Analysis Overview
SHA256
1d76fc1f8dcb481740573ea4d8117704ae4d80aa87924ac8eeeb637d34f33e1e
Threat Level: Likely malicious
The file 0494f7bc-7b06-4e95-8253-9a6c0c25bddd.wav was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Modifies Installed Components in the registry
Sets file execution options in registry
Executes dropped EXE
Checks computer location settings
Loads dropped DLL
Registers COM server for autorun
Enumerates connected drives
Adds Run key to start application
Checks installed software on the system
Installs/modifies Browser Helper Object
Checks whether UAC is enabled
Drops file in System32 directory
Checks system information in the registry
Suspicious use of NtSetInformationThreadHideFromDebugger
Suspicious use of NtCreateThreadExHideFromDebugger
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
System policy modification
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-02 20:04
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-02 20:04
Reported
2024-05-02 20:50
Platform
win10v2004-20240419-fr
Max time kernel
2699s
Max time network
2651s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUC4AA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUC4AA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-17203666-93769886-2545153620-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.29\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BA4344C9-31F7-44C1-9802-7F90B352D5C5}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=F7E53A9E4CD54761BE5855B4B3948ECB" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8F944FD-0875-4291-963F-6BBDDDB813E7}\BGAUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-17203666-93769886-2545153620-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\msedge_resetsb_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062} = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --no-startup-window --reset-startup-boost-last-used" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\E: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\unregmp2.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\unregmp2.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUC4AA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUC4AA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\concrete\normaldetail.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\MenuBar\dropdown-arrow.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\category\ic-top [email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\AvatarCompatibilityPreviewer\img_triangle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\StudioSharedUI\pending.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\btn_newBlue.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\PlayStationController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\InGameMenu\TouchControls\controls_phone_portrait.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\StudioToolbox\ScrollBarMiddle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\MaterialManager\chevrons-left.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\grass\diffuse.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_cy.dll | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\Locales\mk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\VisualElements\LogoDev.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\TerrainTools\EdgesSquare17x1.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\VoiceChat\MicDark\Connecting.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\VoiceChat\New\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\TopBar\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.80\Locales\fr-CA.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\mip_core.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\MaterialGenerator\Materials\Slate.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_ml.dll | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\common\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\VoiceChat\Misc\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChatV2\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_ms.dll | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\DeveloperFramework\UIOff_light.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\MaterialGenerator\Materials\DiamondPlate.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\MaterialGenerator\Materials\Grass.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\zh-CN.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Locales\lt.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\AvatarCompatibilityPreviewer\check_body.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\ExternalSite\roblox.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\Debugger\Breakpoints\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Menu\hoverPopupLeft.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\PlatformContent\pc\textures\cobblestone\normal.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\VisualElements\SmallLogoDev.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Emotes\Large\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\identity_proxy\stable.identity_helper.exe.manifest | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\webview2_integration.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\MicrosoftEdge_X64_124.0.2478.67.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\DeveloperFramework\Votes\rating_up_green.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Settings\Radial\Leave.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\Gamepad\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\VisualElements\SmallLogo.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\PerformanceStats\TargetFiller.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\VoiceChat\New\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\9SliceEditor\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\LegacyRbxGui\IronSide.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\content\textures\ui\Controls\dpadLeft.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\concrt140.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Trust Protection Lists\Sigma\Entities | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaApp\graphic\gr-avatar mask-90x90.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_fi.dll | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\INF\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-17203666-93769886-2545153620-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-17203666-93769886-2545153620-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\124.0.2478.67\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133591539141978974" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\DisplayName = "PDF Preview Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\Application\ApplicationDescription = "Browse the web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\VersionIndependentProgID\ = "ie_to_edge_bho.IEToEdgeBHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\CLSID\ = "{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass.1\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CLSID\ = "{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\ = "URL: Roblox Protocol" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.mht\OpenWithProgIds\MSEdgeMHT | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\CurVer\ = "MicrosoftEdgeUpdate.CredentialDialogMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{BA4344C9-31F7-44C1-9802-7F90B352D5C5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\wwahost.exe | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe | N/A |
Processes
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "C:\Users\Admin\AppData\Local\Temp\0494f7bc-7b06-4e95-8253-9a6c0c25bddd.wav"
C:\Program Files (x86)\Windows Media Player\setup_wm.exe
"C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "C:\Users\Admin\AppData\Local\Temp\0494f7bc-7b06-4e95-8253-9a6c0c25bddd.wav"
C:\Windows\SysWOW64\unregmp2.exe
"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon
C:\Windows\system32\unregmp2.exe
"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0x48,0x104,0x7fffc24ccc40,0x7fffc24ccc4c,0x7fffc24ccc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2016,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2012 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1828,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2056 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2036,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2276 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3672,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4672,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4540 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4676,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4760,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4364 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4532,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4568,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3480 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3488,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4976,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4440 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4664,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5036,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5236,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5272,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5804,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5832 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5468,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5972 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5632,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5732 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\UnblockMount.vbe"
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjA5QzcyNUEtRUFEQy00QjBFLTlCOTUtOEZGNEM0QzJGNTQzfSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyNkRCMDY1Ni1FRDNGLTREMjMtOUU0RC1FQjIwNTgwNzFCMTV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyNDg0Mzg0MzUiIGluc3RhbGxfdGltZV9tcz0iNTUzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{B09C725A-EADC-4B0E-9B95-8FF4C4C2F543}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjA5QzcyNUEtRUFEQy00QjBFLTlCOTUtOEZGNEM0QzJGNTQzfSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCMkJEMEI5My1GQ0M0LTQ2NDUtOUIzNy0wQzlCQ0VDQ0UzNjV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMDYiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEwNiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyNTI3ODg0ODQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5656,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5336,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5984,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3448,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4960 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f8 0x2fc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5484,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6168,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5832 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6304,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6316 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6288,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6276 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\MicrosoftEdge_X64_124.0.2478.80.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\MicrosoftEdge_X64_124.0.2478.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\MicrosoftEdge_X64_124.0.2478.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.118 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BDA3184D-4A82-4577-A245-61F2B642EAA6}\EDGEMITMP_64839.