Malware Analysis Report

2025-01-22 09:00

Sample ID 240522-zv4r3agf59
Target https://tautarahack.pro/
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://tautarahack.pro/ was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-22 21:03

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-22 21:03

Reported

2024-05-22 21:05

Platform

win10v2004-20240426-en

Max time kernel

149s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://tautarahack.pro/

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4372 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 4932 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2764 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 2884 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4372 wrote to memory of 892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://tautarahack.pro/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8d07346f8,0x7ff8d0734708,0x7ff8d0734718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7224 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5204 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,17366882389356155660,12312911281558862925,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8944 /prefetch:2

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 tautarahack.pro udp
RU 31.31.196.163:443 tautarahack.pro tcp
US 8.8.8.8:53 163.196.31.31.in-addr.arpa udp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
GB 172.217.169.10:443 ajax.googleapis.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 13.107.21.237:443 g.bing.com tcp
NL 23.62.61.139:443 www.bing.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 139.61.62.23.in-addr.arpa udp
NL 23.62.61.139:443 www.bing.com tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 www.mediafire.com udp
US 104.16.113.74:443 www.mediafire.com tcp
US 104.16.113.74:443 www.mediafire.com tcp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 104.21.42.32:443 the.gatekeeperconsent.com tcp
US 8.8.8.8:53 static.mediafire.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 104.21.63.106:443 www.ezojs.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 8.8.8.8:53 translate.google.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 8.8.8.8:53 cdn.amplitude.com udp
GB 142.250.187.238:443 translate.google.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 cdn.otnolatrnup.com udp
US 8.8.8.8:53 www.mediafiredls.com udp
US 104.16.53.110:443 cdn.otnolatrnup.com tcp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 74.113.16.104.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 32.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 106.63.21.104.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 104.26.2.173:443 www.mediafiredls.com tcp
FR 15.188.219.54:443 g.ezoic.net tcp
US 8.8.8.8:53 go.ezodn.com udp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 otnolatrnup.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 142.250.179.234:443 translate.googleapis.com tcp
BE 74.125.71.156:443 stats.g.doubleclick.net tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 apps.identrust.com udp
US 172.67.142.121:443 go.ezodn.com tcp
NL 23.63.101.153:80 apps.identrust.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 172.67.142.121:443 go.ezodn.com tcp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 ad.crwdcntrl.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
FR 18.161.111.114:443 cdn.amplitude.com tcp
US 8.8.8.8:53 bshr.ezodn.com udp
US 8.8.8.8:53 translate-pa.googleapis.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 172.67.142.121:443 bshr.ezodn.com tcp
US 8.8.8.8:53 110.53.16.104.in-addr.arpa udp
US 8.8.8.8:53 173.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 54.219.188.15.in-addr.arpa udp
US 8.8.8.8:53 121.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 156.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 153.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 114.111.161.18.in-addr.arpa udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 ghb.adtelligent.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 rtb.adxpremium.services udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 ap.lijit.com udp
NL 185.106.140.18:443 rtb.adxpremium.services tcp
FR 3.160.188.48:443 hb.yellowblue.io tcp
US 104.26.8.169:443 script.4dex.io tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
US 172.67.14.119:443 prebid.smilewanted.com tcp
NL 147.75.84.158:443 prebid.a-mo.net tcp
IE 52.209.111.174:443 ap.lijit.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
DE 51.38.120.206:443 onetag-sys.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
GB 185.239.172.170:443 ghb.adtelligent.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 104.26.8.169:443 script.4dex.io tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 104.18.23.145:443 cadmus.script.ac tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
GB 142.250.187.196:443 www.google.com tcp
IE 52.49.45.15:443 bcp.crwdcntrl.net tcp
IE 54.77.98.227:443 bcp.crwdcntrl.net tcp
IE 52.209.111.174:443 ap.lijit.com tcp
FR 54.230.112.50:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 ghb1.adtelligent.com udp
US 104.26.8.169:443 script.4dex.io tcp
US 8.8.8.8:53 api.amplitude.com udp
US 35.162.90.132:443 api.amplitude.com tcp
US 23.227.151.242:443 ghb1.adtelligent.com tcp
US 8.8.8.8:53 17.97.161.18.in-addr.arpa udp
US 8.8.8.8:53 169.8.26.104.in-addr.arpa udp
US 8.8.8.8:53 119.14.67.172.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 18.140.106.185.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 174.111.209.52.in-addr.arpa udp
US 8.8.8.8:53 206.120.38.51.in-addr.arpa udp
US 8.8.8.8:53 48.188.160.3.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 170.172.239.185.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 15.45.49.52.in-addr.arpa udp
US 8.8.8.8:53 227.98.77.54.in-addr.arpa udp
US 8.8.8.8:53 50.112.230.54.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 download2274.mediafire.com udp
US 199.91.155.15:443 download2274.mediafire.com tcp
US 199.91.155.15:443 download2274.mediafire.com tcp
US 8.8.8.8:53 242.151.227.23.in-addr.arpa udp
US 8.8.8.8:53 132.90.162.35.in-addr.arpa udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 sys.ctrackapp.com udp
US 8.8.8.8:53 15.155.91.199.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
NL 178.250.1.3:443 static.criteo.net tcp
FR 54.230.112.2:443 sys.ctrackapp.com tcp
FR 54.230.112.2:443 sys.ctrackapp.com tcp
FR 54.230.112.2:443 sys.ctrackapp.com tcp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 2.112.230.54.in-addr.arpa udp
US 8.8.8.8:53 track.donecperficiam.com udp
FR 18.161.97.56:443 track.donecperficiam.com tcp
FR 18.161.97.56:443 track.donecperficiam.com tcp
US 52.111.227.11:443 tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 s.console.adtarget.com.tr udp
US 8.8.8.8:53 56.97.161.18.in-addr.arpa udp
US 8.8.8.8:53 go.etoro.com udp
DE 51.38.120.206:443 onetag-sys.com udp
US 8.8.8.8:53 cm.adform.net udp
GB 23.214.118.147:443 go.etoro.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
DE 168.119.32.99:443 s.console.adtarget.com.tr tcp
US 8.8.8.8:53 ads.pubmatic.com udp
GB 23.214.118.147:443 go.etoro.com tcp
