd88bf94a0b677129471c4b3dc4b2d2f3e890c96f75c5acc09af07ce60791e9b9ae917ed57756b63a53ac8eecfa537cdeff2450968d0599b74782d90 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\017b3de9988fc8ea01060584b5f2a667
| MD5 | 7e5ac85bba3791f8a7ad2f1d32d381b4 |
| SHA1 | b7e8d0c46da0944ce2091bc9bf20f31426938f71 |
| SHA256 | 7aafbc908e5fec756e8688565a3b5ac2a090361a6582d0f6c5382f4e42d5020c |
| SHA512 | 682b8334d44467614c4868476f7643127d2f919b4fa550236addffbfb24af98bdf80edd876b0e19fec4ef59095eae8d179cfe8156a5fb1deaca3de4f1bd94854 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d271fad040160659fb991dc5a001f149
| MD5 | 1942c4ffcf7fa7fdd0672d63c5c69a9f |
| SHA1 | f4fba1c5f32e23b7d9d8c67cb4ceed4262a6d9f7 |
| SHA256 | c9947d640ec9ac21c6f3e4cd4929fb9da6bd4e373abbd4ccae223258be1f596f |
| SHA512 | e86d66e18cb109e443c42457ad67b0f1e00bc16c721de0108bcf224649c5c62a1ec888fd52cd552707fc801b7532ab8f973319d31a3cf221f186e36efb3a4c36 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
| MD5 | b18c705b3c68cc49d9bf3649abc75c24 |
| SHA1 | 6dc8963dea0f3185368790dee2a346301b4fa24c |
| SHA256 | c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa |
| SHA512 | 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | f087a8a98e8eeb430647a220faadc7e6 |
| SHA1 | 07de974b409f21161c95c58740a1945b3e88488a |
| SHA256 | 6d070cbc98f5f5e19b005410b908d6a5ba0d8f7c7b600f6d6a4cb2f128a028a9 |
| SHA512 | 05bd7752aa7c39c759001c2f0205111552283d6a24549b9c63c56cdcbc7474f28fc156b50adf3135ad2d43595f686c716ca6706d85c33e3f641b4027b1908663 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 5fd135ccab04e261cc7e684a416723e2 |
| SHA1 | 8570d4713813067168417a2f3c4cb381b37e3b88 |
| SHA256 | 2189091f9b4b58e0659e11be445dd6e065d01f28481ecb702ad9c183d45f21ef |
| SHA512 | 7d5b497ccacd816c7f8e7f02e85816b037068b3ffbcb759439dc1862b760e2fd53573d8e84e835c593bc578bbd3f43f05ab93bb35672ed9f6b3abd5537dd694f |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\c81813ea34dbe699086525727806025a
| MD5 | eb0d86faf070236a73c5825432f4efae |
| SHA1 | f623bc103acbec6d5183331839a4040cabea42a7 |
| SHA256 | e3814c61a4d760fdcac055412aba5a9e38d8a83f45916e5e75e901dcc88f39df |
| SHA512 | d351fea0538ec847b51615c760ddf49ebcfd800fdf9665df835add2802ab3d100480297a8833ee251e27cae2a5adef3e71058a581b9d392e225158030070f154 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\9fd0b17a3402934b24f3b349c8d753a2
| MD5 | 59e7e73fef4a9df2680ff8fe1722014f |
| SHA1 | 2b9d42140ad6207b1e3f5cf8d66b345109cb1098 |
| SHA256 | 05f280e512673a8f1358b88e8706bf5a763727dc16e8c43abe1be6129a820b57 |
| SHA512 | 49edc88448345ee5bbb1093bbb62bb49b0ac3c1c0a29d4a862be76845fbbacff0347ea457d66e40f721dccb8071c18e4ca7f41cbce88d57a64a02ed400f4f783 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 94b364b0498221180dfca6391c0669af |
| SHA1 | fb89f0ddb2fc424e58adaf6006d52eea869e6f16 |
| SHA256 | e8062919e8999d123f1201bce59b2682ac21c8b3615d34a6ef379a3cba8173ac |
| SHA512 | c73d9735b59815f2956fbc2523ebfa0aeee802fbb5613ab6f8965328db9feae0d144d428bc4ece75e8b5fb5db1ebe7f4cf5c6db4f171bb0b49c116657ca86d0e |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | e6105b45ad4dc19d9a194949fbcb329f |
