Analysis Overview
SHA256
2510be907ec476e8375ac7b5431536ae9a32bf99fe77ab695a5100852b111b96
Threat Level: Likely malicious
The file SolaraB.zip was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Modifies Installed Components in the registry
Downloads MZ/PE file
Sets file execution options in registry
Executes dropped EXE
Themida packer
Registers COM server for autorun
Checks computer location settings
Checks BIOS information in registry
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Installs/modifies Browser Helper Object
Checks whether UAC is enabled
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Unsigned PE
Enumerates physical storage devices
Modifies Internet Explorer settings
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
System policy modification
Uses Task Scheduler COM API
NTFS ADS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-24 02:17
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-24 02:17
Reported
2024-05-24 02:48
Platform
win10v2004-20240426-en
Max time kernel
1685s
Max time network
1180s
Command Line
Signatures
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 3052 wrote to memory of 4012 | N/A | C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe |
| PID 3052 wrote to memory of 4012 | N/A | C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 138.136.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.143.182.52.in-addr.arpa | udp |
Files
memory/3052-0-0x000000007500E000-0x000000007500F000-memory.dmp
memory/3052-1-0x0000000000660000-0x000000000066A000-memory.dmp
memory/3052-2-0x00000000028C0000-0x00000000028CA000-memory.dmp
memory/3052-3-0x0000000075000000-0x00000000757B0000-memory.dmp
memory/3052-5-0x00000000059E0000-0x00000000059F2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
| MD5 | d0104f79f0b4f03bbcd3b287fa04cf8c |
| SHA1 | 54f9d7adf8943cb07f821435bb269eb4ba40ccc2 |
| SHA256 | 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a |
| SHA512 | daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc
| MD5 | c2ab942102236f987048d0d84d73d960 |
| SHA1 | 95462172699187ac02eaec6074024b26e6d71cff |
| SHA256 | 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a |
| SHA512 | e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc
| MD5 | c28b0fe9be6e306cc2ad30fe00e3db10 |
| SHA1 | af79c81bd61c9a937fca18425dd84cdf8317c8b9 |
| SHA256 | 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641 |
| SHA512 | e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE
| MD5 | 13babc4f212ce635d68da544339c962b |
| SHA1 | 4881ad2ec8eb2470a7049421047c6d076f48f1de |
| SHA256 | bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400 |
| SHA512 | 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
| MD5 | f8f4522d11178a26e97e2046f249dfa7 |
| SHA1 | 8b591d9a37716e235260fb6b3f601e4ccbebf15d |
| SHA256 | 3c372a8919c28dc76414b2f30da423c3e1018b1a8444527949ce20cc3fc93ed0 |
| SHA512 | 52ea881cad501cf1d5e8ac47355e862ac1bd39cb6e1ff3d362d392b6f2d676e74878832505d17a552aaa3bc8f3977da11fa3f9903722eedd23716fb46ddb7492 |
memory/3052-1472-0x0000000075000000-0x00000000757B0000-memory.dmp
memory/4012-1471-0x00007FFD8C703000-0x00007FFD8C705000-memory.dmp
memory/4012-1473-0x000001C62F890000-0x000001C62F8AA000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/4012-1475-0x000001C64B420000-0x000001C64B95C000-memory.dmp
memory/4012-1476-0x00007FFD8C700000-0x00007FFD8D1C1000-memory.dmp
memory/4012-1477-0x000001C64AFA0000-0x000001C64B05A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll
| MD5 | 851fee9a41856b588847cf8272645f58 |
| SHA1 | ee185a1ff257c86eb19d30a191bf0695d5ac72a1 |
| SHA256 | 5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca |
| SHA512 | cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f |
memory/4012-1479-0x000001C64AEE0000-0x000001C64AF5E000-memory.dmp
memory/4012-1481-0x000001C62FC80000-0x000001C62FC8E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll
| MD5 | 34ec990ed346ec6a4f14841b12280c20 |
| SHA1 | 6587164274a1ae7f47bdb9d71d066b83241576f0 |
| SHA256 | 1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409 |
| SHA512 | b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll
| MD5 | a0bd0d1a66e7c7f1d97aedecdafb933f |
| SHA1 | dd109ac34beb8289030e4ec0a026297b793f64a3 |
| SHA256 | 79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36 |
| SHA512 | 2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50 |
memory/4012-1484-0x00007FFD8C703000-0x00007FFD8C705000-memory.dmp
memory/4012-1485-0x00007FFD8C700000-0x00007FFD8D1C1000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-24 02:17
Reported
2024-05-24 02:43
Platform
win11-20240426-en
Max time kernel
1483s
Max time network
1486s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUD19F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUD19F.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\EBWebView\\x64\\EmbeddedBrowserWebView.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\PdfPreview\\PdfPreviewHandler.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUD19F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUD19F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChatV2\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\show_third_party_software_licenses.bat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\bg.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\particles\explosion01_shockwave_main.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\RoactStudioWidgets\toggle_disable_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\apostrophe.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\bs.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\models\WindControl\windhose.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\glow.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\loading\darkLoadingTexture.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetPreview\hierarchy.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\pl.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\msedge_elf.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\he.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ViewSelector\top_hover_zh_cn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\graphic\gr-avatar mask-84x84.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\InGameMenu\XboxController.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\msedgeupdateres_it.dll | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioUIEditor\icon_resize4.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\mt_regions.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\DefaultController\ButtonL2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\graphic\Auth\wechatlogo.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\Button_Curve_Lightmode.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Gear.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\PlayerList\NewFollowing.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Trust Protection Lists\Mu\LICENSE | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\48e9de82-960a-4c98-a44c-90735370753d.tmp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetConfig\listview.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-checkbox-on [email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\mr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\chatBubble_green_notify_bkg.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\dialog_blue.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\9-slice\error-toast.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Scroll\scroll-top.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VirtualCursor\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\scrollbuttonDown_ovr.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\LayeredClothingEditor\WorkspaceIcons\Cage Mode.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\SpeakerDark\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\az.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\fi.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\models\LayeredClothingEditor\mannequin_mock.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ArrowFarCursor.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\icon_hierarchy_end_white.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VR\hamburger.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\ms.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainEditor\mountain.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-search-gray.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Trust Protection Lists\Mu\Other | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\az.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\PivotEditor\SelectedPivot.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\DesignSystem\Thumbstick2Directional.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\NetworkPause\no [email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\ar.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\avatar\morpherEditorR6.rbxmx | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Drops file in Windows directory
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\DisplayName = "PDF Preview Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3938118698-2964058152-2337880935-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Users\Admin\Downloads\dnSpy-net-win32\dnSpy.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\ = "Microsoft Edge Update CredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CurVer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CurVer\ = "MicrosoftEdgeUpdate.ProcessLauncher.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\LocalService = "edgeupdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO.1 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgeMHT\Application | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1D3747B6-FED9-4795-BB56-E077C582FB69}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.svg\OpenWithProgIds\MSEdgeHTM | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\dnSpy-net-win32.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 642753.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\dnSpy-net-win32\dnSpy.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\dnSpy-net-win32\dnSpy.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\dnSpy-net-win32\dnSpy.exe | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=3412.4680.10447675741757656070
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x1b4,0x7fffe17b3cb8,0x7fffe17b3cc8,0x7fffe17b3cd8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2472 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3060 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4108 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2672 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4152 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4744 /prefetch:8
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4356 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1820,10414672620643438712,15851526384063247230,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4288 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffe17b3cb8,0x7fffe17b3cc8,0x7fffe17b3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6280 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6884 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7256 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU6267.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REQ2MjhBNEItMzhGQy00NkM1LUEyMzgtMUFGQURBMUJDMDdDfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNEE3MjVGRC1DRjNBLTRFMUUtOTk3NS02Q0FFNEJEQUI1NDZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTIzMzY1NzkyIiBpbnN0YWxsX3RpbWVfbXM9IjU1NiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{DD628A4B-38FC-46C5-A238-1AFADA1BC07C}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REQ2MjhBNEItMzhGQy00NkM1LUEyMzgtMUFGQURBMUJDMDdDfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBRjFGMEUzNi01QjE4LTRBMTItQjFERC0xQzEzNzVFRTYwQzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTI3MDI1OTE2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7760 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\MicrosoftEdge_X64_125.0.2535.51.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{80A6DE88-9CD6-4941-8AE6-10AC03AE2F7E}\EDGEMITMP_420AF.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6c7c04b18,0x7ff6c7c04b24,0x7ff6c7c04b30