US 8.8.8.8:53 csync.smilewanted.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id5-sync.com udp
DK 37.157.3.20:443 cm.adform.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DK 37.157.3.20:443 cm.adform.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
SE 23.32.84.225:443 ads.pubmatic.com tcp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 match.adsrvr.org udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
DE 162.19.138.83:443 id5-sync.com tcp
DE 162.19.138.83:443 id5-sync.com tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 99.32.119.168.in-addr.arpa udp
US 8.8.8.8:53 147.118.214.23.in-addr.arpa udp
US 8.8.8.8:53 marketing.etorostatic.com udp
US 8.8.8.8:53 etoro-cdn.etorostatic.com udp
US 172.67.14.119:443 csync.smilewanted.com tcp
IE 54.77.98.227:443 id.crwdcntrl.net tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 ce.lijit.com udp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 104.103.247.210:443 etoro-cdn.etorostatic.com tcp
GB 142.250.187.196:443 www.google.com udp
IE 18.203.106.185:443 ce.lijit.com tcp
US 8.8.8.8:53 20.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 225.84.32.23.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 185.106.203.18.in-addr.arpa udp
US 8.8.8.8:53 210.247.103.104.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
GB 142.250.179.234:443 translate-pa.googleapis.com udp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 etorologsapi.etoro.com udp
NL 20.54.209.212:443 etorologsapi.etoro.com tcp
US 8.8.8.8:53 cdn.mxpnl.com udp
NL 20.54.209.212:443 etorologsapi.etoro.com tcp
US 130.211.5.208:443 cdn.mxpnl.com tcp
US 8.8.8.8:53 212.209.54.20.in-addr.arpa udp
US 130.211.5.208:443 cdn.mxpnl.com tcp
US 104.19.178.52:443 cdn.cookielaw.org tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 208.5.211.130.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 c0.adalyser.com udp
US 8.8.8.8:53 amplify.outbrain.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 cdn.taboola.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 204.79.197.237:443 bat.bing.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 204.79.197.237:443 bat.bing.com tcp
FR 18.161.111.91:443 static.hotjar.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
IE 54.155.127.37:443 c0.adalyser.com tcp
SE 23.32.85.117:443 amplify.outbrain.com tcp
GB 199.232.56.157:443 static.ads-twitter.com tcp
US 151.101.1.44:443 cdn.taboola.com tcp
US 8.8.8.8:53 9944765.fls.doubleclick.net udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 157.56.232.199.in-addr.arpa udp
US 8.8.8.8:53 44.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 37.127.155.54.in-addr.arpa udp
US 8.8.8.8:53 91.111.161.18.in-addr.arpa udp
US 8.8.8.8:53 117.85.32.23.in-addr.arpa udp
GB 216.58.204.70:443 9944765.fls.doubleclick.net tcp
BE 74.125.71.156:443 stats.g.doubleclick.net udp
GB 142.250.200.3:443 www.google.co.uk udp
GB 216.58.204.70:443 9944765.fls.doubleclick.net udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 tr.outbrain.com udp
US 8.8.8.8:53 script.hotjar.com udp
US 8.8.8.8:53 trc.taboola.com udp
US 8.8.8.8:53 wave.outbrain.com udp
US 64.74.236.159:443 tr.outbrain.com tcp
US 64.74.236.159:443 tr.outbrain.com tcp
FR 216.137.52.50:443 script.hotjar.com tcp
US 64.74.236.159:443 tr.outbrain.com tcp
SE 23.32.85.117:443 wave.outbrain.com tcp
SE 23.32.85.117:443 wave.outbrain.com tcp
SE 23.32.85.117:443 wave.outbrain.com tcp
SE 23.32.85.117:443 wave.outbrain.com tcp
SE 23.32.85.117:443 wave.outbrain.com tcp
SE 23.32.85.117:443 wave.outbrain.com tcp
US 8.8.8.8:53 t.co udp
US 8.8.8.8:53 analytics.twitter.com udp
US 8.8.8.8:53 50.52.137.216.in-addr.arpa udp
US 8.8.8.8:53 159.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 104.244.42.3:443 analytics.twitter.com tcp
US 104.244.42.69:443 t.co tcp
US 8.8.8.8:53 trc-events.taboola.com udp
GB 157.240.214.35:443 www.facebook.com tcp
US 104.244.42.3:443 analytics.twitter.com tcp
NL 141.226.228.48:443 trc-events.taboola.com tcp
US 8.8.8.8:53 69.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 35.214.240.157.in-addr.arpa udp
US 8.8.8.8:53 3.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 static.smilewanted.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 dc.services.visualstudio.com udp
NL 20.50.88.234:443 dc.services.visualstudio.com tcp
US 8.8.8.8:53 privacyportal-de.onetrust.com udp
NL 20.50.88.234:443 dc.services.visualstudio.com tcp
US 172.64.155.119:443 privacyportal-de.onetrust.com tcp
NL 20.50.88.234:443 dc.services.visualstudio.com tcp
US 8.8.8.8:53 sync.smartadserver.com udp
US 8.8.8.8:53 secure.adnxs.com udp
DE 168.119.32.99:443 s.console.adtarget.com.tr tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
NL 185.89.210.153:443 secure.adnxs.com tcp
US 8.8.8.8:53 ice.360yield.com udp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 ap.lijit.com udp
NL 81.17.55.116:443 sync.smartadserver.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 us.shb-sync.com udp
NL 81.17.55.116:443 sync.smartadserver.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
IE 52.51.151.68:443 ice.360yield.com tcp
US 34.98.64.218:443 u.openx.net tcp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.2.110.33:443 us.shb-sync.com tcp
US 8.8.8.8:53 234.88.50.20.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
FR 216.137.52.34:443 s.ad.smaato.net tcp
US 34.98.64.218:443 u.openx.net udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 153.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 33.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 68.151.51.52.in-addr.arpa udp
US 8.8.8.8:53 34.52.137.216.in-addr.arpa udp
US 8.8.8.8:53 116.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
FR 15.188.219.54:443 g.ezoic.net tcp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
NL 178.250.1.3:443 static.criteo.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 84105a8fab53b37dd881ab5c11737630.safeframe.googlesyndication.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.169.65:443 84105a8fab53b37dd881ab5c11737630.safeframe.googlesyndication.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
FR 52.84.39.108:443 cdn.prod.uidapi.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.187.196:443 www.google.com udp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 oajs.openx.net udp
US 34.120.107.143:443 oajs.openx.net tcp
US 34.120.107.143:443 oajs.openx.net udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 108.39.84.52.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 143.107.120.34.in-addr.arpa udp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 193.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 51.38.120.206:443 onetag-sys.com tcp
US 8.8.8.8:53 prebid.a-mo.net udp
NL 185.106.140.18:443 rtb.adxpremium.services tcp
US 8.8.8.8:53 ghb2.adtelligent.com udp
NL 145.40.97.66:443 prebid.a-mo.net tcp
US 23.227.151.194:443 ghb2.adtelligent.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 66.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 194.151.227.23.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8b167567021ccb1a9fdf073fa9112ef0
SHA1 3baf293fbfaa7c1e7cdacb5f2975737f4ef69898
SHA256 26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513
SHA512 726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54

