Analysis Overview
SHA256
c735814996365d94afdf77e3adb83e0bbf422f2072051f16e45d219216e4ef17
Threat Level: Likely malicious
The file Screenshot 2024-05-20 11.05.08 AM.png was found to be: Likely malicious.
Malicious Activity Summary
Sets file execution options in registry
Downloads MZ/PE file
Modifies Installed Components in the registry
Executes dropped EXE
Checks computer location settings
Registers COM server for autorun
Loads dropped DLL
Installs/modifies Browser Helper Object
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Checks whether UAC is enabled
Drops file in System32 directory
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Drops file in Program Files directory
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Suspicious use of WriteProcessMemory
System policy modification
Uses Task Scheduler COM API
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-24 11:38
Signatures
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-24 11:38
Reported
2024-05-24 12:09
Platform
win11-20240508-en
Max time kernel
1799s
Max time network
1727s
Command Line
Signatures
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610253472192106" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x108,0x10c,0x110,0xe8,0x114,0x7ff91b3eab58,0x7ff91b3eab68,0x7ff91b3eab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff91b3eab58,0x7ff91b3eab68,0x7ff91b3eab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1772,i,5553284659825672090,13560173947681764888,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1772,i,5553284659825672090,13560173947681764888,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3844 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4408 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4560 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4044 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4452 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 52.111.229.48:443 | tcp | |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 54.120.234.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | bbdce7283f8c8e7d66ccf5cba06bcfdd |
| SHA1 | c2e2d0145906f8992455ad7819275db251f1a482 |
| SHA256 | ac592c3e751c5521f73447f2f32b6d4fda91635f349431f89f975c1e3208537e |
| SHA512 | b8fa50f8201bdbf43b9065e9a9f0ce5cc1a182ab5da6ce275afe823b3ea4cca84c7c43e7e09ec47523fda2013c8af5081656378326cc148c89eded6dd62e0a37 |
\??\pipe\crashpad_1104_EMOFNWWEERSIWNVH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1a14896048c0777397f19f49dfdeed63 |
| SHA1 | 3bab260949af64db0b903bfef1f99a25b0dc9443 |
| SHA256 | 528112028431cc75e46a747c395c3e7042bce029cc4913e4f6747a7f3c8f5269 |
| SHA512 | 7d47df62d25a7962340660720f7526d5be16a5f078bbcff09bc8bb152138e764851ad2a0f8a6e38dbd7df8ae86e8a9e287e505856d5712e84f666525c0af4ac9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f0ef100a5253eaebfdd4f4b35f34e7e2 |
| SHA1 | 031f233c7701f326789fd96ddf44e7f986adde76 |
| SHA256 | 3691ad51ed122de11b6e9bf0467254831b0bce2511417fc9c85a2e374b2457e3 |
| SHA512 | 5fac18b36e460a85dc4563365a060699beba03cf48b62d740ba6d89acfbdecab324f168a5adf6542fe1686149cfaf45be40ccf793903ffa23d03338dd088398f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 95db8c3b233c2690e0c03eac73529d84 |
| SHA1 | 5665056e1a70bd50e6ae2f9163a7943fb6497e87 |
| SHA256 | 81e17d3fdeb3b58676cbb59db17f455fe402cbdb3ef898734cec245bc4f717d1 |
| SHA512 | 916734a4cad5484a0f4276c7b1df97fceea4affa4366feb724450ab2952e47997e78aaa5f5238aa07e89ec23209da934715ba64f0450a3bf8e52def94072e10d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 44ad3e31593d451f773460c416cde40d |
| SHA1 | 89e4030e9b5cf8bcffba20a65069de839d549d7a |
| SHA256 | 3a7a76dedb22ab7774e7cb6fe2c6ad27fe5b1f47a9ce27812511e3b2f7d8cd9d |
| SHA512 | b70866c8e4aee3794a4c6ee0b6644d34fe4a56547bce8f97d8b75cba525c1641c51c8bc3eda72fe2e64540c064406ac53ab14b04138e892146653f1db6a9bc33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | fa2cdab9feec32ecff7097b29a7fb84d |
| SHA1 | 5809f570e89d64b5b1f3ee543df35e890a78ba3e |
| SHA256 | 9fb56a9295b694b3fd9c74588a68e20c424c6f3a948068784c14bf00afae78e3 |
| SHA512 | 1f190ccd954b62bee6f3a53ac6ae253c42cd984ced2769aa18b1141e98786b167345e66836a8fd887a6faa385985d732776cca06ebb0176ec3e80a1443ada50b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4eb8cc30cece20f77c775c4ef376152f |
| SHA1 | c60fb9e60a893d46b520965d7a1fa42e8f1489ee |
| SHA256 | f094d61adfcd34e3cde59174899dfebf2592da6dad1d3a08331916335333faf3 |
| SHA512 | 58380ac9d953c50b5ee56b62f764b7fc3ddfc48f55a63463ca3cf035684cef526af94762be8fd398bb83e13d14865f2da06722e607f039079048d2d3a1f8dd39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ffaff37cc28d2a1f955452f4ed2bccec |
| SHA1 | d24f46d72c49d197068fe7dc39c80b9e8188554b |
| SHA256 | 1b7ece5b47340db926602de5e441cb8ada962fa8d091bc352ffb4008536eeea3 |
| SHA512 | 81a62a9add42b95722037e85770d7ce8ddfdf907aab45f10f65ee7ad57e8e1becae422d4295be09d980d1ec15ca9de69130c6cb30fe0351d170b8b77b4adedca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5ba203eb65bcbffd32603a23df574cd5 |
| SHA1 | 6adaafa0afccc8314d98316466797b381da5b1e8 |
| SHA256 | 65e6af10d3c3ac3a5d432a3cba77f36b0e2bf7309635f73ad7607f4653c879a9 |
| SHA512 | e90f0d2e57863c3e2ab465da282545d2e003b7adc3dfc5ac420adb161c6ea743a73cdf0ce3b6bf57b541a9e51db9971e7838d3c69acab93d488dc4617f8cd357 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0f16f84aa0839b51604fb112b108aada |
| SHA1 | 2572a54b5b953af0c36ccf4b9244b22ae22c6a63 |
| SHA256 | c2f9a386cec77ec6f21f85f70b5a84ac83a3d9b0b065a76236cf5e01b2fdc39e |
| SHA512 | 6b3a344e491753fd7f1ec09ab3c908af5ddb0964e22dcf9a09baa2798d0c336875ec6a036838fdb8bbfaa0b08455ea916c5e49290da4f8a8c7a49942b29f7cce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9eeb67848a34847aca88a55e53852649 |
| SHA1 | bf4dddfd012c810b23ca02ccd5f3ba9e3a3ccb3b |
| SHA256 | 30485cf5889f4b4e9cb9468a6582c3bb1d7eac52166022284a850b6596d44d62 |
| SHA512 | 38485b932a64f386f66f7a2cb8db2e4dab56cb878c522f3ca8ccfe8921a1c4db5bd7aeeff5d93c06038aa3d15328de506e778645eb83d42eb2c75f8a18b6a380 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d8c0a5540fd59500e349e1b6930223f4 |
| SHA1 | 1884a3cb563a1490f09d7c787dc178b4264eb7c1 |
| SHA256 | 872372fd39e3edb9ee7e65b300eab9c620f913c41ae435e2ffaacba36c5ae651 |
| SHA512 | 5e92d92685959b9a6d8fb5cecb7ba1300ed1d8dabbee6dbf1116dcc5eb7ce1fc0db429001037e0c52c700c0a760e16a6fe3cd5d766d5c34af346697723c3d384 |
Analysis: behavioral4
Detonation Overview
Submitted
2024-05-24 11:38
Reported
2024-05-24 11:39
Platform
debian12-armhf-20240221-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-05-24 11:38
Reported
2024-05-24 11:39
Platform
debian12-mipsel-20240221-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-05-24 11:38
Reported
2024-05-24 11:39
Platform
ubuntu2404-amd64-20240523-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-24 11:38
Reported
2024-05-24 11:39
Platform
win10-20240404-en
Max time kernel
7s
Command Line
Signatures
Enumerates physical storage devices
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-24 11:38
Reported
2024-05-24 12:09
Platform
win10v2004-20240508-en
Max time kernel
1799s
Max time network
1789s
Command Line
Signatures
Downloads MZ/PE file
Modifies Installed Components in the registry
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO\\ie_to_edge_bho_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=4B0A6CE705604A0EB547C7C707059156" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\image_scrollbar_vertical_bot.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ViewSelector\top_hover_zh_cn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-chat-large.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\pa.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\icons\ic-games.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\MSEDGE.PACKED.7Z | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\configs\DateTimeLocaleConfigs\en-au.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AssetImport\Import.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\R15Migrator\Icon_AnimationConversionTab.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetConfig\sales.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\mtrl_pavement_2022.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\MenuBar\icon_maximize.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\cy.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\uk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\zh-TW.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Settings\MenuBarIcons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VR\Radial\Icons\Backpack.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\msedgeupdateres_it.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\explosion.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Emotes\Editor\Small\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-send.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\avatar\unification\humanoidAnimateR6WithFace.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Sigma\Other | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Locales\hr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\RoactStudioWidgets\button_radiobutton_chosen.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files\MsEdgeCrashpad\metadata | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\Jura-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TextureViewer\select.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\SpeakerLight\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioUIEditor\icon_rotate2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\PlayStationController\PS4\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\PurchasePrompt\RightButtonDown.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\New\Unmuted100.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\families\Merriweather.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\loading\loadingCircle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\9-slice\gr-mask-game-icon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\collapsibleArrowRight.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\PluginManagement\checked_light.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\dpadDown.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\MicDark\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\PlatformContent\pc\textures\water\normal_06.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\img_key_indicator_selected_border.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AvatarEditorImages\circle_blue.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\nb.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\msedgeupdateres_eu.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AvatarEditorImages\Sliders\body-type-slider-background.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\DeveloperFramework\Votes\rating_up_yellow.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\ImageSet\AE\img_set_2x_2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\InGameMenu\game_tiles_background.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\PlayerList\ViewAvatar.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Sigma\Analytics | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\am.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Mu\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\Oswald-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\advClosed-hand-anchored.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\system32\wwahost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\Application\ApplicationIcon = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\TypeLib\ = "{2397ECFE-3237-400F-AE51-62B25B3F15B5}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win64 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgeHTM\Application | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\wwahost.exe | N/A |