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Installer\setup.exe" --msedgewebview --delete-old-versions --system-level --verbose-logging
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7b92a4b18,0x7ff7b92a4b24,0x7ff7b92a4b30
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6880 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REQ2MjhBNEItMzhGQy00NkM1LUEyMzgtMUFGQURBMUJDMDdDfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4QjQyNzVBOS1GNDZFLTQzMkItQUZEQi1BMjkwOTE0QjI5OEF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5OTA3MjE1NjkzODQwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTU5ODk1OTAzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1NTk5NzU5NTMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzA1MjQyMzExNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNGJlMDU5ZDYtYThhYi00NWQ0LWExMDUtNTExNTA0NWNhOGQwP1AxPTE3MTcxMjI1MDImYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9bmIxZU5mVmtpOFlKTm50R0RGU1JJSSUyYlUzNjVtUmhFV083MHpXQ1I4OTRidWtVclF2VVNYUjQwbnVpJTJiSWJmbzd6NHdqdjBvUEJXY2dWdjJqcnlGTEZ3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBkb3dubG9hZF90aW1lX21zPSIyNDMxMzYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzA1MjczNTQxMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMDY2ODQ0NDcxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzUwMDgzNDIzNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjIwODYiIGRvd25sb2FkX3RpbWVfbXM9IjI0OTI2OSIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0MzM4NCIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6796 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:pY1iZzaGvjuw4qL6SyfDU9SsE2Wj9XCLGR7gHLPoDvPx4nsz3gCVnV0hVjMEFd6anETQfgFLi0FT9xyC4FH-uQ50jFsQzVQB9xSM4WzTTvpr3Bv1meAmBy6jIs2FtBXh6fDyjrJV9tyCPqfEaMLd9Kg0VPZbhtHM6KSPtg4yFVskHPk_5mXF0cp6_91b679e9FK7m5Pk4BY2-1t5E16bY-6x8OVE2-RLhAkiMVF_WTo+launchtime:1716517562949+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716517467068016%26placeId%3D17427651911%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D4288ab4f-dd7f-4408-9ff3-bdf1ec407b57%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716517467068016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7980 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{DC6B940A-AAB6-4B11-A28F-27A693E0F222}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{DC6B940A-AAB6-4B11-A28F-27A693E0F222}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe" /update /sessionid "{5B49022D-D3FA-4C03-B216-519F129E80FC}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUI0OTAyMkQtRDNGQS00QzAzLUIyMTYtNTE5RjEyOUU4MEZDfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InsyRjNGQjA5QS04RDBBLTQzM0QtOTQ2Qi1DRTBBQUIzQkI1QTF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny4zNyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MDQ3MDg4MzkwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MDQ3MTk3OTMxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDcyNDIwODAzMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzFkZjQyMDgzLTE3YTEtNDRiOS05NDVhLTQxNjg3MTE0NjhjMj9QMT0xNzE3MTIyODUxJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWQlMmI2T1hraVFJTW9RN1d5eDZMSEt4cGRERU50V0QyajVJV3JiaVB6N3VTR1RpNThpaVZXZ2pZRTRiNnZ1VjFTZGtoMzNlUGh6QXBmTXpIbWFSQ3dLaXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDcyNDIwODAzMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMWRmNDIwODMtMTdhMS00NGI5LTk0NWEtNDE2ODcxMTQ2OGMyP1AxPTE3MTcxMjI4NTEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZCUyYjZPWGtpUUlNb1E3V3l4NkxIS3hwZERFTnRXRDJqNUlXcmJpUHo3dVNHVGk1OGlpVldnallFNGI2dnVWMVNka2gzM2VQaHpBcGZNekhtYVJDd0tpdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MjIwNzIiIHRvdGFsPSIxNjIyMDcyIiBkb3dubG9hZF90aW1lX21zPSI2NzYwMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDcyNDIwODAzMSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDcyOTQ1MTk1MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5OTEwNTM3MTk4MzUwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIHVwZGF0ZV9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5OTA3MjE1NjkzODQwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMCIgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9InswQzE3ODg2My0wNUUwLTQzMUMtQkE5Qi00QzZCOTFGREJGOTR9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Temp\EUD19F.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUD19F.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{5B49022D-D3FA-4C03-B216-519F129E80FC}"
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:nUkio55CknU9a6SXV8RnJHOWqbM1zIBVF-vvty7xYcEF2tGI8n3EUYrOBJR4T5l32U1WFx9XGe7WNi5xi9mC541o16WO6qAoVprNphBy8aigsrbUPJvZjRy4jVcXLoZvP77owJEawWIHrlWBIaO4SM--h_AumVuRk4ZJ3h5RBKFVP2l4msYtACTMHVZOSs4zh25GcJOMwmlSZYNnqp9_ne5KizZVRgB9d-q6Ewirw4o+launchtime:1716517562949+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716517467068016%26placeId%3D17427651911%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D4288ab4f-dd7f-4408-9ff3-bdf1ec407b57%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716517467068016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUI0OTAyMkQtRDNGQS00QzAzLUIyMTYtNTE5RjEyOUU4MEZDfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7QzcwQ0NGNEYtN0QwNy00MzcxLTk1NkYtMjM5ODRBOEI3RjhFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzciIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTY1MTc2OTciPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NzQ3MDExMzQ2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\dnSpy-net-win32\dnSpy.exe
"C:\Users\Admin\Downloads\dnSpy-net-win32\dnSpy.exe"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,4409438511607496827,14062270768305218018,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU2RTc2ODctRjNEQS00MkQzLUEyMTMtMUQ5NUJGNTg5NDBFfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NjA1QzdGQ0QtMjVBNi00NTcyLUI1Q0YtMzBFQzQ4Qjk1NEIyfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7c0c5REo2TTNmWmtQN0NFTFdHbkR4Qyt3YVJhUUV1RUx2TElmWGsvTUF0Yz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjI3IiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTQxNDQ0OTUiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1ODY0MjQyNzQxOTQ2NjkiIGZpcnN0X2ZyZV9zZWVuX3RpbWU9IjEzMzYwOTkxMTM0Njc2MTA4NyI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIzMTA2NzYiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3ODIxNDk1MTk4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\MicrosoftEdge_X64_125.0.2535.51.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:qAdTktdpMGOf4UqI2C-G3IRHYq1Xg7QYjc0er-ltRXzyVMhEgILtqq8cFIPkvxPNXNuvdgR2wYD0Yjbmkv5_dhKu8y0L-wytD92058ChWH_7IN0O5qm_BisQL_uGghN2KFXBhx1lUP8bX5szf0zwJrq9zzYEk8dZURQD7t-0wKoNRz8u1G7-CW2GtBWn_SMxYNmZX-NkUyUPchddI0y4ucgAvW3h2hluQoY0qkWrIZI+launchtime:1716518416835+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716517467068016%26placeId%3D17427651911%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D5f12bc5f-bb52-47c1-a75c-ca4fb4035d22%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716517467068016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7aeb04b18,0x7ff7aeb04b24,0x7ff7aeb04b30
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7aeb04b18,0x7ff7aeb04b24,0x7ff7aeb04b30
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTU2RTc2ODctRjNEQS00MkQzLUEyMTMtMUQ5NUJGNTg5NDBFfSIgdXNlcmlkPSJ7NjE0NkQ1NTQtNTMzMy00REFDLTg4NDQtRjc5RkE1REEwODcxfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InsyQkUyRjdBRC01RDBBLTQ5RjctQTUzNS1FQUJGRjM2MDNERDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTg3LjM3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0tdGFyZ2V0X2RldiIgaW5zdGFsbGFnZT0iMCIgY29ob3J0PSJycmZAMC45NyI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjM1MyIgcGluZ19mcmVzaG5lc3M9Ins2NTZFMzQzQy1EREFGLTQ2RTUtQTMwNi1GM0QwM0ZGQzVCMkZ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpc19waW5uZWRfc3lzdGVtPSJ0cnVlIiBsYXN0X2xhdW5jaF9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjA5OTEwNTM3MTk4MzUwIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzg0OTA1ODQyOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzg0OTIxNDE1NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzg3NzYzNDg0NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzg5MTQ2NjI2NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTgyNTA5NTE1MzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxNjMxIiBkb3dubG9hZGVkPSIxNzM2NDIyODgiIHRvdGFsPSIxNzM2NDIyODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjM1OTQ5Ii8-PHBpbmcgYWN0aXZlPSIxIiBhZD0iNjM1MyIgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7RDMxMjFFMDItRUI4OS00QTJBLTg5ODItM0M2OTg2NDU5MzczfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGNvaG9ydD0icnJmQDAuNjYiIHVwZGF0ZV9jb3VudD0iMSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzYwOTkwNzIxNTY5Mzg0MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjAiIHJkPSI2MzUzIiBwaW5nX2ZyZXNobmVzcz0iezlCNTY0N0MwLTc1RDktNDc4NC05NDlGLTc3RDBEMTBDRjc4NX0iLz48L2FwcD48L3JlcXVlc3Q-
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.40.68:443 | kit-pro.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:51224 | tcp | |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 127.0.0.1:9911 | tcp | |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:9911 | tcp | |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| GB | 51.140.244.186:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | data-edge.smartscreen.microsoft.com | tcp |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 204.79.197.239:443 | tcp | |
| NL | 2.18.121.24:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| GB | 88.221.135.50:443 | tcp | |
| US | 104.208.16.89:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 88.221.135.50:443 | tcp | |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 2.18.121.24:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51892 | tcp | |
| GB | 88.221.135.50:443 | tcp | |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | tcp | |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| FR | 128.116.122.3:80 | roblox.com | tcp |
| FR | 128.116.122.3:80 | roblox.com | tcp |
| FR | 128.116.122.3:443 | roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| SE | 2.21.97.49:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.49:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.49:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.49:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.49:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.49:443 | js.rbxcdn.com | tcp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 38.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.97.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| IE | 2.18.24.17:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 17.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| GB | 128.116.119.4:443 | locale.roblox.com | udp |
| GB | 128.116.119.4:443 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | 44.44.137.216.in-addr.arpa | udp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| FR | 128.116.122.4:443 | roblox.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | 4.122.116.128.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| GB | 128.116.119.4:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0aws.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 34.232.130.216:443 | aws-us-east-1b-lms.rbx.com | tcp |
| GB | 128.116.119.3:443 | gold.roblox.com | tcp |
| US | 44.232.235.35:443 | aws-us-west-2a-lms.rbx.com | tcp |
| IE | 2.18.24.16:443 | c0ak.rbxcdn.com | tcp |
| GB | 108.156.46.127:443 | c0aws.rbxcdn.com | tcp |
| US | 54.236.226.8:443 | aws-us-east-1a-lms.rbx.com | tcp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | 3.115.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.130.232.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.63.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.235.232.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.46.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.226.236.54.in-addr.arpa | udp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.47:443 | tr.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| GB | 128.116.119.3:443 | gold.roblox.com | tcp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 54.236.226.8:443 | aws-us-east-1a-lms.rbx.com | tcp |