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.80 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6613788c0,0x7ff6613788cc,0x7ff6613788d8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1096,i,4635499083751600626,15619506922674917111,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3308 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QjA5QzcyNUEtRUFEQy00QjBFLTlCOTUtOEZGNEM0QzJGNTQzfSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCQUJBQjQ1QS0xRkFDLTQ1MEItQUIwNy04NUQxMDkwQUQyQTl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC44MCIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTI1OTA5ODU4NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjUyNTkxNjg1NTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NTMxNTc4OTk5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy80NDRhZjMwZS1mMmU3LTQwYmQtYjQ1Yi01OGQ1OWQwMDA0NDk_UDE9MTcxNTI4NTE3MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1leXd3dURJejNHQlBNc0ozalgyJTJieHhzbFpKdTRMQ1ZBUzJ5JTJiTk9rM1dYc0FPRlBFc2NxVVZLTzNqJTJiVSUyYjBQUXdpUFIwQnJRc2h0eTVObWd5N1pISkVBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyNzk2NDcyIiB0b3RhbD0iMTcyNzk2NDcyIiBkb3dubG9hZF90aW1lX21zPSIyMDY3OCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1MzE2NjkwMzUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NTQ1OTU5MDgyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1OTgxMTcxOTk0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMjc0IiBkb3dubG9hZF90aW1lX21zPSIyNzI0MCIgZG93bmxvYWRlZD0iMTcyNzk2NDcyIiB0b3RhbD0iMTcyNzk2NDcyIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0MzUxOCIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F98FFA19-9861-4980-BC65-7D7CF83F2B73}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F98FFA19-9861-4980-BC65-7D7CF83F2B73}\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe" /update /sessionid "{F1928DFD-C695-41C1-98B2-A8194466DD48}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjE5MjhERkQtQzY5NS00MUMxLTk4QjItQTgxOTQ0NjZERDQ4fSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGODc4MTRBNi1EMUIyLTQyMDQtOUNGMS0yNTQyQUM2RTRCNzV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODUuMjkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjY1MjYwMjU2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgyNjU0MTYyOTgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg4MDY5Nzg4MDMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTI4NTQ3NCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1TZ3Fjc3FyV1JxUmR2bU5vcnRjT1JLVHB3ajF1QSUyYmxBcGZHdWdUSDg3aW4zcDVYajExQ0x6UXUlMmZLZmtOWnFCWCUyZiUyZjklMmJ6OExWd0phT0RuMjdQakEyWmclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODA2OTc4ODAzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MmVkODA4Ny1lZTk4LTQyOWMtOTMzMC1jYTNjMTkzZDQxYWY_UDE9MTcxNTI4NTQ3NCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1TZ3Fjc3FyV1JxUmR2bU5vcnRjT1JLVHB3ajF1QSUyYmxBcGZHdWdUSDg3aW4zcDVYajExQ0x6UXUlMmZLZmtOWnFCWCUyZiUyZjklMmJ6OExWd0phT0RuMjdQakEyWmclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjMwNzkyIiB0b3RhbD0iMTYzMDc5MiIgZG93bmxvYWRfdGltZV9tcz0iNDk4NDQiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODgwNjk3ODgwMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODEyMTM1NTIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMTMiIHJkPSI2MzE4IiBwaW5nX2ZyZXNobmVzcz0ie0JEOTk5NkM5LUYwNzYtNDUxMi1BQTM0LUZBOUFCQjAzQzIwRn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc5OTAyODgzNzg5MjMwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9IjEzIiBhZD0iLTEiIHJkPSI2MzE4IiBwaW5nX2ZyZXNobmVzcz0iezA1QzJCQzdCLUI5MUYtNEU0Qy04MzgyLTJFNTkwQjIxMjMzQ30iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI0LjAuMjQ3OC44MCIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzI4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NDY1MDFGODMtRjdBOS00RDBCLUFEMEUtQ0IyNDAyNTBBNzE3fSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Temp\EUC4AA.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUC4AA.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{F1928DFD-C695-41C1-98B2-A8194466DD48}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.29\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjE5MjhERkQtQzY5NS00MUMxLTk4QjItQTgxOTQ0NjZERDQ4fSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MTJEOEY4REEtQkZBNi00NDZFLThEMUItNTI5MEFCMjVGOTkwfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjI5IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGV0aW1lPSIxNzE0NjgwMzcxIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODIxNTA5OTg4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTBDMDREMTUtOUM0NS00MkJELUE3OUItOURBRDgzNTY3OEQ0fSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7OTZFMDU4QkQtRjFDQS00ODg5LUJDNUEtNTc5QkQ5NUY2MUQ2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0R4T2JqSEdhK25SYTJhdEMzd28rSUVwQzc4K1pZZUFVYmtYcERDMmNqN1U9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTA2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxMyIgaW5zdGFsbGRhdGV0aW1lPSIxNzEzNTExMTc4IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTgwMDg4NTQwODkwMjY4Ij48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjExNDA2OCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE4MTYwOTk3OTciLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8F944FD-0875-4291-963F-6BBDDDB813E7}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E8F944FD-0875-4291-963F-6BBDDDB813E7}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MTBDMDREMTUtOUM0NS00MkJELUE3OUItOURBRDgzNTY3OEQ0fSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InsyMDUyRUJCQi0yRUE5LTQwNUUtOTY0Ri03M0JGNzFFQzBFQUJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTgyNzY2MjUxMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExODI3ODE4NjYwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMjEyMTkzNTM3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUyODU4MzAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9TzFOamxvcHBNbG5GZjEwT0JtdGIlMmZNa25jaWVQbm1mMjVuY1JUY3BqNUxxSHFGTmpleGllQk9zZ3NDdUxpTlNDMUlaZGtjelNwMm4lMmJobmhzQ2Z3R1BRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzIxMjE5MzUzNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTUyODU4MzAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9TzFOamxvcHBNbG5GZjEwT0JtdGIlMmZNa25jaWVQbm1mMjVuY1JUY3BqNUxxSHFGTmpleGllQk9zZ3NDdUxpTlNDMUlaZGtjelNwMm4lMmJobmhzQ2Z3R1BRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTgwNDQ0NDgiIHRvdGFsPSIxODA0NDQ0OCIgZG93bmxvYWRfdGltZV9tcz0iMTM0MDMxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTMyMTIzNDk2OTciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzIxODI4NzkzNSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMjE5ODQ5NzYwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjU2IiBkb3dubG9hZF90aW1lX21zPSIxMzg0MjIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjE1NiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\MicrosoftEdge_X64_124.0.2478.67.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\MicrosoftEdge_X64_124.0.2478.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff60cef88c0,0x7ff60cef88cc,0x7ff60cef88d8
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B467CFD2-17BF-43F3-9326-1B0754EBC5CB}\EDGEMITMP_864D8.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff60cef88c0,0x7ff60cef88cc,0x7ff60cef88d8
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.91 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.67 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff67b1e88c0,0x7ff67b1e88cc,0x7ff67b1e88d8
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe" /InvokerPRAID: Microsoft.MicrosoftOfficeHub prelaunch
C:\Windows\system32\wwahost.exe
"C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.wwa
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMjkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUI3M0VFQkUtNzUwOS00MTBGLUE3RTEtODk2RkUxRkM1QzM3fSIgdXNlcmlkPSJ7ODc3REMzQzktMjk2RS00NkFGLUFGM0EtNjgzN0EwODgwRTU1fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5QUM2NzdCQy0wNjVFLTQ0MkYtOEQ4Ny1CREI4NjZBMTkzNzF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4NS4yOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMCIgY29ob3J0PSJycmZAMC4zNyI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjMzMSIgcGluZ19mcmVzaG5lc3M9InsyQzM4QTcyNC03NUJGLTQ5NjctODE2RC1BNzhDOTQ3NDBDRDN9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iMTI0LjAuMjQ3OC42NyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTc5OTAyODgzNzg5MjMwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzQyMDMxODYzNiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzQyMDQ3NDkwNyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM2NDk2OTM0NzAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMzFiZDVkNy05YzY1LTQ3NmEtOTA3NS1lMjQ5NGY4ZGE5ZTQ_UDE9MTcxNTI4NTk4OSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1TdFQyeFBKWWclMmJ0UE1aT1J3dkE3cGR6ZEhsWWdEZzRLc1JqMVd4aCUyZms2aDFuZVNyUFdFQzJTc3VFVEl4JTJiVjc5eThWTmJLU1lwSkdZZFI0TjVBdldmUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNjQ5NjkzNDcwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMzFiZDVkNy05YzY1LTQ3NmEtOTA3NS1lMjQ5NGY4ZGE5ZTQ_UDE9MTcxNTI4NTk4OSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1TdFQyeFBKWWclMmJ0UE1aT1J3dkE3cGR6ZEhsWWdEZzRLc1JqMVd4aCUyZms2aDFuZVNyUFdFQzJTc3VFVEl4JTJiVjc5eThWTmJLU1lwSkdZZFI0TjVBdldmUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MjcyMzc2OCIgdG90YWw9IjE3MjcyMzc2OCIgZG93bmxvYWRfdGltZV9tcz0iMjEyMDMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM2NDk4NDk3NjAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM2NjI2NjI0NzEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MDg5NTM3MTg3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNjI1IiBkb3dubG9hZF90aW1lX21zPSIyMjg5MCIgZG93bmxvYWRlZD0iMTcyNzIzNzY4IiB0b3RhbD0iMTcyNzIzNzY4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0MjY4OCIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzMzEiIHBpbmdfZnJlc2huZXNzPSJ7RUZGMTkwNzYtOTRBMi00QkRCLUJCQzAtRTRGRDhEODE5NjdFfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjQuMC4yNDc4LjgwIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzMjgiIGNvaG9ydD0icnJmQDAuNjAiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzMzEiIHBpbmdfZnJlc2huZXNzPSJ7OTFDRTQ4MTgtNjUyRS00MTIzLUE2NDctNTU5MTFGN0ZGREVFfSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | wmploc.dll | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| NL | 23.62.61.106:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 106.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | chrome.google.com | udp |
| GB | 172.217.16.238:443 | chrome.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| GB | 128.116.119.4:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| GB | 13.224.81.80:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 128.116.32.4:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.32.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 2.18.190.83:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| GB | 13.224.81.95:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 128.116.119.4:443 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| GB | 3.162.20.57:443 | images.rbxcdn.com | tcp |
| GB | 3.162.20.57:443 | images.rbxcdn.com | tcp |
| GB | 3.162.20.57:443 | images.rbxcdn.com | tcp |
| GB | 3.162.20.57:443 | images.rbxcdn.com | tcp |
| GB | 3.162.20.57:443 | images.rbxcdn.com | tcp |
| GB | 3.162.20.57:443 | images.rbxcdn.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | 83.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.xn--comdoznloqd-qna | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | www.roblox.xn--comdoznloqd-qna | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.131.50.23.in-addr.arpa | udp |
| US | 128.116.32.4:443 | roblox.com | udp |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 18.172.89.122:443 | setup.rbxcdn.com | tcp |
| GB | 18.172.89.122:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 122.89.172.18.in-addr.arpa | udp |
| N/A | 127.0.0.1:59271 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:59275 | tcp | |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:59278 | tcp | |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| PL | 23.211.40.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 233.40.211.23.in-addr.arpa | udp |