\??\pipe\LOCAL\crashpad_4372_RWNBIKNIBXVIVCTX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 537815e7cc5c694912ac0308147852e4
SHA1 2ccdd9d9dc637db5462fe8119c0df261146c363c
SHA256 b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f
SHA512 63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 767d4930002c9f235f1eae24c5a2ff28
SHA1 130a3e171e1c2f599df0bae9e19270134691d819
SHA256 bfd9cc4c32de897e2534c5f2ffc5e951d2ec36e40ae201b99ad5b18cfb7bcbf9
SHA512 f2ecddc9ac5f8cf3efde702deefab9f999ffbfa13210db8c47d81e7997c4d11a9d7ff5bbd37017cbd48dad6d37f6bf33f6ad69977c58130d3515f945b3dfccdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0d6fc5c9ced9f282e353fc904727af7f
SHA1 5509325ed6dd76ab23e72513f1778a7c050f2115
SHA256 4f27dd0aed84af19548d01cd6d0fb36a44222bf3e781f387d757d6af3a4af313
SHA512 9e2c1ca35bc351c01f333b8fa484cfeb5603f78552930f84dcfcd05a20041818278a1193c79a9f37dbb4c56f075d6bba8b7be1fd4c7865abdcbd337a0dbc1d2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d9782ff8b012b3184dbe83d59a16125b
SHA1 6e7ea8d26ad08fb2a50d8b42ba48feb5c3fd2edf
SHA256 0abbf96d23ef539243f6f4d49f323ec56c776adaf83931abd1cfc1d7c336a503
SHA512 acedf49f3785434163618b87b27c6612dc3d30646d03af69350b2d617ef2beef243066abb2d7c86371df51304bd050a98b844b69a5cb7c19f5d65d5b136c18be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 ff22f6e34cb8b72748538938f7f786c8
SHA1 111e832e393d164f209f45ed0ec5d16a38462006
SHA256 3070341f991dc4f32b4333c78e2c507bc5f344cf8f7d508fc854f7efdb0a4814
SHA512 59173f32917a98cea36fb1a1f245a16801301361292cdf5978b44d4fbe0d2892be21126a2f678755fdd8533d09c7274386d4307f9f5283028830229227ba4e55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a830e0d5bc6a195a42a2eef90c48221c
SHA1 75019b8a110a60e43cb9f10ac4fd943995b97fcd
SHA256 c1aab8433034cee8cf4217fe0507179f3c747ec445f08cbc406b76e1bcd9eeff
SHA512 e2d1b9e09375b8ca1886ed92f6da06403d3f36ec38a922baa973e8c4916cf37d2e91140e4963491a9a9c8ad0051a87ba4a0bcc0b0cea7237d53c9716ca93dbac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 97a928f9a3f8700bd2879db58592a0bd
SHA1 ce6323a31ff9d71f061a40a59795ebe2e0346249
SHA256 bd31032b3a0089d13186921ec90f3bfd5faf4e2ba6a8f7c6b265bdabc97446e5
SHA512 139fd4a7335030586993cd85c1a1028925ab3d89f6b0363ba393e0dbc227f59e859c81c84ab6e0b14aa9c18e25c7529a99764b78126e763a95dcc1a11317daa3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b9db87208b73c8ee67d48b8358a2f79b
SHA1 9fbb287501befe17c2eae2ced65b507d0ae45a7a
SHA256 3d2e1d7d72a5b7bf60e34275668d1a0dbc942cc362f9efb2f39abfa1e54e67b9
SHA512 83aa737d18cbd389d388e46c02585ad97e276182c0e23a1e2307462b8a6239a18ba9b4d31f261049ec84860d28218ba56b45c43c4a38e43909781054fd1b3959