| US | 34.232.130.216:443 | aws-us-east-1b-lms.rbx.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 44.232.235.35:443 | aws-us-west-2a-lms.rbx.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| GB | 108.156.46.127:443 | c0aws.rbxcdn.com | tcp |
| IE | 2.18.24.16:443 | c0ak.rbxcdn.com | tcp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 8.8.8.8:53 | nrt1-128-116-120-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| GB | 18.135.222.105:443 | aws-eu-west-2a-lms.rbx.com | tcp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 13.57.63.46:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | 3.99.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.50.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.45.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.222.135.18.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.63.57.13.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | tcp |
| GB | 128.116.119.4:443 | followings.roblox.com | udp |
| US | 34.210.222.73:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 73.222.210.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 13.224.245.9:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 9.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:53342 | tcp | |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:53355 | tcp | |
| N/A | 127.0.0.1:53358 | tcp | |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:53362 | tcp | |
| GB | 13.224.245.9:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| GB | 13.224.245.9:443 | setup.rbxcdn.com | tcp |
| GB | 13.224.245.9:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:53713 | tcp | |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 187.83.221.88.in-addr.arpa | udp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | udp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| BE | 88.221.83.187:443 | th.bing.com | tcp |
| NL | 40.126.32.134:443 | login.microsoftonline.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 2.17.251.5:443 | aefd.nelreports.net | tcp |
| US | 2.17.251.5:443 | aefd.nelreports.net | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| N/A | 127.0.0.1:54895 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54922 | tcp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 13.67.191.143:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 143.191.67.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| GB | 128.116.119.4:443 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| N/A | 127.0.0.1:55714 | tcp | |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 13.67.191.143:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.120.234.20.in-addr.arpa | udp |
Files
memory/2340-0-0x000000007445E000-0x000000007445F000-memory.dmp
memory/2340-1-0x00000000004D0000-0x00000000004DA000-memory.dmp
memory/2340-2-0x0000000002950000-0x000000000295A000-memory.dmp
memory/2340-3-0x0000000074450000-0x0000000074C01000-memory.dmp
memory/2340-5-0x0000000005BF0000-0x0000000005C02000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
| MD5 | d0104f79f0b4f03bbcd3b287fa04cf8c |
| SHA1 | 54f9d7adf8943cb07f821435bb269eb4ba40ccc2 |
| SHA256 | 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a |
| SHA512 | daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc
| MD5 | c2ab942102236f987048d0d84d73d960 |
| SHA1 | 95462172699187ac02eaec6074024b26e6d71cff |
| SHA256 | 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a |
| SHA512 | e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc
| MD5 | c28b0fe9be6e306cc2ad30fe00e3db10 |
| SHA1 | af79c81bd61c9a937fca18425dd84cdf8317c8b9 |
| SHA256 | 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641 |
| SHA512 | e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE
| MD5 | 13babc4f212ce635d68da544339c962b |
| SHA1 | 4881ad2ec8eb2470a7049421047c6d076f48f1de |
| SHA256 | bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400 |
| SHA512 | 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
| MD5 | f8f4522d11178a26e97e2046f249dfa7 |
| SHA1 | 8b591d9a37716e235260fb6b3f601e4ccbebf15d |
| SHA256 | 3c372a8919c28dc76414b2f30da423c3e1018b1a8444527949ce20cc3fc93ed0 |
| SHA512 | 52ea881cad501cf1d5e8ac47355e862ac1bd39cb6e1ff3d362d392b6f2d676e74878832505d17a552aaa3bc8f3977da11fa3f9903722eedd23716fb46ddb7492 |
memory/2340-1472-0x0000000074450000-0x0000000074C01000-memory.dmp
memory/3412-1471-0x00007FFFE6C63000-0x00007FFFE6C65000-memory.dmp
memory/3412-1473-0x000001FE5A140000-0x000001FE5A15A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/3412-1475-0x00007FFFE6C60000-0x00007FFFE7722000-memory.dmp
memory/3412-1476-0x000001FE74DF0000-0x000001FE7532C000-memory.dmp
memory/3412-1477-0x000001FE74970000-0x000001FE74A2A000-memory.dmp
memory/3412-1479-0x000001FE74A30000-0x000001FE74AAE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll
| MD5 | 851fee9a41856b588847cf8272645f58 |
| SHA1 | ee185a1ff257c86eb19d30a191bf0695d5ac72a1 |
| SHA256 | 5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca |
| SHA512 | cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f |
memory/3412-1481-0x000001FE5BE20000-0x000001FE5BE2E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll
| MD5 | 34ec990ed346ec6a4f14841b12280c20 |
| SHA1 | 6587164274a1ae7f47bdb9d71d066b83241576f0 |
| SHA256 | 1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409 |
| SHA512 | b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll
| MD5 | a0bd0d1a66e7c7f1d97aedecdafb933f |
| SHA1 | dd109ac34beb8289030e4ec0a026297b793f64a3 |
| SHA256 | 79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36 |
| SHA512 | 2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.dll
| MD5 | 48521b6f8acefe8cd61b4ffc80b1d28d |
| SHA1 | f553cca3439424585eefe2ecebeaeaa6b447950d |
| SHA256 | 69415bde05f368f24b38418244c6038c405cc0d3ff52d87a089e37c0100bc922 |
| SHA512 | 4b7e87140370e5f0134da35734e18d7f8f60265241cbf7050c202474da8bd98505923113bcf51951d7e73ce79bddf14c8f1b6e4a9296cca140b7b326d2c90415 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\VCRUNTIME140.dll
| MD5 | 7a2b8cfcd543f6e4ebca43162b67d610 |
| SHA1 | c1c45a326249bf0ccd2be2fbd412f1a62fb67024 |
| SHA256 | 7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f |
| SHA512 | e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\zlib1.dll
| MD5 | 75365924730b0b2c1a6ee9028ef07685 |
| SHA1 | a10687c37deb2ce5422140b541a64ac15534250f |
| SHA256 | 945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b |
| SHA512 | c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1 |
memory/3412-1492-0x00007FFFE6C60000-0x00007FFFE7722000-memory.dmp
memory/3412-1493-0x0000000180000000-0x0000000180B28000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\libcurl.dll
| MD5 | e31f5136d91bad0fcbce053aac798a30 |
| SHA1 | ee785d2546aec4803bcae08cdebfd5d168c42337 |
| SHA256 | ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671 |
| SHA512 | a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6 |
memory/3412-1495-0x0000000180000000-0x0000000180B28000-memory.dmp
memory/3412-1494-0x0000000180000000-0x0000000180B28000-memory.dmp
memory/3412-1496-0x0000000180000000-0x0000000180B28000-memory.dmp
memory/3412-1497-0x000001FE74CF0000-0x000001FE74CF8000-memory.dmp
memory/3412-1499-0x000001FE74D60000-0x000001FE74D6E000-memory.dmp
memory/3412-1498-0x000001FE74DA0000-0x000001FE74DD8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\throttle_store.dat
| MD5 | 9e4e94633b73f4a7680240a0ffd6cd2c |
| SHA1 | e68e02453ce22736169a56fdb59043d33668368f |
| SHA256 | 41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304 |
| SHA512 | 193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\settings.dat
| MD5 | f428ea0697dc6d9ab2a83e929592977d |
| SHA1 | 2f5973e08fed9e18c097e71d9f3c49116ca2d509 |
| SHA256 | fe70a92a0da043c5977f253ccf6fdf136f8b5855301dbc047f1a733bcaf0b0e3 |
| SHA512 | e2388f9cd7ccc4139436cd9981381abb483b4355e9c7e11a27fc63114553931cbf54686e246148318a7ca9c696c4a0825c0d1477c66772a11ad88ab749ae8997 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\settings.dat
| MD5 | 8cfbf97d1bf196b222ac0e5d80cf8b57 |
| SHA1 | d1c292f3e8041ee55a1ff02f62084b7b8854727b |
| SHA256 | e14525e179f57105444bd54f9d50879a1768e26c03235d44927ef6b40c3421f6 |
| SHA512 | a2afa14df4decfe9a9ff1a3b5f96ae7699ccec395a075c23a311050ee6d7d5e7eb91e0a4f63c9223a590dd821b2716e9c006633f520fb173ecc870eefd2153bb |
memory/4900-1520-0x00007FF806930000-0x00007FF806931000-memory.dmp
\??\pipe\LOCAL\crashpad_1692_AIVLPZRDGIZCQURA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Local Storage\leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\settings.dat
| MD5 | 2e4d97d3771a8d8224fef5f8924e3679 |
| SHA1 | 3024dbead32c6f093dab1b09ad7b01c07049beb0 |
| SHA256 | cbc17c81525a9772bd25745cf195f05a3cdf8bd15045dcb0410cfc4855bda877 |
| SHA512 | 1efbd6dd27310753cbb0cb52c42e0a70f1dc4e84da13b75df84aa016aa1f2abeb09d6ebafef28140ea90b53f45586e752f6ccc9a3be0ff03afd884d397f13126 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\index.html
| MD5 | 08d9ac1e35385587b0c3c8a73ea97234 |
| SHA1 | d1db15b5e97152be999339d90630f68ed06a6b78 |
| SHA256 | 016cadaa9a8494b15efea920a5ea9c02b441e90dbc7c444e73db3b307f93a741 |
| SHA512 | 8061a5a92f828642ea2fcb319571efa406ed67a75b4d4da1aeb3da96391a72fcde670e3e52efef62d37ddc17f7eca5afa0d35aa02bfd1bcadd8e86240cb802a6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\loader.js
| MD5 | 8a3086f6c6298f986bda09080dd003b1 |
| SHA1 | 8c7d41c586bfa015fb5cc50a2fdc547711b57c3c |
| SHA256 | 0512d9ed3e5bb3daef94aa5c16a6c3e2ee26ffed9de00d1434ffe46a027b16b9 |
| SHA512 | 9e586742f4e19938132e41145deec584a7b8c7e111b3c6e9254f8d11db632ebe4d66898458ed7bcfc0614d06e20eb33d5a6a8eb8b32d91110557255cf1dbf017 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\editor\editor.main.js
| MD5 | 9399a8eaa741d04b0ae6566a5ebb8106 |
| SHA1 | 5646a9d35b773d784ad914417ed861c5cba45e31 |
| SHA256 | 93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18 |
| SHA512 | d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\editor\editor.main.css
| MD5 | 233217455a3ef3604bf4942024b94f98 |
| SHA1 | 95cd3ce46f4ca65708ec25d59dddbfa3fc44e143 |
| SHA256 | 2ec118616a1370e7c37342da85834ca1819400c28f83abfcbbb1ef50b51f7701 |
| SHA512 | 6f4cb7b88673666b7dc1beab3ec2aec4d7d353e6da9f6f14ed2fee8848c7da34ee5060d9eb34ecbb5db71b5b98e3f8582c09ef3efe4f2d9d3135dea87d497455 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\editor\editor.main.nls.js
| MD5 | 74dd2381ddbb5af80ce28aefed3068fc |
| SHA1 | 0996dc91842ab20387e08a46f3807a3f77958902 |
| SHA256 | fdd9d64ce5284373d1541528d15e2aa8aa3a4adc11b51b3d71d3a3953f8bcc48 |
| SHA512 | 8841e0823905cf3168f388a7aeaf5edd32d44902035ba2078202193354caf8cd74cb4cab920e455404575739f35e19ea5f3d88eab012c4ebefc0ccb1ed19a46e |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\basic-languages\lua\lua.js
| MD5 | 8706d861294e09a1f2f7e63d19e5fcb7 |
| SHA1 | fa5f4bdc6c2f1728f65c41fb5c539211a24b6f23 |
| SHA256 | fc2d6fb52a524a56cd8ac53bfe4bad733f246e76dc73cbec4c61be32d282ac42 |
| SHA512 | 1f9297eb4392db612630f824069afdc9d49259aba6361fb0b87372123ada067bc27d10d0623dc1eb7494da55c82840c5521f6fef74c1ada3b0fd801755234f1f |
memory/3412-1619-0x00007FFFF8CD0000-0x00007FFFF8CF4000-memory.dmp
memory/3412-1618-0x0000000180000000-0x0000000180B28000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
memory/4900-1658-0x0000015B146B0000-0x0000015B14786000-memory.dmp
memory/5044-1660-0x0000026C58B40000-0x0000026C58C16000-memory.dmp
memory/1184-1659-0x000001E862810000-0x000001E8628E6000-memory.dmp
memory/3412-1663-0x00007FFFE6C63000-0x00007FFFE6C65000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Newtonsoft.Json.dll
| MD5 | 195ffb7167db3219b217c4fd439eedd6 |
| SHA1 | 1e76e6099570ede620b76ed47cf8d03a936d49f8 |
| SHA256 | e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d |
| SHA512 | 56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac |
memory/3412-1665-0x000001FE793B0000-0x000001FE79462000-memory.dmp
memory/3412-1666-0x000001FE78970000-0x000001FE78992000-memory.dmp
memory/3412-1669-0x00007FFFE6C60000-0x00007FFFE7722000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | 9e8fac9ad7c2486b4b82e0b25efe1a00 |
| SHA1 | c2b3ee9a2de24e13930f0f2b4079f2d7a9b8614e |