| N/A | 127.0.0.1:59282 | tcp | |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| GB | 18.172.89.15:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 15.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 191.2.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| DE | 23.50.131.205:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 205.131.50.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| IT | 142.251.143.99:443 | id.google.com | tcp |
| IT | 142.251.143.99:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | anydesk.com | udp |
| GB | 13.224.81.86:443 | anydesk.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | ad-wa.anydesk.com | udp |
| GB | 216.58.201.99:443 | www.recaptcha.net | tcp |
| DE | 167.235.224.171:443 | ad-wa.anydesk.com | tcp |
| DE | 167.235.224.171:443 | ad-wa.anydesk.com | tcp |
| US | 8.8.8.8:53 | 99.143.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.224.235.167.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.g2crowd.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 104.18.43.31:443 | tracking.g2crowd.com | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| US | 104.18.43.31:443 | tracking.g2crowd.com | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | www.recaptcha.net | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | www.dwin1.com | udp |
| US | 8.8.8.8:53 | js.hs-scripts.com | udp |
| US | 8.8.8.8:53 | scripts.iconnode.com | udp |
| US | 8.8.8.8:53 | serve.albacross.com | udp |
| GB | 3.162.20.36:443 | scripts.iconnode.com | tcp |
| GB | 18.172.89.127:443 | www.dwin1.com | tcp |
| GB | 216.58.201.99:443 | www.recaptcha.net | udp |
| GB | 18.172.89.111:443 | serve.albacross.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 104.16.137.209:443 | js.hs-scripts.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | www.recaptcha.net | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.anydesk.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 36.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.137.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | download.anydesk.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| DE | 188.40.104.135:443 | download.anydesk.com | tcp |
| DE | 188.40.104.135:443 | download.anydesk.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 64.233.167.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 12375076.fls.doubleclick.net | udp |
| GB | 13.224.81.86:443 | www.anydesk.com | tcp |
| US | 8.8.8.8:53 | lantern.roeyecdn.com | udp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.104.40.188.in-addr.arpa | udp |
| GB | 142.250.179.230:443 | 12375076.fls.doubleclick.net | tcp |
| GB | 142.250.179.230:443 | 12375076.fls.doubleclick.net | tcp |
| GB | 18.172.89.110:443 | lantern.roeyecdn.com | tcp |
| US | 172.64.153.27:443 | js.hs-banner.com | tcp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 8.8.8.8:53 | js.usemessages.com | udp |
| US | 172.64.153.27:443 | js.hs-banner.com | tcp |
| US | 104.16.79.142:443 | js.usemessages.com | tcp |
| US | 104.16.160.168:443 | js.hs-analytics.net | tcp |
| US | 8.8.8.8:53 | api.hubspot.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 96.17.178.206:443 | snap.licdn.com | tcp |
| US | 104.16.117.116:443 | api.hubspot.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 8.8.8.8:53 | 154.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.160.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.117.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| GB | 142.250.179.230:443 | 12375076.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | app.hubspot.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 104.16.118.116:443 | app.hubspot.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | static.hsappstatic.net | udp |
| US | 104.17.174.91:443 | static.hsappstatic.net | tcp |
| US | 104.17.174.91:443 | static.hsappstatic.net | tcp |
| US | 8.8.8.8:53 | 116.118.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.174.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 8.8.8.8:53 | new-collect.albacross.com | udp |
| IE | 34.247.200.134:443 | new-collect.albacross.com | tcp |
| US | 8.8.8.8:53 | 134.200.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 7940397.fs1.hubspotusercontent-na1.net | udp |
| US | 8.8.8.8:53 | metrics-fe-na1.hubspot.com | udp |
| US | 172.64.146.132:443 | 7940397.fs1.hubspotusercontent-na1.net | tcp |
| US | 8.8.8.8:53 | 132.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.64.52.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 135.47.7.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| DE | 2.19.126.137:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 137.126.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.242.123.52.in-addr.arpa | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | 167.89.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.office.com | udp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 8.8.8.8:53 | res.cdn.office.net | udp |
| DE | 23.38.98.104:443 | res.cdn.office.net | tcp |
| DE | 23.38.98.104:443 | res.cdn.office.net | tcp |
| DE | 23.38.98.104:443 | res.cdn.office.net | tcp |
| DE | 23.38.98.104:443 | res.cdn.office.net | tcp |
| DE | 23.38.98.104:443 | res.cdn.office.net | tcp |
| DE | 23.38.98.104:443 | res.cdn.office.net | tcp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.98.38.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 20.162.145.158:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 20.162.145.158:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | smartscreen.microsoft.com | udp |
| GB | 20.162.145.158:443 | smartscreen.microsoft.com | tcp |
| GB | 20.162.145.158:443 | smartscreen.microsoft.com | tcp |
| GB | 20.162.145.158:443 | smartscreen.microsoft.com | tcp |
| GB | 20.162.145.158:443 | smartscreen.microsoft.com | tcp |
| GB | 20.162.145.158:443 | smartscreen.microsoft.com | tcp |
| GB | 20.162.145.158:443 | smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 158.145.162.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 52.168.117.174:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 174.117.168.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\wmsetup.log
| MD5 | 3cd3889a2163ff2a708603373c6ac161 |
| SHA1 | 7f267873024ac7162fc5f269f64b63a06fd2a388 |
| SHA256 | 56b437baf202bb5f5c2ec8d21be43467250e112eae48a5241fc1c12682dfa822 |
| SHA512 | 7aa0b33ed3b06840ff2814eceab38c75928046db423dd54e217638bec011bbfa6a2e20c8d07d846d93b8996885df8f2c49de717e52d072d3108ba64e1721bb1b |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 8db76ed05534a09b4f8a6b35cd515885 |
| SHA1 | d8c8a0723f791a97999eeb24ffdeeee6acd8ed05 |
| SHA256 | 6cdb12324b179434d19072d80a43bc627c7d3abb83b65cf27e1982deb4147285 |
| SHA512 | f9b240a5db546ed0f6e608961973661ac8a2f64518d03e5556bb8cd4c8a6bfc2d8d6726192b018dbaba593969ced8862058cd31fcda603441b162609beb5f9db |
\??\pipe\crashpad_2256_ZBAUPPGLLAJOKAKU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | a4aa7c1ccbeae25d72481828265ce0be |
| SHA1 | 88f8843f7d9bc77dfc4cc0965139b91600bdf993 |
| SHA256 | 7a53229607f65587feed0933901834524e9f32b263bb902c84f83c2ad4672cb2 |
| SHA512 | 29c95f2b5fdca656a0bbe0dff81ff1aacb706d4751265c822f3a3eb41ff18718c1eea10217977da01b0b327efd1a36bea02f8ead3d53696abfebddd0c0fefc15 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a5c4bdec80d8062bf14851af1c16ce7a |
| SHA1 | a11f3803c6a883cafd77969aefb7dedb66036571 |
| SHA256 | 9d7cf586bd2849d011e1325c9187c4d9b74cb466eff022f4a3cb2341c49632ee |
| SHA512 | 80710e316a6eacd418905780db7b1dc342b136c3e445fc92121f651d82e4bbb924c80c115c883308952cdb0be3b72dd461ccc913cf4b5bcac91e7c8ed791be02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b43afa48c18753c2ea3634019a06f195 |
| SHA1 | e074bd1afdf21c038db325697582d24c0f6cbcc2 |
| SHA256 | 5eb378c247a6fe14984a61ad9d689cb2f3b75650041dadcd525d5bc8ed841041 |
| SHA512 | b14d71344b45607ff14914df45b8015f01c684042042bcdf363299dfb80afc9afd681ebe404735d98f176e84cb142b07ed218e4983a32282e32943b9026acd1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bff46a7b4751e87dbebdbd5aecabe509 |
| SHA1 | 9465497e318621ae4efbab63ca753a1eee964245 |
| SHA256 | 4967d1a3469ba26b0290106c6a28ec0756f13d4d8d571a920ff9697b74fc9dea |
| SHA512 | f84f0673c3add3e6c1d7e3e675fb27570d39a1d5e0ea7acb8999cd0c9df84c209e1c2657534b823d7a8f8e8b5b4be4313403bf6c35f8dd175636b716ee9a6500 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | bf318b72c829b3190a480436abdf44ec |
| SHA1 | 113ff28d1a678bcd8a6ce1d075f33bb2d4ef24cf |
| SHA256 | 7e8ea7e90c21899eca954d385d49c1e8bb0357e145cc63eef5d5a5d8d28492e3 |
| SHA512 | c7c698fbe3cccf697f576ed8d3d4387d7d75f7de52ef69e8d06acd39e8455e19f25fa3d2d2b4679c369d6e0ff80ef37b2bd2bc01bf59c57022081d60741b8751 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a95eb2b4ca5b68e85c282927b63c5aca |
| SHA1 | 2bbc2edc544ca0457dec53fea857442949e53e74 |
| SHA256 | 2db4d7e72bba4aafc4d93db19358fa2f79ddb75d922b1ccf5a954157897cd6fb |
| SHA512 | 6cb535d21cb2ec5b32c78200d68b626e7a590a9d2f67f14116cf6e1c491e06e53b139959647486cbf20d20e0997ed62a9c4d0d53c463a3c40372c44322258808 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 37715528f16bf20c288b612b171d04b0 |
| SHA1 | 0615fda15c426477c203ab6ab32c8cbcdc67dc71 |
| SHA256 | 4e3eb12cab533d3368158457a56473db360c56a9fc55330d8b859fd52cecfbb7 |
| SHA512 | b8656b94abdd176cf1af0093c02a036a44b7ca029f28dcbb2ee627ae11c6c768477ccd05e0b50af8743fa2a6a0bfc92f57d616b0a2ab9ee912b0ae66afde5956 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a81f74f2250d22eb33f6810ec5efc1ad |
| SHA1 | 265929bd9407aed3fbe511d6c6b097e4c419ceb0 |
| SHA256 | 95ee3c976add4780f6beb6bc729458d6a3b9343067657aaf145a92c9231d4cad |
| SHA512 | f53f75b0f68031b29b1206f2035b91d9cc3ccac513c924eed8927f49805e90a2713dd83c8326af7fe542f27195cde669eec77c1cc01f344ba74ed801bc156a35 |
C:\Users\Admin\Downloads\Unconfirmed 470206.crdownload
| MD5 | a2f58a117c60b1622eede88d2163ef19 |
| SHA1 | 91ed6cf5b0efb2c0bd3e06ab5775775ccd1bd631 |
| SHA256 | e74d896bc3469b5a28eb5a04ea364a9ab32737d573868fb08a327820ea624c04 |
| SHA512 | 19964984f66876032ef15283c25e31737e1f56c27a3f9d7fe204dccdc0a45c64e3380a5924f4b82301e55a5371bd7c9c61776e8ae6cb15a0e0502d189384c14f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f60d8c87b806bb58ad782e7eed25512 |
| SHA1 | be4c8e4110b37be555ff85decbc4a96286665070 |
| SHA256 | 5bf5f291b2f281b6dba38fc8ada4e794a90f8e883da6decf7180f10c3c589dbd |
| SHA512 | db0fdc929a71633d0dfa63ae3461ddc1f2ca9df1a232c830c392569270019feb8face913603a6e790b84d8fc5360e3bc794e57c9f70e5d277cbf2210fe20d29e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 771419ed26cb160e278aa4e833b46f26 |
| SHA1 | 29013a131520148a4fd1e5c4fbba00e81ed8d686 |
| SHA256 | f6403afda6acc65b8c4da2355d9eda03d8c95b0ef1002ad8724e5ddfd7141cd3 |
| SHA512 | 4594ea93b68f4e68031e7395b41adefe942c717283b6d5d5b7ff083e3988dfe2f3d647ac108149e0802722cc14c3249a563ea08b462cdd68c3ab45182ceb0533 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | e284a7bdf53b953d5514c6abe985ed60 |
| SHA1 | 91655419b0e29b53bebbd102127056f396af6bb0 |
| SHA256 | de29073ba5d2f701473a80f14c9dc35b2a11194918b8f682357b09d57c2aeb2e |
| SHA512 | 2066d8dd92d2c64df6eae441fc25914a6214ff52ad264a38c156f59fd1587d6a7627f19a1b537fd82d95b7c66acaf73169b855df55fce0163bd3b05333377195 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ec54e26d5775cb92a3d535b68c08c750 |
| SHA1 | 2c17b788e1f6ae16f13604f26ff1c58edff335e5 |
| SHA256 | 4465669629b79676b8240637a8fe4baefc0b1af6458d264c4148cae70444fc08 |
| SHA512 | 02986f398e8c7b7ec99660ce675adb00c8f4b5b65ba42753e84c49a7b55e412ae53727b84cda0be8d910e7079c3f11e1570460d47ec6a7c27966a3744a182fa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 4284e262c874eaa71226f38693f546b2 |
| SHA1 | 343108e51f23009e1f36b2334593e4af19261470 |
| SHA256 | a8c2aec8ef20e8d5c55fa569dbe5ba11c839e2871f0f4a4adabc2be21c7d3af0 |
| SHA512 | 1a37fa34c93750ba6ca8150ba7f212f486c7c1073d414dcec078a0a945923a3c70d55ee159a1db24e402f39ef9c9f628b59879625292ea8439d3649acf05a170 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 43f9124dfb443e377c9e94ba9f3916de |
| SHA1 | cf5585c8c94c3ca40a44c97cf489eb6f998d3e94 |
| SHA256 | e2b18610d9a34451a1c3a5b3a9cfb7017ddeae2e8536d1d0d041c29753a328c9 |