| SHA1 | 89f8da5cc3ed29cacd0b7be0232e7732bef9b6e7 |
| SHA256 | 69fdd5235c52e763388ee3504111f75db101a85fc5d641a1b849b35c680033d1 |
| SHA512 | 0c216c046bce5f7916c65e830cabb103092dbf46dc5e52b564515afb4376e0a90f438b9a917f54d2410d2d19e93fc0215f93a7ad2cce9f6f1e5c46ba5de665d4 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | 38ffc26612676f2ccb22dcc339deddb6 |
| SHA1 | ad47ced3d2c6bd3ef5b035738bb7c0ceb0c48aa2 |
| SHA256 | 69abfa058fcda50e394b334255c014a0c81023fc8dd35ce13ff79f7627aa060d |
| SHA512 | 33e60b03c5268e5dec8e7853d5e8ba91fb28dc8245958afa699a0a5509fca78c43ab86c2c2f952c4f44e6441d5126e95c061eabb6ff0163ea44584c78159bb86 |
C:\Users\Admin\AppData\Local\Roblox\4155035591\InstalledPlugins\0\settings.json
| MD5 | a26a2313e1e39d53f6f16d39efde2380 |
| SHA1 | 1c5b54f4ef062fca115b4f7bff7b240f8283c501 |
| SHA256 | 1cf6eaf73f2f33ab3ff8013359afa847b26df4874a7de562c2709852e43f9436 |
| SHA512 | b659601ecb4d8223c61d243d276ba31f2a5d7586b329ba32d64034b31ef6f16eace447371f0c51f354828a8f5d2d2798dc8a6b16bae77688572739e4e03bad36 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\53d827d30453e92ea03c8733cb48667c
| MD5 | e45967bff9902faf440830e19883a3d9 |
| SHA1 | ab2b6905e47e4bf53906b5831787fd6249bb950e |
| SHA256 | 4090048c1f74e2439e333774045e75fea72dd9fdd129d643d342f5c2149f9948 |
| SHA512 | 06fe0f8f7b899b6b5179d5a474311bfe85764f508012bfab9245abd1ccb9f9810d2789bf07ef975e905a7fb5e60520de4d7dce169793f00fbdaa2418e83ee1b5 |
C:\Users\Admin\AppData\Local\Temp\Roblox\http\9081687e7cf992c195ad8b48756eb5d6
| MD5 | d0570fd3a4dbb40d97214328e1d490c1 |
| SHA1 | 810a0f7147837dc2f75bb0800530c3f19e630d68 |
| SHA256 | cdef472a1fedc3254afb67c86028a5abff6f1efddcd6387c5f7e0f115a59acae |
| SHA512 | 61176285ea3a83b63045de772c0d868dd2fde320cba77f26c98401ee1598b21beb4e757d318623758127ea04c1538983246acb7f9918eeb014a65691e1d87ba1 |
C:\Users\Admin\Documents\ROBLOX\AutoSaves\Place_AutoRecovery_0.rbxl.lock
| MD5 | 48d8cc6dba5053ae4b377ad79759c04e |
| SHA1 | 237875b58ab33dea57a09ea12ec2de8a9656b60a |
| SHA256 | 923cceca61fc81fabf50ba5d867a732e580b383e545263411b578ff14a6d766d |
| SHA512 | a5c5d46b4bb0714c4511c4ac9d3b71a91a257890a1e0a8578b83f7687d3e18e4b86562affd07bb9fdcacb9c18c42f2d1af936b2d77c75c07e3b309bf7f75780f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3ae1590613bf3f8b1018aba06b8f5b89 |
| SHA1 | 968d0193b633f6b2c6bdb21a5192415de6a24778 |
| SHA256 | e6e7220248be739167f4ab80aa731e098a0557490421a5d0236cbbad279e477a |
| SHA512 | a81220feca5bbb551cc5bc28da0222c414633f100cc1adb4fb3a3dfd2d44aa88e9e326202f70e9ed039b5b12aaf0114a1c681a40d2eccccde4de81c2ea6308e8 |
C:\Users\Admin\AppData\Local\Roblox\OTAPlugins\OTADataCache.json
| MD5 | 11a17ccab96a24de7ffcaef84e378fcc |
| SHA1 | 73f18d2438e46d1006506ae6edd754e17ea25106 |
| SHA256 | 05858b9864ab11fee682bb6e6028b56d6328dca077041f58f2989f24ae14d9c1 |
| SHA512 | e3d6fee7cfb04e5b03c0782b5f647032fe948ce2a85e225b0cdecd8f2729e6ef055caf171e0cdaef50179f3e90d01a1589af44a61415889f5b4cb18db6f6b348 |