| SHA256 | a5809b7645ffec583eeebbd84bca080f4b200c8e04760ca313affd5aee16455c |
| SHA512 | dc0864999c30ddc8c7f93b60ce2308192061ee645f67ddab585ee9d63593f8b70307ac4dc2c39fa6824fbb70bcd89fdb53859d08ae7a3234cb4ee31bbd2c2317 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State~RFe57e772.TMP
| MD5 | 077bd779ee3b26b4c36f608e42b27195 |
| SHA1 | e8d67355caf131706e0960ddaa107c98181ead36 |
| SHA256 | c26a389ac8d7cd9e9b9d0f78ac177c798300944a2b0b56369052bdffae267f78 |
| SHA512 | 3dd9d16f1cdd776f489d6b9f252e4f358bf15d8719488bc6cd66e4ec3f07dfe0d5e22372eff8cc9b614bf9d7cb45e0f2f4720a842184731a332c31f4a0b88070 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences~RFe580c8e.TMP
| MD5 | a00da0a0d211e3a016f14b534bfbdc2f |
| SHA1 | be8c710f9f64897eca78dae81a425f6e8fb7480d |
| SHA256 | 63541145fb21f57fe343c651fcd511d9db2b3b54f1667bd2c9eb86a658132e15 |
| SHA512 | a6161db11de3564155b2d62998c44af84c85d22ae5218b1df3d99523ea4525982e50dbcd8b8edf794b69a9795cc37ba62b719ee11a19a82fc71b65ee9a96039d |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences
| MD5 | 43019b22a04f28ff036be875655e4d1f |
| SHA1 | 18b761646c1e80c4fc4a914b430d23cb2fb304db |
| SHA256 | 6048dc932fbd7b9469f533c13f68d5fff52148ed221d7af71f04551d86166a74 |
| SHA512 | f1948b8bd49174e539aa0a2c4d3c2c38e3214e170a9ef63f714a08041ecb0daccecc63766904ffca9aac183cd5aaad670b6c66f10acb90b10ff9e56b0c191a36 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences
| MD5 | 220af775020bd37e46fa020aa623e7ab |
| SHA1 | 8e9b121503551e4eb83d31eea453de02b846dd99 |
| SHA256 | 0d6339f873bfa8873036b61c84757a71c6276dbc124ffad95809961d230a4bab |
| SHA512 | f92d8c47e06ae6bf7256aa00242e7f40e723b2f7e813182bef78f47e6f2ffb705a22070969ec9a408b6231d803f68c2caf13aa7dcea8c7167f3180bc9c1871fb |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network Persistent State~RFe58b7f1.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network Persistent State
| MD5 | 9939f561d05b3634e1b4044f407faea3 |
| SHA1 | 95b7387dd9c554486b740552ab1ff83b2f4456dd |
| SHA256 | 0e226d5ca982f0a53c818760af879f0546944feaf383625e919061afe9083963 |
| SHA512 | 43e3b7c263036647676736b2515fc781c342169eae871236d42220f66b9b998754f0f782bc1b8ca7ae5f88994b756efd644013d7a833c87586b272e4ebac8478 |
memory/1392-1773-0x000002B28F6D0000-0x000002B28F7A6000-memory.dmp
memory/2036-1805-0x00000228461A0000-0x0000022846276000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | dd594c1598ae13dd188f5e1fd6f4038e |
| SHA1 | c282f5fcb864562e395e8343649db2ae83312107 |
| SHA256 | 5490dd6a72c6ff4e4e1e692329696731856ded7f40b91fe09f20853e15ca310d |
| SHA512 | 8ed4324752711d12788ad57c31476b2d381dd004a57fd614f64685a005ae92c2a1a40e4dbe8c78a2d927fdba4675f526a86d834776758b81fc0d7e2bfdceba69 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 6e2dd918b2c22ec9d38424b34577d88b |
| SHA1 | ce9b5ec7934ace13a02d64f494ec8cf6de8ce5c9 |
| SHA256 | 037e7f2cd9d518cafd37f55edee61feac13b4dfdd35f67b41d7af525d93b7f0f |
| SHA512 | fe292b07ea0f7db690e00640f29b5cf7de32ddcdc887c24075801e1b7ad756e94dab31e297efff6c9def49ec3ac20e22c71ba40afb7e4fb75bf0678b64328eca |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\CompatExceptions
| MD5 | 108de320dc5348d3b6af1f06a4374407 |
| SHA1 | 90aa226d3c9d50cf4435ecdd2b8b0086d8edeb8b |
| SHA256 | 5b462316a51c918d0bae95959bf827cb9c72bbd84ffb0e43b750aa91fbf3ba53 |
| SHA512 | 70f30c45e20b7cddd0cba6476af9338975cec8e40b8b19603af5fa859a34c6eb2138957daaa263633fe65213e2186402d05d9d29ad53e8f311335555116314c2 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Entities
| MD5 | 011dd90f861d72166efe3a81634e69aa |
| SHA1 | 7219b5188a6bc52f22864a8afec7906b3225b40f |
| SHA256 | 46c606fa05ccd710c8212f816b3db43ed5a2102e2239ac508b6797a2d83d5c45 |
| SHA512 | 4d41d4a97fa741da3f7a9530f6e5d02010efe57f2c15d4d91130c06931b896fa116294fa441399f2d7eb16cde6a7d11ca7d5781db3e3e18f31704528abcedb5a |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Entities
| MD5 | 571c13809cc4efaff6e0b650858b9744 |
| SHA1 | 83e82a841f1565ad3c395cbc83cb5b0a1e83e132 |
| SHA256 | ab204851f39da725b5a73b040519c2e6aaf52cb7a537c75802cb25248d02ec1b |
| SHA512 | 93ff4625866abf7cd96324528df2f56ecb358235ff7e63438ac37460aeb406a5fb97084e104610bb1d7c2e8693cabedc6239b95449e9abb90252a353038cb2a2 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Staging
| MD5 | 61dddcad6e2e3bd2b440facc1f56c7a7 |
| SHA1 | be7750704fa3b007e20c7366e364b3194e4d5587 |
| SHA256 | 35a7a93fe66261463bdafeddc46bf9ddcc79f0ef81244066b9332f71da23aff6 |
| SHA512 | 40d87f54c00825ddd5cf96d5fc4760835520d008d884fb2d35c28a1397946e491a156423cf28bf29bdfa1cb669694833786ca273bba91176b8586ad092bd7927 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Other
| MD5 | c6c7f3ee1e17acbff6ac22aa89b02e4e |
| SHA1 | bdbd0220e54b80b3d2ffbbddadc89bfbb8e64a8b |
| SHA256 | a2f9f27d6938a74979d34484bced535412969c2533dc694bfa667fe81d66d7d4 |
| SHA512 | 86ed28ffdd00b4a397a20968792fcd30dd4a891a187a7789c00c88b64689b334a11fa087eb54ccee813c181cf891b43184dde7af9a6f33caed2a71e2c445a7b4 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Social
| MD5 | ae92ac226ba04a34a6e8f1140f04bbbf |
| SHA1 | db368322491478a19ca31244b2af1e3988d8645d |
| SHA256 | 19031c7f1b4ef0c92222723114164ed772c7811205f646821ddc41e4901480a0 |
| SHA512 | 1b6b5144cd87d4e06fe240aedc6e46cd4019457903ec267be5b450690cb56c88430bd43bad086afe13c122d93e2b1aac50c129033a9a4197ec3e6ebdb161e038 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Fingerprinting
| MD5 | 3852430540e0356d1ba68f31be011533 |
| SHA1 | d3f622450bcf0ced36d9d9c0aad630ebccfcb7ff |
| SHA256 | f1f413704c32a28a31a646f60cad36cc2da793e143f70eee72ae56f736df8054 |
| SHA512 | 7a4faa493c141ea88d6cd933dfc0b50ef6d25983323db2b931c7512e039859d60c4935e56b771264ca72b45c035b1962ad8680d616eaaf04fbc5a6e0b674e435 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Cryptomining
| MD5 | 4ec1eda0e8a06238ff5bf88569964d59 |
| SHA1 | a2e78944fcac34d89385487ccbbfa4d8f078d612 |
| SHA256 | 696e930706b5d391eb8778f73b0627ffc2be7f6c9a3e7659170d9d37fc4a97b5 |
| SHA512 | c9b1ed7b61f26d94d7f5eded2d42d40f3e4300eee2319fe28e04b25cdb6dd92daf67828bff453bf5fc8d7b6ceb58cab319fc0daac9b0050e27a89efe74d2734e |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Content
| MD5 | 7f077f40c2d1ce8e95faa8fdb23ed8b4 |
| SHA1 | 2c329e3e20ea559974ddcaabc2c7c22de81e7ad2 |
| SHA256 | bda08f8b53c121bbc03da1f5c870c016b06fa620a2c02375988555dd12889cdf |
| SHA512 | c1fb5d40491ae22a155a9bd115c32cbe9dbcba615545af2f1a252475f9d59844763cd7c177f08277d8ef59e873b7d885fda17f2a504d9ec2c181d0f793cb542b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Analytics
| MD5 | c4acde1c5f5561bdddbc9846e9f3d2f2 |
| SHA1 | 520973b512aa1a374e18518f85dc801b3fc1767e |
| SHA256 | 9fa640bc46d85197048b78253c2745aca7c7d48d023d55269c11e9b8d66ea703 |
| SHA512 | d938ae798f11b348bf2c57995fd3731c4ee24d03fb59fc2708bd15fdbdacae21ada1123e3ef08b328ed140366f590d4afc4799ba77a97cf7fe186f815d107a73 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Sigma\Advertising
| MD5 | d81750ec7af7709a55e2d1c830d123e6 |
| SHA1 | c2f118b9c96d8b793ea751ff17fe4e2b945bd8a5 |
| SHA256 | 28ca4a595aea39469c715d2a64d026cde5a5fba021d8471b7183fdd019df2081 |
| SHA512 | a6b4c4c97fb47a158fe5eb2125cb42b7ea1d37df90c652ce31396a29b224f94834a4ea36d1ffc61bf6da4316e8fec5f139054be15466193cf6080621286effd9 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Other
| MD5 | cd0395742b85e2b669eaec1d5f15b65b |
| SHA1 | 43c81d1c62fc7ff94f9364639c9a46a0747d122e |
| SHA256 | 2b4a47b82cbe70e34407c7df126a24007aff8b45d5716db384d27cc1f3b30707 |
| SHA512 | 4df2ce734e2f7bc5f02bb7845ea801b57dcf649565dd94b1b71f578b453ba0a17c61ccee73e7cff8f23cdd6aa37e55be5cb15f4767ff88a9a06de3623604fbf0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Social
| MD5 | 4c817c4cb035841975c6738aa05742d9 |
| SHA1 | 1d89da38b339cd9a1aadfc824ed8667018817d4e |
| SHA256 | 4358939a5a0b4d51335bf8f4adb43de2114b54f3596f9e9aacbdb3e52bef67e6 |
| SHA512 | fa8e1e8aa00bf83f16643bf6a22c63649402efe70f13cd289f51a6c1172f504fedd7b63fc595fb867ecb9d235b8a0ea032b03d861ebb145f0f6a7d5629df8486 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Fingerprinting
| MD5 | b46196ad79c9ef6ddacc36b790350ca9 |
| SHA1 | 3df9069231c232fe8571a4772eb832fbbe376c23 |
| SHA256 | a918dd0015bcd511782ea6f00eed35f77456944981de7fd268471f1d62c7eaa3 |
| SHA512 | 61d6da8ee2ca07edc5d230bdcbc5302a2c6e3a9823e95ccfd3896d2e09a0027fece76f2c1ea54e8a8c4fa0e3cf885b35f3ff2e6208bf1d2a2757f2cbcdf01039 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Cryptomining
| MD5 | 16779f9f388a6dbefdcaa33c25db08f6 |
| SHA1 | d0bfd4788f04251f4f2ac42be198fb717e0046ae |
| SHA256 | 75ad2a4d85c1314632e3ac0679169ba92ef0a0f612f73a80fdd0bc186095b639 |
| SHA512 | abd55eff87b4445694b3119176007f71cf71c277f20ea6c4dcadfb027fdce78f7afbcf7a397bd61bd2fa4bc452e03087a9e0e8b9cc5092ec2a631c1ebb00ee25 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Content
| MD5 | de67adf873370835f12a4962fa4b3a85 |
| SHA1 | 99831e0a001b8604b5b431d09307273872d5f07e |
| SHA256 | 76975bf9dc15a979cfbf917496c385767357e1ce7ff30ac94dcc901cbc74607b |
| SHA512 | f1ea69a38500afd96903d60f9bb2308ea1c368e28e970669467e8d7c637268774374dffe92fbe02a6d043ff0fb763913790ba617b5251cb46ee000423b591cc7 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Analytics
| MD5 | da298eacf42b8fd3bf54b5030976159b |
| SHA1 | a976f4f5e2d81f80dc0e8a10595190f35e9d324b |
| SHA256 | 3abd2e1010e8824f200878942e0850d6e2620a2f0f15b87d32e2451fdda962ec |
| SHA512 | 5bf24c2df7cc12c91d1fb47802dbac283244c1010baa68bfae9eb5eb8ee25758156bb1e21f6cc3f55e7d71e5c330888ffd41469b2630eb86237c9970d7ede75e |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.25\Mu\Advertising
| MD5 | 1cc67aa27d683e35f6e2d52e27794fed |
| SHA1 | 6061d27882d9afb4bb885ed3be65b0bd44341e4b |
| SHA256 | 3c2451d0820eb623c7e95da72017071fce5c5091c168f1b18b3010e914ef84d5 |
| SHA512 | 34776fb3abd952aece898051293773ac220391e6b114445317c9b51757a858cded9596e84c32e3019b7d9d660dfa880456b5b6c0ee6e10a64fe3431340132deb |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | 9941d2f2fa39a3b299b5a40adbdc832a |
| SHA1 | ba7299fc465dc53f3d03b3b6429a30ae93fd55ab |
| SHA256 | 2ec1d186dff5e4c1529180b1df15841a8179b2b32dc7f88a3e8a1f31913ff484 |
| SHA512 | c4f9c7251f465dc950b029a46177af97d3136793033eeb073d7f5ece356117e95496cb5482e3bd5d627f8cf816d770d740b65c19457eec60fda8682f677b2d5b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences
| MD5 | fe946f325a17db98565be053772ad9ff |
| SHA1 | 974e62831a1d8b1c2cfea6da6e4d31defab8054a |
| SHA256 | 541d1b0a21a9a492d9b61786058bd67886c17d9f50d5c5632420c1dc3c0cc1b0 |
| SHA512 | 7c6d641c1d21e2c199b3b9a975277cc399ae258a51f4d493fb8a1ac41e2bb504a59ff613590ce3cfa6f331afb04a987e247403a776c8b880acc608a58ce0f201 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 34d22039bc7833a3a27231b8eb834f70 |
| SHA1 | 79c4290a2894b0e973d3c4b297fad74ef45607bb |
| SHA256 | 402defe561006133623c2a4791b2baf90b92d5708151c2bcac6d02d2771cd3d6 |
| SHA512 | c69ee22d8c52a61e59969aa757d58ab4f32492854fc7116975efc7c6174f5d998cc236bbf15bce330d81e39a026b18e29683b6d69c93d21fea6d14e21460a0a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 046d49efac191159051a8b2dea884f79 |
| SHA1 | d0cf8dc3bc6a23bf2395940cefcaad1565234a3a |
| SHA256 | 00dfb1705076450a45319666801a3a7032fc672675343434cb3d68baccb8e1f7 |
| SHA512 | 46961e0f0e4d7f82b4417e4aac4434e86f2130e92b492b53a194255bd3bba0855069524cd645f910754d4d2dbf3f1dc467bcc997f01dc6b1d8d6028e2d957236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bfe55a8a7129c7e0763b88b7420f7281 |
| SHA1 | 2adaccdd0fe4626f64206184288e91d6c50b3786 |
| SHA256 | f1db18877e0e797b3df2c36d02b790210f86ffc986ad40b7af34ef97324ecb5a |
| SHA512 | 15e2d59f184ea65b2dbed021fb0a6c22a1ae8d37e726d0cad8f686b4d125c6579ee7bcd8852aa493f847947d372ae649950c0208e993a6a186ee61d3dcf7ccd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4d410cb50b384912fcb6df7e817f740c |
| SHA1 | f0477e4148fd7209193d4a96242a4c9364d9d523 |
| SHA256 | a235934a841956240f88e5c9018553311782ee96220d42d8cd6c3ff82a48a60e |
| SHA512 | e5c2604065733f68e716ac867dff205b7c131cbca2069ebee1c9afd3b99585365309475750064e41eb5aa711fe453dbbbdaf703ab67cff0378ffdc2f450e7db1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6168d16ef3a9ee5c2917116a17b0ca9c |
| SHA1 | 15b9413315286680e0b9cbad7124d54d45ce2e90 |
| SHA256 | 16707380aa9e43af4465a06f49f108b7c101816f5068b5bd4dace6f0e2f43cc5 |