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcbed0ab58,0x7ffcbed0ab68,0x7ffcbed0ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffcbed0ab58,0x7ffcbed0ab68,0x7ffcbed0ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1828 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1992,i,5263306913420044107,7228808881950294917,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1992,i,5263306913420044107,7228808881950294917,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3580 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4548 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2428 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4652 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1208 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4764 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5216 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1208 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5500 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4516 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcbed0ab58,0x7ffcbed0ab68,0x7ffcbed0ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3012 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3804 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4364 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4372 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4724 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4376 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5076 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2428 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3260 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3236 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2704 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6104 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5972 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5860 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5904 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5840 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5604 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4940 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4972 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3248 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTkzMjBDMTctOEM1RS00QjgyLUJDRTgtNUZDODA4RjhBOTUxfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3RjU3RUIzNS0zMzU2LTQ4Q0MtODE1NS0wOTVBNkYzOEY0MDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzAxODcxNTk4IiBpbnN0YWxsX3RpbWVfbXM9IjczMyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{E9320C17-8C5E-4B82-BCE8-5FC808F8A951}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTkzMjBDMTctOEM1RS00QjgyLUJDRTgtNUZDODA4RjhBOTUxfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDNEJEODQ0Qy01QzM1LTQ2MjctOUI2NC04NjE1NDZFQjlGOUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzA3MTMxNjA2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x22c,0x230,0x234,0xec,0x238,0x7ff76c9f4b18,0x7ff76c9f4b24,0x7ff76c9f4b30
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTkzMjBDMTctOEM1RS00QjgyLUJDRTgtNUZDODA4RjhBOTUxfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0QUJGMDgxRi1DREU2LTRDRjgtOTlFNC0xRDA5QTRBOTVFQjZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAzMTQ2NDE3ODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDMxNDY4MTc1NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTYwMDkxNjQ3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy80YmUwNTlkNi1hOGFiLTQ1ZDQtYTEwNS01MTE1MDQ1Y2E4ZDA_UDE9MTcxNzE1NjExMyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1mWERBR0Y0d3dOT1pEYUFKcyUyZkM0dkx4WHBzTlByT3ZYcE1BM3RoZlA3NjJReVNFMlNsVVVzZk9mSWdWNHFpTHpxMFdMZWRRNE1ZY24zJTJmWjJQSjhRY0ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM2NDIyODgiIHRvdGFsPSIxNzM2NDIyODgiIGRvd25sb2FkX3RpbWVfbXM9IjE3NTU1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1NjAxODE4NjciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU3NDI1MTY4OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEwMTA2MTE3NDkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzMjQiIGRvd25sb2FkX3RpbWVfbXM9IjI0NTQ0IiBkb3dubG9hZGVkPSIxNzM2NDIyODgiIHRvdGFsPSIxNzM2NDIyODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQzNjM0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=1616 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3120 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:KbRKn5uFp6mLqfk9Vkp83iAZ6xki8SpQgToSm0YK6T-wMc7L9vGeKnPUFYVWqUTln_u02vy-6K-qDpEoQb3WWZts1BNouAoJjTbvhZcA6ciUqJecjrRV7_9PeiL3upIXcvelWQkh6Bsup-LrqmKOLDWYfZ4uSD5isUdogYqO_Fiez8rBmaecRs-d1t-6ZeO_ai6pVcIFwktDzzKlF1H4gfANwIA8BNRaLCUnKKr1pzM+launchtime:1716551251167+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D13775256536%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D409b9b85-92cd-478c-889f-75c1fadc63d7%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3172 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:S92_X6QGVJ-rx5d2f8sZcJ7J-6FLa3caRdf3HxYoKz4V0TdidhG_Uc3-mr-5IQt_reWeI3oYpU-DWuZZp-PiCuQ6U0OIRuEIK4LXHkUWKVB5h91sYMiF2izLYGiHo7HrT_X-Uy1USMUORiWbON9YEFZBihXWaqIUoIo0Ehuqa1ZyK130UF535CxuwLspBR-Sqqy8cuTlqY-_O8dC9Reh6tkUKfkXgYPdKoWq7pHTszU+launchtime:1716551251167+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D13775256536%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D409b9b85-92cd-478c-889f-75c1fadc63d7%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4284 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4068 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5960 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3528 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=3872 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5516 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:c7KFim1jKQ4qcpbmZP6RfHVvUGCPY60GJ-y1ame9HCGmkvRLq2rk5Z2bIapVhTvq54EfjoVj_HajqC3DqCjoCt6XzHME7i5wv-oHCsTpekkEOzjK893XusM5eW3Z2c2JN8w6GQZQLberJZiHFOca0BXvoH_0XgBoGn55nbH8l8mzqFwnunAmizz66PagYH857AIGepwuyWiijBVMzIomPt03GCI61WVVcebGeZ_gD0c+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x410 0x454
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1092 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2704 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=1892 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=4492 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:ih7dd5juntHdHO8MpvUgX_PyQaUNjEv2Mx9_2-SH4v6xpkXqTFHX3qUmDNrPUVwOd6IYt86WgUNp4ojjRarPH7CmQOHzf2bbl6veB-EW0m9cYhwuAnDLDuXhdbay8GOTwAqcUOTL4DnrGQAfPLMiBl9qDBLBR30C4u0Wc9mE15Fpst-JqtgybdgAQDUB4I4kDyFSK6W0ehFqQ3VLsm0ehCdRDS3j9HeyOWKOzznnzk0+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=1640 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:gYJZPjYFB1e1HumYIbPgGOQS5cT1cxvpKQ1Wx0sx6Al4Me5QLlBg-Y9cy9XE5aXbbCKv8LbinTmyRFlgklDgYwD-YVGMk2mTSPuYKTG3MOvRUxKlPWfJAP8z9CZPTRq-zhNFH4p2Sx7bR7qot_7HYPZe8o_KBoYyeKcnDal6MQ1Cai9JvxQUHMqxMqrmSD7XYkEH6JxLnE2Z5e28AHXiuT1-Q4IxL9n6Fs4FTtNgXMA+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=5148 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:9BlQCcFNCIOvBOmEYVRHNdd4cPwHG7t8ZC-1L0CXhRxttA5nYHAJNva3Hkn1w4mFwVCEBNE9fE2XzX3XIa1xYIeftrfS5P-dFS8veP7dP-T-HMbPs3uF0LeDVWRolGAGVu4VM7EeR8spCe7Le9CFiNQi6QFkE6Dcb1MxHrv_vysJWKUCMTEnJDWpVaIiAtXfcKPFDnXoC23XQCjEpch64IAvA91aUDAbMmwvM3iSBwg+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=3180 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Qgz9OXxWWtvJRiIFzo1li5NXY4v8Svgl9dzKdzD7wYR4Ywwib8L0oZGZXVKk3DPP3dyiTIy-fqEugYQgUwh_goBCW2C75s6S5TYHzBHcTay2ial8ZAGj3nbP7kqRsU6Idmp4p05KwFz9J8Zr6LRCb5nQIAo9zal_nsi1p7YSwlq1TXB8T6kl1j6wyrnYAZN8Y6hRKjeCQbIrf7HAw1fLhry_tDfUMoYmv9lzLJgqlbA+launchtime:1716551546368+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D54b3a6d9-bdeb-4ca8-b8fe-774ddf50c04f%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=4148 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=3872 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=3248 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6432 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6424 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=5304 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=3172 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=3904 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6672 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjI5RDlBRDktQjlFRi00NkRBLTlEMjAtRDY2QTk0QzY3ODlGfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDNjlCNjlBMS1CRTVBLTRGNjUtQUZFMy0xMkUzMDMxNzMxOTB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzMyNTM3MjY0NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMzI1NTI4ODA0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNzQxNDYyMDU4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTcxNTY0MTImYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9RzJHJTJmTiUyYkolMmZLUU5UNEZMeTZxJTJmUW9xZHpKNGVPJTJmb2tLejdRZ3NLNXYwWU0wUiUyZnJsUVA4TENqOWpEYzBTa2QlMmZDbnRtSGlGZGFGQ0JlVjd0a2pWUGcwUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM3NDE0ODIxNjkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE3MTU2NDEyJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUcyRyUyZk4lMmJKJTJmS1FOVDRGTHk2cSUyZlFvcWR6SjRlTyUyZm9rS3o3UWdzSzV2MFlNMFIlMmZybFFQOExDajlqRGMwU2tkJTJmQ250bUhpRmRhRkNCZVY3dGtqVlBnMFElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSIzNTI0MiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNzQxNTMyMTI5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM3NDc3MTIxNTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzc1MDE3MjYzNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjI0ODUiIGRvd25sb2FkX3RpbWVfbXM9IjQxNTk3IiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSIyNDQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=4800 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe" /update /sessionid "{5F1CC43E-D868-4D7B-8B96-F0811E47323B}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUYxQ0M0M0UtRDg2OC00RDdCLThCOTYtRjA4MTFFNDczMjNCfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDNkYyNDg3Qy1CMDU4LTQ5MzAtOTUwOS1DQzkzOTI3Q0JGNER9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzciIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjE1Ij48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk4ODI5MjE5MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk4ODM4MjE5OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM5OTQxNjIyMjIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xZGY0MjA4My0xN2ExLTQ0YjktOTQ1YS00MTY4NzExNDY4YzI_UDE9MTcxNzE1NjQ4MCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1oazBiQmVJWGhYYUE2cGljJTJiUGhmTUhkc0JkWGh2YlEzOFEzZnBVTiUyYiUyYjlIJTJmMXhlME5PaUJ1VEw5cjhROGUlMmJkUVRsVUpqMWtCQ3dUNmpTemFkdVk2SkElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk5NDIwMjI3OSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMWRmNDIwODMtMTdhMS00NGI5LTk0NWEtNDE2ODcxMTQ2OGMyP1AxPTE3MTcxNTY0ODAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9aGswYkJlSVhoWGFBNnBpYyUyYlBoZk1IZHNCZFhodmJRMzhRM2ZwVU4lMmIlMmI5SCUyZjF4ZTBOT2lCdVRMOXI4UThlJTJiZFFUbFVKajFrQkN3VDZqU3phZHVZNkpBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYyMjA3MiIgdG90YWw9IjE2MjIwNzIiIGRvd25sb2FkX3RpbWVfbXM9IjQ1NyIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk5NDIzMjA1MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk5OTM3MjA2MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9IjE2IiByZD0iNjMzNyIgcGluZ19mcmVzaG5lc3M9InszQTM2QzQ4RS00QzY3LTQwQ0MtOTgzNi02RjEzQjkwNTUxRjJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjE1IiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTY0MDM0Mzk0MTE1MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iMTYiIGFkPSItMSIgcmQ9IjYzMzciIHBpbmdfZnJlc2huZXNzPSJ7OUREMDFEQzgtODcyRi00NjRFLTgzNTYtQjQ3Q0JBRjRCQTI4fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNDkiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9IntDQkQwQzM0NS1DNEU5LTQ2RkYtQjAzNC1BNzZGMjVBNERGQjJ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{5F1CC43E-D868-4D7B-8B96-F0811E47323B}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUYxQ0M0M0UtRDg2OC00RDdCLThCOTYtRjA4MTFFNDczMjNCfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7OEI5ODA3RkYtODdFOC00MkJDLUFCNjAtQzNDNEJDQkEzMkQxfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjM3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTUiIGluc3RhbGxkYXRldGltZT0iMTcxNTE4OTMzOCI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQwMjU2OTIwODUiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkRFOUYxMjgtREI0Ny00REEzLUIwMUItQTJDNzQ2RDg0NzZFfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7ODhBQzEzNDQtOEUwNS00RURDLUFCQTEtNjc1RjUyODEyM0U3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0Q2anhQZVVtS2ZoOHl0eTZGMDdZeE0xZVpESC9UVjZGUVQyZmZEaVp5d3c9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxNiIgaW5zdGFsbGRhdGV0aW1lPSIxNzE1MTY1MjU3IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTk2NjI5MzgwMDAwMDAwIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjExNDA2OCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc0MjE5MDIyMTMiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7e4014b18,0x7ff7e4014b24,0x7ff7e4014b30