| SHA512 | 44ab7f22c3525a50f9f760fb8725a7dde3755c9f3843796b1dd89686621a72e5972fd430585bc0d3f8cedc55c5b5cb6a29e097ef9f29a6c870aaf5934f9e70ef |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\523f61d67bf4c528e001c52e84c35ef0
| MD5 | 523f61d67bf4c528e001c52e84c35ef0 |
| SHA1 | f26774809dc1ea0bc7376606964ebcc06bfdc398 |
| SHA256 | 834bd41f708d1393a528da769b015538b45b279b4af4969e1df54c0c426add3a |
| SHA512 | d99d834d3632804160428367360f8a4c0ab6e1c9146ab12b07d6f44c30def1482809d5cac41ae84a64e5d8b99a4fcf2090c74e39b2692094168737501301b15f |
C:\Program Files (x86)\Roblox\Versions\version-7d64f40489634ca5\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_fr.dll
| MD5 | 64c47a66830992f0bdfd05036a290498 |
| SHA1 | 88b1b8faa511ee9f4a0e944a0289db48a8680640 |
| SHA256 | a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961 |
| SHA512 | 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_fil.dll
| MD5 | 7c66526dc65de144f3444556c3dba7b8 |
| SHA1 | 6721a1f45ac779e82eecc9a584bcf4bcee365940 |
| SHA256 | e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d |
| SHA512 | dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_fr-CA.dll
| MD5 | b534e068001e8729faf212ad3c0da16c |
| SHA1 | 999fa33c5ea856d305cc359c18ea8e994a83f7a9 |
| SHA256 | 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511 |
| SHA512 | e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_ga.dll
| MD5 | 3b8a5301c4cf21b439953c97bd3c441c |
| SHA1 | 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a |
| SHA256 | abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0 |
| SHA512 | 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_gd.dll
| MD5 | c90f33303c5bd706776e90c12aefabee |
| SHA1 | 1965550fe34b68ea37a24c8708eef1a0d561fb11 |
| SHA256 | e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c |
| SHA512 | b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_gl.dll
| MD5 | 84a1cea9a31be831155aa1e12518e446 |
| SHA1 | 670f4edd4dc8df97af8925f56241375757afb3da |
| SHA256 | e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57 |
| SHA512 | 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_gu.dll
| MD5 | f9646357cf6ce93d7ba9cfb3fa362928 |
| SHA1 | a072cc350ea8ea6d8a01af335691057132b04025 |
| SHA256 | 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150 |
| SHA512 | 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528 |
C:\Program Files (x86)\Microsoft\Temp\EU4EF6.tmp\msedgeupdateres_hi.dll
| MD5 | 34cbaeb5ec7984362a3dabe5c14a08ec |
| SHA1 | d88ec7ac1997b7355e81226444ec4740b69670d7 |
| SHA256 | 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9 |
| SHA512 | 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 16959d4a59a06f8c2d56ecee81b33d67 |
| SHA1 | be051052570751e44f86949b422dd25a1619e446 |
| SHA256 | 076262dceee44bcecc42d5b970eec686469ade97925c227431cc0eafd8c5d3df |
| SHA512 | d1afb49bc9004b2d2d29c0849737593e12c74e0797cbd8a09ed11875ad93915024e1a8758bc1c4cb31b0ec87f783cb79fc770491d21bdb88a0c82d0c632a397f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 17b8a1160b3b93e823890831a920a111 |
| SHA1 | 349760a75e6af831ad7bbdb41d2a0f1545b14976 |
| SHA256 | 192beeacf2ea2e09632f3fc464c2b8a7123c385d3e3387f5ce7aa4b01d2d3ca9 |
| SHA512 | 05ef5caf2b906c8b863513f008ac4490f18bec99c2832e8867693e628dfb5943cd1b158849a6bbb022c437059a6ca8c99d3df2201279a5c5fc4420388139a6f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78a15c864568911e57a82b1d4a4188f6 |
| SHA1 | 45f105ca1a6eaaff21e4a1d2e5f86bb06909b294 |
| SHA256 | 8a2e2fce36f46e3e781dbd68dc3ba8407fb023e6ed7b69bde28545e414ab8874 |
| SHA512 | ed0c49984dfbe3e46bb04fa2c667cd8ab7c3ab93162a535c7b0fa19112893afd283336effea1f56141d475d898d7a381c80ce8571ba7db6b2b068822bbd6f4b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fa5303e393d2a51a81f16790bd0d1f8b |
| SHA1 | 6730b1617c1afd9722f6a7df885f6d24e53fc727 |
| SHA256 | 42e971a8c26684e6c658308ef23105d31bb482b041f466233b6d456e5f4340d7 |
| SHA512 | 6ac6bd98510ab89c500d7738cef6ba84e453ae201bcab2db4af060da7da7e2f1a370ac3f4b9059ef7c5fb0d2e41f0fb2f630067629113c6fb19808c3d26851e7 |
memory/5960-914-0x0000000000A50000-0x0000000000A85000-memory.dmp
memory/5960-915-0x0000000073610000-0x0000000073820000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c9705efc42686cb43ada0291d38d51e4 |
| SHA1 | 5ab14ae02364f3b44cfdbfa36c9ca78e947b25a5 |
| SHA256 | 18ab898aeb596d92ad581bd8f1770501927ac7ca9b6964b3407a76cfb23d03a7 |
| SHA512 | 394d7c31533d8822447e76f21858d426f044225a343eca2eb03f948ea7e584e17101c169833ae6a4d4a10bb621588d7c209817528264615ee6d166f21bb4c56b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000081
| MD5 | 9fcc3ec317c2d89b4e804e767ba665e9 |
| SHA1 | 90ff2c8351b4b1d419e3e73ca9dae8dbab6ba438 |
| SHA256 | be1533fef5bd0b050c87d60b788997b2c398f61108fcd1298780efa65a9a0bcd |
| SHA512 | 6abb1a473274eede0998364c2967851aabb085569e42c9329a5771f0d17074ff67ace384d368e03d5880fd8a5b54053c9c5923416336429c99efd73c8a8da671 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9ded052408cd9b08328e6e2195ed4981 |
| SHA1 | c49a211b523332a09fb64be2a2df1d3f34dde568 |
| SHA256 | 035eabf526fbdb706f9a43853e66232bf158845772175f5e57ee183cfda0ee56 |
| SHA512 | b17fdf7bfaf75d160954c20e8ee84f98fd1eed76995528bb4173f382219f6fe3615bf2369b219f12d8c70cda1443c3dfb98aab621b2860115ff99e8e8d100af3 |
C:\Users\Admin\Downloads\Unconfirmed 207815.crdownload
| MD5 | aee6801792d67607f228be8cec8291f9 |
| SHA1 | bf6ba727ff14ca2fddf619f292d56db9d9088066 |
| SHA256 | 1cdafbe519f60aaadb4a92e266fff709129f86f0c9ee595c45499c66092e0499 |
| SHA512 | 09d9fc8702ab6fa4fc9323c37bc970b8a7dd180293b0dbf337de726476b0b9515a4f383fa294ba084eccf0698d1e3cb5a39d0ff9ea3ba40c8a56acafce3add4f |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 87157346c8e75c20776c97dc41870da9 |
| SHA1 | 9fcb7172d61d4a3192093e526215d22be537e5d9 |
| SHA256 | 6e271e50ee6db0f576dbe2de4fa8dc8741b166702ba7242baf12085a8e7427c1 |
| SHA512 | 988e48952428455a2aa939ec5116346998327f8d1074617807eaf0c5a65a52c2e1c10509a4bf265f1c6e69e9270ff10d7b8c5dc9d51143a3f5987ae4e239cb14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7cf6995ad66558e6e35f3e1b0d345206 |
| SHA1 | ca63218ef64b39133f4e9fe59b13e7673e28219d |
| SHA256 | bbf6165f2017aba40234187ef4168bd3c2e5933f0919c7049f3a0587569c6f6f |
| SHA512 | ed4e5a3fd09593ba82872300d48d8756fb83087c81f1b43d948812bc21c21a325c415dc3f0c0f63813141940400b16080371905882cfc3850b25bcc50711ec92 |
memory/5960-1263-0x0000000073610000-0x0000000073820000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.80\Installer\setup.exe
| MD5 | 1cd79627301bfdeb1d3fba51cad868a6 |
| SHA1 | 2b71bae909047dd0374425e9df941ef93fb696dc |
| SHA256 | 74ab283991de81543bff5786ad8bebd41c243bc00beda305da00c55a60ac2093 |
| SHA512 | 839860435573bddfcbb950e2986333dd43ab5df5b2a0032fb18cd25c736e94d998b5ea1fc1e1b0c1d02a28b9615653becc4b535434bfd8a7a02f5995acf1808f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt
| MD5 | 207999cad006a33f98724230330d2160 |
| SHA1 | 0ea7ce8af25cc961e85cbb49f04cbc976789a5ff |
| SHA256 | a029a436f05aa867587ddac3bae40101e00cf6561f36fc8c1c630735802f57d0 |
| SHA512 | cf405630fb1e36190a9fdcbcf60c3fb961ffb126cf77140863ebef248f229f2c62c9f8f2c35c047b872e983068b6f44c1201075ac1ce6326053fd58ed31be58c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt~RFe58f49c.TMP
| MD5 | 59c21347eb1e3ffbb168714027fdaa49 |
| SHA1 | bf5c9ef71d6df22a4cb5b4bb5d416d87fcaa7105 |
| SHA256 | 638fc87ae9eccafc8ca9d8d68fce155ae5663dcb8fe7ed2b69f3c9e9f8896dfd |
| SHA512 | 03a6d0234f05ac1e98bab69587617b8f2e52c69bcfc74f15b52002a5e3c2065a0ece2b4aa3062b8878e3af792f596a0e6fadeca8e36255041e37c2f37a1351a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7bc12f0c5c28fbbe3078b0d62039e6cf |
| SHA1 | ddf3555dc4c99376db596c6b2f07bb6992765e58 |
| SHA256 | b5702b0f08dc84492fe19d2174ebf7d9bf9c9028ff48f4843cd4294439b6afc3 |
| SHA512 | 4d238d34fd8349348ab4fa2ff214c0cd46568ec9650660056fc7478b7bcf3d2f8a949a7d9af619ca5f476c25a51951a6878ea421151f1ed94222ea0216563072 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 30345d465674858f853597d999b5870a |
| SHA1 | 1c9079387587d37fbbde8b0bac277b888adeedf2 |
| SHA256 | f60f03fde1fb2a1b06297eec5d29e9a4b702c50cebd443f410b80be95285098f |
| SHA512 | 84d4cf3dbbffccd6afd2ed073abebcc564c31debd43e6c139afcd2b019d1f704ef6e8a8450fa300c1b65812e748119a481a25437cb7e56f29fff704825376cc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 206a41d84c48d82848ffb242e64e9866 |
| SHA1 | b2c808f828370592ca9a698dc76e499490ef92df |
| SHA256 | 1e021e8986fad5072e3b589f8098c2fac459af6c964c67d91a9a678605b8d8c7 |
| SHA512 | aff1bb50aab21371b00bc8df246a395703683424feaac093db62e3307ff131a4f8dfd57e1a434f636976aae9aa494d6de8a367002fdff769ca47e32449084da0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5430c06ae706fbeb45c9c7670e514ded |
| SHA1 | dc1461eb3750e3bbcb855485729b40a993733243 |
| SHA256 | 6394f6a367f3ca8b7cb624b3601a85126bbea748582ad015967af473f6172e30 |
| SHA512 | 38aee905b52c518ef6e6df38f521b46383c9088d40266ce58a42344bc12b63b94730366495928bffb5c380272567461f7764e233655113284546b558bdbab39e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 772b9d65648f008e3c23230d182859e1 |
| SHA1 | 5451895c3d7b7d4e2ffac5c73f58e6714235bc3e |
| SHA256 | 329b2e7fa38645ce5f3070c78b0f418a6ef47fb9f3edadbb038085a2c407e0da |
| SHA512 | ad834dfdd0765673280d0614a2646d493826d82b01e1219fca5e864e7e4fc9493f175d1e33f4b88b9ce8ba09d9208944d955613a44e602b234fc355c58a02758 |
memory/5960-1362-0x0000000000A50000-0x0000000000A85000-memory.dmp
memory/5968-1367-0x00007FFFE0190000-0x00007FFFE01A0000-memory.dmp
memory/5968-1371-0x00007FFFE02F0000-0x00007FFFE0320000-memory.dmp
memory/5968-1376-0x00007FFFE0380000-0x00007FFFE0385000-memory.dmp
memory/5968-1375-0x00007FFFE02F0000-0x00007FFFE0320000-memory.dmp
memory/5968-1374-0x00007FFFE02F0000-0x00007FFFE0320000-memory.dmp
memory/5968-1373-0x00007FFFE02F0000-0x00007FFFE0320000-memory.dmp
memory/5968-1372-0x00007FFFE02F0000-0x00007FFFE0320000-memory.dmp
memory/5968-1370-0x00007FFFE02A0000-0x00007FFFE02B0000-memory.dmp
memory/5968-1369-0x00007FFFE02A0000-0x00007FFFE02B0000-memory.dmp
memory/5968-1368-0x00007FFFE0190000-0x00007FFFE01A0000-memory.dmp
memory/5968-1380-0x00007FFFDE310000-0x00007FFFDE320000-memory.dmp
memory/5968-1385-0x00007FFFDE330000-0x00007FFFDE340000-memory.dmp
memory/5968-1384-0x00007FFFDE330000-0x00007FFFDE340000-memory.dmp
memory/5968-1383-0x00007FFFDE330000-0x00007FFFDE340000-memory.dmp
memory/5968-1382-0x00007FFFDE330000-0x00007FFFDE340000-memory.dmp
memory/5968-1381-0x00007FFFDE330000-0x00007FFFDE340000-memory.dmp
memory/5968-1378-0x00007FFFDE280000-0x00007FFFDE290000-memory.dmp
memory/5968-1377-0x00007FFFDE280000-0x00007FFFDE290000-memory.dmp
memory/5968-1379-0x00007FFFDE310000-0x00007FFFDE320000-memory.dmp
memory/5968-1393-0x00007FFFDE050000-0x00007FFFDE080000-memory.dmp
memory/5968-1394-0x00007FFFDE050000-0x00007FFFDE080000-memory.dmp
memory/5968-1392-0x00007FFFDE050000-0x00007FFFDE080000-memory.dmp
memory/5968-1391-0x00007FFFDE050000-0x00007FFFDE080000-memory.dmp
memory/5968-1387-0x00007FFFDDDD0000-0x00007FFFDDDE0000-memory.dmp
memory/5968-1386-0x00007FFFDDDD0000-0x00007FFFDDDE0000-memory.dmp
memory/5968-1390-0x00007FFFDE050000-0x00007FFFDE080000-memory.dmp
memory/5968-1389-0x00007FFFDDEE0000-0x00007FFFDDEF0000-memory.dmp
memory/5968-1388-0x00007FFFDDEE0000-0x00007FFFDDEF0000-memory.dmp
memory/5968-1395-0x00007FFFDFEB0000-0x00007FFFDFEC0000-memory.dmp
memory/5968-1401-0x00007FFFDFF60000-0x00007FFFDFF6E000-memory.dmp
memory/5968-1400-0x00007FFFDFF60000-0x00007FFFDFF6E000-memory.dmp
memory/5968-1399-0x00007FFFDFF60000-0x00007FFFDFF6E000-memory.dmp
memory/5968-1398-0x00007FFFDFF60000-0x00007FFFDFF6E000-memory.dmp
memory/5968-1397-0x00007FFFDFF60000-0x00007FFFDFF6E000-memory.dmp
memory/5968-1396-0x00007FFFDFEB0000-0x00007FFFDFEC0000-memory.dmp
memory/5968-1402-0x00007FFFDFF70000-0x00007FFFDFF80000-memory.dmp
memory/5968-1408-0x00007FFFDFF90000-0x00007FFFDFF9B000-memory.dmp
memory/5968-1407-0x00007FFFDFF90000-0x00007FFFDFF9B000-memory.dmp
memory/5968-1406-0x00007FFFDFF90000-0x00007FFFDFF9B000-memory.dmp
memory/5968-1405-0x00007FFFDFF90000-0x00007FFFDFF9B000-memory.dmp
memory/5968-1404-0x00007FFFDFF90000-0x00007FFFDFF9B000-memory.dmp
memory/5968-1403-0x00007FFFDFF70000-0x00007FFFDFF80000-memory.dmp
memory/5968-1409-0x00007FFFDDB70000-0x00007FFFDDB80000-memory.dmp