| SHA512 | 53186715fa8cfe7eb6e47743b599b952bf956e6e090dc4e3c3e5f3610b3655f5eaea836d0c2b38e38e7148be493d6d6f26563bdcd61ef99f61fd4065451ec9c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43543ba4a4ffe15c2b38ae7111e416fb |
| SHA1 | af9fcefcf8fa9dac18676671bef439fcd3f05fe1 |
| SHA256 | 49bd1282688c0dc8f653664e41f1f18c764b2735210b56cb0edaffb5c7f417c0 |
| SHA512 | 86d7ffd78de1188d2033b6facbcce26dc841180bc951cbd7ba39971900d07cd4b28a7fd85b8482af1a1c7e356c22e4dc1b72b777e37e317cca0aa27ad0edbff4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 43aae9b991d17bd8696e61e84a4d2a62 |
| SHA1 | a45c183c0c3d41c1b713975adc07187bf82c1e6b |
| SHA256 | 9e8d2da76186221c21ff5f61a194fac0f1eb5af69c7df201e93fe51784c8ffdf |
| SHA512 | b22b2fe71629f0764d83596d712be5640358b3bf2d922983d0c096d5334eff964483630b3bda62aa67e23305444393a78ea3f98102a23f4bdbaa379d7f4cea91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5d29a3.TMP
| MD5 | da75ad12bd5b3f95cb1399775596962d |
| SHA1 | b3b497fb007f7f5a474661b9e83c11b0286fb3cd |
| SHA256 | b21055dfbc9421034cc3092a5deb26d3fb5f3e57a7691a55aeef17715c6c84fa |
| SHA512 | 31565f80a1c555c569e2f6b0ab05cfbca673695db4076e550279a1c48c0ffd7f56074d89946bde36a8ad8d4cf276b1d61a845e66d0a64ff584f373d5e3eef93e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7cb5d60b5c0148637dbaf75f41853762 |
| SHA1 | 0cadb1576b9bcc94d05fec0a7ff9178620cbbbd8 |
| SHA256 | 2adabee4387b12dac3051bad9a6e5850037674cad64683e62a7e1ca639af6499 |
| SHA512 | 6ee846bf848274063fcd7d7a5e69b1a4747ffa2ea98c746f623a0b23fcb940c41904bbf1ac4cdeafdb7bbb4b83e61b2e4ecaae0fca5f00cc4f40778e32b3d50e |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9005c1b516de3f9a47a003936aef853e |
| SHA1 | 7b62e1a416f435234143bdbe2e881d4f154af259 |
| SHA256 | 296450852fb3ca08913a2295d06513c31bf3867d84a509a1106ff4e22ee87cd0 |
| SHA512 | 2712439821a87d75c25c0d1ebc4d785860a40999970ff6cd97fcc7fafa79c56daf0d9a37f0f467d635077f717fb6a0a656a603c4f34318e682d0cec5c3187ba5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e2e9e53e59e1de7862a60b81698a1063 |
| SHA1 | e18f7e11604d8fc79b1dbd3aa69c684a8a635972 |
| SHA256 | 6c25c39239e7073e8a2a384255317f772e87575a49963b9d02ff8cc6e687f7ee |
| SHA512 | 4afa82d7767fd139a0a94a9f8200a6be9653eea53c89fe2262d3b4b92a0e1a0c5253cdd9ee84ac473476c5c4957e62895494af700a7187fc068c29569fe48bcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 15f3d70d0b16beaa0658f0a8688f9146 |
| SHA1 | 4b54fa7820b4a39b3789c1956f8ee947a964420b |
| SHA256 | d1b2db92d705fd69fc2c40bc46961499dfee866691fdd97c2a6e1485f21419f1 |
| SHA512 | 47374bc2ea6ad68412f59f4c178345ab199d543f192ff6f4c0c3abe1771c0494ea81b829279dd60bee6987eb613b741fd7563de66b92f016f7f3cc8b0a368af1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 20ffe618f17b3eee180b92e227dbdf15 |
| SHA1 | d58b6f7ffc22f08b0d27dce72b8e786d9afe7ed4 |
| SHA256 | a9a5ad9cf104a1dff7f43153fa3647cbd27a57a4963a04d69988f4bc905ba673 |
| SHA512 | d5ea4cc7fcbd30f4e109d36725943ace7572b4d91fe430b3540be813ef9ec0ce0b029bd1a76385048e113faab6c222a87e2957b8965e9faab01585f17f6a08aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e994b663fdb6cdd900948f50e53efdd3 |
| SHA1 | 36baa36ef71ec8a26e5776c0325f285d898e3ca9 |
| SHA256 | 1b855d51124748c6acfbaead9d39052d5947eafd93814d4e548e07a9312460c0 |
| SHA512 | 0c7fd804c3c828807511674c3594b41aeff03d4621715ac67b56dd95c0d1e878a8027dddeeed1dd525accd5047d3b2c5d3abf3960cdd355ed7d17e67673a01d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 98393ec7c79ec8fcb5603dda3d5e5368 |
| SHA1 | 6c9e91ada60f7b942fb51bea69c7cfed3b5218f3 |
| SHA256 | c486ab961a2130e726b03072931bdec1f1e1de4f7d388151b4a0e03c4a73336b |
| SHA512 | 5b713d1283753e1a03e1dd5bc2a3f57b6d711b3c94df99a4581bb045b2310c4f1f917084892e80d00f4c5ed069c5d6cb9182ead96aeca3163391022be0127f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2787ab0ca5cc1fbbb148028c739492bd |
| SHA1 | 3204c1878e51a314b65e9322bf9de041236ab340 |
| SHA256 | bea234e25ff988a600512ac63396da1d479bbe6e9518e91f881701a563a2e2e5 |
| SHA512 | ccbf9eb3e81562124c046f273cfe1a01a0bc8dccf8f3612dc76d708f4c8bdab6b9ae3b18f8f69fedd5ff3b3c37b55a0a4057afec1783cd9a7dde2591366191da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 3f0ee90044790a34bddae90437105ce4 |
| SHA1 | 48840ed9ec62342966b95d48cb209f460829defe |
| SHA256 | b6009659920315de9133b093221289f848c3775bd92ca85e0feb38c8f2983a46 |
| SHA512 | 6fd856db8f3848fa22af133365e75a8ee08b2c466d44f2231d3809fa8478862b8d628dc7df7740efd0146de7be231a9bcff353352096834e54b66ef07c13d0a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b6d2a192d84ff0bc896e6b1609a0e477 |
| SHA1 | 2eb0b3c28b4fcc08059d155e702a2ace8d638ca5 |
| SHA256 | c3f65cd70adaf3cd038087a6297e1d49f3180132f8acb8126f12dbbf0bf4141e |
| SHA512 | f1bebec18dd0c39cc9ba14ad4e84538ed8e255d660c7a1a56496dd12acff50d103330bfb88cb4f3658384875215a263b7e1ca57aa0211b2acd18a9b1967ce64e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 47d77ea372b2408ebac58e919e74cdef |
| SHA1 | 3342b6b476461add5646886d663563b89816c9b8 |
| SHA256 | b9a528dfe7cb7e92d83fa0e17fb1f2b04564cd6a4bb576122dc5da811bf80d86 |
| SHA512 | 4a13679806c71cf6bd5626b582082dd5f45621bd7cc16faf083d10aeeab135d5bc0c333863416a11b23174338756f6e1b2b6ac709982b3eba1d9953ca2149c1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 8ff88853a6f7bf3da7c1f4c68149e664 |
| SHA1 | a5abbdcc969a967573a5cd857f4ce52e510fed8f |
| SHA256 | 14edff480c10c7afd66dccd7718b807c58b91ba2fcd6f716039d8911f7ecb250 |
| SHA512 | e20d24301a3ffbf04cc0bee3b604cdebde130f90f4aef806971dc6772f8fb54fba29997d896cd5670f680172722a47477c6f43a99e9c13eb9c5f2d0d0265ed85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5e4535.TMP
| MD5 | 612718295f4703e38a5595ab895405d2 |
| SHA1 | 9a027f93da76255728e8508b1e95d463f2929388 |
| SHA256 | c8bd15f3df027cdb60006399f1c34d0501b630c061109eba1ec9a92976349ae6 |
| SHA512 | 027dff6b72dc22398fd3d3c6024a56a64879346bbfe9e6bcb4cf7c249cffc047545b3707dbc57f7e83476ced6ed987c67ab2ef84f6aa126ed663454b24e790a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9720482714d195b8ee096a799a6e8326 |
| SHA1 | f0d4be5a7a41b3bbf522ada19753dc866dbda78d |
| SHA256 | afa8e39246c66e27eaa047a9ed51ae9396125bd1dde9a1e1edb78c1c21487f53 |
| SHA512 | b33abaf189ba27370294f3937f0801009be1934e748688252012c1c26468619ca7e63e9e890845cb9c7f521891ed001ff64cd3974af7fa33e2fc776255eb3528 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0ba121646e909a6109fed4f2cf13cd1c |
| SHA1 | 92a3def3b73776a74c10aecc2fe04f15580a8eea |
| SHA256 | fafb5d412b0d4e0844d6a515b39eed82dbc1ae1d4f06416b05e708318d5aa9c4 |
| SHA512 | 851b781231b47d4f85a40e57f5237bac4a6fa26ab32d2c2e5cb1edf071e3d1d8deea0a07764a264ff47c069b8691b79a20e39870fe6cf1c57ce15f3719e5ea19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bbde10f6fdab54a3f6bc81ced6b2b4b0 |
| SHA1 | 596090828ab9f374500cd631678740d72e99b48a |
| SHA256 | 212f57fc0fd433b2f8bbe69440622d2bb3a472a7928619c90da7c7de493c59af |
| SHA512 | 1c5ddecb27f1e940c28b3fafae35717ad123c60275f9774881838708f7688a24b6f92e0ae74142492285a496f785a3243ead7bff70d8be040688a2506f12700c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fa74286c172403caaa9754fda32db650 |
| SHA1 | 00c4d0a2e323d6f6c628d7cf12921b0983aec1a2 |
| SHA256 | df7831465f980d46d5ff6d9f911a9d953bb0956f803c9a9ef7bc8d99925d0332 |
| SHA512 | e04e86f42317e5324a3206932ad06c42e196b771b168413620355514cdae38e3201ab5150ce384cd9a296ebc17d21b3e490d21dd660184843071717db48f420d |
C:\Users\Admin\Downloads\Unconfirmed 642753.crdownload
| MD5 | f8abc05327115c321307efaf662498bb |
| SHA1 | 4d848adb9b0a5b278f97f75fa125145dcbffd572 |
| SHA256 | c89eda2b48317bd4da398d59213d86afa0c06034cab5e3ea5df5865e369d2a0f |
| SHA512 | a6b70331ad553645cd82edc5f6bfa50b4bb16bfc2443469c7eb1ff79e6b4a246cfd7de0691da400777651529a2bca20311645a763dffbf7e10cc4334ab074ae4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 61385f3c60b73cc2734461958565e46a |
| SHA1 | f5187109009f362b582a616099fcc26789062a0c |
| SHA256 | efe0a090c4d009c500691db9ea9c625a86aab9c3ca7d3491a334dcff35274966 |
| SHA512 | 76ae73e308ed10d93e6a30451674b835fecd75a5cc005f81cd80c3799b636623bf9421dbd979a6277a9b5b792ad6372ab28edcabb14245a392604da7f7ad04eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 991968764eaee3d88879f6f6bd26f1df |
| SHA1 | ac59d9f995913b97d858634ce47ae9cf53192b5b |
| SHA256 | a8860a844b214b1c1b1a08874e549cfe1152f69740b48436e48a96c7fa44adac |
| SHA512 | 8405ee7c853f4007989fde0257a674ebc526efd36a1a0a4c26eb8b5a650bcdc84056795a08a7c9b1bfdbf7702a5eb42c79810e39481d6d426ed0998f049e40c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 43ecb729bbbdd61cf374883ba0693d76 |
| SHA1 | bca0e79a13dad8b36c8936c2f7370992daabfcfc |
| SHA256 | b0050adcb72c0bdd4e3f35663380ce86aa4a48793c247aa2f972d67e07c97090 |
| SHA512 | 0a4ae4aaeeff5e21aa88f19af3215220fd9afeb926af7cd48dbbff7a387c42fb02f53de451a98be03ada927b33dbb0a81cecbc53bdc0c655daa8b3013b46cdff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 76c3e3f5b189d66dcecdcf911dc456ed |
| SHA1 | f310fd992eb8e8df899db99cbaa0a69338fad640 |
| SHA256 | c8d50a147975ffeebbb94f3dc26216654560d99ebfcca362da835179e84eb513 |
| SHA512 | fc41197e0cd58e2cb533ada8a998561cd5399d04d73664db2adc02fb5b9368630bfb70de83238e65a59c72ce4b12e3afe004ea4cee3a963ab326d4c50706b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 189a819bf3b3371a0378a507f1097112 |
| SHA1 | 7009168f8f1ae469a9733947150fc3926b1ade72 |
| SHA256 | 8020a1548bac8f427cd18281c08b2d388668234c8cdfaaf167181006ec7754e9 |
| SHA512 | 63fe9837c5c583241e813ecf473822a47ec3be7135df8efdd7ceaa4d916e7485c85531a9d828307beb36957498ccb4c90630fd972824f7bb4b1b3be3b25e0fbf |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 0469bb703f1233c733ba4e8cb45afda2 |
| SHA1 | a07afd7ecf1d0b740b0e2eddfcde79dcf6e1767f |
| SHA256 | 00314da401908da37ebfe9b642506cab81a4467c092719fcf007be045bc4a9e0 |
| SHA512 | 342c9629e705eb78c7bd52b3efe4a92b6a8bece9933956390450600635e4c0511ca96ccaa25e6920e9d25ccdf444dabfea7b09f8fbcba2f371655f87633b6d67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7737715c6704f3b06ec7d1f0541ae57f |
| SHA1 | 717f67e25263502451fe53cc8a3cf19ea3607e24 |
| SHA256 | b342faf35fd07b5bf9ddb7de8dbdaa1621e2b780d7f6a79310e9ca761fd925c7 |
| SHA512 | 5f86f0b7203b5fdeeb4b2fdfca492268a3fa2ebde2a77aa8d6b2d14f3eec9c300773f50d65ac8db50c3d87c41b6206cdf3f91c74a13f88bf46c760c983981fc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d829f83a7bce438c47e463c9a9fdcb05 |
| SHA1 | 750bfce046854fb3ce195225d4115eb19188f608 |
| SHA256 | f9e196d206b498873d6bbde7d7b90cecbaeb5b5a6e131f31ecef818d5f53f99f |
| SHA512 | 726236c72af8bc439f61f66603ff1f7d11549d458932d503cb405102a6c9baa5735f36282590dce3603fe0c2c773ca252ee20559620b3535ba287b087d46f9b2 |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\938199ca646378b696716037afc964ba
| MD5 | 938199ca646378b696716037afc964ba |
| SHA1 | 2d865bfeccf3badef2f64e5d6453e6ab71d5f5a7 |
| SHA256 | 2acc3e0879e4a71a6b08e2d6af7b238198d2eda73518b9394d82d00b010c9d7e |
| SHA512 | 1a37727c5dfaffa3023845592b400acc226face537176064698b8415d79284b6276fe68bf0e5870dc8898a846f923bd95eaac1d185613759ad6ca1068456b322 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b93e74d56950fda3028768f8e23f1153 |
| SHA1 | 031ab9a0021e6aeb27f9317ed31a20f1ff093ebd |
| SHA256 | 65986dc7d3feb2a0ea4b950fff05f5a47f50b10229bfca421b20f92679689cf9 |
| SHA512 | 236f06617b9320c9ee795ff4006f7c6f1312a8430cf27c333da0639c431a4a59601da81cdf0ffbb36845d7dd24889723373c40b972165bcebb97fa9753db9968 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f155162dab895efab85181b8dd180463 |
| SHA1 | fb9e204a3099f8b2ae8b311a7a843f55d9f3b473 |
| SHA256 | e790a6c1460b8a7f3a15f1f0be0d7682472d92004e60d6f593ee12bdeb88aa9d |
| SHA512 | de244f4d7427a8ca4445cc4f68d6938508b302d8f01578f045b49deb139203c158304c84a1f62116520456546315c87edb01b5b35174735d9284aea28b17621e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 58c6606236172ac5c3e989450e457222 |
| SHA1 | 01529b30896cdeeef3f5622a4d5779f178027721 |
| SHA256 | 5c0bbae73acf38fa3ac256b55d89470ef7621cdd13d36ae165edabb62c37ac32 |
| SHA512 | a51bbc052f95b3933e0ee582ae1b11e18255dbef7b524f90d73f9d9262e599a7a3ec66f87629c2208cb0841c0f815c190ed795a3bde8d1c23991c8582320966b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 22987d7a8e3c2708037f995eab7ce51e |
| SHA1 | 920c43cb6a9ddb164b19f8b9c809e9ea77f50fca |
| SHA256 | bcc4ecbff85533e544298bef4804131ebbdb80520d5094f9ebe1a2a8ffe29705 |