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7e4014b18,0x7ff7e4014b24,0x7ff7e4014b30
C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff718274b18,0x7ff718274b24,0x7ff718274b30
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe" /InvokerPRAID: Microsoft.MicrosoftOfficeHub prelaunch
C:\Windows\system32\wwahost.exe
"C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.wwa
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkRFOUYxMjgtREI0Ny00REEzLUIwMUItQTJDNzQ2RDg0NzZFfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins3NzUxREM1Qy00MDY1LTRBNjYtQUI1RS0xQTY1MjM4MTFCNTF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMTUiIGNvaG9ydD0icnJmQDAuNTciPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7OUQ4RUQ3NDQtMTg1Ri00OUZELTg1RjQtQTUzMjYzOThFMjkyfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEyNS4wLjI1MzUuNTEiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMTUiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTY0MDM0Mzk0MTE1MDAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDMzODIyMjAzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDMzOTQyMzIxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDYyMDgyMzkwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDc2MjUyMzE2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzg0ODkzMjEzMyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijc5MSIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzNzI1OCIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7REY4MEVFMjQtNDIxNi00NUVELTk5ODQtN0Y2NTJGOUMxNzc1fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNDkiIGNvaG9ydD0icnJmQDAuMTUiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7MTdDRjk2NEQtOEY0RS00NThDLUE2MTctNkJCQkY3OTgzRUZCfSIvPjwvYXBwPjwvcmVxdWVzdD4
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.160:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| NL | 23.62.61.160:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 160.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 52.111.229.43:443 | tcp | |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.snapchat.com | udp |
| US | 34.149.46.130:443 | www.snapchat.com | tcp |
| US | 34.149.46.130:443 | www.snapchat.com | tcp |
| US | 8.8.8.8:53 | static.snapchat.com | udp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| GB | 18.172.153.41:443 | static.snapchat.com | tcp |
| US | 8.8.8.8:53 | 130.46.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.153.172.18.in-addr.arpa | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | aws.api.snapchat.com | udp |
| US | 8.8.8.8:53 | us-central1-gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | gcp.api.snapchat.com | udp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | tcp |
| IE | 3.251.220.162:443 | aws.api.snapchat.com | tcp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | tcp |
| US | 8.8.8.8:53 | iframe.arkoselabs.com | udp |
| US | 104.18.33.170:443 | iframe.arkoselabs.com | tcp |
| US | 35.190.43.134:443 | gcp.api.snapchat.com | udp |
| US | 8.8.8.8:53 | story.snapchat.com | udp |
| GB | 108.138.227.241:443 | story.snapchat.com | tcp |
| US | 8.8.8.8:53 | client-api.arkoselabs.com | udp |
| US | 172.64.154.86:443 | client-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | 134.43.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.220.251.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.227.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.snapchat.com | udp |
| US | 34.149.46.130:443 | accounts.snapchat.com | tcp |
| US | 34.149.46.130:443 | accounts.snapchat.com | udp |
| US | 8.8.8.8:53 | snapnet-cdn.storage.googleapis.com | udp |
| GB | 172.217.169.27:443 | snapnet-cdn.storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 27.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | graphql.contentful.com | udp |
| GB | 172.217.169.27:443 | snapnet-cdn.storage.googleapis.com | udp |
| US | 34.149.46.130:443 | accounts.snapchat.com | udp |
| FR | 199.232.170.49:443 | graphql.contentful.com | tcp |
| US | 8.8.8.8:53 | 49.170.232.199.in-addr.arpa | udp |
| GB | 172.217.169.27:443 | snapnet-cdn.storage.googleapis.com | udp |
| US | 8.8.8.8:53 | 211.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 216.58.213.14:443 | www.youtube.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 246.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| SE | 2.21.97.42:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.42:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.42:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.42:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.42:443 | js.rbxcdn.com | tcp |
| SE | 2.21.97.42:443 | js.rbxcdn.com | tcp |
| GB | 108.138.217.65:443 | static.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.97.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 128.116.119.4:443 | roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | udp |
| BE | 104.117.77.80:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | 80.77.117.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.44.137.216.in-addr.arpa | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 18.245.162.104:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 104.162.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| US | 8.8.8.8:53 | lax4-128-116-63-3.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | lax2-128-116-116-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| JP | 13.112.157.70:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| PL | 128.116.124.3:443 | pulsar.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| US | 44.241.108.74:443 | aws-us-west-2b-lms.rbx.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| GB | 3.9.141.55:443 | aws-eu-west-2a-lms.rbx.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| GB | 108.156.46.116:443 | c0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| JP | 13.112.157.70:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 2.17.251.40:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 55.141.9.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.46.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.95.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.63.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.116.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.108.241.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.157.112.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.51.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.0.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | followings.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-ap-east-1c-lms.rbx.com | udp |
| BE | 2.17.198.147:443 | c0ak.rbxcdn.com | tcp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 18.221.184.189:443 | aws-us-east-2c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| HK | 18.163.43.106:443 | aws-ap-east-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| GB | 128.116.119.3:443 | gold.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| HK | 18.163.43.106:443 | aws-ap-east-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | 176.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.198.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.184.221.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.127.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.45.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | 106.43.163.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 54.213.45.60:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 60.45.213.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 13.224.245.62:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 62.245.224.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:60664 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:60697 | tcp | |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 2.17.251.100:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 2.17.251.100:443 | setup.rbxcdn.com | tcp |
| US | 2.17.251.100:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:60700 | tcp | |
| N/A | 127.0.0.1:60703 | tcp | |
| US | 8.8.8.8:53 | 100.251.17.2.in-addr.arpa | udp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 191.2.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 2.17.251.17:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 17.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 8.8.8.8:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | cdg1-128-116-122-3.roblox.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | c0aws.rbxcdn.com | udp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| US | 54.215.208.48:443 | aws-us-west-1c-lms.rbx.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| FR | 128.116.122.3:443 | cdg1-128-116-122-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 48.208.215.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.99.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.122.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 2.17.251.15:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.15:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.15:443 | tr.rbxcdn.com | tcp |
| US | 2.17.251.15:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 15.251.17.2.in-addr.arpa | udp |
| GB | 108.138.217.65:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2c-lms.rbx.com | udp |
| JP | 13.230.22.71:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| GB | 18.171.14.69:443 | aws-eu-west-2c-lms.rbx.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| JP | 13.230.22.71:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| BE | 2.17.198.122:443 | c0ak.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 69.14.171.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.102.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.22.230.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.50.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| US | 8.8.8.8:53 | bom1-128-116-104-4.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-east-1b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| IN | 128.116.104.4:443 | bom1-128-116-104-4.roblox.com | tcp |
| HK | 16.162.14.221:443 | aws-ap-east-1b-lms.rbx.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 122.198.17.2.in-addr.arpa | udp |
| HK | 16.162.14.221:443 | aws-ap-east-1b-lms.rbx.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.104.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.14.162.16.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-ap-east-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2b-lms.rbx.com | udp |
| HK | 18.163.43.106:443 | aws-ap-east-1c-lms.rbx.com | tcp |
| BE | 2.17.198.130:443 | images.rbxcdn.com | tcp |
| US | 3.132.125.217:443 | aws-us-east-2b-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.213.14:443 | www.youtube.com | udp |
| GB | 216.58.213.14:443 | www.youtube.com | tcp |
| HK | 18.163.43.106:443 | aws-ap-east-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | 130.198.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.125.132.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube-nocookie.com | udp |
| GB | 216.58.213.14:443 | www.youtube-nocookie.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | rr2---sn-5hnednsz.googlevideo.com | udp |
| NL | 74.125.8.231:443 | rr2---sn-5hnednsz.googlevideo.com | tcp |
| NL | 74.125.8.231:443 | rr2---sn-5hnednsz.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| NL | 74.125.8.231:443 | rr2---sn-5hnednsz.googlevideo.com | tcp |
| NL | 74.125.8.231:443 | rr2---sn-5hnednsz.googlevideo.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | 231.8.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.238.224.194:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 194.224.238.44.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | now.gg | udp |
| GB | 18.244.114.85:443 | now.gg | tcp |
| GB | 18.244.114.85:443 | now.gg | tcp |
| US | 8.8.8.8:53 | cdn.now.gg | udp |
| GB | 18.244.114.85:443 | now.gg | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 2.17.251.40:443 | cdn.now.gg | tcp |
| US | 2.17.251.40:443 | cdn.now.gg | tcp |
| US | 2.17.251.40:443 | cdn.now.gg | tcp |
| GB | 18.244.114.32:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | now.us | udp |
| US | 8.8.8.8:53 | www.tiktok.com | udp |
| US | 8.8.8.8:53 | nowgg.zendesk.com | udp |
| US | 2.17.251.40:443 | cdn.now.gg | tcp |