memory/5968-1413-0x00007FFFDDCA0000-0x00007FFFDDCC6000-memory.dmp
memory/5968-1415-0x00007FFFDDCA0000-0x00007FFFDDCC6000-memory.dmp
memory/5968-1414-0x00007FFFDDCA0000-0x00007FFFDDCC6000-memory.dmp
memory/5968-1412-0x00007FFFDDC70000-0x00007FFFDDC80000-memory.dmp
memory/5968-1411-0x00007FFFDDC70000-0x00007FFFDDC80000-memory.dmp
memory/5968-1410-0x00007FFFDDB70000-0x00007FFFDDB80000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c541818a8deeddf27944c4b77716653c |
| SHA1 | 00e044fddd9dd7df537c362324916bb4f152e7de |
| SHA256 | cfc06ac5398314fb62fa9d4c8d1ccda862cce3e837c13aafe0b586750c56891b |
| SHA512 | 186c18f0fc294167d3dcdc5b0894ecebebe4de1ac803cb7d27cc00315ea3f1ea190c239eebcd3cf8ca72f50ca41d657cacfd8bb654bd9f534ac6bbf0f70d4999 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 718b7b2b5d3e0f722b568133fd2ce6e1 |
| SHA1 | 5ecba72d849bcabd29e277365422316b92e50145 |
| SHA256 | e4fc27f04f09170eef3d0598c1e6dee04f3ff793e44887a26bd32c97b11cb6b9 |
| SHA512 | ee0a00b69f9ad98efedee8b6af0384bb48b31c234d4608bb5c5264a1d4ba73efb2367879ab76882951bc2a491c2e1ab85b25ccfc4f624176098380046aac0f97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3cffce5131502d0150baa402198be420 |
| SHA1 | 3b8aaa30188dbcd6b0d0ff521bfdacd8c4dc2627 |
| SHA256 | b72082dc83d7c0f9fe0f70c0197a86b519dc77d03eedde7ff78421d1e4696d13 |
| SHA512 | 59bf98da6a997c1f321b505321ea254c646914bda481fbfe8c1838361417fdbed3500b6fde58f8f737ef1a2380c0ec609e552358a0060a60cdcf656dbc130fad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9d468ea6202427d4872e715651bd51b4 |
| SHA1 | fac6352cf3eebb4e0e73ec2413ac030b9c41500b |
| SHA256 | 6e7e3238235ab4e827c9c15bc301626c013c5e26450fb84bb5f662b6fbd56981 |
| SHA512 | cb2626381549b7785004f9dc847deef1c6bac8ca5d2ec345974bc9d166fb59eb51ba0ad2c46631221519943d78a636520c3d0226397c3b5ec50f9a08c2fc181e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66090cf59815f1f9d44761e3eb2d000d |
| SHA1 | 63c22c6a7be8ac6a210cdf9fdbfb50ed90de54f4 |
| SHA256 | 4a04ee8627980503b0f756ca9dcbcbbf8f006cce3037b45c5d254f6772f4e2eb |
| SHA512 | 03a8a6ff7a7c611b4fbab33009465eade2fce5ecd639919733200ad728c3b0708e99906ae22108c0314bce5345340eb14f101426cd94e822a54319892c7ab4d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32abf269a6ce0b237ded3db56a896693 |
| SHA1 | 0515590c226dbde135432f2f831431fc8ad25420 |
| SHA256 | 7b7f2317809bd8b2fa82129825ec11d81a39e4806b96ac4e5ca77e2efe0a311f |
| SHA512 | 06a4920d126fa1878a3c17ce6647726396c9a9e844db12828ff7dd4c46429d866cd94a85c2a8f3943eb2df5344dad90db9e29402973f816d7591b0e43bf42fd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2765526fb03cfd9443a050057cf1f5cd |
| SHA1 | 3f68cc3cddd297bae044afce15eec9f07a6d6740 |
| SHA256 | d5100bcfc7d7aef0e0858f905d742094d4a9611b146ed4835ada7577288ae838 |
| SHA512 | bac0f03694f9bb3bc207c1a53c8b1dc1858f11455ad8bd72360565e7377d66b977c4529bf4ca192c7b1c60f8bc0ade4910cd7bdb8e4da9199900091cce1db179 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 12bae5418c1c4ec5c53f77f58a62d08e |
| SHA1 | 03206e8fc063c629159c77b860b4ace10c273f1a |
| SHA256 | a9e7569a8fe90efac9bc16ddfec768a0b913f91b9e0fdc534e603cddd359c3e2 |
| SHA512 | 8a3ac7a19741d4199caec0dfc3f5014c1068caa374b8ec02e1edbe9e034a07fd7ddd37420b6e31db672cab0dfa975b71f82f7d814bc4d916ba904dcfd2210e35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 585d0bcc23a2c4ed336d0e715b121942 |
| SHA1 | c0564c234a0518107fe5a34e4ca972975ac7f01f |
| SHA256 | 39030c9164bb4dda55348143cdadc15e3739a813745e280ea3cd78b0dfe8412d |
| SHA512 | 103561f6c9e0e789ba64eeb3343a84fa7567294cc36d00ee37cd1283068ad928c17b677a3849e91e1a02f182e22033cfdcdb30d5fd6d16cac07ec47641b500c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e048dd109cdb0cb6df0bd8245d898f95 |
| SHA1 | 4717847a797bb7fbbc26b3682eb11d37d027c037 |
| SHA256 | 768cb770a1894627f35a2871e5ab49e32ff301ad34a11966dec4dbbc9bfe6281 |
| SHA512 | bf9f78e884607761c9842d3b045194f04855805248a2c3317e81dbc7d4c543a71603a89e48170150a3079ed5f8b2cfcc71e568844c2ee0d9e296e862ede13951 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | faec790752d43ffbc966125efbb5db2e |
| SHA1 | afc58d88d3856c7574d31241ccc750dc1c0692c8 |
| SHA256 | 34bb80f759194be6302714587f331d4b9a335ca1b0f4e74275dd154b47ad92a6 |
| SHA512 | 3c70cda2ade9a67c16f37f9963631221d2c2c2760f53fd495724a7ab26902490c170c38145099538fe42945909d8d803c9360adf580df49a0a21d406944fc8cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a2fa3858237d9d46f5e33a1e9f483fce |
| SHA1 | 090a296bba8df2c3bcb88e40bcdf8fd4c6f6bcb5 |
| SHA256 | dfe81079dac10c0a20a44c7b370ac5f76cfef5d13154285cddf54060d13e64fb |
| SHA512 | b0b7f47a7cbb8b9a00cf37d5a1b1a3a2cec20412025a1751c7dfe686660cf747cd445a2a38f32da06ef6b29e29216dfb865f9411d97f42980c2492d588cb7def |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ed4a04c3501123d4bdaa56adbeffffa2 |
| SHA1 | 2e6bda48e0fb93badf739e6af4bcff8b8a2b2661 |
| SHA256 | c61b4460b88c28d119690e56b0d617c61754e344e7237d857e890438e3ed8590 |
| SHA512 | 7116fb357c94e70f59efd3edadede9f7f183fefce36a7cdefbddd280c38b47c20c1b06ed1b3db7153555bfc5572882b99311b20050cfc053d0eef16ea35cbc3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d4426a10019650e7df35f9515c06d343 |
| SHA1 | 258644e77f11a4a588d4bd37b4d1994d1312da77 |
| SHA256 | a8c1f767e5fa71f013f8717fddbebb430d17a93ea92259ae5436a6a8ccf8fb18 |
| SHA512 | cbcd815039c417661f55f49cac438d0dd6d459820443e90e714869c11fb8af92efcc98177e1f91d13a79299213ce8c132102693d39b3eb7e53080958f8497faa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 529e517a3a8f48f712ac4dd1ec04623d |
| SHA1 | 7b1f516d7babe67c346cc29864005580be836494 |
| SHA256 | 99ce8269ec3c63eda312bdc1f53a719658e5c847413c47075b36a058ee2a8269 |
| SHA512 | a57b8f2875942b857b346287f4df8d9306e55bd5ea17e4520766f510f3aaeb5c88efd527df4292e967aa6169e71263a7eaeaae58051074402ce11e8dd2653a1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 963900bb238239ff7668d926df6beb09 |
| SHA1 | 81017b5a31dddbafc2ad1550966798e188d70ba8 |
| SHA256 | de86f02f6d5c8a46a92ef01e8f28229ae1e71376b03bc611c55bbd3000649929 |
| SHA512 | f30e7c04ff1100f0e6bd27c747926ddd4ebdd6b28f3df8b0fbb5f26fa368d64c282a3e1223ec55f69624caa7e6108e335cabb4fa8205d6311c8c79683de64594 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.29\MicrosoftEdgeUpdateSetup_X86_1.3.185.29.exe
| MD5 | b18c705b3c68cc49d9bf3649abc75c24 |
| SHA1 | 6dc8963dea0f3185368790dee2a346301b4fa24c |
| SHA256 | c2ca3135f3cafd79bf90d4cb3118943ca17f40e0d651d1fc32b1b3d22d1412aa |
| SHA512 | 7ac302c1e85c652bd897ce1af812950cd23a53c041af82fdcecb2314bbd1667bf2fc672dea40c21858e64befc9bf60190a4428f0b41c30317bb0e5ec7c00f71b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1a4ec454-cdfb-428b-9e2f-feb4a79f9a05.tmp
| MD5 | 2c1631851fc2e64da35f5912ae0a5983 |
| SHA1 | 4120e00dd8a37fcdfcbdf5f6da260a1273e13ed9 |
| SHA256 | 2471d0d31f2c96f496455941bd82573ed6c8c2455d1e0165970e468852b7abe1 |
| SHA512 | a09068c717258b3c9f7813b6bc77c42a393e447939750f40a993e96002cf0a16225a77bd1297d73a3cb2c09f3ea4ae3ee085ac9215accf9186136acffca8f493 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f4cc6917511b4d2182af8a8779dc9b3a |
| SHA1 | a6ac13b8a75f03e5cd7f5d972b7bf9898d65d230 |
| SHA256 | 5f94856bd82d4ce907700ce82a941325be353f528a7164d567c1e6335896342b |
| SHA512 | 562691bfbddcdd6ac9664e2a52c098dc0286ea6c4b41c5e4d056de59e5a5d4003357fb0cc8f34a5f391952de648e93b69321e181db7628aee7ae850e9f150ab9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 657e06f51462fa4dcbad927f5f204cac |
| SHA1 | be437f35f70ebf1eb7dc88b0e51ed119a7256795 |
| SHA256 | fc7b69bf542959982117e934873257b24d357edf425a484af2ccabb85249a4c3 |
| SHA512 | 77dccecc8cacc104ea5b82b84b1b667da0794b2947aa3ffc99d4cbb162dd2fb57c5a4075324f51130d1f1ddac74b375cdb161aaf77081db2d1014e6678558900 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 28ffc99592571c7e149611ea14fbbd6c |
| SHA1 | f98e7c06910438e186ada920ab068d77f3dbcfa3 |
| SHA256 | 4bab318c3d9b9863b186ce833e80bcec59cc318e8faf270daf8e2343af8c101d |
| SHA512 | e265914943678f0e78e81feb8f8ee41f9f49dc6f0e178edc976d82aca3c2817f93c9bec44224ac1941ac461eca0088edd75b74e6bce5520890bccfc027d55a25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d6544808eb5a1a97efdee54396e19a31 |
| SHA1 | e88d13739916f730ee8738fd29385344f0a1970f |
| SHA256 | 7622e76b4067a6f651bad1e52f27d41a919856fcfa72193d393fa94cabf4c848 |
| SHA512 | 9203ad1c571a3bc2e68574904ae59100417f140820105bf1986a79d86b8f445757f19226bac05c13781c720e7cc263edc4a32a2c395d44534e1f6828c3982bc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a14f94d4866773deae64fd16c497a48 |
| SHA1 | d4215f2c46c06b2b84476ad39dd8255be74f4a65 |
| SHA256 | 9ba16abcd34e1e88375892b54c9f11552de0b534bef48c1b374fe594764169be |
| SHA512 | 835d844f549bb90cc0e209a385eb713d6946c84e262826520a075f69d3187e8f9e570f64f817b457dfc63ec39dc18f3f9739dde4d71ac4b4828a10d781f09f83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 05fe5a68e37710c710a6ef8c4653c4fb |
| SHA1 | 57ffbeb49396852c6b35c67c8ecd0d1241e17659 |
| SHA256 | 32f01d311303bb3801437459eddfa7e75f86039ac831c045107d1e9eaca222c1 |
| SHA512 | a836a4171f115f21b0b916e03cf97e6eda3ae5a6516a2059fd4436635f5324c10a9bd2bed1f70fab7f77c496db4453dfd226a6ae06ddb03d5ba725a935c7cb45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80a70a4131b229f176262f98942604fe |
| SHA1 | 411f75e17656e6e2b93ac24a780b0a256124b0c9 |
| SHA256 | cdcc22fa0f5bf88af86b957391c300c75ac4528f6d594cfd16220a476ef2a838 |
| SHA512 | 23b5be00cd35e5fc27043f4064ce56ec5f228553eadca04f8aa7ebf36548cd6959a3177b50f965b81bbbe25a3cd6acc416bc6d50c25ef7779907f31745ca6c74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f3c22d5ca4bea58a110efb842abd1d16 |
| SHA1 | 0895b624aad1c42da53ad620e5bdd7ba9d296e71 |
| SHA256 | 2dab6081ad1839d672d197c526b00578ab257876d8ded0c2128182a41a915868 |
| SHA512 | bcbc0296a96dafac357c6c6745acdab095589b4fd08b70f57ab5c99395b1deaa1356c6819aa8edefe57f2f46032e09274334d9ff0508da0c5b81c1d0b96af848 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97ac79d571578a010dc73aae8b185d60 |
| SHA1 | 4a8e31a96ab67591eee70a979e20ca849bb66ed3 |
| SHA256 | 0e1f294ea9f45af7f1087308a0dbcca47edf28e9acb859426076513faa654f4e |
| SHA512 | 65372d318d09d9ac2eaeca62d9570fe75ea0be1fdc284667abd93d4bc8d6ca00c0e925e593023f8776d44bc4201858c39cc21710149f1d1620f497eaacad24f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4f94f3e1d50584358ad6624ce5fdd598 |
| SHA1 | da7b0b2041a9b7dcd524d7cbb8d87923d0adefbf |
| SHA256 | 38472094a5f35d0235a58d6fb12b61de60968ccc58a881448778753e223bfcd9 |
| SHA512 | 8ba597b2f58c96e133278e137666bfa7e5a760c8c36d3abd62f527a7d189eef582486be0faf2082b889b3abda1e29052e9a0bb220518f409b260b6ca149325ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48be85e2f34bb9aeb57b8a27a38a6a77 |
| SHA1 | d7ca4710a67a4b11804e2ab2aea3457e43233f63 |
| SHA256 | 79553ed99a599004fbf771167a5bb2b27b71c5ae51aa2038303092aca834cf8d |
| SHA512 | 7778289b1be23060015bf7f0f40528aad7299c2605e7821abbf361c8b46edea21a42f6924087ff2d340c10b6b69965e9f36f290d969f803748c58ea451acceba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27fd590b515b98f4e157d1248e7b361d |
| SHA1 | 54bb6e0864c1ff9e07a11fe1a3965a99b8e2f775 |
| SHA256 | 324a15929f59bf60b3a20ea6bbf5bca3b16f7e19034fbd3e9093fdede1527bf1 |
| SHA512 | 46003493c6e207eb994401590ca10a38d4f3e02810fc115063e6c9b3b6628f9c42bc7836300a251e3938f94a905045b5a0116b533fbdbfe2d774de9d1af4c6fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 182cc03ade7653f6d737573876b1994c |
| SHA1 | 45a217be63b670c4ca714d86b87e927830f0a7b1 |
| SHA256 | ee11fd7b5d06cbfa76492913b132dbc04a8da994792a7aa8fb784b0e2048981b |
| SHA512 | ce144bd49cae7b6eb84fba247313c644c15b9f5636b48cea784c0786468f41a8bf2da4963d52a2748e54dbc1a8a9d0b9c00d1f496d950ea8ee871027d7c907fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e60abf201221e2bc27f6429c0a132915 |
| SHA1 | d7467b2d63bbdbaa6fa6fced26287605c2593945 |
| SHA256 | 96da030ac2d063bab435d7c0ba901990f640d8b8709591fdefec633e2bb634f1 |
| SHA512 | 87aa4ceea5267376cbc14108a872287c3f203489b0648125547225652dda5e3de463e8f2ea23d294b43961ce849cbacaf08fc4ce857f8bc04fd1d015e8f52844 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a2f5b519b088c04ef3045867d6220fb |
| SHA1 | 6cd7d1323c9cd2292638c643eaea5908cc2fa18c |