| SHA512 | c37c031b286967e6a7b09941888c9a6a1fda57c3f79e9966df488edf9b0886577452f8a69eff7a912bff8f4a971d28a33ce8c43737971057ee1c3cbc62dd9796 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8e542ad1e7e33577a6fdfc3cae1b26bb |
| SHA1 | 174b0291ed0317d77d77b2a78683eecefd58f079 |
| SHA256 | 483adf77d8de602e437ad15ef52e98576d6100e98e7d26508a99da2fba4ed29f |
| SHA512 | 049b9fc67350e36b3015fa604b4e90a292ba82ca486dd292f7bcf652dac978734de2c53943cb685cf01117d92a37c983a1c4af1f1e49c884978ab06c20073b44 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 77d8b7785d808345952f8afff6fe37c0 |
| SHA1 | 8a0c9bed4d0919594196950f5228cd7b9092b35b |
| SHA256 | 9060fc4052bdbd0cee2930dcf8280a303e2efa75aac9d7a4f2fc2c32c3d59461 |
| SHA512 | cea8c8135cee0a9d57c9a5b8df7b34689566a3aa11f818a8a4212a5f797766a35108308ae2592be79d73de78aa00543640796a80d867b12194193270cc522cc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d8c6695b05ac98a4c2bf44029ebc9545 |
| SHA1 | 960757677e1c7bfc5cd813f42223bc1a359fba49 |
| SHA256 | 68317460fb72842ec6fb79128d2c055905acc00aa729bf6c638877db570f11a4 |
| SHA512 | 250bd4d0090b84a611490a5ed292bf86a4a39294273625895864ae29814a298aaa9d20ba3c6861fd28b2d46b8849bf3b974a17193376621aed52d6d37ddac9c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1eae1251ef68fc23d57e45fb7b0c7cb6 |
| SHA1 | 6efb35e9a6b3677540c73b1742ab99986e08b4c8 |
| SHA256 | 5ed3c6a3c00a559003af99e0519bf2962be68a3fe958a448d28af3072b5212c7 |
| SHA512 | 2b7e22774a82f8103230fb08884eed244b9769d5d4ff1ce06fc50210d4732cb9f96feef1869cbaab032d24c3b22d1fdd51db4fd135661c7765fce3ccd2b89e2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3b86e69f89df1beed7c3f01180fc7d2e |
| SHA1 | 6a1860d9a89b0044f7ee0062d9213fc9b24a2a8b |
| SHA256 | 2d1aad6fd9407322eb12640530a6f59f7f0b607e2742ff78ca4c9dab57ec4858 |
| SHA512 | 1d942b5478e45292d548e4ed48acb8fd76a206068e4fd48747e630da29e3a13f33b736587aa02d10025f5e17c4910d478da145c5c801e1887be0c9aa21d834de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 50360878b79516306b82ebde70e6c40c |
| SHA1 | 14a6991399e2ea7596a5cbea3c0cf29b31eaf7a1 |
| SHA256 | 99fe9cf289a4d2673e1de1a105292fb727163d917f8123e8a5877a2d3ebd46c2 |
| SHA512 | 9788a2a8a59a12532eb8b69296faa953fde6e7258cd9a97a030993f7f22a71f7d3a43faaa46e14ab2b97ada736581fea29f97072512eb0ce9522e7223d9affdf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8159cc8c48596e7ded80aca863c3e87d |
| SHA1 | 35788bded16f5d2d784b350a0885cfe14007c570 |
| SHA256 | 3017cce6071572b9f340b298da4a7a3e23a8e88638b6ce24eb7a63ef43ad2c98 |
| SHA512 | 39ea5e3a38c846f31f887d7321ab66e45d9bc4ecf0049de33e0ab45f44a6a1b8b9c238f4d342b73bed8f8102ca091ad30b83a90082630b825d42a58131f6098d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7a65b2e43f9492f38f56e0a6d53365ea |
| SHA1 | 02ede477afb8bbb0a1814ea1e4bc418a5de2e699 |
| SHA256 | dc55eea3810f3fd4e8ee95d364d18c08f895cb0a569aa0b4c35128a259e6e6f2 |
| SHA512 | 0f13fe928ef8344d71bad88f69925d38286cc9460db50f5e2216b28b98d9fbacaaffa0ef7915bc0195a40c29ccf64e7e9d8b06935b8ea6918d5aefedffdcdd58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d731fcfa45a76d1eb9836ac93ac3f71 |
| SHA1 | abc110d557a166cafc37bf195bf060a7b7db1412 |
| SHA256 | 44d982435331fc99cf5c9a7c8fa71a7f2846a1e4dc7e25b56e2921d57834962e |
| SHA512 | bb1cf57627fffadab876cf92a4738a0ed1cbbe4f7ee7637d36f37a3417d4d0d14d3f794b5441be407387651be340986bf75c3ea29892a8334b7bb456119c0ff6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2709e8efd47400502978d1bedc9d3c9c |
| SHA1 | c18bc09634919e0c38a935fb9575e749a151de20 |
| SHA256 | 2804969a1d8ebbfa8795e4c35967f6d017c3416a5fac1d7637684b304a5fe163 |
| SHA512 | cd3e0062a99b8985fa7fd8401f99a8e8f52e03a4f32ee79160afcd2afca6c81d5b919866e642f299c6743a2b563eedc271654d190106da41a1317e098a96804c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d15a10694e970323737bdbeedea233c2 |
| SHA1 | 3b13ccebfcc5d3d720594786a66c27405cb2679e |
| SHA256 | eab0cdb2c54491792eb5b6f86b09be4e01ec95cdd7dc9ec0cfd791d8efc92ffc |
| SHA512 | deb4739615e9c3181b2e527589685c1d11f576f41588f81f17a6f3dc6c65cfb820cd36a65ebb9cd3bc93edd7a9c448af00357cc0587cbd7c93fe674577616424 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 81896e2d5fdeec290d2143385026d018 |
| SHA1 | b733905eb1e73319ecddfb63f51897b8e61ef638 |
| SHA256 | e42f5b02341f540034dbdf8965c128dad09a0f0d2f6153a4059f2d4a570a7e72 |
| SHA512 | d5d3a4757263b7d3410b1fd5c587f1f19ab0cb66ddf893d5ec936815ccecd85c54282afd27afd0eb74ae6723667639d669ceacd86b5f2502f95dcf80b99ba59c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d4f139b2e69636e32019e07cc3aca75 |
| SHA1 | a8a33a6a3375bb9e45d6f439a5da28f6777b9744 |
| SHA256 | 17ce853576cfca5a3fb2c4742f14ebf2b948e2df623319832b36c06302fdc11e |
| SHA512 | cfb36e4cde7f0b70593c88ee8a0d7a606baf547e67ff1659c4ca06243519cd74e3b239e29d641726a1bff8b28c4ff812810ed3e847a536e69a1fae2a0c5e91e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9ea16e3e-568b-4983-b3fb-9aff2640adca.tmp
| MD5 | e564524433f431d1505db62ec549121b |
| SHA1 | 1ab034015ba57234ddce4839df6af2ddbbba2ea3 |
| SHA256 | ee818231c087572cdd63f8cc60ed7671a37ae1aa7a4977e454520058611f6a91 |
| SHA512 | d6582160b3d7dfbd94fa5275ec592ea600b5b1f6e2fe3bd759e07861f1038a90d4e4b82e604612c9a313ce0dfa96a7862d877f2a121a156e227d50782e23ff5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 37a185e5ee4d18a9427c038de9ab5f7d |
| SHA1 | 27fe27db91238ad375e695090c37e390ebb7b5b4 |
| SHA256 | 326e99745f91ac3c31af9cf7e4523390caa377064939b8d1422773cf2dcabb10 |
| SHA512 | bb348030419cef9d7c4f60d1f54f6c8f142125e369729c6c6e4cb0baba73f782a6bad5bf4fc8a24c616c98b9c3bea84df9f1ba5ff663c12c15dfcca27262472a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 70c4be310a87cef228b3a350474b539f |
| SHA1 | b695985f8ea5dc1ca586c564af892364e02de42a |
| SHA256 | 9e2fde6a28c4396bc5adcd9322179f9ecc1365d8120c24ceac834b752e90df71 |
| SHA512 | 64ac9003e7b7842cca7bea0c6ae1d394a3ab78e6071b1533831008a8227feb9d31c3d8292e70e2c23c97c0034acbcbed10c3af5535f22e595540a2683c345987 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cbd7263e8b1f442cc55b770ca328aea0 |
| SHA1 | 6af88f2ce3cd1c691bbb28d8f010d0f4c9a0969d |
| SHA256 | fe816ae5d4729748d46e0353d98aae8735e5ba21c5cdafb1451715867f50d7f6 |
| SHA512 | 970067eec22e13982a0a722edf38885b2ba5d353cebc89dd2e5711fd1d759dbbb2091b3770692103a6df1ffb8458d5e8e737413b188a0c87bec0fea19c34ead4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3303538d99f1d77ebd3e79e014c946d |
| SHA1 | 015c1d0f981ad8717462a5a3420074b989f5b672 |
| SHA256 | 6a9a83bb504ccbd7f7dbe4f41f21f62802327df8ee5cba9996dbf6703de79403 |
| SHA512 | cee0f950641b92553ae901be2480dc4185e7ce462332a59fc839c721e37c43cf05112eb96e15c399103bffcb14f36c4e8a729098609b519773e97ae9673f3ca7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d4e4cb2ad4f0cfdc4b7f63bd2de57f76 |
| SHA1 | 922364e206c940680ea79054f52ed6de73180985 |
| SHA256 | a5ac7889fe252fe1ad8998794e4b273f4e900c87e9b9c55d00944ba68fcc02d5 |
| SHA512 | fdfd9647455b5ca8d8638a6c393f0fbc429500d5f6d4b4812094a97acd94367c0895b2b935d41e232f6bcd3525c7d4cd86ed459541c04924354c2ce0a20f654c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f71a6a8f8e65a0e1d5878b41cd47721 |
| SHA1 | 097b9d6238017cdbf9231ac0db9b9a23976b82b4 |
| SHA256 | ccbcb966d69115e219816733e58689609fa7ba2a24ee7c1581223d38435ed962 |
| SHA512 | f02237095bb2b8dd2a8bde86e3310513e3a742baf9b317a105eb0c45812f00dd2307fe425410993a7b3304541dc9329ca5e057957a1273d9f4637f1e8bc991d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d602e72b06d66cfac938f2cd027c4ef7 |
| SHA1 | cbf59b391d117cafaa520823ce523161737be313 |
| SHA256 | 54fc6ded89cf420b77d8e4f1fded7176f15b96bb368ce251ac55a7f56c517186 |
| SHA512 | 2f26d621c9554ca27fbdab8c62477bb77c12c297f470be7eb0506d8b55d064519a2113185036d2390245549988ff18508fd81a45ea0dad0ae16c279f8c3c53a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0e2c8d08d241bccf9f0ed116fcdc925e |
| SHA1 | 0080a21bbb6132171bf7c5563e47fecb881162e8 |
| SHA256 | 2b81b41b2ccab87e14c77e04649c930b93d364f221904f4934d8625f969ed943 |
| SHA512 | c1b8ab725a4a113223b5107ac8d06363235df85438e948355398298864a745820f276f82846603617cd728e908b1b3763b72f3760e8107abefa6dc3a7e922fbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a31333724af633aba881e75b2a9be41f |
| SHA1 | ec59ea1d6526eceb0289437a8bbfcbde8c6631cc |
| SHA256 | 4b0cdf9c3b7b542d68a93989d97652c7ae9078edaf362876ce562556cde4d0cd |
| SHA512 | 1de4d1f14af71f50dea4fa82647493773a53745d6b6de1b034c639b9806224f77e26b1360cfda193eaf9678b55a6db9f0222233ea826a229f3697d220827db09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c047c8a19420b622e160c6a2ed3bf01b |
| SHA1 | f7b42e8270ca8e0d77aa65b2c595602360271fbc |
| SHA256 | e798088cfd5a7dc9d00e402e9183bc73af9fd9957f8cfd6be8411a244c3c9efa |
| SHA512 | 1b35691cb720082b55cceaec564d124c7d604789ab7fc389027b23575c55eebfe73f73678fde2187f6d1e24307f9a65c3ddd357420e85baaffa87de228f19ad3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8d2ae7fa9332721d374daef55a6cbcf3 |
| SHA1 | 47d40e7362d61827b89c19da5d2dbc02a2740946 |
| SHA256 | 41ef2bca1c4e507b5371f664f6ae56e4f1b4789abef12b0fb9554ec3285e7fe8 |
| SHA512 | 77e2e9717b312e8b7af197b0920e65165a8adcf2df703e757525a84fc36ad4eef2380671ae3289c16c6cb09e06e9cb0442eb2ffd655c6855d8e3a1b325fb0f2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11ac6d6b3aaa063fc54653fad9678adb |
| SHA1 | 23750d71580c0ba895ba57532a2a521f65686d48 |
| SHA256 | 1170e84d3acf772dcb43d0278c141413d628b27fd16d114060a5093ad0a08f96 |
| SHA512 | 02e26caaf2737f31ba01f3951203b177437f60f51eb3ac696f67b4af5c988cfbc756636004fe9255e5b02028e2dce409ef472c915d0fa843dda58817a5932976 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2e957add88ddf18c90c214fe15e8b22e |
| SHA1 | 70356567c51e8f3636546faef82d84fb6d972c2a |
| SHA256 | 1774705e7b523e52ac2cf92c65e5adb36b84f99474ddc75561a1498c8e7dcea5 |
| SHA512 | 9ede673d22a508472838e05e8b17b547f24fd13888585b4189d5edfa02a0ce4fa9d3edc913a326b71176074cf95ea47954be07271d79949b6a854c8d064182ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 33a2975366b4ae2b52f2b0b067ddda37 |
| SHA1 | bf1dd85c0cdc8bbe6120043cd4880c871810162b |
| SHA256 | a1f8841450ec7eece887ad8b25de26ae3f33191651aede86f594af1ca6b137b9 |
| SHA512 | 5846f7c9df201b96ad28bcf753fb9fdc4a98cacd3da62f116c0ded1905594f7c7833f20e27b75bb0bae1480951e22f71dd1917910494c16cb64d9fbc293620b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1922f6943f3c42b13d34acb1d8d0abea |
| SHA1 | febfec4353da537a10f8989e350349c3491c2ace |
| SHA256 | 7396fad302c9cbaac6f2fca5297647a399b3ee874bce4516c70535ca4ceca936 |
| SHA512 | 7626da5374b1baa29620012297d8a7fa1283e636c7b58f46314550d37a96e12e5e29b753bc2cbd6e34c712e58a3f8f24de26e41870c9765c51f0d36085cfc69e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e5fc078634065b4de61fd69a47148d5b |
| SHA1 | 04e1f0389d8526320c19694b7db9e3deb3e1399a |
| SHA256 | 3d3d0040a1e1f43ff6518de08763277a74c73c6374598d993812f113cfc7f107 |
| SHA512 | 8dd6e8cb9d43abaae9ee28bf8864c49ef7790e948c66cd131bcdbbc230756a2a8b8abcfa0d0c15f888d86bec3a5c20cbb60b1510de8c505b49ae9939d2678113 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 20f7fe98385111bd837082e8a861adfd |
| SHA1 | f555e4ba6bf478622d473cb67f83111b5bf8ccd3 |
| SHA256 | 47856883ce0f5754ef6b3c7403bfaa52afccc21a245d669bcdad5b799d79c0bb |
| SHA512 | aec7ddb382fea9578cd4ce33a86d2afab7a3dede394a5d4eda4ecdc3e34a975dacc14af2c76484b6fc9f3c6a8f1f45e6e7ae26be131c8a3d9b9323a7dad9acd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6bbb4ce3ea0cb9323c84fe0837a0e37d |
| SHA1 | c6a745fa24f1d7634b48e272b52c92e816a72a9c |
| SHA256 | 9eb2e0e36b93e3e9c8b00fa9e06ec60b68a88a63cd95aad8ac34cf738d999540 |
| SHA512 | 669ff76d7bf2f87f58f576717fd918d20f6392c9585cc323dd7169dd7b0757b0d90180c749eb8f0570072ebb9940c00edba7bce29346aaf044f07366c4de4fcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 24233ecdb56588ef95c5b0e79d9bc074 |
| SHA1 | e716deb6915de084cecbfb6e49f03aa3c1bf51e6 |
| SHA256 | c06a09ef68a90c38ee5792abc439ff428f1789f22c2495f602215304430db794 |
| SHA512 | b5f6c297d53c01aa55e5b76de2ea1222ecc92b673274219339a61a7b1d4aad9568c45bec68cfeef4c4631f8c52301cb2d759c5706600e2f6cd48424d47bd4f3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3
| MD5 | 0f3de113dc536643a187f641efae47f4 |
| SHA1 | 729e48891d13fb7581697f5fee8175f60519615e |
| SHA256 | 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8 |
| SHA512 | 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c7