| GB | 18.244.114.32:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | sessions.bugsnag.com | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 2.17.251.40:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 85.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 2.17.251.40:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.88.190.35.in-addr.arpa | udp |
| GB | 18.244.114.85:443 | now.gg | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | udp |
| US | 2.17.251.40:443 | cdn.now.gg | udp |
| US | 2.17.251.40:443 | cdn.now.gg | udp |
| GB | 18.244.114.32:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.120.230.251:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 251.230.120.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c38.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| AU | 35.213.232.93:443 | e2c38.gcp.gvt2.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.166.154:443 | stats.g.doubleclick.net | tcp |
| AU | 35.213.232.93:443 | e2c38.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 142.250.200.2:443 | www.googletagservices.com | tcp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 154.166.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.232.213.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | notify.bugsnag.com | udp |
| US | 35.186.205.6:443 | notify.bugsnag.com | tcp |
| US | 8.8.8.8:53 | 6.205.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| GB | 128.116.119.4:443 | voice.roblox.com | udp |
| GB | 128.116.119.4:443 | voice.roblox.com | tcp |
| GB | 128.116.119.4:443 | voice.roblox.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| GB | 128.116.119.4:443 | voice.roblox.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.spatial.io | udp |
| US | 76.76.21.93:443 | www.spatial.io | tcp |
| US | 8.8.8.8:53 | api.spatial.io | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 34.199.21.143:443 | api.spatial.io | tcp |
| SE | 184.31.15.74:443 | use.typekit.net | tcp |
| GB | 108.156.50.97:443 | dd2cgqlmnwvp5.cloudfront.net | tcp |
| GB | 108.156.50.97:443 | dd2cgqlmnwvp5.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 93.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| SE | 184.31.15.57:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | o1083485.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o1083485.ingest.sentry.io | tcp |
| SE | 184.31.15.74:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| US | 34.199.21.143:443 | api.spatial.io | tcp |
| BE | 2.17.107.121:443 | analytics.tiktok.com | tcp |
| US | 8.8.8.8:53 | spatiallogger.spatial.io | udp |
| GB | 108.138.217.111:443 | spatiallogger.spatial.io | tcp |
| US | 8.8.8.8:53 | 97.50.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.21.199.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fan.spatial.io | udp |
| US | 8.8.8.8:53 | 111.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 104.21.21.87:443 | fan.spatial.io | tcp |
| US | 104.21.21.87:443 | fan.spatial.io | tcp |
| US | 8.8.8.8:53 | 87.21.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 60.129.102.23.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | www.googletagservices.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | udp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| GB | 18.244.140.95:443 | dn0qt3r0xannq.cloudfront.net | tcp |
| GB | 18.244.114.85:443 | now.gg | udp |
| US | 8.8.8.8:53 | 95.140.244.18.in-addr.arpa | udp |
| GB | 18.244.140.95:443 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | static.kueezrtb.com | udp |
| US | 8.8.8.8:53 | pub.doubleverify.com | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 104.22.61.119:443 | edge.aditude.io | tcp |
| US | 104.22.61.119:443 | edge.aditude.io | tcp |
| US | 8.8.8.8:53 | static.vidazoo.com | udp |
| US | 8.8.8.8:53 | polyfill.io | udp |
| US | 172.67.21.232:443 | static.kueezrtb.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| US | 104.22.61.119:443 | edge.aditude.io | tcp |
| US | 172.67.21.232:443 | static.kueezrtb.com | tcp |
| US | 104.18.166.224:443 | pub.doubleverify.com | tcp |
| US | 104.22.61.119:443 | edge.aditude.io | tcp |
| US | 172.64.154.78:443 | static.vidazoo.com | tcp |
| US | 104.18.51.3:443 | polyfill.io | tcp |
| US | 172.64.154.78:443 | static.vidazoo.com | tcp |
| US | 104.18.51.3:443 | polyfill.io | tcp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.51.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.21.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.61.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | track.kueezrtb.com | udp |
| US | 8.8.8.8:53 | gtrack.kueezrtb.com | udp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | geo-location.prebid.cloud | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 18.172.153.113:443 | geo-location.prebid.cloud | tcp |
| US | 2.17.251.17:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 172.64.154.78:443 | static.vidazoo.com | tcp |
| US | 8.8.8.8:53 | production-cloudcontrol-cache-cdn.infra.aditude.cloud | udp |
| US | 8.8.8.8:53 | production-raven.infra.aditude.cloud | udp |
| US | 8.8.8.8:53 | wserver.vidazoo.com | udp |
| US | 68.183.31.191:443 | wserver.vidazoo.com | tcp |
| GB | 18.165.201.18:443 | production-raven.infra.aditude.cloud | tcp |
| GB | 18.154.84.128:443 | production-cloudcontrol-cache-cdn.infra.aditude.cloud | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | bis4.vidazoo.com | udp |
| US | 165.227.202.190:443 | bis4.vidazoo.com | tcp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.201.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.166.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.31.183.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fixnlntptgvuwqeaqv7ij3bgoy0fyiho.lambda-url.us-east-1.on.aws | udp |
| US | 18.211.248.91:443 | fixnlntptgvuwqeaqv7ij3bgoy0fyiho.lambda-url.us-east-1.on.aws | tcp |
| US | 8.8.8.8:53 | 190.202.227.165.in-addr.arpa | udp |
| US | 104.22.61.119:443 | edge.aditude.io | tcp |
| US | 8.8.8.8:53 | 91.248.211.18.in-addr.arpa | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 108.156.39.15:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 23.49.161.153:443 | secure.cdn.fastclick.net | tcp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 108.156.39.15:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.161.49.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.156.108.in-addr.arpa | udp |
| IE | 52.17.55.191:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 191.55.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 54.217.112.90:443 | rtb.gumgum.com | tcp |
| IE | 54.217.112.90:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| GB | 142.250.178.14:443 | google.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | u.kueezrtb.com | udp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | 90.112.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 34.255.242.185:443 | ice.360yield.com | tcp |
| IE | 34.255.242.185:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | 185.242.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 34.242.54.113:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newalgebra.com | udp |
| GB | 108.156.39.32:443 | newalgebra.com | tcp |
| GB | 108.156.39.32:443 | newalgebra.com | tcp |
| US | 8.8.8.8:53 | cdn.now.gg | udp |
| US | 8.8.8.8:53 | 32.39.156.108.in-addr.arpa | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 2.17.251.48:443 | cdn.now.gg | udp |
| US | 8.8.8.8:53 | 48.251.17.2.in-addr.arpa | udp |
| US | 104.18.166.224:443 | pub.doubleverify.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | udp |
| GB | 128.116.119.4:443 | voice.roblox.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.75.28.93:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 93.28.75.3.in-addr.arpa | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 128.116.119.4:443 | voice.roblox.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 56.94.73.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.office.com | udp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 8.8.8.8:53 | 156.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | res.cdn.office.net | udp |
| SE | 184.31.15.194:443 | res.cdn.office.net | tcp |
| SE | 184.31.15.194:443 | res.cdn.office.net | tcp |
| SE | 184.31.15.194:443 | res.cdn.office.net | tcp |
| SE | 184.31.15.194:443 | res.cdn.office.net | tcp |
| SE | 184.31.15.194:443 | res.cdn.office.net | tcp |
| SE | 184.31.15.194:443 | res.cdn.office.net | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 194.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| GB | 51.104.15.252:443 | browser.events.data.microsoft.com | tcp |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 2cd879c3b1b25f881f4b7ab71b67a095 |
| SHA1 | e8c477526bb5bdddd659fdd44606060d83e703ad |
| SHA256 | d15ec0b42a1305238584533da0ddd5ec2959a76896cabc74599185af8af9e92a |
| SHA512 | 95c25065ecb23b375e233d554beb9c5fb61d877f6b5586155d5b5931d270cedfd4508a8fde3dfee5073af2215b256d7cffde9f77923d41909d4168d9bc61123a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | f732dbed9289177d15e236d0f8f2ddd3 |
| SHA1 | 53f822af51b014bc3d4b575865d9c3ef0e4debde |
| SHA256 | 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93 |
| SHA512 | b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4 |
\??\pipe\crashpad_4884_RSFUXBNWWAPTZYMV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 231d2c070f3e39b0225394a7842e29e9 |
| SHA1 | f7aa7da2b2a78d1504c65e3cf82db5622a0583e8 |
| SHA256 | 3d287c0209139fca91950c6ea983e7a80338ac4fbc8d5869a8e5082fdfb12d2d |
| SHA512 | e3099b8871d8ab8586b3788690d4c3f60c978085b5d5e19df40b38006bebc940c6d21d12097b2e7baf277c6fd5a0b0a70e6b0489f4f206676bda7543e26de353 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 984f6fdf8d96481e972b4fa85c8f0f39 |
| SHA1 | 5d4bb175ac66ea50f549ad5a2b67ecf3a9bd467a |
| SHA256 | 0e48e948035f0330b52ca36ef54a7d73cc74d2a091bf4314ab545895b5b7df34 |
| SHA512 | be5e675191af37f3ffdeac063ca40e11ff482b8f06dceec5bbb2ea6af7e95886b2cc667271df5d1b81899b30073f09d435e34aec9fe60b1cb5ede617239c728a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0cfd5d68bce5b30600527c4469369fd0 |
| SHA1 | 8c1477bb0d3f06aa55adaff038e1c5541da2f2e3 |
| SHA256 | 59ef78b73691a865e5147aa7039fa1b566f341e46b27c4a0828bd95943234c6a |
| SHA512 | 6cd8f61325a41aedaf30fe3f2ecd7316df9c23799a6ff37be690f9874c823e4705090f8d50fee144f7f7aa11b81075876229f49e8d2dd9fa76dcb2ad84b8dc2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 269d6e84288c9d78d753fb4b7e2a40c5 |
| SHA1 | 103cd296a8cbfc30e9adbf502630e547a4065bad |
| SHA256 | 02a585a700b6aec251f4491d752aef46c03d5103cce6cc9e09debbca1b375ff0 |
| SHA512 | 3e0493c54252d7f815c0090e777f0f1e225407f54996f55440a12db9287a0968efd6adef3be0faeda227fa8a3bdec71d3ad2575b82195ad4d9122f3e85fad0d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 665d0f1c5830c33e433181d7f9afb8ff |
| SHA1 | 898ab6e5f7d974385ff05c440bd21d8dfa05b40c |
| SHA256 | fe0dc5f037ae755350d58c4262ed5f7dad3b9f9f7fc6f43255fcc6a0ae54755b |
| SHA512 | bc4b4dd4245cd9e7d924a87c8309a3f7b9696828b66cabcc4bd7897637db563a55e38a321daaf8c1ef1cab710a522f0a8e15671451c0d6ef2964ab623c22429b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9e7bf51341c23dbae8872e3484d7b7af |
| SHA1 | 8c9d8bd3d2fbc80e83d77b4d209c1cbd8c894eef |
| SHA256 | 7510673ac6cc5081af42f4b547984d0c6bc4eab7f1a656a6d7e3fa7a1ca92eba |
| SHA512 | 92e228c7c725fe915593b3775a51a472fc70094764c844ecd4e3bfe46f81b3423a66f1bb8559ea357ee8572b6e88f6b989670f0e160abd94f5114f15cbb95f70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e10183887822715df55928fcadd794cf |
| SHA1 | 85b7ce53468ad7eb381804533bc3392236c4f4d2 |
| SHA256 | 79536a7e2d88ebec4bca202ee049d7285f97c778d4bc6aed4cc5deb8745758c2 |
| SHA512 | cacc3d5e6e85322d37c1a8016916762bb1a5ee360f46365b265dd60e3873d17f5110638227701f994b10d38d4f53363cc719287443d0a18d7f34547b4ccc0dd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31f39212181c691f0ccfc33a51477b35 |
| SHA1 | f83a8adb0969452f7ba4fc0f47062c1f1276ab0b |
| SHA256 | 4db4f0414e51f85b7f2ee875dc519efeb3906ac2f6d0e27dbeeea86b5b39b02d |
| SHA512 | 1b7203a216bc6468412c3e4669bcce42761ca2d7dc6d1ed954e37185f0062788fcffa6711f9be656ec47e4b511be0168f454a401f47874a875e38541bb500ba0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0861940e8757754c08f3a411bb509794 |
| SHA1 | 3cad40f59d9f7791caaf494127c19dffbee24eae |
| SHA256 | a63418c2e172338c47ccc8af3def11bac065523ac7a458da0133bdbfb0bccce5 |