| SHA256 | 83324e92867148092ac9e54578a8cdff474006e6fd7dd8796a5bf7c4cbac9a9e |
| SHA512 | e938373337ce12865cbed9ffdb6ba315e615a3cb8be8896029214816809a98eaf71be04effdac1b1948403b25602c3b141738a15326a082309260eaa4fb2b3a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 93e6064e4ea320cf9812319cc3b12e27 |
| SHA1 | 2267d5970c1c71e8ec5239d1cd05955ea0a097ce |
| SHA256 | fcbb937c3eb04520dad9a55491486ca30cd3742ee466f30ab4cb03fd22f61e40 |
| SHA512 | dc840249209128275ebf8b8de2813308a69db75659870fc65b0db10510181d0cdef0b88ea619c500a00b7cb7facd8dba26732aa012d5ec8fecd7d35bbb806711 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9590deee31778232ccaf7cfe8b3e06a0 |
| SHA1 | 4437a081fc40e2c91cd6132a64319940dc5830ac |
| SHA256 | 7724c11f1382ad5ae7cf10a41342c2cec4b6183a7827a6089dc108f56112eee2 |
| SHA512 | 9caa419eeba14ee67406b4d2c0a2a742293d17c48a99efb9ac86ff36673ecbedd19f75b48fe296ff5f23984c84b23a577fe6396e0cb5c87bb2b99351edc37107 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc0956ecc715fcbe619829c612c1b8b4 |
| SHA1 | ad3b276648331705114dc046926c1b61ce6a2112 |
| SHA256 | 950c64bd92fe4c036d4a13ec009a68e3697c4efbb42e9efdea37a251d3b818d3 |
| SHA512 | b763fd61230668f45d765db1db36cce0df235c26bf5b17ed12115e4ee9b56187d66adaeb39261adc799ee4604c0b6ca6672bd8b6151aa53d60c6e2cf4b25ed40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ac21c0a1b088f6cb9f1f005762e72af6 |
| SHA1 | 8d22ae835b8adefd7137c2fca18de3b6c0dfd764 |
| SHA256 | 5107eade27addc4b87589e7e1af031cc428362f58bb6afc825100205d917f4dc |
| SHA512 | 4de40fe4f166a1814c2d8d0106376ad4db59c2c203703b071c7a23e78a11b0d6edb31be58488a1654231e2d61d5b912edf799426f76f4ef19d480e9ac146e02a |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe
| MD5 | 3f208f4e0dacb8661d7659d2a030f36e |
| SHA1 | 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff |
| SHA256 | d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b |
| SHA512 | 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 913d1d7acaebf879452b799e8dc6d1ea |
| SHA1 | 7fb5d2843de76a42d3534d3b63e1bf5f2ec9d867 |
| SHA256 | ccf13dc4c9e75e732df915f491b603354f5bbf89ff5a86aa6f36d0fca5456ba5 |
| SHA512 | 82217dbbf156d2658ce71daab14283b1b45e40080c1af9f8b7edd9091374f8c9a505a0157f08ab2ea929df91d2adec965317c61db7f341c9713d375cf31bfb6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 805781668dbd9d2590dbc7310cb75c21 |
| SHA1 | 8c585e6d09730d567156ce5c07c5f791e9633631 |
| SHA256 | 8fa222cedad1dffcd21e2f9262b40ce5a2f3dfca69826a469ab906b200b35289 |
| SHA512 | aa02567e0f60a9a41e5845717a09d66e80302911727312819da79aa76852d31251cfec46b4b19ff5492b572830959d20da0ae5a8c6122badbeb74b2f0d74c799 |
C:\Program Files (x86)\Microsoft\EdgeCore\124.0.2478.67\Installer\setup.exe
| MD5 | c31297188ec9fbaa60449f769339963e |
| SHA1 | 8502d9e0cef18137529f0a46ad6e69a1577e6cae |
| SHA256 | 2e2eff110475dd3dfd732ab514e4692032e67b2d228d0081634a87f45cde5ff9 |
| SHA512 | 9525e3e08b953fe36270c7b4868959e9bded055c5577e5ca94d79606b671e6660d180f763b54a276bf356e82d7073901c373e0b40cfca924cc4b38384c20e22a |
memory/5064-2036-0x0000020A09A60000-0x0000020A09A6E000-memory.dmp
memory/5064-2037-0x0000020A23F80000-0x0000020A23F8A000-memory.dmp
memory/5064-2038-0x0000020A23FB0000-0x0000020A23FB8000-memory.dmp
memory/5064-2039-0x0000020A25230000-0x0000020A25479000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\ThirdPartyNotice.html
| MD5 | effecce1b6868c8bd7950ef7b772038b |
| SHA1 | 695d5a07f59b4b72c5eca7be77d5b15ae7ae59b0 |
| SHA256 | 003e619884dbc527e20f0aa8487daf5d7eed91d53ef6366a58c5493aaf1ce046 |
| SHA512 | 2f129689181ffe6fff751a22d4130bb643c5868fa0e1a852c434fe6f7514e3f1e5e4048179679dec742ec505139439d98e6dcc74793c18008db36c800d728be2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1583795126bb7c877a986d6164b258c9 |
| SHA1 | 57571314cf53a2d10053c18dcb4e093b363737b8 |
| SHA256 | 163eb13c1d06db43187b7bcf449e96c818cc34f5a8f40580cac396694f577981 |
| SHA512 | 94c8a4f259121bcf95733a4ed559b5aa23e694784262a762382b65e481aabd4554d3461ada15a88cb21636ac87c1794bcb438504b33980caef9c239ab7c31074 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d7466035b3edc64031e313d2fe09e48b |
| SHA1 | c58d7e1b08dabf15e4eaa3b5a0715ce222783eaa |
| SHA256 | 4f46f86163742a569d1d7716ef1cfea31cfa58c773b6ed1a6da28a8966829558 |
| SHA512 | c02e2454d75b99d02196e4ace1b77702679bfbf996db743e920799f3e2ead55ba3ffdf66d594042a72258fd8b1ccd0cf770ffbc0ca3a68cd7cee32c9830076ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc06d9d0b6d645a34371ea7069c3ce8e |
| SHA1 | 25ef4c4b15d1707d016eeff00ee08cfd5add616c |
| SHA256 | 43690fb4867c19667935446b0278af7197b53feb34ebe4e5ed5b07872bea5969 |
| SHA512 | 68aaad7a7e226757e433787f31b02f93c7fa4e302e751eb1e75b726c773b22b888649a0bfde310897a65ea06aca425b7b49361c753ec4f6d06cab6eeffc461b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 08fbbc6fca4181dae938938a152cd922 |
| SHA1 | 75abf72a747526f812673671cb43556a58585e7f |
| SHA256 | 1ba5b9e7cf8ec8122ecd7e9b1b30c818ab52a45f53a56e4d87e16a47e7d04fc9 |
| SHA512 | 86faf7e5ebe6c4b1d77af235b62f3fc112417a7e417765a6107c3eb9f9b99ca27cae3462a92de51c4976a70887179d21b5274d168e0d6c3a89bb8e202d492a54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 22607618f0328b28590cf03aeac716dc |
| SHA1 | d6de711733748c873c66a2e3fb302d5caba91dae |
| SHA256 | 279341aff8de2815f924abf3b69773b82aa3f8221646b5e51369bb94066b5ad6 |
| SHA512 | 0199021b344c4b35017ec9bcd31553670c44cb6864ace791f5f1cfd5cb9e77026aff07612bb13bbd42783ff216b5e00537dbb0dd5f2bb23ada3f6be810754ade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 974b2640712ac0f8732586a473df6a90 |
| SHA1 | 9b8cfd74fd506877b21567fed27885349e7b6e58 |
| SHA256 | 6769d2706d866c41040d02ac1e7e40f559149e7d2ce31810bb94889d34f9fbb3 |
| SHA512 | 3059edc3907eb9c5a30e7dc8be9815e5c5ab074e7cf9312eaa3dfa52c991b9cef32b4fe1c825e54e0aa9e0187a4e63264beaf8aa4a136817cb6d59a1a04378fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a7eb4d3d09473930dcb957227daeee40 |
| SHA1 | c397eaae741580f4f0afa1d559a4588cb57b84fd |
| SHA256 | ccc769c920d2cd2dea62e4c4204cafd1f2142708f0996b9ed46003bad8172f49 |
| SHA512 | 41c955dda4e72628f9d294b59d9a22bf8822991fa57f9d4e2b0c48afa80647d926916af0eced9cfea95e77018ec4aa54b893546cebf0165faa062ca92bf70bbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 37ca2f1ceb6629ddf2110c4b346158b1 |
| SHA1 | 40f29bf78b555eb18597296cbe1bd3f7281b9316 |
| SHA256 | 7e0b1050f63fa2f379e0468f7a325302437bd002a81cf64ae45f834314a7618b |
| SHA512 | c52bb7e37da45a97c92ae676448ff65e0bce4b38c69531594de082f2a28404121ad594539df4b7052f4897e821bfa79992394bf2649815522708dbd0eacb0693 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c7468921784597a09e0855ed8ba7f32d |
| SHA1 | a88d8fe30681e8de5c239c7d42d5da203c684e0f |
| SHA256 | 8ac8e6ff933b5f01fc4a757d9bdcf1f9aa2c181eab115321a897500596ffa543 |
| SHA512 | 59ffe96ce22c27dc2ccf8815c6f9372dd1bdf041f4f7c40242f2b3ed813dc8c908151bc73cebda3e8884bdfecda2c1a47341c9150f96784db2139921498c7373 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15d55fe58a0d8b54da96498e80d004ea |
| SHA1 | 2559820adb8d23f60f97f1722dbea0dc8d5f553c |
| SHA256 | ec8d7e8d320bb06cf95ab6e3cf76a4b4999b7b9011099ca0cd477c5f8b84c132 |
| SHA512 | 02ad46af9085648ecde859cb66fd65bb80ed9d41a2c72ce6e033c6a3c6c7693cdbff78dbd044a00998a0343d496354f796d9102f3512bce207d1eef19aa07e81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3fa6e76216f18abbf8cd0358759e61a5 |
| SHA1 | 82a6cec4729d56033137c81f2ef0f887386abeda |
| SHA256 | 5f886e6b7cb9936d03980be5fd3407127cc3012ab59375dead6d609118aaf66e |
| SHA512 | 40b4c306a1a11ca9ad11c040c0b416722e90b3f09933b0199c6e3e053af95ddbc751547d0e2c9efd1054c026da7ab02c40e387b996d7d5c0ae9a23d1ac44c693 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf7946b162b68650b3a03fbf5b3fc437 |
| SHA1 | 3ed786a99cd41d0deab27e2873b316a1282cc07c |
| SHA256 | 469436dd846bbfb44e10a03353779ac9b01de8e365de5489a3698e49c5f8216e |
| SHA512 | 29dfa1ae32cd1475f716cc2ee160d61b71f76c1238158e7540c93ef6d5efcea8b66d3866541770e6da1b4ee3877c5e9941a7773bf1aedab6bfeb52c60fe69f79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 288292703420a29c077bf31e2e602b62 |
| SHA1 | 7fa2a5744acabff77812f0771f4c7fa3bad9b8db |
| SHA256 | 2926ca4c9877690ef540eb92168a8c3c56aee503553aae76f3b456e09cfbf08a |
| SHA512 | de4f9556eddd3dd9ad68fa914a3bd8a0cafab7e8b7c184c31eaf029f75479cbed7a130ca469596f12dbaf3a7688caff261c14c911a32e299430d4bfb827e7f9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa7a92337b9aca87d35d5ef281bc35a6 |
| SHA1 | a461ca57140857569de4e0da85502d7be1610a8d |
| SHA256 | 4f2aa4f8803cb3f85c757dbb7c5145c47ebc7c33121146cebeb6e350ecc90464 |
| SHA512 | 6be9fe0780d8dd892936b1ce7c92e09faa16587ea2e2d95becc236693574cc76ac40fdd92f0288ef4301650f4ce565ec097f0c4da5d0c7eff72717188b1e7110 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a4dfa2187c90bdd256806ef87f5cabe |
| SHA1 | 183816978e99e21276a79b0aa48a233f6126cbc1 |
| SHA256 | c79306d9eb54881cf2282e4cbc09c84415ed427a9e0e408263b6f1c38cc4a507 |
| SHA512 | d06979f99c2c431aee32a961046142fa50115473b123c1e288652382a6754481ee295c94bb817973487e28dc9663becf707f5fada205f4c8bb449cce02996b7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c29f0433460c2c6b48d23181c5d729d |
| SHA1 | 798302e93b62e408c7b4a052d0ded786f902689c |
| SHA256 | aa0522ebc50e4d2b66d7b63d2b1d71303cb42bc93490f251f3223183354d4e51 |
| SHA512 | f61c8bd9df14e63c88abc8ae63e354468b049b2dd3c3e01e4ab41b9cd4b8ef9a9b679401bf534565e0267f962f2e1ed3672b424c028491499f0d9ef535752291 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db49065d9681c467b665a0a7e3279b63 |
| SHA1 | 84c739b8c07ca6a007179f4d738d7947685b0d09 |
| SHA256 | cc3525f4bb66259918f8c3bc08b4c7c7ee7d34843c8be08dc01f3b947146aab0 |
| SHA512 | 4faea5080aa10887323fb623f5041463717e900b8b58d9d4be1c61a4d4e1661b8e9f06ef1ead456e64c89a1d2a32ccef9b63b8729ceddc7b5bddaf3a827f8dcc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 547c46ef6d22c680c692a2f0f43c6dcd |
| SHA1 | a0b2151f340e4b89f0fe2bd02fe7b0e9ab848a23 |
| SHA256 | 1d935d6fcb79eabbc4524dfade425a3b21662c6d1c550a1f7a57fe258e143e38 |
| SHA512 | 88581ff172e09fbeb71e6a26e6788710079213e1c381fab294301f4b2bd5f7f88d442c492dee1f2f0ce77406f89dba90cd4ebd3c302543ab04f69361ca7f85fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9d35175bdf6bf314a9c264378e592e8c |
| SHA1 | d8c551a41629589df1eb414dc258d0002383f5ac |
| SHA256 | 23a37a27461b543c41460148a911814e9b872584eab0148ebe28d694dcfb3e6b |
| SHA512 | 6afd7104468e8d4b24e7189cc89e8a6655662acea9fd72ece870bdef8f331c4de0bb235f60347caca9d319866d2a1511277e4fc7f324c3c32f744f7c431967c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | abf2bd69a5e0264328270d80acb5ca99 |
| SHA1 | de391bd2e82cd5c3f7d65baea1eb8c3258387765 |
| SHA256 | 931b54ffaee5183316779e6582dcca4017f8ca45e33dfff595c5a56305a507be |
| SHA512 | e5f1f115c1c76cd635b08355579c62d497f95347127c6318cf73fa8a490c7403cc922ad9ef24a59bfaae7e4e12465fb6de444e15cf9559ae2aef9a63eac86666 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6f669be5d99088d9c0829dabd8f7fa0d |
| SHA1 | b5f1edc6cf1ddec79efcc6800b47f5fe6d644f9c |
| SHA256 | f169b137525d5c2e712c4669694487fac30911b07cecdf16f3b4e4cf11b17286 |
| SHA512 | c76ca4c8296c4cc59193b2c64abd469cb0210074044b657eba17c2555e6b90c1939c5d52d11567570218d952f4301ab9a215649a4c6955407caa9799a4aa15bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3836156c68d698b9c4bac9a92e0ddcfe |
| SHA1 | 144f12f548b79b22d55728848a9946f84e9f7688 |
| SHA256 | d9598f9b8b284a9c3f9623110fa91992ac3d97c0a3adb18e1207b4a9b98febd6 |
| SHA512 | aa24fb090666335bc2cefa06fbab6371ad84713dde26fddb2a59c4981f8eab92fdb0f5ec80b964fba08667d789698d9b212541991a97536755c88085b7c46804 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5e9e20ad35df70a4ca65c173c7d5bae |
| SHA1 | fda54075043a2e06e4d4e341406dfcec21e67b8e |
| SHA256 | 66085eda3554360778851b1f5dd9424f6096134ecc57ea1550abfe3b4523ca21 |
| SHA512 | 844fe7d0e3ae40be42fd7c316e8bd1af501b0ff6e93e8df8ffbd910fee03ed1321ce2288d6dd647ad1d44d8a884d749a7d5c214a63d9977bdd452dd7b3e6ac35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbb78fdd7eacc77ff36896927faf4e6b |
| SHA1 | e6d7d5aacb38aad1739793cad695036d0efbd33b |
| SHA256 | 530ea0c16c9f4ae7d020e26f54c1b7aa754f954282e2b5bf246cafdf0dc9506b |