| MD5 | 4f1df8f06c6930d2cb2bbc86652847f2 |
| SHA1 | 1126dc94a5a89ef056444eecc944d92d2299cc77 |
| SHA256 | e25e72992189558118a6cc44e8063b5369eb0a2d9c4f3fbdd67c04dcc56b7ec4 |
| SHA512 | ab4b6381befce657dc5d3df7924d929d70f4c8cb4dadc831c1bc73e09576a3b90cb78586902ac6ae697f06c34b84199e60d05a67cf46ed89c938a9a836f45230 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2d7c17fb3a6867c32ec173e01cf52c65 |
| SHA1 | b71b60042701574d9587abf0b15acf5359dbfa84 |
| SHA256 | 82ebc4f35bef044d5617b9b323509112d5949c841c7d43d7319c508266c62f43 |
| SHA512 | a3c25150a50f9ed537c3ac726222edb11d9d7a78a5e3cbbd75b84c5721fe3a5c77fb55b35842f7002784ab8d1101e708f7ced5daac7199c991756cd66b973d56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bb99679c5c8af0ae197f5c3f16f9a66d |
| SHA1 | 658ad380c0a5c44b04a9b37754f67a5ab98afa32 |
| SHA256 | 7a4720ca42199fe8da097ad873af912667e590529c6f7e1a7f24683c85a43f80 |
| SHA512 | 79b2f345f737fa5bdade85277acebdbc4e9a366edcb8fdcf17de0d71c84c6d8279d48258f4632b30352c7fb6241eaf6f2e8997fdfc863a1ab56697285c62a2b8 |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | 0d15dfd24214caf3caf3529b152582f1 |
| SHA1 | acb5db4b2e01fe195be4e2abb719b81969ea5a13 |
| SHA256 | 3873dcd00813603530927f18ee295fe0688d07ae775ebf09f90a89e7ef697ea8 |
| SHA512 | 2593244d48f1bb70da1f21de21ff23d991232be42bbfee034d67708a7574754d2d6c97c9911b631ceac684d233ecba4a93c2a33ef093bc5641cb56bffab7a7d8 |
C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Installer\setup.exe
| MD5 | 0e2485bb7949cd48315238d8b4e0b26e |
| SHA1 | afa46533ba37cef46189ed676db4bf586e187fb4 |
| SHA256 | 1a3d50530e998787561309b08a797f10fe97833e5a6c1f5b35a26b9068d8c3e8 |
| SHA512 | e40fcfb989e370606469cb4ca4519ce1b98704d38dbfa044bf1ad4b49dbcaf39e05e76822e7dc34cb1bb8f52e8d556c3cbf3adb4646869aba0181c6212806b96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49671b4d333aba424130cd9283a75f4c |
| SHA1 | b2160eb07d9c7e9d01387cb6712ba51f0609c232 |
| SHA256 | b2e702f30e88428f592c644e71236d3d1fa45008c9bf7353b6b63721510e0101 |
| SHA512 | d93e83cd00fc58ecc9f858706de29dc0db5a48809adb3702d71e313f78874a5e9df2aeca0063c1519c8b34231124100a4d7cad80750ee29374566b2845197200 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 19840b089a165c2898443e20acb47152 |
| SHA1 | 5666fbfe4be23db3e4ea33b867068d30f50eb5d1 |
| SHA256 | a30cc963497ae8602f3cab161cb56bba6c8899caa7f984364e96f87a7f50b997 |
| SHA512 | 47f0a4abcce17d06f3d9d3cc2b190c58c7802a32d702579e737b0870f9dd2e14bb6725b1056665270cadcc82936dfad3052b08319c48d235a38cba29b26735d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 64abdc72cc81d20412a1cd733c9393c9 |
| SHA1 | 26d659059703febee303a3c71e8361dfcef87e01 |
| SHA256 | f800b7e65b4f15bcf4cb0eeade608488544918d1c6c6aa0dde3e8cea8e79bad0 |
| SHA512 | 8184d2eda98111e8054ff0c889957176daebbfda513d06637829cd16c1adf7db36c1121bbaf113c13a28ad615529a984409c06da3e2cfc98f12d692d5d34a6d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bc31f45c1ec7d63f395fea68739c1b35 |
| SHA1 | e80588fd8ade967063a7dd1379c96cc8a2eef70c |
| SHA256 | 8e78b088d1ba12cc1465c76a04121c4585fbfeed7afa744df3982a22c7643f87 |
| SHA512 | ad9f42f46989cf063d85c0869ee28bcf0601ada0aae4349c3af417dcdffb0a3bc4b543e83e987716578de0010ed5b4bd682bf6793f06dc356a2d412a3489ed7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 475e3f078edd199e297385df69e4c97e |
| SHA1 | 58472a1804ccb2f69adca0610e420d513d3c1522 |
| SHA256 | 678bd5ead5f89ef3fabd1dc8e6430660aa1b8f5c450bc3bf320179cbc4b4c71d |
| SHA512 | 55a709e00a884dfd29bc81c38c420f03022d33a9a2f74ab1f5a37445edaf54f2afe24da4992aa9d579eba4bc99fbe5a5a66b43d3dc5e293e227d643b38f99ce3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0124b3bb2520a95fd0615af6872f8708 |
| SHA1 | b2c0daf2be4fce26be19ad74f7379059efb8910c |
| SHA256 | 1c2b0fa0d7cb9b14c0c987cf6f193f0e7a58b1a9d9f878bcee28e09fecece95f |
| SHA512 | 5eb7935e491ebc193129b8f0031b5bb9fc991896227d5bfd49d91b697970e15b4475c9b9042648a822ee52a60ea9d1cc2c69b6f1c9f0724b7e833b110c07da0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d88db8d535cafc94d868fbca751b9a67 |
| SHA1 | 26c6d159d2a5d0e2ad6e9d2869a5aaf53615f500 |
| SHA256 | 124f265c8e49be71f4b7029b72cb03f0c31199b76785322ef6e49b9686b0ff78 |
| SHA512 | f560e7508e164b224d550dfa7ef8c7ffe0c93314e3b64acde9ceca5c08ffad95d0260007bb69f231be8ee4a598fe668b9ae636406757893586315bca21a389b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c459bed2696fb26bf70e2b9202392279 |
| SHA1 | 304e2472aef7c7edb39f4b9b8e1d7d2561752a9f |
| SHA256 | 132a934f986599a1c3ab420029f5fa9c0beeeadf261a5e0f6208fffe45c5f856 |
| SHA512 | cb65b2b1ddbff972fce3c06ed3cfc2cf54ccfe30e02a574975157fbbb2f544ae77a1e379f8a5eeee067071f778aeea01a28778bfad7f110c2a7f933cf8fa6ad8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f55ff1efff0fc929fe41e34dc5b3301b |
| SHA1 | 3245a8c047ce7024da7551d5f8c4b19b07aac3cf |
| SHA256 | 17ab4a2f59b0e4cdc4911864d33be5ce0f12eac8c3a254994bb0520735aede45 |
| SHA512 | 4b8dfd0ed61c8826d3124485e189d1025348e0b5e3d3282d65cdcd8fb8a5e568ae1ce837d158a3e7fe86d3cfa023c600aab5a9c612bbab54a51b9e8905468c39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f9b534cbbab32b338e7b216367afc6f6 |
| SHA1 | a3acd9c70c8e75b198261520223d1df5528cca72 |
| SHA256 | 79ece04653b0a57aab2599ab88be352a7dad6051b7b321653393a4efbc3ad907 |
| SHA512 | 81caaaf1d67564e7d79fad540e2a3bd98c09e2121d4e7168cbf24874be6c7a72f2b17d3c91017a34fc776e551288964ec8a5bc324cb312eb04a4bc70efbd50f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d0dfdf59a5d1a9d20d41811710cb20ce |
| SHA1 | b6014516d7faeadafd74ed5157e9fa53731879f8 |
| SHA256 | 9e148031edde32de8a78bd1539dd88b0418aa323f9efe3cce359ec93533e4d61 |
| SHA512 | a26b225ce48772b819f0354a0039f67c3e336e2e5e170429b2c3ad5664ac055fa330d554aabe09c3f92181b0cb70f0f0c3e738a603f78764a7ef84adc1bf29f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 85f884ebeafc9d8817f1760be70e747c |
| SHA1 | be454811c44e5eeb6da85203f55d07e23fb5b09b |
| SHA256 | 143e3ba94c1874cc92aab4e33510683b13d1150cb41ef1946fb53eefbcafff75 |
| SHA512 | e7c538a0ac4a77b6e714865a24e408abc06c37d7cd5d3d81757a622f5b785820ac671e463d472a46da096aa4c271203d73106a302cb81d86174ffa47abb4a03b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a52c6f529ccef1d6e7b5a0881499ea78 |
| SHA1 | 6c65001178007b394f84dfff41d9baab9e95c055 |
| SHA256 | c36776a4d0bb788ac85f349c010a7abe6fab3a102a1c1c44b7a16dd7f530e01e |
| SHA512 | 013569c0b611b99e33de949a9b89e27579a884af7a9dabda2db0714c59d5ed04ced770545888d95bf7d77008ade8a38dabe52f5c8babf7aa472e15b750f9e93b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f4357f76c2dbfe4d0f3aa14bafa40507 |
| SHA1 | 15012113b884f2089c0154d5313798bf181ef349 |
| SHA256 | 8e6c0e696100b46a8c7c11a51e9862d8aa480552515449af5f34400afda68c71 |
| SHA512 | 2f6cb5419feed2b046da8262b73da2e73f5358a5b50e87e84c92acc3f1b65d82ddd55d57452e62c7e5ef918df523842a84590c2d70af68164b11136ad0d7a26b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b2ce095277d00790b4480b301a18fc6e |
| SHA1 | 285fc1b72b5d20a9cdd995ddf4d2ad81a83ed13f |
| SHA256 | 360e24c716913322832719bd7c4aad084aa29739496156a10616bf40963e1bf4 |
| SHA512 | 93db458bb86e07e5a242bd66215993d5800148da110843927595632dd810b6d5097864c617a41e24f4b822e9d3b21260d5398b0f62b60a5278e35b50ed719222 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 954b1719b47a814b01889d2e6604a84d |
| SHA1 | fdae2532077b45577b225580e3118fa6c7f90b78 |
| SHA256 | 415e4f87bdd89b635883a208e178b71a3e22ae6d55a9b2272349ecf3c5cccd77 |
| SHA512 | 849c86360d93ad8f0168b36b78a0f977c29a9e7e5491ca8b4fc595e8d29616c00240cbf37faac2132498c4e75ebfef7dd6dfea9155f2e457ed351476751e5ea7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 01722e0a7b7891f4b0c4a299cb169eda |
| SHA1 | fac61550f11100147c48e4ff8c030ad5faa70e84 |
| SHA256 | f0190a0945c36c127a91ea188f0e6e3f3422f8d095be064e9c6be4416d5fe02f |
| SHA512 | bf698216383c3deba5b4a0726ea2753139bece31a7ef9b60b95e50d859b856eeb1be717c4175a0c3572386939536b30c9203ba9a24c15abee720c695bd04d68c |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.37\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe
| MD5 | 160e6276e0672426a912797869c7ae17 |
| SHA1 | 78ff24e7ba4271f2e00fab0cf6839afcc427f582 |
| SHA256 | 503088d22461fee5d7b6b011609d73ffd5869d3ace1dbb0f00f8f3b9d122c514 |
| SHA512 | 17907c756df5083341f71ec9393a7153f355536306fd991de84f51b3a9cdf510912f150df1cbe981dbf3670bfa99c4cb66d46bc3016755d25da729d01b2e63b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 560186fe0fb6a7dcc1e288f3d7a3716b |
| SHA1 | 1d55a40db68c0274b57131386accb88eed9feb9f |
| SHA256 | 08371907d08404033c7fa0dbdac35713589beada7412874b8a3768d9978c0412 |
| SHA512 | a64e0964641c47be513ee4082b487c5e738ac01be5b297008a3ac16f75e18450ac2af031460d5a7ed949df21876811b76c2e7e706f0acb09ec25027e0db9ee30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1dda86de6e06f17d8c46ace3ec227046 |
| SHA1 | 43e6cdc91b89144461875b0e875511faa9e97702 |
| SHA256 | 9f28f3fdf18d984c45f3ac79f95e253cdaa37f0468395a39d2bdbcb06bc7fa2f |
| SHA512 | 39cce3f59706075a3dfd335c29816cc0d2cc70559ea63aef0ef8f7f42cfa12472b0cfce90b9b0d462a42384c374112c5c175c345e4f6beaff33fc14f7e1d2eff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 58596b4f2e6a3cd2eb34ee0dff5d4b20 |
| SHA1 | 1b7f3df533a3ec07b8e7c615d457a8d35537bd6f |
| SHA256 | 327adb216625354e329f90bfad07c8794900c710ee9fa11a4de11c48231bb6fd |
| SHA512 | 8bf0f349603b26e664651181a96411d0ecc2b8b83ca751faa9f52096bf6082c228c4f94053e302e8f1857760b0a9c847dcae6a97624ebed024276daa68dd92ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 85d50ff3cf28fa8636e3483b142d4e69 |
| SHA1 | 2245d4ebc148f2840d9b303657dc1f10c7106b1d |
| SHA256 | 9bdf259e52cf1ca2ba9c1d0bd8eb48821778a7c9484e7d67d6b098239df8b8f9 |
| SHA512 | 20794b37f337db538bb3e0f5c8df9fe09b8a86feffed45fe0b734d946ebc2de6d0dfbbe1ec3af9cc0898f3f1f1a3f932a164bf6cacc35da2e9ff3ed1cd46c5ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0a8423e5f7048e62c9e7dd712a59b74e |
| SHA1 | 8d6598c52c83ed119296e8f66195a9c525b53069 |
| SHA256 | 2f3059c3cb7e0aef7056a2d64eed91dbaf91e38a6e375d28adfd773e6de69032 |
| SHA512 | b0651f14670d927508fb0e0f9eaded752e7bc796eed9c3d73e12fcef54b71518d750dd7e65f2886b9ae388249d785aafc5d10efbd13d085352163c9c6b840d81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f28d309bea4400afde835e59197fb404 |
| SHA1 | 89a1c450712221e9afea46a63dc408c0bbe40123 |
| SHA256 | f5de0319a67f8107e6341cd49a77a7658a82d018a5bc90d837681dc827c4e970 |
| SHA512 | 58ab97cbb0727a7e82f80f498fad11ada8bfaf39789ae5f68fb774491b5f1b9eead1613d82a9159c0b96a33c94ecdd019f7ae6434f1006b9a943a3efe9c726f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e71cea02a6594e8068ab0efd775a42c0 |
| SHA1 | dc7395bc21c11775009ade9551dbc8f9f4ed9ab2 |
| SHA256 | 6cb6f6c2de2a9aec04fbb4aec8f7c4589d1a99f21b41065356ba53037b6855d2 |
| SHA512 | 657416bdfcc5f051b866dd67f5427a940f3914ed026596d2548709ff64430ddcf5e705d3c3702889a7eb6cec7de9577bc56c8f45264b3be8a635958a40d3aa0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4ea2674692d91548e0c4015a0380fff4 |
| SHA1 | 556910b853ee71e625ee1f6bc8a8798b2b5a69b3 |
| SHA256 | 2adddb1c0d05d5b951d6ce42e7cb025cfaedb2d99f2ccfc8a1e7b3050157c4e0 |
| SHA512 | aa1ef9d561f4e3e08063d36e40203d1c34dec111a524fd5936f9a9731bc6ecdbee39b5fb6458af5fb8d1e639ce6e01ace20ab46d9ad78d11b0789f7e7fab1fbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 103cf7b0213f77684b7848ede282eac6 |
| SHA1 | 733b06129181ecb8b1156b9ef2c72dbbfbeaff34 |
| SHA256 | 649e1f1f5a111d12661d2ba3b0ca414fbfa46138112678e1d0340c2919d13576 |
| SHA512 | 6879f393c2fdbc6ae17c5c34c745481eebafb7f28a9365078c74ba3d790f03354074b3b2ccfdf3b85459ab42dd167f37f4ab19ead6c9f6ff72dc76514c65e2e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a350f9af9230a03de19953bfdf7b1bea |
| SHA1 | 17917e4bce2cf236bade4fb3d9ed62778487666f |
| SHA256 | 164707dbb63115466ecde678372130175ea4026437780d801f9ff4031cea4d7b |
| SHA512 | 731bacd26d378f5d5a6b099a51b4add74811a835562fa8db4a5c26eca7b7a02c38515301441a704f9db6b27e26d29606422d936e248f537d0337464031a91bda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b70bf22b2fbc3a5cb804bf39daed151b |
| SHA1 | 443867cee898b7ab162d679c1d549ce9da0b4d03 |
| SHA256 | b6a3aad68a1a3300ce9bab1d4c506b2b7666b987be61a81add7695114f650fad |
| SHA512 | 8f16e9408a1e82cf2e793e4f9102d5b413e05dfa936afd2cae40c85bc15665f3d2aeed00cec09ff879c3eb68cd9aaa35656c4678f795d58644700ea43376a938 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc1ace0b3e19cde5d6354b2726dcadbd |