| SHA512 | f402885ab0e1979bd72d01f42b33cd70239bf844a3a22b5fe81ab65266f39425e1c4620595b7aacccb71240bcd8e30b43c501d87820e7062c5928ea034b0a4ac |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b2b8d6e13b99ee220e3ca1e3c00a3df4 |
| SHA1 | ad9951c672234b9f5d43374213b717412c0a75cb |
| SHA256 | 1f079616e4a267fd979ff56473eee0c16b8510362f31d71cb5428653c6803d50 |
| SHA512 | 24e3c29443b36b19d5bf45d5478ecbe2952192c6d663c1c4e6d9473c6fccd98edcc99ef6d407df3f1aa8b6a19544708d640e9f1d189061d62fa1ff91caa69ab5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c18a53b99823d7a715fe839570d87d9 |
| SHA1 | 1d7ccfb62ff03adbbe7c12923ef40097db91d096 |
| SHA256 | 2858ac8ed108e2ff89fc02b4e2eb32adf01b3a90892177b6739d7e8a797fafc8 |
| SHA512 | 12943274892bf59b9a44d88712cb6158f530b776ad1d732143ca4fe4661554392954f1654ecf07775f9c0f591fe7cd39c44669a45e243717ea6d8303afe3ac89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe595e62.TMP
| MD5 | bf222e27bc3e027785793d9928caa86e |
| SHA1 | 7585e4940581fe6749a2db591b450d802a82fc06 |
| SHA256 | f8e7bc5d63a2fc7f59852920cded0b7dc4d4bbd4e3444ec54e8235694745831d |
| SHA512 | bf1416a22dbfdb707a482e8d19b83f69f3f516d8e68232b2ce0bbcca695aac9452a2b9f2b80273ac44bc3a85a8c5874d9288023b2a6615344555a82592641a7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3745cd30f1cfd122eedc1493934d8dae |
| SHA1 | 571f7a02bb6e172668a99d036cebd5a2b27f5b15 |
| SHA256 | 6843f97521612f2314abdb0430a8b6299b8541faa28fe635c8a691560156a2bf |
| SHA512 | af9a9e228bd3e5b60f047cd9fbe87135bc4c2f7999a7ddf2e8e67a33e3701426a9a9cc22f396258cd8ac35118c83d116000916c504bd1ee920b50118e298cfa4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9b342c089bd586546b1044c527469a3c |
| SHA1 | 35e0a5b969ab62e1e5a0240cbcd0ae455983b32f |
| SHA256 | 32210436a345b4bf3b7fb3596c845aaf69d672ea1c5518803ec97b9dd134d88e |
| SHA512 | dc61f350fc94799879167a505a582878cb4098d70a3923478034d753cc4deac075f6bd24f90b438b10214907c78268409cfec697efcea0e8c867760330d98b75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4c2cda5ef96567b4b021d36f23b42a9f |
| SHA1 | 5b58850a99b30420179e2b0c0cc17df4864b0d2c |
| SHA256 | f98cde187f01c715cadcde85e2768a9403d59d1096e720c2f5c84caa52dab696 |
| SHA512 | bf7d2488e355aa3b8345c3b0c6431b684a4a4b9678b17d09cb690fc775152462689096fce78d83b67fa024273459327852f4f47ae8ab4386244312daa1fce56f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d506aebf230c6c605aa441d8f89360e7 |
| SHA1 | 412a07e39ea1d505e3a3c49ea702ede018096a7c |
| SHA256 | 4a4957f6ec013cfa16751ad740f6cbb28a5e915c17b9b239850a17c531df2c87 |
| SHA512 | 0f20e49f44d1d3af906100f99b9a9afd85113c59da77fbe504032e07f31303ab67c5c045ef95abaa048449baca654fe1e680b5ae6b99712d44d65a22a948edb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 42402652929caccf6989dcf8501cfcb1 |
| SHA1 | 42b9d0a988f9ad2f89091f1221c2b36ef49b2cc7 |
| SHA256 | 8adf3395dfe19ca94f9185e766b9bf2fe3cf8f023465a3959fffc94bf1826a28 |
| SHA512 | 3f3300691c4f3f579eaab58e75ed7d9532c99b5a0e60bbbc77e99d3d712808ad7f3b081f7d47d2fd72c681d43abbab29c4941a48558cc6ef93121adf8afe06fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6d7b5b779a3ef92aa806f532933f7c6f |
| SHA1 | 7dc14fc747464e29752ce8debbab2dffa2a11d2e |
| SHA256 | 8deb2162177c591e0eabf94eb24540aaf5d137fa13b233846485ad7557ba5652 |
| SHA512 | 976043f705ef9d72d139deb19c0487902428c0178004fcb35f4518dae8f85567253e8b79da536ffd92626ae8eede33e28c353b3e660ba713de8bb274e9bd8e6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 37caff48f91e085034b270e2dd9eeb85 |
| SHA1 | 34fbc262cbc0a4bd12537b4fceb585f9602d6017 |
| SHA256 | 759c680b03785aad01a6b4048065d135eb9c476756ffd5b67ebc7e0184560cac |
| SHA512 | b844b9e89a03558307c6aecf6c8d1d095d29dd61cc50e9c3a85dd7db541fac0e278a7d747028e0c60716fad2ffa8fdd8289e1f817963dff8fd5dccb8eb465498 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9e8bdb736817891ae53240eac3b0346c |
| SHA1 | 2dbfe0e8e28a4d9e21fe24505b29c8e856c841a0 |
| SHA256 | 64c920d60f7e585efd1133b06c848a61716b11c7ee569b3c71359ba5d61a35eb |
| SHA512 | f4a6df370d6ebaa6acaa88e9f2ab0350ddb9b20498ac380436229e65f4d0fc99554b7d8f464bb9027833fb248aa0698f0dfdcdc4962f3fc1f50a68fef717b733 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8c82a575cc152e988840c5534498a0aa |
| SHA1 | ccb4669828985646f9d0534b2fa1499420412de9 |
| SHA256 | 08138011ac3617599c1a2070d47253b63ca1831a8a5ed8c717020c5acb92e2fa |
| SHA512 | 518e9c7f1734c2a0a9498b1d517d33fcd1bde79e4489a4ba366d8c37032034525a0755fc377f61804599ed842573696688e04b05d7def7421ba2f11b3f3e14f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5a733d.TMP
| MD5 | fc84fcbf3ae6effb44981010e31a331e |
| SHA1 | 2ba415cddd4d73a0022e1f1a18bd48744928e0ef |
| SHA256 | cb12983a6e71fc1465915b1e541cb12bc9ee7bb82fa94cf0333b8be9a4787cce |
| SHA512 | ef2032cccb2d35970c453dbd72a8b7845a5c5a0d11650664fbf1f40c6148d18887ec391b745d660b088bd6e9e6b9723017061b90c187b4e5a74f251427f0f6e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d726c2511e4a2077f571a9d3ec152e24 |
| SHA1 | 7cdc7811361b28c45075094fe22144fac3fd361a |
| SHA256 | b0931af1f90c682224a0ed73dfe80fc0ea583d17f5bf5bafe30f2f4dcb83200a |
| SHA512 | 7f536b4b55f1890225c6a45c0ffb95e0ba00992c6218ac4c52e414afdde540c3fde8440ab765a67faf8c6ef5f1f72c3cac9d487e5f81218e4a7473428cb9f4d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 784b3786187dd09aff629cd704093f72 |
| SHA1 | e4015dd99435d64d9e915d83704b113862bb568e |
| SHA256 | 74825919899af009a989fc14d18020027750a52d8c640d94746e6506d9602a45 |
| SHA512 | 01f7a3cfefe4f850e598c31aef834e258fdf002fc1eca1a1fdb5edcae771cacc0eb5bb6631ef486248ae5edce4bc0db9bf36ee8dc09b8cd65cf8024d14ad4113 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f179381ab5a44dc64bc33ea8fae3134e |
| SHA1 | 6d6c79cc4f6e2e258a35ec007451ff12e05e04fe |
| SHA256 | c4f9df2cb2d4c610762f9c1a194d6597b1a3fce756955a7b02e74ae87b6f4563 |
| SHA512 | 5ed9ce90ce31360c22545afbae0df2352d7694dc2e0563d40c2ae3bcaa212852e6ccf413242ce09ae40c5e7e86782dc0233821efb2e6f6b2e87a37737cb050cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cb6027b153bd91471b167ad562216211 |
| SHA1 | 181b47afcfb73a9788fc5fd1554c85ab3588e208 |
| SHA256 | 8416637670e652915750d4016bfc0a9ad555d0e81049dc339628271918fca3db |
| SHA512 | 1e52609b27e119736fcdcac42cd5792a3124a3739a2de6f37ec6f5245bda5045b1ca906b67a25e22dcbc5519cd68f014766a5c0105af5ade62eabc3a704ab1c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2d84f6275d167c4b115aa6ea0d4faf37 |
| SHA1 | 28963b94f8a9b0d403c577231543d58b119cf55f |
| SHA256 | 93af895e89aafd5e740eaa163f1e7ba4fdb90f7766a45170524f0eb994df5c15 |
| SHA512 | 2394c6ca55536a8571a3506ee8d13523271fb45422756b65e59bd05f264994b4cb66e0b91536bdf4d0de2c8de76c0c6e3597ce5e8a1949da9996d57ab0457f12 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 997a55f7939d3d7f1029902cf522b5d6 |
| SHA1 | 4f92c9a230df9ced06c67f31d99e702b3fe66c9b |
| SHA256 | 3fec46890adb470514f6aeebaedabff4474b93ba83fca3059fc9ad4a4b26d196 |
| SHA512 | f2f78fde07e89465636a2f8128dfa30ef1dd524349ea3dbbf6c7df6e5b6c2893f88e52cd2ca0aa4961062bcf1d0a2a45e11fff0707d8806f755cd71d021e53c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 823da87005c103684aed215da65c2d89 |
| SHA1 | ac7cc66da3fd8fbb5671a3933985b947fec2198d |
| SHA256 | c8e81baecb022973180321ed57eb02d5e4e13d08882a18371de75e4c409e9bcb |
| SHA512 | 9a538c43cf00a0544795434a379cf7fecbcff2818873c1346781fdb0e91d1602c326dca3e5909ea471d4e9660882fc5aff9639996b5b4b7eb8f34175b388feb7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 114b1ff48888837c4a2649d3988e215c |
| SHA1 | 2ecee87701f97994389a1e732f5a9a650b299e91 |
| SHA256 | 51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0 |
| SHA512 | cd2851802cad33f39e0586b2d4769e9d7c986d12211cafb910438e20bed0a4069bd51d3504f7be0b4ba40ab302e3ff07d0e8dd3f8ee0356b0ed465d779f8aeef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | ef7935213662b46ff823fac7b13845a4 |
| SHA1 | 1a05886ac3b2e0e2422c3d2f63b1982c6bb4ca8e |
| SHA256 | e26bd708d47393186e5c3c4ec4adb47d32e150a2a7f4f116effbd14afe46eb9a |
| SHA512 | 99d79c56350ed8fbd47f558091525ca7adc8c1f97165dd4b73edfe84d9a6505fe37382f6e5655a468d59ad2eb3c1426a347f69031412e878c9ec2ca75ac5b400 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | a24ab59f4d1a6326eea9222c84209331 |
| SHA1 | 922429f898d828340906185e481acbbb08683bf6 |
| SHA256 | 247d685c9e18fd5ec0353a3b16dc3a40a7959d525c01f4eeeff01c4819ac3e76 |
| SHA512 | cf476332989c4ae12b589f0ff4e5a41bd730b6da53c238ed8f51ca3b0ce07a7eebd4674a1d62d8f009dd66d66b4e0fa3be9b86f3d01145b8edc427b9655accd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 922d0f42f78eca8a75e195b198058039 |
| SHA1 | 405f5dd8437fd81f2b543547a1cbe6112a78b1e4 |
| SHA256 | 969b744178ced2d14e1fd5f6ff6b909f5a7caec881891a4fbc41b78965f4dbfb |
| SHA512 | 25d8c8d0a0b61d4063b6ba61e057daa1baba16237c9e0bafb990d67618b927dc76c23e2615823dff726d01bcead27df16792a0ffc72d49a2192910f32784b392 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | ae3b09ff1e8dfb6619d7e66818a8afea |
| SHA1 | 0adc4a2c052d86fd7f6a8d8de36f5bd784880d38 |
| SHA256 | 715442365459aa3a0d8ddafc4ab949e52f459ec0ee6401d53936aeb1dd2d15b1 |
| SHA512 | f15eaf4fc1d049fce62c6b5530f6cb122e7e399db559217f26ead2f60746d248681488a7e1f6469187da605cab7b279f306e5347b8b6a33522acf52b25ecd297 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | df871043a7fd071456d6481a02c892e8 |
| SHA1 | 319004da81e012e6ba9e398623a0c840e9d7e4b4 |
| SHA256 | daecfa2020a7ec11a8690e4f1d7a55fdfdd594b50d67bafb94b3d6e2e981c079 |
| SHA512 | 18b507640ed1a507f61835e51fdb96ecfa0bb04f6ab3736ed59ecb3f888256aea442ca846fbe02ba7eb5fc7f0eb0b261e2884652c759c3c87fdad7bb43a7e35d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 474198f9b2eea3bb73e6cc9c8cd31313 |
| SHA1 | 3a84f790ebe56d6e701853abd7993cce5a8f0fdf |
| SHA256 | 3bdaac7c761b354b9f9eafb192e78728c0eb119cbb56aff86588c083131f4933 |
| SHA512 | 66c3e95edf2bfbc45e0228aedff58a0768673b6649ad4d73910fbda95046e3a10300281e72c33eec8d8aa7c0f18cb8cf08b42542819467bc1155d49fe577c4ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 6f54008d4a6793ee5fc7f20412de35d7 |
| SHA1 | 70875741b65f48cdc4790bc85a29a7117585398e |
| SHA256 | d453363c13ff5fa65849e18f6f54ea1a817d6d39b01d81128a04a9a7f752ae5a |
| SHA512 | 2bc480353830a9815531a98e1b772c4d8b33d66b2687f568939fefe06827ff9c604df4aa2dfe3257317d158b37cdfc206cb2d1050ffa6646d4516ddd99414f41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 672e4271d2d61bdd67c7204ca0591583 |
| SHA1 | 5dc774fff8eb8ec7fdcc08e6c77cf5b6b8e6e994 |
| SHA256 | 5ac72e8c9c1697879fbb06db290fe9ea69b9690231aa1b606fe927c81abc5ab6 |
| SHA512 | bc152b73b83892fc4160b723cf0b2427bafe2bf03d3a3ed3439d4042c6c1a04aae80cfcc3a43fd124e5ea974c2c167e66fe89442530627422854ed775ab48b3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 5aae70c00054cc7ef59ac13574a82581 |
| SHA1 | f05fc8c8af1645202335beeb76e6da6493c393ff |
| SHA256 | d67d918feaf5ba0877317932ec25da10f705200a7c80f0d90f8baad827b7bd0d |
| SHA512 | 30bd59101baa97729f225a351846e3f655cec7c75444b2ef399e5c7d498a96a7375376aab3eba58325fd8b5ea7d16ef95940c1c9636d23d204251c3736f11285 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 0ed8278b11742681d994e5f5b44b8d3d |
| SHA1 | 28711624d01da8dbd0aa4aad8629d5b0f703441e |
| SHA256 | 354730711c3ca9845bf98ec5dfb58a16e50984f9edcf0e8f432742326334f8a2 |
| SHA512 | d296ab1f1b418b125f09598ca6645d984a1cf67092a914956b8879d285ee35521b408363b47da195de79086e3be3ed9b1709bc8f9cd2e32d5dccb720a010bc8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 56c11e4084ad382a0834e6337ffca6d8 |
| SHA1 | fcfbe132637c8b47dc2579c54c271c4d9c1de340 |
| SHA256 | 7db3cb3a28895b80866a8a74748c90360a9435bffeb3d0ad9d9ade5d0fa3b002 |
| SHA512 | 8cab5a33d62629769eb9c753fda052ad110b7038ee679b478750f07b0478322d549fceba92bec76661401964cc88a49f5a791de90a4fd2d302c7a6169a5b2b5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 387ed93f42803b1ec6697e3b57fbcef0 |
| SHA1 | 2ea8a5bfbf99144bd0ebaebe60ac35406a8b613e |
| SHA256 | 982aac952e2c938bd55550d0409ece5f4430d38f370161d8318678fa25316587 |
| SHA512 | 7c90f69a53e49bad03c4cefd9868b4c4ba145e5738218e8c445ff6ae5347153e3a2f2b918cbe184b0366afd53b984634d2894fea6f31a4603e58ccb6bfa5c625 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 36614764407badfc92fbc690b17ccb8c |
| SHA1 | bc80b1176fa809e6f74e10dcc4553dfb7b9f3364 |
| SHA256 | 48b53c2cd2d6d1d276784d23e0469bc6e3bf379ffa6907589c52bddfee7da593 |
| SHA512 | fe53b1b2887810aa842f88b5840161f406c13ad9ccfb3f6a00b812facadbfe4769eb184a090c0942dca599adfacef29417914bf4c5b072ecbedd3c0b64243f4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | c4133173e7880983fab8babbccd7b123 |
| SHA1 | 59f8327bd9d74b8d1fe7b9febe2e03694caf497c |
| SHA256 | d270187bce8766a459b8eab16519f718afdb014bde0a59d7b62ba9de9f9d1956 |