| SHA512 | 3a91b28542226683cd6117a62d2638b965f6d773a3e9a4dc3e1045e9c388608768ddc4e2c87a65987c196e32211272202e6f7a6293a758d5e7c9fc9d0b0c0131 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 340acc77a40d0ef06d2aa8d63f189048 |
| SHA1 | a3dbdbbf9d03a1ef189729cc4035909579d2e2f4 |
| SHA256 | de5106e03a978c92dc1a95d58efc1ace3595b15c5ab4cc3546fc24097b84ab8f |
| SHA512 | cda4b4b2b4079737de14b9e27213a41267b50d8d6bad90c1ba850bd80b546f8ac6b67eb26d601d05a4e8b5c487d054f6a72331f754280ccbec0fcff99a839d2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bdd5a6361f9f18b4fa5c1b1680dd6b4c |
| SHA1 | 70dc03ffd4069feaf03a41d2fd409d8db3537dd8 |
| SHA256 | f76bf097fcb7067ffc30a20e93c1d44426f562c2b2692228ce635af0eebe54be |
| SHA512 | 4d2e67c9f7e2d9dacd7296f9f3905bb0fe6ce42004c8f8dbd708f09dc9c9002c728e7c276267bc8c11250b1f1be7589725fecbd4d3e01dcb4c54461d9e211c97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c69ef44b417dfb6465ad4bbbaa795b2 |
| SHA1 | 20cedb00552ad0eaba6850477ddb9993d620f9f3 |
| SHA256 | 8672895bf820f11013595f40a838feed72736b408d2c41d95f426443a5f0edf5 |
| SHA512 | 7ff3136708d0f7b472ed10d7fb5b8a148945f24842e3b03afa12801a0531cb4717fe9d9a16e707920860fc56295598afa2b60d0cad62e4288f3545a1fc9b94bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dbe571b57b84f36766091a90b198da84 |
| SHA1 | 192827d3965fd94482079fe116d2758d10eb58b2 |
| SHA256 | 22902e98d9479f40464acf62191b7aef0c4a819618d5ef609900f1ccb62ef940 |
| SHA512 | cdaf626f74cd64eccdd0b7a772032c4e2ad82de4c29ef050e57e604aed9896bde327737cb1d70af2b1244e00639b13f8b33b4adf6c0d11116614f8225fe440b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8005093e1ee4a0946f505e9dc1792386 |
| SHA1 | 6f53e66039b9c1bc63d754ec653ab7f3a7d1c92b |
| SHA256 | a4f16c29767427e8bd41d08a2ee293c20550bd4cac44562da136eda0bf22cdb1 |
| SHA512 | 5a52508f69c9ba7db8e3a1279290174dd6a60c0b431a4eb1ec7df3422a3bafb342b0c97bd381589d4532be2bed4dda16ad2eaf03702807e57d7a2af7666b05e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d75905578a290305c64a4d944f7a2d92 |
| SHA1 | 1311f375e48a97f6416d84bacd595b05b6958e4b |
| SHA256 | 06988530372e027d27444adbfd1b61e6b3b67675d94b212e05439cb5dee6e1dd |
| SHA512 | 31931e132d4461c6a552d75582ccb2422639146e196755005a8bb012fd7bf85bd43ce7839adc2918c9e499560951a02faaf302b3d8de7b3aeec9bc982c731a21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5bc8be987d994c1e4f8f9fb71f7ce5c3 |
| SHA1 | 6273e861d377bff79fbb5e53e588c136abc205da |
| SHA256 | 77c640edd835cfaf82099b1c242e5b04d7700074e63ceb8249b57ebe87c1d4f4 |
| SHA512 | f668cd2323a94e5e272a87c1f2bbb465daefa10d4ff704de71d70323681dab339d6a44c0c4cf8464760c2d7072ff1c0afdd142243ed376ed738ab56b02231a9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dc53be2e2c7bc21f12f473d60646f533 |
| SHA1 | d7f5e933bda76fb3ac76469053d27c4c11daef9e |
| SHA256 | 6e9887b19271371c88f2e4b6a40cad3f47ec664f31ff483e5583aec4a55fcd7a |
| SHA512 | 7b0754a8e038fd1037d365b6f655a1c3aff1aa29252f8119032a3ebfaaafa70bda10e6fe71834f81bed03c41c80ab4b76ff4368821938f96c6c608277b9ebaef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d31297b634b1b29d83e95a02c87f1e09 |
| SHA1 | 0ce5e2652212f807830719ca4b946f4141a5adc5 |
| SHA256 | ad610292251d6cbda2370aa8878997da8e1e0d9162164b70b8d9dc24d669dd0c |
| SHA512 | cd08a91cf1a13d00d49f097faf68dd91268ad56fbad1356a3b33ed51cb3ed016a2ad43294f02dc6cf8987f48354d687a34a7663d5d6ee14024f403f9a492718f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6cbd64157942776613cdb6a4dc61819 |
| SHA1 | e83957bb1bb6b8a0c05d170831a9173ae3232c81 |
| SHA256 | dfea2c8aa6f9b6673802b7c6ed712dfcc270e23c8fb449369bb7d3ca0a5f995c |
| SHA512 | 07b851cd88675450ad51226fd243749f9346302b1bd59e3ff65a210db3f2bb8150e52e1b5fdafec20e8c2ba4613c2fe5002a106fcf7416412c7f98af7122e774 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5f1ce2587767ae2e1abc00e9fa535941 |
| SHA1 | 73d113945e74f641239f9f5debde1db7f3c29cd3 |
| SHA256 | 47c7c0e2a923a2c7a829ba277462597f334c0060f6570147e1ff890e5ebd9c32 |
| SHA512 | e2e36db3bf2e700c6431b1acdba58de23c7cc680b9751795de34d90d75c1c77a26c698bbae479e4b0995749d1a0253b90492e34026b4e76c841c408216534a85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd04bb907387f2cd44dfb4c3ece15cf2 |
| SHA1 | 58b7792932f1afa5ebfc0f5bc397192bf6dd9984 |
| SHA256 | ca6ba6dd5dc72b414b27936821c757fe09bd15704e64cb64987f2bd788cfca00 |
| SHA512 | 7730ee91cf164e335af9723e78228f2a9f5664db6fe8e445596378f4077a8ee255b9d7463485debe8199147cd908227d0a446fe2e10dd566b161ee4319cb17a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a58ab2f1755a0a2f4ae430eb3210a2c |
| SHA1 | 367b288e5010a9bd7a0c70a59f7a3897d55088ea |
| SHA256 | 1010a01973b463f1103d2e0aee79a9b5a6fa4477986bcfcc15f3bfcd13119461 |
| SHA512 | 11e37b22dc98f26eec906fde37bba582ba99b335a55ea979c4d00989d1736b896b2d5fa21250244669b9a29d28d5472fb41fdb4ec4f4022dde7b6d058237b9ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd4cf7654915b383904e1f200467ad5a |
| SHA1 | 181955820b563c0578bd311ba155739cf6d5ceb5 |
| SHA256 | bb7c3ae7a32385771b5e27b9ff879eb7810e7282a2047e02be0fcf54aaf3f12c |
| SHA512 | b4a2f9875420c51cfc50083078cf13ab4dd344e2b1f7445fc8e11f71f2eae8c66003b3658a1d03019469ea7ad3c76fca0ef74cde93c0453971bc862f7674012a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fc356828c2276a82f1f30a698459bdb8 |
| SHA1 | 5cfe5ae6f6b4e85798a5a0e207c289c1fae2852c |
| SHA256 | 107fde06ab4ecbae08647ea3cc7647b73481c5291f71a8457671b13eb0e8ac4c |
| SHA512 | 8623e887789d2f86ebe7918883eb9b5e81fa07c0fba066df582af9c1789575c75ced174cbfff8a5577bc9c6314841c268ed1658ef70fc666f1b48c9ef883f08b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a8186569161c44eb376ade4cbf3d1694 |
| SHA1 | 90ffa472e88d86e1ccd5fa42c2e492ad170179c1 |
| SHA256 | ee1d9fb275640a00b2143cabe36fe92c31947dea72a9615010b7f550e4a956e8 |
| SHA512 | 7513837228a987ae461c84d7538015e8c6306eae2cdde04423748c12196c614621fd8f236e8f88ac3ed14a87cef64572dd69a00f70a221155b5a3733a087876d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af90d639579fe5b6723266b40df17477 |
| SHA1 | b54694bd81131567430c848dff252476a054ce69 |
| SHA256 | a3e492e376f8c84eaa9dd285715469760aab845b213aea82002733ab6fbecb28 |
| SHA512 | 7a484bd7096eef73ae8eef4dfb283d2c8d6d36664216b07e2369971ad97e46d59ecae2b4d6036fd247edcd97d6c8e45dd924c38149fcbf2321932fbc8ba8947e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 65f8d465fce7114927b8625ec04ba49a |
| SHA1 | c80db7ab057b99eccb5b879a1b31208bd4201597 |
| SHA256 | 80f5a815a8bb7790186b82ddcfc09cfa26293f3689d604794db70695bfaf8001 |
| SHA512 | eb5de3754d50a7cca7f5434002f3d20c1c713ebf7a07400a7732db1d4aa376cc0959f8e585ff63de8af9eac3758be02822bfb135540d5000017dcac7cdc2a587 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a3900f5f7c49bbf0b7773c45ff5aad37 |
| SHA1 | 794a099c7b9df7a9fac19e04a9476cfb31d33d1f |
| SHA256 | d20960bf7d093aa7dadc4de7e7de0b9cba24d178c40eff398204654bd91a1b70 |
| SHA512 | e13bc4ae8244eda5fee2a615c1d601575423f7a0d3d9c10e59d7a195315b15f1f83aa0c902fda194afcf6d69e20b190abb5990e4a018d9ee291b4a85d34dbb67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ee85ae26-758d-46be-bf7a-cf9038440310.tmp
| MD5 | 0207619c1be2dbb1dce0f753ad74617b |
| SHA1 | 8b29f8f0fff7566a08af44b628275ed282359268 |
| SHA256 | b7b72916c18d1b0631dda324d43e3fcf9f0881727411196ba268026ba38a78f2 |
| SHA512 | 00c4095d89fc7a1d935cd8d18168b88db85e8fdd099cc6d61fd8d59dd9c1fd9299f4fc68d74cac92d9f4fca5475986c9c23b596bd219b1d541864192f2387670 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0b6538355cfdf8923e50cf86b164ad3d |
| SHA1 | 1214634e1f28aa153e6a18e824e3719395df44fe |
| SHA256 | 71b5d1e45186b1efc72e32295d2b52e462cdb632fe535433c397aafffdf22351 |
| SHA512 | 66a5144a8fc8e3de30436fe0cd76fb28c71452b022972fdf0ca95cefeb5afbea91444220d2306bd439dda3aa82805b10af6644276569237ed72eb59c4c44200a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 793388770d59531d4a9575106dd021bf |
| SHA1 | 9dd07e6d5d7bdd76b65659ef8b8c627323325a0d |
| SHA256 | 2fd8db4b1c3af5135650f88e9d83eb66a7df1fea8b61efbd7e8764f63756a9c9 |
| SHA512 | 0c60bf40b01829d56111c0171306e02bb6160a8bb6011bf1bf7c8a2a1674721986837098dd2e4366f04b8ee510a07569b65e1f1c2d36ee6f433bf6a96b1d4abb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 706c757892c90f212c0fd767e9511802 |
| SHA1 | 15fe216ec819c8b152cf420b32b0ae3a6a9cb9a8 |
| SHA256 | e2dd51466a92bc10c51df4f1311b5fdfe19ae3eaf61d427b223656971caf25a0 |
| SHA512 | 0cb4c8c33779a8d7545b6ffcf6406922a68de147cd34f4b3d19dda4514af35f7aa1c39acc82e3779f14a206066ae366f884d1528c989dfaaa80f645bee6a0e92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4e5e3107-e956-4eed-83a3-3662a1f2968b.tmp
| MD5 | 0eaf49577e500e4e88cd1529066d4d93 |
| SHA1 | 0ea564c4d394bf4b73fea2d9c67e9d06b3cb05d4 |
| SHA256 | 9d8b8a31ce25e2eb7f4312c2ca129a136eb79f36a948d74a284c86817df89b62 |
| SHA512 | e7c4d635b03c4932b16f724de1576baa38377c757aa8c1236dc386e7cf408db1d8b8ed281eb03e561bd9f6ec54659de3ef7aa30bd7faff733ec310cd3b66d54a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9709688c9186abaa74b3b9c3e42ed2d1 |
| SHA1 | 1484349ac9a511709e0df87c14f7f29eb3eeaf43 |
| SHA256 | 2908257923eaf1766f2c59d84a12187ae119d451af900469c4fb6fda403cd1b5 |
| SHA512 | bf4146e811028e7043db93f9355fe0418ab4debdc2813ea27743bfeefe6b2f8bbe94afe5b15a3fc9fdc972742cc5383ae7912fad947ffc68ed40e224a8d48eae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10d1cb5c2308a017501626a83fec31b9 |
| SHA1 | 58806e145967d0beec4bc30da16b9ad92390bd25 |
| SHA256 | 26f9f2ba1484db6c9c270b840b29eaac2e78c366080ca4fac0bd8b6fae835630 |
| SHA512 | 9a8efcfffed8e2d3ef53b80309be48f432f51705910d82645de6b1e61855e9256a6e937b15672d1cf80e557f17f06527170bda93f2f4eef6e6011d84de1f3601 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 50eb7faeaae6a1cc452762f001dc8325 |
| SHA1 | 09d4480c5039eeaff5ab720842f71e23ce321a24 |
| SHA256 | 30e2272a6faadd1787f2d5e965379c748cc4e7aa03ec27d954fbca80a36f6aa9 |
| SHA512 | 4d50a8e6fe99450c80e54c1b02f91502b81fd18c08f4018a6bd4ef3f868f9a89f72850c329b958d6103670718d03a16a2f47108d292c8aef8659afbd76755365 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31c89d8d6bf70031f80e239b44c47b29 |
| SHA1 | d8110528bf66757351fd26423e9969f3a2a0a200 |
| SHA256 | bc9eb3b5641f742d16fadbcc87f12c4b2cc0816581afadcda5560605ceeb6760 |
| SHA512 | 9f54ad91ae6aba724c0a40a8e964405b5b81652b0fc9ba80e43c8886db05e07e6f0e66b730223d5fba57f94160298a43ff8dce626ca2525ce69e5e2b415d5aa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4cdacd7063abd05952b0205f03135abf |
| SHA1 | b0ae638d2273dc0e8a896e85f9f29da60076d634 |
| SHA256 | 1668fded1e068e340f9aab8e380b8cb28d98f30a8c1bd27f659fe2b9b40923b3 |
| SHA512 | f7d771705cf0613f03099ac8b4966fc6711935d1ad50591e08e49e5d60eeddf6602bbc17ec65443ed40e533194a0e91f7ef8b0fe90434a81b03366f7bb4a14e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9d57a09c2631b87e2178882ae5968fa9 |
| SHA1 | 34159b4ae0af56faea2333a8fe7f6f04804e61f1 |
| SHA256 | 07ce1719fad3ac2f2a6b066042acfe2e77f6f13238cfa66b4eb3e2beb80dc9da |
| SHA512 | 17cf86195b234cd1e0b78dec31ed01ee5e5786644c023ffcf70c17fc6d8688befcb5983e4a97b61ab6b012d34205f61fa2b07bcaf20197e6820451309774539b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 17d952d2e067e43c0c1046ea8041ee55 |
| SHA1 | 49d0a82ca1b1f2ac6fdfb5ed9f21437718c2c2ce |
| SHA256 | f4d7cadeefea01ef4131955e2987a62585bf950524c6233686fbc1f6c2412639 |
| SHA512 | 892086c76ef5c619c6cd7c06656bf0dc5003b77022a8ceb9fd8e38720803dd00be395f7d068c74a68c6263e922c6a39bd8e0c74818e424132dbe8100f21ffd21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 42d27b9d0b09dc3f0bfeddbd09bcd724 |
| SHA1 | 0196dc87fa222c229e3dd89ac0ad2b3854c9932e |
| SHA256 | cab148b2f997077d66633d645ad1ac5d3176d01a15c5581311b74e7071caa7f6 |
| SHA512 | 81c71312ce12ca0f3977cde0210150c1d1aba2ddc6923686d75429c41f7eec111a25ebca9aa5619c5b090abea7338903c0388c16c62fa5185d29756b060358a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4bce1ec7c1f01bbfd5fd9923e303b535 |
| SHA1 | b3f47231ea233dbb5bbd8827af5dcd344d524075 |
| SHA256 | 3db7be37821526a1f48684d1e6ff64d0c272d9c95cb08a05a6b841b9c6b9f49e |
| SHA512 | 8461b03f76df046d3998d2105e354a4039856bd430ff5ced51191a28598bac592e34ac00d8ca1b86deaaba0e3547d53a678cc5ce577ad7a566b1079be23e097b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cb2a4c44ed9aebe4a5609181ea89cb2a |
| SHA1 | 36fe3291f04bfcff88c412d413857563a422250f |