| SHA1 | 3ee4915ae7bf89989328ef261e19eec7af38984d |
| SHA256 | 9583007f4ed5d1dd480727a77defdebb557551abd1bb94749cefe739d437a639 |
| SHA512 | c525a503d9f159c2ef98797cf95d54e22b2ca41e8c59febcb9830d063455675ce3f52158b1fe5d83359882f537f26ca124518bd476a90467f0b30c7a609e05ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ee02a8b7bf38f46cbc7eb6f7dce487b |
| SHA1 | 9dc3ae7093990af3651e02ad0dcdeeb4e25fa6e6 |
| SHA256 | f99ddbd77f1c127e9bed4b4de801396327e3187c6ee3de3cf054f6901f3f713f |
| SHA512 | 22a84d99a660b37475c2de32e349db5c73fe7417d0b3cf2b88396b3810b8f73b790d6176636eb16a1d518d2765120cc135b97cae1527f3971d40eee6a57e1529 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7178cbb1347c43175239e84d20aa0da7 |
| SHA1 | 92acd6d05be033d3b1280545fa16c5fad88c53ae |
| SHA256 | 2d195a4991b99f51892485adf0308f893aa2bf6a9a4de2e07f28e0256dc8144b |
| SHA512 | e7c023910b6b446b031536b0e77ac8abce82974effca87a390cb5e1b1969a412b262acd599c055f5b245ae32a44dc064e36b793ea5f91ed9b75994bd6d97c6d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c09711380736e63627c6c70ae0f1360c |
| SHA1 | 76e7f76d652f43f3a4d9689da4c8dfa44d3a16c6 |
| SHA256 | 3004f5180e80acf5beb6fd5121e0570172f47bd2d825c814809b2423a35936cf |
| SHA512 | bb7b3f750320d74c605435744aa3a358271f7a7fb82a002dbc78d1facb98c3df67a450f25eb4ba66b05942042b395766c75f68930b87412037e02ffc3b5fc1c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 473113ba88dd853eec8a650676f76c26 |
| SHA1 | 0d68891f846488c953a6223c84fad04a027993c3 |
| SHA256 | ade2393086788e9d68be8992286815b33f926f432c03a3dda9ac5ae6d63d7ae5 |
| SHA512 | ffdfa8eaf9e29d855e9f85974e3f9439e9d0d4d8e2455da8ded78d11ee8bdf11090db40f9eccca45bce7343861b3341c67df2faed0a907229b2ad6c93c7e311f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0819e8cd1b72830ef63383ea60209e2e |
| SHA1 | 41521485bffb2b908a11cb43e57544c33033cf67 |
| SHA256 | f7de35ae79f83e815bd88bdbdb2362ba5433488315faa2003dae5150ee37eac9 |
| SHA512 | 0134a32885f8ced1ba21ecd81ce6de9729150c3532a8ffc45ebe8e088d45834b60a3955b68aa2e446419bdbbcbd5d8bc40fa1d817f77d14d009940ae48f81fa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f8554aa746d5d0590d061d74c5afd671 |
| SHA1 | 006fe7ea0da9735a3cd1077bb15eb0e963b074b7 |
| SHA256 | 4fbabfa64552444db45a54ffe4b15a2974ab4cf4753574cb893e660a05a34a2c |
| SHA512 | 2ab86f89ac26fb12dc7c62f9911519c75b195c4edf6ad59fb707b1c7f6cc2b9d9b478e5b11597485a70e7ff9d49ac814bc4446fa4be3f59ff2010efe8c72814c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7531b48167f6353d5d8c4895d7d02d19 |
| SHA1 | ac311e3ae69aba30cf1eb457acf63ac517b185ff |
| SHA256 | 0b92dfbc4736f77bfddd378104ad946816894b67f45c28cbe18e23c2d79509ed |
| SHA512 | b1b69111526986456f8e8d20bff4cdcc0b39dc04bde9a7531856381147d1f92176f74af67181892b1dc4c1e80482979458dd937ac6c5b7e3a03b2dc7bccc56c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8bc3d8bd1e50efc4beb82d51262b05fa |
| SHA1 | ae9cf3b6a27bff19e4b0529abadef572f3e7e812 |
| SHA256 | 03b433c3e5bdd59c4130ebac7e558dc68b43d99c018c9c6cc6f28974281f7637 |
| SHA512 | f7b1b8f589eea9b79c7f5cd3e655a8386af96611dd174ed01bacf1b658bdd233dcb63a528f446e5e700532286148242025c7f0cc7cdf552dbe9f7096eb59a37e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7f7b05ad18dc1f3201c8f2b42aba3e92 |
| SHA1 | f551fd25f6de390e761d5541491ce294f59988db |
| SHA256 | 719fa78b1af38923a3b5b5440a79b64d64eb07c95e0ab1fd1f61dd8039957f21 |
| SHA512 | caf1be235755535ff4d1e80726417e20551ba1602a5b198f6c1aa0d9ef3bbbeb08a4383ef87340f174efddd21e49a4aa8e11198683256afd28f5343a385841e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0eae3a9681ddea846e3a9f7bb8f231f1 |
| SHA1 | 330c400baadfc75dbcccf8456fe07fe670b0fedb |
| SHA256 | a3de933f39d84775dd4a4e4fb4a184c1ac7b1b87ccfbd0a2c2d1c549c90531e8 |
| SHA512 | 77340cd4505e9eb1434d97d797cba271f0071ba27cff04cb0dc8ae7ca8d5e449f83636b1e865a83e17fe6b7aebab38ca28194570482c7176f20d4fd2859bd0d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 589cdc4f20cdc238c20b2528d417c6be |
| SHA1 | 213111999b5b043d9c3ca5f2ef3db2d306ab77eb |
| SHA256 | 091c97685c03b4d7a4a3264e53c640ec279fdb0c93338405bc9d5285a0f3b72e |
| SHA512 | 65824edf12856f6a52637baecfe639362cb18ba22c0e51dd947ec71c0e6a66b8012ab582b137b4c99b6c16022049824b01ddf360d5307e03be7b153724ca4402 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f6fb449bf98bfff7d0338c5ebc7fa301 |
| SHA1 | 476aca1aff37e8cc57ddaaf3e638e409333f14ea |
| SHA256 | e537773eaf2dd6a5d9fbc65da7b7eefa69efdeff5e565ef8c7ce82a16092a072 |
| SHA512 | de41d2fc2ae7ec6af640c6d5827928faa058da3ea75d5bd86e99a1d7026178d56c09a91a1adafee2a7cbd2f3cdaaee252c5dff6e9ca40e700e6ac26bd5061ccd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c100630262d9583a7bc55b0d40e11e89 |
| SHA1 | 2350bcb8a6ed82ea72f67f721f727a87ba6b9b97 |
| SHA256 | e07e16b15fdf644e5818fc78d9ed19252ef1c51b0c8ab7de47dac9479ded5f01 |
| SHA512 | 00c4e0014b8bae914c75771b290ed40a91b803efe4e8b024cc243183494e8ade44e477ab16f9782dd70feebcdcd2843542682f7bfc87a813e1fe64c240a531bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\b8e0e14d-733c-4069-ab81-cf9aecda92c7.tmp
| MD5 | 5915da7189d9fc106eebc0c9e97cf7c0 |
| SHA1 | b325025c103de924a042f7dc90cfcc1ddfc67c20 |
| SHA256 | e33ae84b4ccd65a569b6875707c278a8714eaead7bd53aad45521a642facb451 |
| SHA512 | f68cda05f203051ad0e9e35018ba1d4c4c8a2e19011ec326eae8eb834bfb2e157743b388c459e089117f33fab4aee35518a67e0e01fe76722ac84ef4982c24df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dbda2fec2c1901e80081c5951d651805 |
| SHA1 | eee73397a7936038221cbaee2973a903d0a48d06 |
| SHA256 | 235761ac8df3c3c7307cd2ae50bd165cc2406272d31b466fd8df53fe3cdbf06e |
| SHA512 | 047c4dc930f75fca528c941135fdea9922fa464f46f96c198d60a6453d79901acc819952cbc2e8518ed50ddc6811d23cceb45261251e69e105d8e10de307b4ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 203971242d0a782978b4f353db453566 |
| SHA1 | 08e3b1a77b7f94a6ab055ea8e33133722fcf882c |
| SHA256 | 305630fa1aee1e598490907ade9af5b2e6cf7124a29b79bf47e19ca532dc3ea9 |
| SHA512 | a40060d03e78aee0b6b6cf1218ffb0b08f8774ce50b79207c551ec3664d34dc28e66c12f8722a6ecdb14ca541f6e79223a3afe9a7f591f456cb562cc5aae823b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2269a1f00b022ab36538f3de9eb0b5e1 |
| SHA1 | f33cceb11be6e1e5fec06f40ab94f52c35a368cc |
| SHA256 | 6b40aa901b66a242d68b82ac10dd27e019cc73a0565fa8c22bb94c0786564342 |
| SHA512 | d118f405bc4d231b48a79e6ffc34f18a342c7558f9fd5da826fc0c8977617fc7f178269a10120d2df1d9af6ebfb5bb82b0063535e2b5d0e6b065fd97825edf6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc5f8355541cc6e2f9acd0880633564c |
| SHA1 | 8af68706388bc59037135bcd24d45f90326e9030 |
| SHA256 | 6e47cb87e235ade55668b64a322464df68dac1db427383ac9cf1971b31f487c6 |
| SHA512 | 6b1fb260727dc00a88d527f6d7423337d4580f1c0dc7e698ad81b8a3aec43a2e29b4ef3fe9b621ea67ec0374be40ccbb0a32b7d18a630b3fb5f96b740a3398c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7de3cf5d0139f70a486c9ba3e1b937d2 |
| SHA1 | b6139d04573fb37fb9e8fea31052afdff4ee7ccf |
| SHA256 | 68c138ef1f4a38d8c59f240f5a447dc560ed5a73244f10ec95104656385fe447 |
| SHA512 | 0218ecf105f18189174cdde38a294997c0768179f28f398a8163b0e1c55efc6d8bcb23e78fbadd13a0b9d112cef79388c62a45388e87a9851b43cae86b9173aa |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2846917C-52C6-4D79-B4E8-27A3E1827A5B}\EDGEMITMP_A0345.tmp\SETUP.EX_
| MD5 | faedccf679a8d88c91909018d1b30a6d |
| SHA1 | d50c43ae0441a8526e52d6bb04cce233e54d3a86 |
| SHA256 | 17a00157a757420a5cbeef48ffc3585bc7794823cd607c640256d67079a982f5 |
| SHA512 | f3dfff27cb7883302486e1ce65d495612b43f61bb9dad985c6149a97f25b5fcd090d8b4ec4e14aad246ff223a70072534338f3bbe647ac2b0f2825428d2ad44d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6eb147792d3b9c39f54382c6bc5753bd |
| SHA1 | 287bc00ec4f0e85fde6124e8113ec051fa0f67ba |
| SHA256 | 7000e5469837812dfc094bd1b514cdfdb652ea46d098599e6dbd14d9a6838bcf |
| SHA512 | 82e10988986599de58ef8d63ee459dc71a056e95d158ddbd1ca91012a7a519e33731386e7cd4d1601ed76419564e8ac79c2f1a3119c0b82cb08dee1e917627fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6e54c5e30d402774ea380e022ca46798 |
| SHA1 | 896211fbde80e3bf0cee3b6189dd3043b3672283 |
| SHA256 | c9d2139d29a8b265da687eb7b6b5175fde213bee2f46d4bd40fd666f2bbf0942 |
| SHA512 | 9cb500581dcbd199223c2457ef799f0fb997270a76c69be36f5f351a5b0291649593a6d816d4c086d99faf498435376ec564126725e7592ced766f0894b6d2cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eac1e14de4c93c9c2ccaece62e0e18f8 |
| SHA1 | 9fbc3bc8569124da4cbb986f540b5410637c98d4 |
| SHA256 | 1d8655f725bf3ec4af925594decce828aa8d0cbd0a123f101d626af86673074a |
| SHA512 | 8db307ac192f45d3786b06e8a07d8bdd75d05618af14f2ba6c87b5030506143764e102c1ba8fb8e8053bc43e0559dce4486e7561b28101e937b1baf2b95b58d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 084f8aff8bc6162a21c66eac06200a6d |
| SHA1 | 03111b066f1706cdb154a5ae18361fddeb7f5910 |
| SHA256 | 65b365690bbf8437ce4e0179a50c6a0bae5e306353c30fedd2477ceccba03302 |
| SHA512 | 1de07dcd564d29c8bf4a0fe3926981454c22722f74e1a65970701ce60cf36b03cfc98c899bf3a5879a04c6ec5d9196833a26a67c05b8710fb30c9c1f7ebe7e74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2a16ac0f0e6ab51396e13f01bd91f455 |
| SHA1 | 1baec771191f8faafb13d0c2f44f1aaacd2e4749 |
| SHA256 | dbdfae3e017f077fc9c1016b42d67be95adc7e50b052b055f216549d2a0184fd |
| SHA512 | 4d889e6fe4f0afea00891c1d842ac3c7cac1e03b64470c1b7bc6cc5377d278988d3b6fb94128cd7dbb0841d6e04a4e18f8c05ac9ad4e1d34a1e370ac9b505ef0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7d271d6b8c9f2fd5c8870152d7144475 |
| SHA1 | dc7de0243e8beea5e47a4c75a334c2ea33370576 |
| SHA256 | d4f63853bf03c6dac931d5d6238d7abfcf47d229cdfd190f0ae0537f0ba7b714 |
| SHA512 | e3a2b1bc5d344791e0f23fb7802a32843cefa32f2d4ead16b43ce289c2499aecdd2fcd00fa33fc319455721152e91433f6891f5430c6672527177acb5a5b3229 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c0769fec9b8da169d7b289a0ab2e2ef5 |
| SHA1 | 052bbb72f020cc3174b0e9ab69086934dd532dd3 |
| SHA256 | 296f4f68ab17e8aba6c6ff339d4c382d770e5d6bc4795c0618a2fedaa6fd50b5 |
| SHA512 | 4581fd55b0e8bbe99b09318c72169154f4fbe12d7e8ec7014ffcc752bdf5ba7c4f6d193941cef92d09f443960523fb650c0763dac7457c8ef9c141a89f779ed3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1a4409a45eae07788e388facab51ca88 |
| SHA1 | fe258ccb27ccc4b094ec0fe3ce721d32e9a10e93 |
| SHA256 | d477691d15a81a2e26399323c4bf589d0faebcca4ebc15965970611455eb28b7 |
| SHA512 | 07427be6662f73dc13509b0e123ea966435017fa4d20fb0708e39ea42ae8caa5d538ad4b11d919badf95afc3bb01427474053b385621033f6ee7e568807ebf73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3fac4265c1bb92a61b31950b0bb466d9 |
| SHA1 | 1ff47e32f34f2d75d2795591d5528db630c53beb |
| SHA256 | b45f51a3b3e48d39fe617c6d07d5f9774c148a9144e4025ddf7ddaec9d5c719b |
| SHA512 | 0468a2fb938622be62e53ec51dfb345aa1f8dfa7e5f4057eabac02c86f1e4e8eaa0f09558f98997df69c9394707e893514546b97ec27e1abd29f2e87e6d8eb2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 59d668abf3ef0914c8c5bb53d3df8b1d |
| SHA1 | 2fcb84b825365b3b6f73600949b5f744f0851f25 |
| SHA256 | 3c7a52b33ec243caad3726e1c153f0ec708d223b5be0250a89d38425c1085a33 |
| SHA512 | 8aae74fccf72bc4aa3ca41ce08730876891c925e6d40986add87ef8d7c4278207b1ddf095e964339814dd19dae3fd23847ea9f11116076275b7dc388b3bad2ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 504acbbf93d5bf7a1ce07588ef621084 |
| SHA1 | af0dd749e254d7db3f73c9f98dc12fe4ebfa7ef2 |
| SHA256 | e35b818c4d4c7b35198fb5d0481cab32da760e2835570ea7016cf25fb5581edb |
| SHA512 | cf6955dd9250146506e98dea29a6653ba9808acbe75e16f782be64d7b0d31c2a469f4036c2726c041cf55687b7bdf479485421ddeb0f271e9b3dc626ac945150 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a0ca0aefe4e03612dc289eb297997aef |
| SHA1 | f762c849c00737985b2cd42b9f466b8844dff817 |
| SHA256 | 578ee2293fcbf7954c9ec69fa8a19f0d52d80e25087468681cb83e3f7cb62f16 |
| SHA512 | dfaf26e697b5f550667dc1f0d2ba4fb504d89d4fd6c581b9be18c7f898d79bfbcbd3377baf7e8e3d966440cdf93bd327df970765e4e655cf54b3cbae84f8f64a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1d05a9c3bb89772e5d16ff07081eee89 |
| SHA1 | 4af54ffd664b54fef098ced6b04734983e38540d |
| SHA256 | a7b0cd154b4d858bffcce8843aea11b9b090a2d392f12310c139285318d3fabd |
| SHA512 | 18ad14ffc29cb502bc2b1b6a0eb8c9510a904ede1868c4ba397ed2752c302fd280fa5eda24a5daed22cdcc9328a22e929b68b88ade0d66732ac5cda393ba4032 |