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8addddc82d6ea92ebf229619d3065835
SHA1 bf8f17c824847960c817fe3ea94ba919734d42b9
SHA256 d81877f2f2ca84cdfaae1d3dc4e7b1e800fa34fe4b410ddb235faae7fc1999ec
SHA512 d9bc40997c1c772852c0093b6805db76303b330d6ff72da9c6c638728c395ae4517328a5e67a69841fd1e598dea7226d400ad8253cee113aa37b491365ff79fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f5f54ffdfb78a0223701e4e77990fa3a
SHA1 8f647c4f4c13ddfd788570896dc6eaead336dfc6
SHA256 662a8617f5e8f2c9127f1ce3f96079e3b52fc132e8b3eb91d3891cf90f873e42
SHA512 fcdd1698d30ba97a490605e959d488668a50329f7c683d6070df57c45a20d50c4c0854fd80641b968faf08d7a336cc831092a673f51b2376ca092f0f08a2602a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7af38e47152a8bc4cc0929f634ac06fe
SHA1 be2cdb9239918d026da84cd6ba05c82d1d837148
SHA256 a09e98233569dd33980cedaad597a475c6ca8336bc97479706904dbfd333ef97
SHA512 9c925a218389ac8699d9c8c328174318c17a28a2f3547604b0a710c11fbc1eff962e6e6b7eec79fda9b174d25ee5d8d8adc3e4450df48ff5bbeaccb8eab91f1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b07f.TMP