| SHA512 | 95031550c2c5ec9031a898c9e5733981224ccdc198dc28305f2176e3189433d41852e738068914797f77cda60c462476b90b46ad0911b03020d2dc709d29a6da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 7626aade5004330bfb65f1e1f790df0c |
| SHA1 | 97dca3e04f19cfe55b010c13f10a81ffe8b8374b |
| SHA256 | cdeaef4fa58a99edcdd3c26ced28e6d512704d3a326a03a61d072d3a287fd60e |
| SHA512 | f7b1b34430546788a7451e723a78186c4738b3906cb2bca2a6ae94b1a70f9f863b2bfa7947cc897dfb88b6a3fe98030aa58101f5f656812ff10837e7585e3f74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 046fda631a7203f54364ff2d3384b927 |
| SHA1 | 1da07856ae18c451d38b23b58ae7230eaafcf43d |
| SHA256 | 82e212a976cdd8a982c408e7ec3d24d3a744e6d194e226021273789c0c402937 |
| SHA512 | 69fd3536cebdfeff1333987a978a04a36711bf5613eae00cb02faf7e1fdbed1c39264af595224e69ee8a37bf5465e2f4e1985bad749334b239ad4cb9eb6fac10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 0eb62227ec461ce0be8b0f6a2de6c6ca |
| SHA1 | 6ed15fee8cfd1f0d906cbc34489c25847fa80029 |
| SHA256 | ee8c8c2f6464cd4f627f50ba6582682069636ad681c72123a4f10b79eddd952b |
| SHA512 | de9c80a208ecf786443baad9c7f0f9ac2e257274e57e4018d6d0e1e9f4ebc6bcf492c56885f4925ec730fbc668ca697ba5d442e7c37df858aeed7ca5bb2d8ea8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | e45442385246a8d9bba61a2aea2a2bab |
| SHA1 | b4bd1c4600bc1f12259704bf44ced95ff18dfbdf |
| SHA256 | 664da5c53339c78de372caaa9527c626f8c657800df4c5232b89c1a28bf2a575 |
| SHA512 | 2af6bed587e6b5cd54ed48263eed9ed49fa52134d8e3aa0a9bf5d4ae0b0c4b30268c61a2a228ea6dfcf0750ea5ba46b16e86b3222e4405a2be2c25c94061a292 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 8aa2ebeebd42dbaf0c6d4131063fe2eb |
| SHA1 | c92955510fc789508f6fb145f98676729dd54c4e |
| SHA256 | 1a4c6c77349f830f570b16383f636dbc55949a60b1db606163bd8e7f72ebfc96 |
| SHA512 | 9515eff3447a5ba666363908cb61dfd2584f0af747cc7bc0f8c5afee0aa2ff563bff6b55412ef57f6bca1d18d777723cf950fb9841b62e1fcc469b3f0732bfd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 43b741d26de7cb0d010f37da7a124ae7 |
| SHA1 | dda9c3e89e93b6d98371e5928b76116f9b765c9e |
| SHA256 | db37ecb7ee74c1768f7d8f40d20d87b84e7356f034774017f23a40922c0eccf5 |
| SHA512 | ae81dff338038e8f4d04b09e625351792eda253c59fe8d492397bc34f51bff9f3d34580ce41ff44469ecd0467d82fb059a4e4530d0f90ce6dd1608a73872d871 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 8378386dac613806cff1adb4520487db |
| SHA1 | 0fd63381a43aa44d2868e4137e1c759b0bc283ae |
| SHA256 | e2719e820c51e0e35a20425c8225a14656f801c0ae6bf43d86df68933112217b |
| SHA512 | 21b2b3048cb2633bd7024c60787276a46836f1780df1ad06468781c75db8e41347874953f985e048cfcce077dadf5315f40ba11f555864dae5c05a3a345399bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cdae9a0767ee2b41037f002494fd495a |
| SHA1 | ea5c482cbf16c2346ec1dd8bcd9bff293be13819 |
| SHA256 | b925b8169b5cd87c0bf41a5d3c907ee9b2459a7a9b44ace39108b5cd60de4397 |
| SHA512 | 53d0cd5ee0a1e44e5ac2ccfff832086c01529d870f384f08003d137742a8e5bac54b367d3409732074d1df552c22ec68734096eef777b658c335c933f56a58a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67e6bccafecd17c89511501a9de015c3 |
| SHA1 | dc2bb06a8abe7fc53c342b417c722a03ffb26071 |
| SHA256 | 87f1d567a4d4e0def3c8859ceea394f21b5faf85226fc441d0821b06074e5db0 |
| SHA512 | 6ebeba6cb95d9de64e83a0a9ecc37b8412c6bfecdadc4db12c319dea3eb037f2770b7f50c34a5c8a4d0c18d7ac27f7e94facdadd82ed6c9b620f6f4874a83044 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 69efaebd41f999d1041fa801a5726458 |
| SHA1 | 75672872f799d1a20fde86b4e300d4ad38f9b26f |
| SHA256 | 28d137bf6b5bbb3da09707f4366fdabf6ed03827e60c6d4786250ceb64e04113 |
| SHA512 | c1b217eb68486e31daba526394f35f9dfcb7ccf1f3ddc88ca948cb6763b683c5b820fef01cc7ebe7549a1c804dc407fc01429c9dd38602c4bc4189ed3c59280a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1559ca371752950bf914e6af2f018de2 |
| SHA1 | 89e98626f2af049c37f6ee2dad718f5c4dcfedb5 |
| SHA256 | 748c1b1d660ff11d8664846877c027573e8a99495af231d34fad60261b83898a |
| SHA512 | 9a19f5b4e656684c217ef2ecd7381e03b0eff24921bc7304bb1d37bb8ddb4bd761445971049ca148d65577b51672eb17b3f2c56c60f26823ea5d5ce703686db8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4aec2b58c9736e5ee40365bbf21b9c50 |
| SHA1 | e842817a01578ad0a1e599687179451ec576ff1d |
| SHA256 | 6d1bc89d66e8f88d8e543828fba9cbbdf268b91e4c00e079c21405970d2e442d |
| SHA512 | dbe7b2143e23c82644f350e0f7ae84259a2f13a1c3a5bf33d052ab2ec5b4e053fe19557d04926ea4b3c70b9a278a1e301990e7203d71cf4533b1f0fc641332c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1dc75656c5fe27cdeb99edbd444bf0c1 |
| SHA1 | e8b592305535bef51445fd620968e807c14e8893 |
| SHA256 | 3405f4d57c99992fe7aaab50c93b36f3df3b8688cf1931b82e7df7521030d214 |
| SHA512 | af7417143be1975e1c56703f04c1522e61f1a93674ecb8ead55081bdbfbbcdb03d8aced6ec867a8de92c9561aa1ac843bf04cd1ed617725673d55333a3776427 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 92c7b0f8406eac4871d327bc90503a82 |
| SHA1 | 34080dfd196dfcce61088e5b05776a0c32241abb |
| SHA256 | 9537ff7159dd7ebc1730ae9ad1090d15c930b93097d375f79c67fadef5d7fb95 |
| SHA512 | d737f7d956db5a4188b09881b149fe3c04a2184cb210e98bdc3a7fb7c2539c1cdc6f307083464db02a69b8d12d3b5afb0595c7e60c7f6da4f756fee0466d2817 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 59d60b74a3312e404592afdfaac5d5d7 |
| SHA1 | 3051d4343e57524efd8a86bb6dd6073a8f786c4d |
| SHA256 | df2f99b2c6500222ca837fbb1d59f8b22a6deb7c0092b4d2dcaaa31b98ba4738 |
| SHA512 | 6a602de553c904b36962d30c2a49d2293a424d414c25a3fb61f75fdcbc57b029aa7399102c9c654b1c22bb432106502057812da6251fbdd46716adc3986e4fa7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 69d7a059c302cc8ade38018c389e973e |
| SHA1 | ef7cedbc9d9da4f173cc1683006b5ccf2947c53a |
| SHA256 | 55a9517393643a1b3a53f270d4f2f476941f900abf2e31cd590a006cc253b801 |
| SHA512 | df36e620e9028df454f4fd9cf1f46046a92027853fa4134e8ce6ace4bd79acae0abd8615736fe2cb4850b19e64d5944d89e4274f8f9cb8cedce0dab1a82289ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 29113f48837b439ee1c7cebe4b5858aa |
| SHA1 | db4ae3e6b983b13eb56833f8160c9c155e755087 |
| SHA256 | e2402a7e5a5e8d0966086a9bf04103d0c13fe83fdda7ca498ff9304166766551 |
| SHA512 | 6e3f1d03fe49cb3446cdb09a42e782d17d614e5300060f4ed1359b0310e6e77256aa88b4a0b1d0d0ece676808b6814ff59ee971309b3e1a895fd8d003eb87080 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fdcf1cd8118d0b3ea12b76c2f2948c09 |
| SHA1 | 0b3f1ca1d79f3de88a7022f99d4274beb9168e8a |
| SHA256 | a54aebbf2eabdba12293d0ee1cd871a8404b54b7755be068a27e891d2f8cbd38 |
| SHA512 | 10505789a8fec330a3a3dc6e16959271cf2dde234819ef3a00482e8d3d8b494bafe1fb3407a20f7e682ec335d66f2f099484f7cdcc464a2bcb79de365f4ea63c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7222ad824ee034f2b3056bc9458d381d |
| SHA1 | 31542a317dc2b9d753be74c16ebbf79e04d2389d |
| SHA256 | 8553dd8649a79397b83e34e101978cdb60381eb47102ad46a36153d25e7dc4ac |
| SHA512 | 5dedf6432c1b26041f6b61acf5061a27dbe4865bf20eb9a35393c77e5b76e7fcc8eee75107577364d38713cbde9ee9d9b3256dcde24d8264bbda63ca673ecb00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 99bac437b68e26d777cc68474d502b52 |
| SHA1 | fcb9f464cf767692d3ef729dc613a7170e492839 |
| SHA256 | 07f2a9512f338e7240fd95fdc56ce1dfffe893eca959d5fd93601a771904350e |
| SHA512 | 69c51cea736348ba2e9c357b699ecc5954dae3c7772405ccd2b9658571c30f2fb4db27254b5bef69d557a0c27cf6efc6d2f98d812761c08e83bf8cd2ca4165a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7e9fdae913208bb70daadc7cab964ae9 |
| SHA1 | 328957aad6419a321b48a34213b33a235903dbe8 |
| SHA256 | 11463989e5b7b929bb88645852073a268d2853b8ed3d0c8d0657d6d1fd2374bb |
| SHA512 | f73c32a24e158047958f48ecc39922bac753c1d276924153180e5d085bf66c0fa635035fbcfa30a47ebb82cb5e285e3792041e2bbcbf33b454a398453d2c54f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b44148bde3af711b0fb21f3e5c8b2adc |
| SHA1 | 28dfd67c589018e8a19eec954b0107850307156e |
| SHA256 | 53d3597ff22552781bc942b7ebd995544be160f37cde94c48a639f619c3b3a66 |
| SHA512 | c763aeca009f135788fa3dda9f47b2ec279f26e825411c9e41aa05fc14165a0f7efacbf60d1f07b3b71304a569e37cc903999d7108063c36e752d16f4a80791c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | e4abb1619c8566922c08eb9884503524 |
| SHA1 | 67599dc40353187632c797ce30a4121846d23c5b |
| SHA256 | 6fdca2c1ed9d86c76529d3311136a41874fed1bccd111035a538613b89a9c2ad |
| SHA512 | 2416122563197bac3d4ca2665a8c64928e6adb546339f1c115f4ba856c789f33db5f64b71a06aea303dfc8042a1340cf9f52e7fd2dd19d0e0aad25080dbc6181 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 43b97599559f84a22151f8d2202941fd |
| SHA1 | 489da1ade5c0039c4085cb93756207b0bb0f3b16 |
| SHA256 | 9987dcfd36472a1f8bbf0ff6750f66a9e9dc72fa44e4417340ab65cf3a1c1b05 |
| SHA512 | 31df4e40e0b273c71223e13764a25574a72d5bd6f2e73307e33cdbb52937ed17234ed92b27902c1a48aaf7ddef802b56290e3eeeea3143af6b5870bb80bf88ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3be1fd78ddcfce0bb7f47785dfb1d989 |
| SHA1 | b92f5ff152a29294a6bc85d2338449021de3f20e |
| SHA256 | 259ae5e7fdd29de3c107f791cb24ba63cf4f960cf6eb54a59ef7a4a585a7bcb6 |
| SHA512 | f6f4baa7cb010de0127508b5b85fe103c7ca359c7bd2c0d4f5c46ebb45c51da531d24f71cad8a7c017d72919bf353de0da4546a90fe6f4b684bf71f016c10ad5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cfc467467be07be7840b762b55817953 |
| SHA1 | 0f5cca09e4b6b4a3876688db8dbf5e5556cbb889 |
| SHA256 | b30ece4b0c19c6af96beac9aea2aaa2a0523cb74064716031e0fd5ded83c4c05 |
| SHA512 | db13d414ad2b28eff1318f6dbcc44f3e8e74af42bebd9ed6744d37409fb4be7a8b047e220ccf04b11a653861e9990d74c875906c93eff2b920069bdfc6a41ffc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 95697370ed6de19f00b654ffacf9ea59 |
| SHA1 | 132bcdbe375545956e1f1593abd665b277b09f8b |
| SHA256 | bc96b91b3d48bc3c12b5a4dfaa201dc1108611fa99cd68b6237bdb1842ef8b27 |
| SHA512 | a933486a8cfb9153aa96ea3e96366e459530a7db560b0e6d1f3b7eb360a2d74e6e869c031a06c9a8ba81fcc0f528642af081fa9023d68a87b766191b318af2d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b3ecbe01a0b1d539f3f671ca83a2e2c3 |
| SHA1 | d15cc28416d92f77c116f90a92be3cdf25637fe6 |
| SHA256 | 0572cea6adf821e67a952fa8b39e46169984581f57ab9d9c1ec5059423d4e36c |
| SHA512 | f7a44dd40ea44f7f87e713f7d88c72b210de0fbc92eef12b720344a65c60e0477c4bb0d64be234456ef8c2364143bbac94b7733831a101e43bd8592867516b88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 59e2e89fd8073fede0f911b917a480e6 |
| SHA1 | 908457918d3b319ffc89862f79524ce8bf6b67f6 |
| SHA256 | a3e9b8d87db0cffdd8dd1d4d79c5891e1c7d1955c8ee50bdee1d06a982e497c3 |
| SHA512 | e1313cf235ea2a6df46715334f6f244678998a295a37007d112746b0735907eb4046beb6a17ba2cd206d39a930c25241c880c9f77d7dba805a935b33179c64b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4c29deac17e4bebeabc511c1bc0d062b |
| SHA1 | 29631271beb1a5382c42deb594d40a156fd4da98 |
| SHA256 | 5c352c9b24dc7a9e7c999120bc1c6285186f10765c6e675e5343facc24bf0101 |
| SHA512 | aa96f8b78f5db4562cadc7b68f20060da883f86713ebce5e773931cebb7e9b3da31acbb9e419d9cec6ccfad59dc05217537e7f381f290274b9ce7f65cd3d248a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6c3b3792a1b065a7e41a786153d6a824 |
| SHA1 | 82e2b7c672b66bc9d2675d643add383a1348f993 |
| SHA256 | baf03bd6b92bdf9272c4f4bc7b9ae8335c990b6d92abbac1194ee877e08cab67 |
| SHA512 | 156811c24a1c7dae03778f484c5e8833d6b4fdf5c7bde956796951e7d8761d966e11b5a76a41101319bb11470d945fc751fd1877260e5c23373b087c65bf6be4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
| MD5 | 3f0ee90044790a34bddae90437105ce4 |
| SHA1 | 48840ed9ec62342966b95d48cb209f460829defe |
| SHA256 | b6009659920315de9133b093221289f848c3775bd92ca85e0feb38c8f2983a46 |
| SHA512 | 6fd856db8f3848fa22af133365e75a8ee08b2c466d44f2231d3809fa8478862b8d628dc7df7740efd0146de7be231a9bcff353352096834e54b66ef07c13d0a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 58d31ffca5915d6eb037d5f0e6bf419b |
| SHA1 | dc65c9d355c3e82b03bba0d9d8f5b9d0a9d6a1ea |
| SHA256 | 1b449f32bcc5c0cc1aa43b8b1ed8047eb29aac9ac82e2c78b1e6ceb9496fb408 |
| SHA512 | a57913dc895a55c9505b73d80b3a2fb3124551d01a22d6add71da3daef68e11db939255f7a0013c1e66da503286287bb95d760b69b8d00d249f15476e70adc04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5f149a.TMP
| MD5 | f8af6a65ac886e3d8f525ba4d90a64ce |
| SHA1 | d1ef0ed2dc466312b26d4731c1053cf925e4ffc5 |
| SHA256 | 3c9cac20a0875404465331328a99b726c7c52cea4e5c565326bd87824c3d9a37 |
| SHA512 | d27eb8817f07ebc003aa27360fa9d8549829788afa4b87089379cee07020bc5298b52fbb667a5edbf7afb46fab00c0c811c51f171a6f8349ea9e032ed3a4eed0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ad90a0ef1de241de228e1c80ad628d1 |
| SHA1 | 94324742a4e585c6aa3e590c8da829e9bea4f254 |