| SHA256 | 0b74b37dadb49c73db99097188da6d8e527733d1a1188126c23f2e04d456a4ff |
| SHA512 | 494703b83324bdc9872f739445f9ea10b0467c9649b16629896017c84e59f7e5e27cfcf3a0e5c4bbac7dc52fca698b600c9997ae7aa17e508b697da29947fcd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d05704c057af8565349a16968ae76aa2 |
| SHA1 | e8cb3b6db4714e2b0ec26dddff19688ae9212d50 |
| SHA256 | ae7d73e90b219765e01cb3d5226ef7ed44c6c15df92f19dd1971a37bd2ae3c93 |
| SHA512 | d9e0401116962ef82fcf670142e2abe47dccf46fdf5ab333739ed004cea744d297f93fa4447cb8ddec618a4c9562cc7c27a7f717d928567dce87811c0ce1460d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0fcfbbce4982408a3c9588c671dded02 |
| SHA1 | 2c17522b81ae18baa059867046fe80d43caa9285 |
| SHA256 | 3d5bd48596132ca4ac37aa75715f56468c4785f9f34ba0e485522836ca34f39a |
| SHA512 | a963e7c58988b99197b2c951458eb6480690d19447a3001dce8cdce6340b9b3194f0bf2c6c7a29e6df25783e6065bfc999e70ed6ba4bbbf22de99a5eacc1dc0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a7035aecbceb7c3a512ad435976052e5 |
| SHA1 | dd9430a81e351dbbdd4256fa50086d3b92ae3d40 |
| SHA256 | d24780e922c1f17ec9c6f13d928d102670838c7b917f79a35037544bd81e2db0 |
| SHA512 | d4fd0d9788319407ee8466b9a51584ccc2b5dc577c1106a50ec1d6918004371fe2b4753eca3eeec083ecdfd39299584ed183b9f2f1cb3bd93bb4cb5b9c139eb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 33c0b418c399cda2b24bd5941b1a90e6 |
| SHA1 | f260b759f222876295d8133dd1a277e4016c03ac |
| SHA256 | 93d7e407d3a39b4351b5eaa819a48adc886f4e45a7d2be7a801a0377e602c1e6 |
| SHA512 | 5df28c0fab7befd31197eeaad9feec24ba79e5aa9aa3e96f7820f549334f5287c4b825de8206c688423a4a35d26aeb2eaaeeaa79f87614bb4414b76f9039f313 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 830a3e7bb198508b3698dfcb0fdcabf0 |
| SHA1 | 8cdf55e3745b1a39e932d8c38df015d377566116 |
| SHA256 | d6161cb1f918bf276976a6043c2d7efea3f3919f6b3a75503f57a082ff65badb |
| SHA512 | fb16ab814a6c210a4157bf97b62a4c54669dae16791aaa1c7b67f8d98ec8ab0e8335cb772856045a8b3d1b415e6860e7cfcf4e887c66580a498b1dd46865050f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f114524e1a5d79b042605859ec13c48 |
| SHA1 | 64a3c3a5c54012045d2dbc9921f47ecb4ff068c5 |
| SHA256 | 078280bc5c4fe589bea8c46142106e025538cf6d07881af241b753537d12594b |
| SHA512 | e4ac7ced66883dfb904edf1b1c060c32e2e943730f4f44e19073c5b3ce3dd519b5b83ee1e58f51e6ea7ba0e3faf59c0609072dea68339efc8c72307212c83457 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 70e1afd47fa9977ed2d40074a9aee7c0 |
| SHA1 | da1b6b6444a6977942290d31cdc4fe6375267aa8 |
| SHA256 | 0cfecc8d97cdc8a1aa26235f9e4095777bdfe775e60b4e6d4410ccb3f3aacac1 |
| SHA512 | 6073ba024ba87ebdb3fa9be505298abc243c38ab896b0105f77c63264e294070400cc274b0d8af2dce07d9e077d6a69496cd7849e893bbb5de800f988ceead1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3702251a0c54da1cb1b31f136f7024a6 |
| SHA1 | e4d14566addbc604563a6cc15cb1d6efa398adbe |
| SHA256 | 2760b90e02e4209c7fbe58af817854dabaf86dcc8b4d057c01fa84e09c3c68b8 |
| SHA512 | cf80c4adbc4eae7e164c8fb5218a1ea63933407e2a2a1d64d652c5a16c7d0d441db3fdcd8b0384bdcf674376197b723df2ef72415ca0298d7bbe87edffd86108 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b8467047941d23c7e042ae9cd6d10a83 |
| SHA1 | 8832555930e2a698af62206e912d347a481e9feb |
| SHA256 | 9464d02d583e56620810804a530e37bb2c783d05141eb8acdbc0f87b6be5d786 |
| SHA512 | 783c7afc9b1842cb6e2bd7c16b5cd9048a1cd3b82849bc51b14c5d8fd0b523f46f2a2a1d025a17d1702aa462f6cbc316c2f9b531e4bd6a0d6b323816b4b829c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\886f08ff-b36c-49b6-9104-9ed2138ad233.tmp
| MD5 | 2882042127e7c817e0b55066fb1e5c79 |
| SHA1 | ff6606b56f5d0a3105d655f83c375df830945584 |
| SHA256 | cb60095d00d3e2a8c92b39c0732ffc5453ea22261066373f0e3c7f1596bf7a40 |
| SHA512 | 9434006236eecde10ee7e06b2a1015e12623bbb60950b62ebb951a3b2d7ab48a2d1cec13680034660702ea4f03f467d3190ad533c835fd22ddb296ed92e835a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9fbd84b4f3f353cf46d53ac80b6c222e |
| SHA1 | e75b31c5e90e82d9d65218641e8828d72417552c |
| SHA256 | a78ea875fba01a1827fc481c6c87d4a252a74304a3844d09f76a56b09b62db7c |
| SHA512 | cd4044cf051749eae2d66f4c6baad92a80ff6c36298293daea5bb9966f40b0b652f1ae97bc4bf9a51a0fa2c020ed4680cdce9893d4eec9d263c46d3eefd54747 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2db061b586495e07222bf7217383951 |
| SHA1 | 8884d6cad2deffe57a41f6d2f1da162fbff9246f |
| SHA256 | 7561af78e75e2f495da76ca83a39e673bae7dbabb734ddb556ec7e7075675734 |
| SHA512 | fc90a6ee69ff072108b4431811bd719d55de45711eb348b45cdedee069e536304aa7fe377f094a5ed910c2554f691ebd7aeca9db37f8c95de653131fecb1683b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd520c03ab0a080ab18aa6b0d119a2fa |
| SHA1 | 0fc78c2e9d92d385e1bffce1868b225c083e1967 |
| SHA256 | abe9f8dbe61d7cd666059f99634cfda34e8fc2147a1e666aa16ac6049ec84202 |
| SHA512 | 1106a4903e661dc804c4cdcef2ce22874513672110947a38ad81d28953ad505b716f9b5dfc9cf71a1af1b672ae0f9ef3f03583594c8e7cf7f8e64599c79d981c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1592ecd8e2bafd39ac10c77d58cee508 |
| SHA1 | d55559dd3478eb68ff62ba080fa9030413a48f31 |
| SHA256 | 0ce17d8f60d9315ab9653d2cae04f41d336c5c06edceccffa21fcb2de3909a29 |
| SHA512 | ffb36ef80eba237bf22cf8eda8ca309da3a90fdd5aef573be56f238b8bcdfd1f513f9938dc32374d4f454be017afda25e045a5537b54aad55fd84c8ce0cf67ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6427563fb5f78ea0830e0f0f043c653a |
| SHA1 | da6eb54d107d8f5d0c3f14096262a344ebf7922b |
| SHA256 | cdd78ed0be36f046d28fd77ee67e0faafcf0cbe6217bc693afe25a143f74d001 |
| SHA512 | b59c47af14cd25e372eb218a317788e1f7d250cc432ed814f9a62f6f1243970f6e406222ae19b706bbdaa8aba099f42d1505451474557c3751702c862acc5259 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7d3b317223113d5b885cd409e54234f2 |
| SHA1 | 082748b638bc0a307b9f0340ecfb44ad63935fd7 |
| SHA256 | 7312570054fea266fd6becff5cdf53c6018a7c4b869b394ec8325516c6d6944a |
| SHA512 | 9f6ef712f8f111cc68e4ea7edbfd041cc59b03c58398a67585981c3b4e391a4b6ed96ea5a0d4dcdf712eac1fa1009fd9c11edcc35e07d993d5c2f06fa51b5b56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ccc68f532d8da111a2852bc42ba907f1 |
| SHA1 | db0aeb821ec46bee01f23d5a7f45325cb8f9877b |
| SHA256 | d774b6c5e02b504315f2d8f6114007ec6bc01da0b799d77ed90d488cb1e3fce7 |
| SHA512 | 9dd1460ead043af2fc311b96cfac009e7554459f7d2d421deff902d0e89a5211dd7e603d5987165c5877b5c055f5516510357ca658c28266a83422ead9b9e375 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 19d15a9f4f853bbdc6996e69f1b7a24b |
| SHA1 | 26a4769c853fe647a0b0d57c29a86f689687011d |
| SHA256 | 9074a16bf833a8ec1b7fda315da5a769aa661439ecff8f7135c48f455fc0fb24 |
| SHA512 | e0c5d1cc250a98292cd2bd1010ab79ed5a040ec9827ad636c1d59b849ee43adac99a90da4c23ae34535e543c17543656b160b0863d88df17a29b2a73f28c97e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8e6b2f2c21d1379d74f4b8644bf689c |
| SHA1 | 52cf1a31accdabb92d757e3140f01b9c0ba39f9d |
| SHA256 | fb1c703ad094ca267950163eea39f51159ae91301faa1fd320e0627d1cd341d3 |
| SHA512 | 3624c219e554dbd70ca13d32df1368ba6149f072107c8ab0d3ee5fe22181fff09128cb22e5c66084c02e36ef80c91efc631879b5c94a7aa5e0c27e0a7fad0698 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6c635ee6b6235151e424eb4ce4add00 |
| SHA1 | 0627d8e50706929725884e8b5b1f861a5ebe434f |
| SHA256 | b9539cc2a4374deb324995d1548a656382f889140aa03930998e6b0a7abcf608 |
| SHA512 | 2a523be2bd1e4d50fc92ea6e1d9f188b400508a0a84d30418ded8af4613555a372726cfc7878206b86bbd33a09e7959f5970f6abb19beb3ce1450b2239931577 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02623c5672303f5c587426f64889e602 |
| SHA1 | 5f728ed0ad18dfe559ee9e1974d0ef57aa2d079c |
| SHA256 | 533abd1bd2b49ec014eaf43356c563c171bb2c4fbc0ca5de2bc5477253c6beb0 |
| SHA512 | 475531b5584e27afb1643b0a1b0c7f8bd6cb8bfce2a6c3e9a0e05483ed6e2c46339816db8e3cafe9cdc2f0290533da89c187a106e89a5c52e1b6f9e376c26f78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b6fc3324f1e9cdb702caa4d293802502 |
| SHA1 | 13a01ce9f6af4bb39e0d6a72e6af8f434c099dc6 |
| SHA256 | 8476126156d9ad457afcfa2e28627730a615bd228958ab00e2ecbd1e18bf7cee |
| SHA512 | 47e1d3de4b6a79eb85f37c486d6c4a9987535b889bef6323ee4ddf7bb98e5977b73d92bd827f55899d053a485fdaac6d4716b3c4d3a4b24cd32b9ab5f6f3ddfc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ffab7b6fde91840f17e8308b3a065a19 |
| SHA1 | b85e6ca19d0c2cd680ed35abe85c8d62cb50e4ba |
| SHA256 | db89df267c0332b2075177c7053a951cde8c70acd9374d6cfc69a98e47c73417 |
| SHA512 | 8bee08faa27cb13e5d879c20a19214ee24583628881b3e485948016b0b6eb71e15a2a364c2ce431c6fdbf9e315673c60114b05acade3fc6b75bcb42c6c802961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80f239db04fb70ca3eddae59f6dfbba9 |
| SHA1 | 490f38c452550584de883ef5ac4eec981ff80197 |
| SHA256 | 77e0140bef6895e18b2097f17c1b28dd10510f281f35372a6effcb5867d4795b |
| SHA512 | d6211ab25f86de7e7f54e018138e31da1048a3d0ec4c7daee7e7412b9f7c8bfcf30f5e7847241f78bf69b54669f34e527be969aca2d847fc810e0bc0ad98e7ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55b48c011ed2b0e42431356f380ff15b |
| SHA1 | 96b8839d69b4b5f72f2776dea23dffa3cf90f3be |
| SHA256 | 21a7403b432b1335dab9882dacc9bcdf15a20da10a2215ebb9a0c45546cc8472 |
| SHA512 | cf25c46865aff9766b8471a256bed6dfde703add7713e31f00d5ae5c285a7cf420232989752266bb901723e19207cd701e1976d5b93be68e8173e5d7330addf1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 480ea3fe2506e5a2a70f4c0884afcf11 |
| SHA1 | 9f0d8ad262d57b07e54e669e1a74cad3f979c10b |
| SHA256 | 49f5f64122a7f9723727ba7767295255dd176d4a91a411f44629b32234ec8d02 |
| SHA512 | c2e808ce20345a235dae28060b3171d6e387eb4e95977884b3a0572f89d9a87b196582fe5c952a65910371def4d6589406c69f7767a8bceebfca607204347a6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a22be656d3ea09c490cfd4a641b1a84 |
| SHA1 | f9ab03c32599f712ad21293e20fdc8c829a3cf7c |
| SHA256 | c67c9e944364750a47723d93a2b286a7b3a387a9b21cdcfb41d4621e7258460f |
| SHA512 | 04fb31516f306047a9eab699dca2956a027bcad34d689f5ad5c0e37e223e1f0029ccbc3ca35673ab8688a0574ae69c28ffa9c01e00a0ac59e67815ace3adb44c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2fa79a4c740510fb978326a92b89839 |
| SHA1 | 35b986a983f05e3b8ea438ff3da7132a7da773c8 |
| SHA256 | 160cf3c57e70691ccdb3608a501088c58f7f4d7111ef91efdaf63e06e58b74ab |
| SHA512 | 742038418ad0b9e0f9819e3a2a3982f6c5aab1f213084ecb409ae513c70382c42a1a947bd0b72f398297049f28872ac2f60e31181ab110b21ff08d020a108655 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c55bf4c41a445217f2039d9867f6c724 |
| SHA1 | a7ee917a0ed2107d8a38f2b9d54b36741e69602c |
| SHA256 | 267121bf30e5690eb7d6b030bf84e66cba493b6a78acb027622b6e020add3811 |
| SHA512 | 93930a9e0d73facbcdc0e8e9873f54bf2b07403ce0f98618997acbb4d051bcbfdfefef2e92bf3637621d097ff669cd0368b380370b49f7723d5e752ab32d5cf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a24b2db3d97be198706431b425298cc |
| SHA1 | c5d823bc8e663e944a740f20103ce45212011508 |
| SHA256 | 303ab444567b5a263315f20f0390a7d433cee4837f3c095d2f6207fd9a3765bc |
| SHA512 | d9629bb75d2ba1f67b1a45636719542babd648954088eeb33febd49bc6cde0c923043881daa193bef0ba9e0fefa03a51fcbfbc0d8f78e6d817ff4c7da378582b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9377c7269ecbdccc5919fdf7f78de202 |
| SHA1 | c8219b1acb24c33e3792a0373406c6f7d647ed5b |
| SHA256 | 2a3f5a47aef91f693faf0def84a73affc733be214facf2a834333f96eebcd819 |
| SHA512 | 9c33c67bd40589eb65e37bd7f1eab0cba976664aa0fe9fee345f9676089965f0e4ca111165047c680bfabcde65a1733f6d326d2a17748f35645949cfae6c8283 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d20ee380a28ec5ee0604a4ea612788e1 |
| SHA1 | 4676eeb759155632440e52e9373ed93b3eaae5e8 |
| SHA256 | 7c42006ac78976016cffc08b5b7a1d0c31b22b46668239f46679e564702f448b |
| SHA512 | 38d279de50d13912f763a25fefcee131669964d58922b69535ba210d554361d73317e12ada93d034137d697feba0a6d97d6a5f352aaee896c75e88d90d81a46a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\821e683b-323b-44e6-ab64-dd1ff55480af.tmp
| MD5 | 3c4d3f83ae0a6bf5c13f6ec81cf4d1c6 |
| SHA1 | a17f62d138ddc80df6a3e3cb7e9e47d5f2b01bb6 |
| SHA256 | da8f11f205762cf7295b9b559196bb0f9f2cfe8b0d68f6ef969eb7ed24466447 |
| SHA512 | b1dc3444d33361efd95fc009172c6cdc6c862f7ba493994274c596884bba0af9357bd380aa0f456ee5e84de7881895b73aa1011d7d3af7c9c3a820efd9335b78 |