MD5 f78dfb5f9d04712227073bc31f123afe
SHA1 ff367b5365e025c7f07c65a675c34d35255a174f
SHA256 1f7b5f916571a72705ff52b0eacc12d202e3d6c6782ca89bf91d29537d57755d
SHA512 41affffed5ceb99143d93c1ef9b20791101a32b2d9467789f0f580f54b3f04289d444a993b002db4f30310858fea7c68cdafb528dc77c97957b17abc99b974b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e72717f8a8c0b8815cc22e3a822a3847
SHA1 3f89a51eb090c9bcbbc8df271fab9b93b50061fb
SHA256 97fe397653fe63ad19ff05bbf4ed224337d1f01611ae81ca37d22521d98086c1
SHA512 57082e61848c74741383be83f2c1a6e33a17ff28a9a49bf7b972ccfd11b79c9d22b087546fce40c9885e6036cedbaef4fe4ab578d06314b74b4aabdc6e7e856a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 39c5a13216075dac446029206ef78825
SHA1 a5768378b51b0ea7c46a67b1bda83d4b5643e773
SHA256 1607c2ae4502b7724d011ce9c3cb03733ea2c77d5183cb56c1e907eaa0db0fd6
SHA512 74856fa8ad11246ea4d38febbf79d38676bd56c536ac3bc2aca1d39b3f72c5006b4fd6f7ee9c56d8217ce205ccabf29cca9a61b82fc3e1d1da1e7cbe1f022cc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ffbed03e1510b1d8766819048db676d4
SHA1 ecf856c664200c549cd1880feca773ac81c0ba4f
SHA256 44f75c801748ff454372217800ab0095d585f51ba4d8ec635081550ea2d6aa43
SHA512 8d52990076756376dd3d78094aa4ebc07d83236564dc7008906b9f81542ddaaf9e96d57e02055c5634171c859b21ce5eb7a7c516c4bd2cb2a0c30fb338f3ca99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 13fed53f7aa324810ec1cd9e277c8d8a
SHA1 fa01ccd6f6c0c25dad4a5802948b43acc3695387
SHA256 a26d3428cc7f0cfd271a9c701fe4824899f608e0c0c27e3da9949df28822a509
SHA512 d1486775c9ad5f960e62d0620479cd7590e44e5c42b03ba7c3c04aa2f698f81a0454aaa121a2ef5c967fb24868882c11a78d6d374886228d0ddbde044b4898ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ef5a771d7f752fa15ccdf5cb1ef6e937
SHA1 7d8a735f80b794b880400d310c5c453b5ff16573
SHA256 508b1a907e8fbee5a21d9ffba52f3f57acf868890e70c7715c3cdf8a4f6aaf35
SHA512 fad861ee7c0e5984e329f798601f0158c6c79d48d35fd04cbcd6d36dccd3bb4a5a2b2ab1dd41e5619ce5836192872cda7e12d17442bc4a62626cd748b4264792