| SHA256 | 2085d555e4818bf830ea93a6afe7e8500e1629738779cfa4388320688f1770f3 |
| SHA512 | 28acbd32e69f095483d90e9e35478c843bf22782cab9e3fccdaae1d008739cfa1c1579be9cf89698a697b92d44f3897ddad1889b566f523b91da08bf80b0feda |
C:\Users\Admin\Downloads\Unconfirmed 52106.crdownload
| MD5 | f8abc05327115c321307efaf662498bb |
| SHA1 | 4d848adb9b0a5b278f97f75fa125145dcbffd572 |
| SHA256 | c89eda2b48317bd4da398d59213d86afa0c06034cab5e3ea5df5865e369d2a0f |
| SHA512 | a6b70331ad553645cd82edc5f6bfa50b4bb16bfc2443469c7eb1ff79e6b4a246cfd7de0691da400777651529a2bca20311645a763dffbf7e10cc4334ab074ae4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4665fb9e23ca7675dc38a4383044fc91 |
| SHA1 | 27d3ff92cd063886cd5920f01e6da35fe10f5476 |
| SHA256 | 7fe5e30cfe65e6a142e7f2a31902782820e413872b5d330533869e71de68fc54 |
| SHA512 | 4526688477023f3c39c955dc383e7dd7cc8b3332f18c2f49591a99ac98f7a76b17811a83af0e030837ae9f52090809e783034b4f517a2dc4852871e445ec9695 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5c3bbc5c22d0b9c57cafa4c29e62ba7c |
| SHA1 | 5ff94640e0165de67e3c78de4e1aa95f81afbef5 |
| SHA256 | a959b0fc0a9ca1c8a68a74ea4913003966abb10e1e4a4b325e2e75fac411ac42 |
| SHA512 | 5b55f10fa0821a32518895284ae423cb028daef46d141936cefb0cdd974421e65093d613ea4c3d17a1213a5c588c6eacb86171194f4da9cf9514781be2a3b89f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 0e2d3e5d5d3978943272cbbf24a966d0 |
| SHA1 | bfe3748ef41a6d168b98059c1a5b9a99d1b06d49 |
| SHA256 | 7abc02429a933afe40dcdf7b933ebcdfb0f6d8b0b9ec369faeb958a47e278836 |
| SHA512 | 7477e54e4ad3ad5a80d047b75251a673968f0cb354ead0d28d8e4b6a829e70c7fe9db812a897307b9cbf11e6b233658f57d6008dd02632c7965b32ce468ad1c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | db6c7bca37bb897e0d3f668102b265e2 |
| SHA1 | c8ff5874fa4def294f837942219719d7def5f014 |
| SHA256 | 7f078457d360e7f7fa204f1f4f01ed7e25a80351bd127077e0584596ec5d82b6 |
| SHA512 | 466903c83d9f0a3d44837e6d056dde5c158d5d5f5823365fee4c3ed0b0d5bfeb119a08ef348cf30be79726f3665c18fad1c326b2a1339dffe7a7cc79cab969d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eb507c7b0c89411c06440b6a834352f9 |
| SHA1 | 760515a8d4d81eaf0cbba8dfa98027dc99fd9519 |
| SHA256 | 1c53cc196ecdca348eae8044ed3916643f8e2de3aec6841ce194c421040c99ab |
| SHA512 | b0038aef78372a5e920618a9466ccb4dc02563da12b1a0daab9bce027973011130973ff8c3526242945a8b03adb61699c39109f387a485e69317bb5cfd7bbc0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 563a52f4f4ba854b9e8bc40a2536a168 |
| SHA1 | 03647d3187177faa9dd1f4e151991f543e22b8a7 |
| SHA256 | 7f3c7440aa00104177a669933c0402f2a4c8b9ba2780f88fff7df14aad38f8d3 |
| SHA512 | fc81b134bc246cf3bb99206845f662e4becfa7695352dedf31370b3c54d23631fb764c0ede6287508fe9a9f14beb8a8640c20d2741a66cc55530d9d7a710be53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 172ce2c2da23bd09327bf090f29b87c8 |
| SHA1 | 26bbc2189a4c562d457e6facefb857bf6b1f3d37 |
| SHA256 | 3c1031a9884db11c6bb6c57cad749824ae8bf3df5fefc53a426c7fb93fbb24f7 |
| SHA512 | 81b5e99e2e946a98bac4ca70de699309f8ec7f2f119467af03155f7b292b03d9c2eb1ef9cbd345ccad3a54130764c75f32b9ab262ed3ef7b82be2280e6088ded |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 0469bb703f1233c733ba4e8cb45afda2 |
| SHA1 | a07afd7ecf1d0b740b0e2eddfcde79dcf6e1767f |
| SHA256 | 00314da401908da37ebfe9b642506cab81a4467c092719fcf007be045bc4a9e0 |
| SHA512 | 342c9629e705eb78c7bd52b3efe4a92b6a8bece9933956390450600635e4c0511ca96ccaa25e6920e9d25ccdf444dabfea7b09f8fbcba2f371655f87633b6d67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7d5366b25479644284c1e72a4e09fe0e |
| SHA1 | d616ac4c31fff430d1ae43e89223233e20551af4 |
| SHA256 | 9182a8f20c535e6912c1c27596b05ff5223e5ca3caf3b1e5089c0ecfd9dcf4b4 |
| SHA512 | b93ae7cf5ee6494c36e8381163eada48f97415b1e1c6ec8afe6cd2d692e0afc100a7e45220209be4d243726f65a19ea676d94ad0cf3477d17c6db11695c5ad75 |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\938199ca646378b696716037afc964ba
| MD5 | 938199ca646378b696716037afc964ba |
| SHA1 | 2d865bfeccf3badef2f64e5d6453e6ab71d5f5a7 |
| SHA256 | 2acc3e0879e4a71a6b08e2d6af7b238198d2eda73518b9394d82d00b010c9d7e |
| SHA512 | 1a37727c5dfaffa3023845592b400acc226face537176064698b8415d79284b6276fe68bf0e5870dc8898a846f923bd95eaac1d185613759ad6ca1068456b322 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 8146bcada44a7af3594a534dff24800a |
| SHA1 | 3618a21207e284923ef7e4f8a9e81caacf2ebced |
| SHA256 | 3099442387822deb76680ec5e5533b5d6fe014d4c7ce7cec86a0444dbd662beb |
| SHA512 | 507b58722388a9e274c96e11537c25ff86b82a0a520aa42a9591308c0485607470986f66b387ecc75352f48a4a86319279963b1deebca838a1b9dc5c84b345b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 810371040440fec52878a6885e969c7f |
| SHA1 | 1c193682dd94d7d7eb5a6d422f2d6a9d8d011935 |
| SHA256 | 5f7865451e5b6875f083e1ec1e62630fe2b05fd138a9fc47aee74da4c4d7eec2 |
| SHA512 | bd48c28b89f7a2f6cf2d7359ae91a88f8506e7af5086ab26445301c79a8928a7e65ca8f5caa2e13b184c898124f8715b2971782f00059752525377e2f9a6ae21 |
memory/3940-2182-0x0000000073530000-0x0000000073740000-memory.dmp
memory/3940-2181-0x0000000001000000-0x0000000001035000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8368e22b0dc0fbb5b121caa681b7c133 |
| SHA1 | 0bfebbad78f8f24623ee5b008bee75fbd138ffc6 |
| SHA256 | 8a119e4942eca2a1f0f36480ea7c51ec2175aae72a3c4eec3ffd57f3de498915 |
| SHA512 | 56ce6099b93435b202aa3b3a877fee7cc6657fdf66e35edfad26568c5b047468811e56244a64600670aebaa826f4810c321c5790d9d563269978679e686f1858 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5fc050e255b540d267d7aa1cc5f0d3cf |
| SHA1 | fce51ca25faa285192d9d452a85f987254172f51 |
| SHA256 | a479d3bbd6a22fb4b50237f99b7f76b8d6fb7e76ef75a4541718a2a710c5e9ce |
| SHA512 | b4b6a68ef6fedc28fee0a3a4d5b9d070ec3d4fb54d6d5ae472ad494c6fcc4ecceb3e7c03d3310b755015f71090207d90c1e29930fbd523ad5292203a8335ba7a |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 21470d97723a45f537cfe3c3fcffc2ad |
| SHA1 | 311b5acdbc0a5eebefea5d199acaa398462c83dc |
| SHA256 | b478f4da1495b2222490a64ec9be37a76f8695c2d9d19990e196dc99adfa8412 |
| SHA512 | 06784f11edd90e1d3af6d6f11ae69e0a053d0dfef59d7d8e462b11dd73065406c2a4665677ba595305771b2801f6b5a655ae6c2183f6bf8b40d29dc0ac35edb9 |
memory/3940-2227-0x0000000073530000-0x0000000073740000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Installer\setup.exe
| MD5 | 0e2485bb7949cd48315238d8b4e0b26e |
| SHA1 | afa46533ba37cef46189ed676db4bf586e187fb4 |
| SHA256 | 1a3d50530e998787561309b08a797f10fe97833e5a6c1f5b35a26b9068d8c3e8 |
| SHA512 | e40fcfb989e370606469cb4ca4519ce1b98704d38dbfa044bf1ad4b49dbcaf39e05e76822e7dc34cb1bb8f52e8d556c3cbf3adb4646869aba0181c6212806b96 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 490e8179277b6b95e2c1c8d5e9456c3a |
| SHA1 | 309e8786c58bda6b707255b5da28393cba4246fb |
| SHA256 | 94d9ed08395e1ace86219315b359ec0796365aa7c596ec64d02f2c041aaafe4b |
| SHA512 | 8622812d72c8e6a0afee929e02556e089464180a71fbe8701569ea85f8beadebeea18429382d9f87435699e535a0e7f95ee5883263df6a502226c13e4e794522 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f52556bbed867466111b3d6bebd4afe5 |
| SHA1 | cadee2b5bb9d25d4d58f78a9f87cdf00cc054ecf |
| SHA256 | 8cb2e34399542b5545f407c6c7561e097aa363b0c91ba6ff9bd56abd5963ce3f |
| SHA512 | 7c8a455213f96b0eab36f1ad1d4e0ec13f0c85dfe394ef4667e668fd6a7cf5a82e4fb5c7adc96b09403a02865405043a669f2facf59e22f3c6ab783536a5ae00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f317dea75c1b2cd82e3fd008abc2780e |
| SHA1 | 8d0738437c9d74c3d2ee61ea47810548080bcd31 |
| SHA256 | 8013cb7e873ba4fe76458b541811ed0fcb7b3fb90ab17e8d18ee1c5825bb0d31 |
| SHA512 | 29ad1af5e776a3e16c1edf33e426535c51fb514bb7d9ee67bc0117d84de02d03d0ee4b3a8c5c29ab91e7553b7488bf897519151d477a946d304f80adff4bd2a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c1f512fcadbacd795d9d7cebb0eaeace |
| SHA1 | f967cddfb194ca3c4bcb0bab88dea5d18c1854bf |
| SHA256 | be705db1cde3c230e1b6102b747bcbd947023daf0f07a90233679d4f9d937a44 |
| SHA512 | 677d0c6fc6019b4e94028ce56612943bbd8ea38dfa5566fd0073654ead8c9fb9afdc28d31f3fcd3617c91269522b0b8d4b2ee3311405b99b115f9b918ebe5342 |
memory/3940-2290-0x0000000001000000-0x0000000001035000-memory.dmp
memory/1980-2296-0x00007FFCDD290000-0x00007FFCDD2A0000-memory.dmp
memory/1980-2300-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp
memory/1980-2304-0x00007FFCDD480000-0x00007FFCDD485000-memory.dmp
memory/1980-2303-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp
memory/1980-2302-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp
memory/1980-2301-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp
memory/1980-2299-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp
memory/1980-2298-0x00007FFCDD3A0000-0x00007FFCDD3B0000-memory.dmp
memory/1980-2297-0x00007FFCDD3A0000-0x00007FFCDD3B0000-memory.dmp
memory/1980-2295-0x00007FFCDD290000-0x00007FFCDD2A0000-memory.dmp
memory/1980-2310-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp
memory/1980-2313-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp
memory/1980-2312-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp
memory/1980-2311-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp
memory/1980-2309-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp
memory/1980-2308-0x00007FFCDCD20000-0x00007FFCDCD30000-memory.dmp
memory/1980-2307-0x00007FFCDCD20000-0x00007FFCDCD30000-memory.dmp
memory/1980-2306-0x00007FFCDCC90000-0x00007FFCDCCA0000-memory.dmp
memory/1980-2305-0x00007FFCDCC90000-0x00007FFCDCCA0000-memory.dmp
memory/1980-2315-0x00007FFCDAC10000-0x00007FFCDAC20000-memory.dmp
memory/1980-2318-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp
memory/1980-2321-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp
memory/1980-2322-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp
memory/1980-2320-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp
memory/1980-2319-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp
memory/1980-2317-0x00007FFCDAD20000-0x00007FFCDAD30000-memory.dmp
memory/1980-2316-0x00007FFCDAD20000-0x00007FFCDAD30000-memory.dmp
memory/1980-2314-0x00007FFCDAC10000-0x00007FFCDAC20000-memory.dmp
memory/1980-2328-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp
memory/1980-2329-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp
memory/1980-2345-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp
memory/1980-2344-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp
memory/1980-2343-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp
memory/1980-2341-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp
memory/1980-2339-0x00007FFCDABB0000-0x00007FFCDABC0000-memory.dmp
memory/1980-2340-0x00007FFCDABB0000-0x00007FFCDABC0000-memory.dmp
memory/1980-2338-0x00007FFCDAAB0000-0x00007FFCDAAC0000-memory.dmp
memory/1980-2337-0x00007FFCDAAB0000-0x00007FFCDAAC0000-memory.dmp
memory/1980-2336-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp
memory/1980-2335-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp
memory/1980-2334-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp
memory/1980-2333-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp
memory/1980-2332-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp
memory/1980-2331-0x00007FFCDCE40000-0x00007FFCDCE50000-memory.dmp
memory/1980-2330-0x00007FFCDCE40000-0x00007FFCDCE50000-memory.dmp
memory/1980-2342-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp
memory/1980-2327-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp
memory/1980-2326-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp
memory/1980-2325-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp
memory/1980-2324-0x00007FFCDCBD0000-0x00007FFCDCBE0000-memory.dmp
memory/1980-2323-0x00007FFCDCBD0000-0x00007FFCDCBE0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 661705b3f4d666f271e537a8ae50f914 |
| SHA1 | 81c6ec7ea95c03c7a676f63237ad14c40f09d877 |
| SHA256 | 51821d87ac8fac6a9ee2ad40cfe6ea44f44df90a97b1b96666abae388293d729 |
| SHA512 | 4dc08d2c3d1fe6a9fc97b257e47ed5fb5b4233497be9cbcd44fa9a5fe64658bb806fbae5c55e06f25b1857dc9f39a9f43ae83617612d405b10c2599bbad12d1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 59960d2212341a0ce18e5d1ac572d67e |
| SHA1 | 3da9c0d3b23dba72816bf5cb30dd2e0bd5097e5c |
| SHA256 | 3d170c29c1a2886fc8232184353cb0d3a6d71304b69c2399e8b5d30fb291f616 |
| SHA512 | 13f4c5ed2703ddbbfe58f20dc50cdf70a7f778a617448873b8c72242ba03a2eb97cf08ea0a5e988af3085cc014ebabd5e0005acfb8e7ddb07a022e7aca8954ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e80a60e24fae57afedcd9b114b332e75 |
| SHA1 | 1fe241282251caed0e85e41669a67d543394b0bd |