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 781be94dca0b9be99686ea121abcf634
SHA1 cd5cea766885416af597ed0c8d1a72674ccf63f6
SHA256 86d684f8a18652b1a6af7b01fe5fd4ef3687546d70a11ef4bcd084d61b41c88e
SHA512 68535ffb1623419127ae3caa04a1488cebb093dede931bbc653b5aa0528106baf025469e1dc73915731708fc18b2b954315fecc843e0b02ec1b8aa4705fa903c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 aa7eeee1151c917739a2c59dcb1676a2
SHA1 986646bd1be9a2e6cccebacbcb8fe15e436f7939
SHA256 dc6637fe9b538096d715ad7d9dd45c4db86d1fc340cabdc08736ffb6bb8c96ca
SHA512 baac9b1e5921d3630c05b114beeba19f102c7df84b88fdb4b7919d1dc59060d7371e230efae6f05ff72e001709f2a6ca7c1b119ce8298e90e5f09b6b55885dc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4614551f319d687040265e73caa0b78f
SHA1 98a2e6b1df4488d59b223ed34b1028a3e60dbc69
SHA256 f870a24821a3e5180eb938f05af13b7c06cdd11e7a5ac0d0699510d4eec144d0
SHA512 6f5213d216de41fc0a00aa624bb8b664147b86abc489d0ea3eacfdb0bb514bd1c2f8c058ea7b76ecaeea49428822435ec68c311608604be91272cce50025ddda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f2ae8b5077851850d44be8c7badbdc4b
SHA1 778eaa85930a41e758e94f55b92fc852785c3436
SHA256 1832afe26e475b069f02b59bc76ef505d5e9c8c443d38c67ad5666fd0d9a6a6c
SHA512 9586afd0cd3fb00edf6d1e257f5f80111819e16619ce44c16c3d483aaee41e54fe744caf957c97678705d4e6a6572f5ac126735a24d62cb472eaeb5653768887