| SHA256 | 063ce8f0560a06ed4bb901cfa2ddabbcd6296f7de59b57a537de93ee49d29a11 |
| SHA512 | 39b866423038cefc215b70094df61e5fd940c8ebd0ba7dd53c3cf489d4dfad6cbf5a17ba698bbf3de8c6a93ddf616f0d23de04745396545bacf9b72db659e595 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 598c279a8f57dca61c4d913806e6b886 |
| SHA1 | a0052889a6abc5d170d0a10cb7a9bc27ab025b03 |
| SHA256 | c3c487f19a19447d840228a4e195e9ddcbdc472d4bcd6962ac9589fd9a9ce65e |
| SHA512 | e061387747eadd5e09aa591d226ef5a61cd9fa2912d2c227227a193d552e028a87dd36689d632cf8078255295db65aa73a78177e75350be9e7acf441b0b6cb3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 072ddeccc09fa9557de32c06241ea36e |
| SHA1 | c95ed3c19431caa820a3814dd6e0fcbfdb08e29e |
| SHA256 | 7a990850a6a0c7198d9add19449b934ed84262e77683f5351a1606ab613266e0 |
| SHA512 | e558fa6aa6fd98ba9824c81e0e46200fc70d8cabc79b409603c576e0235393e46a2e85a802aaf35b56de8a0ee13ca4e96d3d7ac3ac501b27c96ac1835f2b1fbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b619dee6-2726-477b-9b6a-177c2507a529.tmp
| MD5 | 020aefdb9d00aa6d2f65a0c418c290b7 |
| SHA1 | 80fd8b43b6ef5ea20dbf188b4e06b5f5dfafeac6 |
| SHA256 | a060b02e7f0ec6988ca91d5f273fd92b114dac177153c780cc49b12d65d94bf9 |
| SHA512 | fa1b3eb1be2ccb7effcfb9912c868a126f65de7c61a4b66bb75801fbc9fca71435f9b61233d0fbf83b06923eccb43b36e1229555d6302559e8c4d203bb00ce2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | edba9abce4584a95eacd9b0d9ffed2a1 |
| SHA1 | aa6ecbe736576a92fc4dc92001eb7b439049e571 |
| SHA256 | 50e7df2b8c460fe86b656fc597af7d34a01d4837e07b579f57dcae2979e94db3 |
| SHA512 | af7d6ffd9b482db7a4a45723054f6c053bb0e72c05378132c2c28b6a2351575b74a0c44dce3e7b6b41c1fa06296f74d95595c4a44351798d36dd085311ea96ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 81a6f249ed89816539305c8c9aa91350 |
| SHA1 | a76b70a032f04c26fc7b227a00d8f43c5c827fe7 |
| SHA256 | 0c00ae8cc02bc08c0b3e20ec2ac5c3c840074a2266923f21b24e6ea91aeb4bc0 |
| SHA512 | 7a161882a84fce30866efb91350f36f7b4a58db036fa1aa426c52a78f09ec61951bd50c846edaf8c0026868720423b43826eb468a63f9125ce5d3b93b5bcb40a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 00a62e9bfc499c1355d25b0b11f1ad13 |
| SHA1 | 9731a03d697b8b4bf7ab688e694b4b0769295771 |
| SHA256 | 46c3d55998098f4ded119d1def726f957dea7cb1cc5acd97d5de4ca09137f09d |
| SHA512 | b7ce1a116ac8eda8b477432928da108fa359433e7165e779ac2e7b8f47eb648ce95ccdd6881d3d90844de0cb390a367ac63e49eca685e688aa384e9cfc50d0a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7137237d205b55770d1114e9fb3e781a |
| SHA1 | dc86cbffc5150499ea48c3109ff2ad3c70d60693 |
| SHA256 | 4266d811aa8cb1cb377fea296e7f4965953bf7261abfc901097e612e425890e3 |
| SHA512 | 8d4c38913a2bac6640e85b8401cdce175d87827ea014953df341b661bb8c080ae1e79d954dcdbff1f39fa0c9ae5a8129ab8d3301715e3a91cf941774d4f89af9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7f6c6a9a8af037949f2a8f65a5bea74d |
| SHA1 | e56b5fd187d0e7e1574d467c04841184d9e7f98f |
| SHA256 | 2b9a0854f3242cf679b51a15ebe19c60d4dcd9db364f0aebbb7c81da2d4a7382 |
| SHA512 | 5adcb6257845bd63ad3d46abf94e77bac7775b53fdf052a967959bdce889704735e87660ef4a10ec717711ee7d3ebf1f132f9cc3bf640d20d87222735cb22bcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fb9c60b2ddf142b401bd19911b5faace |
| SHA1 | a5a0190317f39ab3d752e9e9c8dbaab7a4da20af |
| SHA256 | 929bf08cd52bdea9b1fc271e2cc9da838d6a95fdbfd0daa11cd57362507de162 |
| SHA512 | f8b03ec313b5e5256712a67fc4fbf5bf274ac72092eaeecd2ad90c7c363021ff3ef8284f6a04109cfe5f84c40838c70ec707c0f4331c46e8a2f5657d6f22393a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 9d473ea21d6ac2bc8350f20a575f04bb |
| SHA1 | 516e11a7a16b3663ce744a6270acbca9852b26b7 |
| SHA256 | 4ea8952b1963611e571cb4b73e2700c81d0fe2df1a6ab02c4f3457e62e3e8bc7 |
| SHA512 | c2849c9387a60276429d9c3690e68fcecbdc567652e0980e88cb01dc7a4b50c4842a62d16b7185ee66bba33ee28f8fb5f29016bb9bebbe5c773965eb16922248 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c717da79228d67f8fd1d47813ad561e6 |
| SHA1 | 5a979820d3c81b56482380fd0936d8775ab6df0d |
| SHA256 | dc3abe76dedcc3f1905787a8beae5175be0764045fd07361799c7a570e362e61 |
| SHA512 | 43127cda4f1d51951f3a9b214bd6b9103287f71b8110fb7cc10a143c3d3845e7c1fd29d82109c697a1f52297cbdaf20d0a45136a8c3faefb95efc9d14a1aef29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc
| MD5 | 5dd8e3bc29624d9dda6a9fbe1f6d3b51 |
| SHA1 | edeac7215a768d5ec0bc5af5bc622b0aff7f9b2c |
| SHA256 | 194e8abffc3839c137765529eb6156900c352fbb1a700b2fae265df97591219e |
| SHA512 | 5ae229b4f43a460132a41134abba1ec19e7ebb3d6bc2f9c546ce75425268f2187495e1b528c53481107d8f88cd57e1ad9792b6f35daad3739e493dbf841ff42c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ff
| MD5 | 10eb047857c4293421b039d35a82be94 |
| SHA1 | c30ba1aec0a4f040973eaef61d710ee862a4cf3e |
| SHA256 | ab8338a2eabacb905f063f4caf0cede53a0adf2ca73e3fd1b66cbb252101ad03 |
| SHA512 | 3bea35d7c2e3022353d7dc0400e55d24c1194480eea08b437627ada2295667a3fe512ca04e90f36a58b7f7f115a458245bd823a439537a4a19275c6ef4795b34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe
| MD5 | d23797aae3d3e8c553242232196f655e |
| SHA1 | 206c2dcd9b0091bd78a107096e277d3f1ebca7bf |
| SHA256 | 50a375f4c8f8e49836c4305bb3807a0aa02a55a923fc58b0e5e2d1c4908f3f9b |
| SHA512 | c8cf760eef919e1045ffd9342d4af2e6dfebf9ba846677ec6dc6355ec1576a1d280b345513a41ffa25a2d4be36f110354354b3ddc4b4493996778fc3eb45bf69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd
| MD5 | 6b75f742db13c54dab1548568d311104 |
| SHA1 | 6a470ecd60233ed5f0f4ca9ead39e07b51c3c8bc |
| SHA256 | 1a1d0ad64146a5622bb3f1e202fac1265193ec7522b6fc5c75578a007a3a5f53 |
| SHA512 | 91ce1682c864a2ab290e5a45eeb65e719fd79c34b6ecc9cf4a5b984f8aae67eed223f71ef63b8df432a793a532dbc183d48b83b207e9f5e6aa7fb3c99222c994 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | e8f5440de79979b6cb710ba0bf7d898c |
| SHA1 | 3b7c15ca41ecfa4f3e1b43a0ab15e1e88072fd59 |
| SHA256 | 159608070006605c23686617ad382ffc7c8d531b89452cc2243c7c6c5f7624b9 |
| SHA512 | 9dfc5c4e57a7a09ff323529a4f985049c6ce1f02f68a530bf57ab243f93f67da5953d59d26134284d35b151054f69b3c90fab44d850723e388342fac69bf002a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100
| MD5 | b4e733dbd5a2afbaa0cb1277d148b1da |
| SHA1 | b8f9e331481f5833d523e17aa797a3a609a8b167 |
| SHA256 | 1f234f530e60be6e94ee61603a63448401ce77c8a0ee32d3b98f5074b0cba322 |
| SHA512 | ee7ce90e055c7452e1c66b43374ec79569cd99de7a4b4a4efcf7d0102b74bddd8a6ae576923aad3eb0495a7cb620aadb17a245212ea0af8a8bea03dfbb2614a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt
| MD5 | f20e3754e2b27866706242f815e40aa0 |
| SHA1 | d49237dda106593ee821f60fc9a60b7e22bb74a7 |
| SHA256 | 8b59141f0f77ff8b31bc5560782211faaa19feeea20c9529da1188cc79bf0d3c |
| SHA512 | 0120cb1eb5d95fe7574c994b163d788c511d49f4dcbad15cb55681de0aec17e898b3295b7e88c8f616d73fc5053ac703e0e3e2ea0cf3bc22a62a8ed1ff8e8fde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe6307c6.TMP
| MD5 | d8f8afbd5390a3dbe01bf13d53193a3e |
| SHA1 | 47402677755b31bc6a21c70699a8f28ff7c60943 |
| SHA256 | 54c33df0750ce92c7aad94037df30dc123756cec40f1832b7092b3a440b172e3 |
| SHA512 | 84b7dbf30bed5ee830017dbade68d6237d29893cd881587eb61bf23fd53080dd97e57aa820daf578db6ccbd1b6b20df2c4cbe1b855c75ea59f66d24757d7b45e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 6132feadba75110023d8f77e27f49046 |
| SHA1 | 308c266d67f158bbb707b6ac37d35b7b733c2a21 |
| SHA256 | cf6335dcb4a9c9f2fc6042144ed47510d3cfe376612869b7c9277bc3e1869752 |
| SHA512 | c93365cdf6bf5fe4068745cb80fbeb9703a65138c18fda25277d50dc1dad17d45e391fbae5a76041d01926cb41c460d9bc4fcc9b079b0408b8585cb5ff7704c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8a03b3e66503bbbef6f66ec22d199bd4 |
| SHA1 | 7d2eb1a70e5e9c4401c5c4705bab29b21df34d5e |
| SHA256 | 32c640c00138153d64f650b76bf50e8a2577211b7dedb2dd89093d29aacd1bd5 |
| SHA512 | 44fa1132b9d0d1a125be653300b1d7a66661c224982f2d7ae73fbb2ffa058bdb2790125e0b14901de77af08f76dcceeda4028ab72567ebcd4814830fa91f7381 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f55bf188d5c6d7aaab74b3d25a05e5e6 |
| SHA1 | a2f795b5cdef9f877a545b0cc041a0a5bc6fc774 |
| SHA256 | 98b8752e73caa5370326d7ae1ae42f8445be3b4a78a8c139ddea950a54a2054c |
| SHA512 | 985ec49e25759681a2b49ee7c16a09f24da1a4bff147f5ab97843a3ea6694cdb2fb520f3b7ed24cc048bea187be7fb4d5cb6d3aedd7cd7d4751dd592b6a9f5e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 9ab41c4849ebb621829f2664f6e04a9f |
| SHA1 | 1e0fa8dc6272684d21b216eccb351ec074ee3552 |
| SHA256 | 4b005e01812a08a8387fe21cc08ff63738795feda2e44d77361514c458faffb7 |
| SHA512 | ab76382618ee728ae6f8b59daa065a6b4219f505d2f5f23b6a9a124866bcef14456c3b2663c7e618b8c5613b3aa3d1882e059781322fc5b995ee1c597f8ba2c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 839d826840b9ad4900a53027f3a10260 |
| SHA1 | ee9acb17ccaa694af2ee934eee2f12c8feea3634 |
| SHA256 | 439c773d3af7e2a4561d5dfa5e17b996bbbb150e860a60a5a0289ee8223f6752 |
| SHA512 | 77683566d71963f7d22ab2012b951c286778c29330ed26faaa1976530dbd141b4872885f21124ab82f436ddcb4f1d6797dab4ab39f018a0392b44386c62a784a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f480e949caeb52f467fd449110926d40 |
| SHA1 | d7b3ff87be58ba13bede188d8655cc28856b9d82 |
| SHA256 | c818bb913908a70063a4e3467d20d366b7b7d9eb43d708cdb16a6608a7b1fee0 |
| SHA512 | 3939e843d48cba8c10db97cef9a03673552d57530bb525c53af49adb898a979b60815a56ae4985529896151c3c6377e0800191e1fa04d63eb3afdeddaaebb199 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae036115a486c9154731b0e3d01e2746 |
| SHA1 | b8d5fd34cf190558d1ca35a5cbfa1a3cb53b983b |
| SHA256 | 20c9e440d22325131814a82026caaf4bd348878a0e743e372fe010a4c28b2280 |
| SHA512 | 8f5460670168d6a909a3fae0fe83f6c4fa04d573a51af443dbb1863a982fc3b34c281d5e3994fc7bec012cc4c48c7393bcf2c9aad7433b699f8a8eb889356c53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 38d3da2ec56977244eadcd5f31d5d555 |
| SHA1 | ad8a4d1feb0e5b07e76f46d9e94c33e70157582b |
| SHA256 | d72c43ddd63c8b628835c0b60e287f44997fdcafd7921da54c3237b294fee98a |
| SHA512 | 1c3dd00655b3ccd1cab9e88ad77a9b2576088a55896f85b0377920ea466f24e931d3241f4af14d81b26d651162672e22a1ac70967b481c541730f28685b7a6e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3640d87d06f9b05b221ac7ca12b5a396 |
| SHA1 | 9d82f06c0f2ac5878e60fae76024d9221082369e |
| SHA256 | 2fef48b55642e40e4de95d3966b6b9635c93fae6c27de882316e4b9aa55a89f0 |
| SHA512 | 9eeb93d457a9b3ed796b6c3824878df3b80333abd6889c4a41b9587a8172c736b01ab0dcf85c8d7ba03d6ad6ddc1ac6cd67af308626b74b7139320fa7ab6e6ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b2a127212ebd428441ef4b1b6912e506 |
| SHA1 | 5b6d90d6e8356ef7f0f809b9896ccf1a26e8341a |
| SHA256 | 6682d80c91be237a4269718243f826969826311cdc7080acf25c92deebecb877 |
| SHA512 | d87d7fe45788788e8ed673b490f2bf411aac63c5624aabf06c78bd8ed7bb6ee78fabf2e6b0a4c8ef7082b22e48eee53a43ea36847a47c037d6ff622560f2dd88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 60cd3292bd75734b3e4e1022944a8706 |
| SHA1 | ea43b2a735d3ebee0ac3c2368dc8e5e90d4f4928 |
| SHA256 | 74528d4504338dee82b96af15271fdfe201da94699d4f72741ceb8e20489bcb8 |
| SHA512 | 68f5c9eaa7e09904a9d9f544290aa1252d226919523330e9088a945beac91cbb4f47506bb3aac19f197fbb43ee1ed88702bb50055537d3082568b2f2f7a75927 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000139
| MD5 | cf705738085572762d3f9c7babf6d70b |
| SHA1 | ecf2ec96a8102bb2bdc177fcdbc2080d2977e3d7 |
| SHA256 | d7d0e51921bbd1687eaff4d632845c36f4ed57a49ef44ad56de4d515cd9a3633 |
| SHA512 | 57ec6b648d47241b9fb9250e3990e898ae61a0f3142d6a5a0671728e8970500bbd73d874781e172e30c60fcd015c84e21c484e0b53f8fb95b91a9372c2ec8c9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\LOG.old
| MD5 | 5fe94426d346b30639fe014e8783e591 |
| SHA1 | 8a53f5a551b0c475ff7c7e97c8388d499d710ac5 |
| SHA256 | 6f712270ce8ce99a2afc184580ed5bb7c5df3caf19ddd828d64dd1fdd0c48012 |
| SHA512 | a9dd3e4a3bdc1c47a211c555ff860db7f6168fd9ccf9d2a7ae51612f0ec5a10b768153f6097c38a9c2aac54a6899e4d6667fe44e33a631459b789f64983c6e4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\LOG.old~RFe642ee1.TMP
| MD5 | c13cf3420ccbbe37514817746ef5cf19 |
| SHA1 | 72b41564d5efaf3d49f304acf6aee15df1973155 |
| SHA256 | 5b55dd803dfc544b7b64a34974ebcbbb992aeba5f71df4341c87af7a424309f0 |
| SHA512 | 79ca9ae72ee4de24d08d2ab70b7cd1ddd045fa3e060d343cdcbf5023e7c1f419d397666b6f86359a6f3b5ea88eb63bf86076e38da23c489d1eea08591acd8637 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 046fed27e0e280f612503e553bf7472e |
| SHA1 | 800d76cfa4a64e08e645c75884be0e2073bd2724 |
| SHA256 | 9c8fe24d9d49fb7b9b426f845249aff23bb44126febaf4ab7ac4865bbc147acf |
| SHA512 | 485202e61568c2167d87fa3fdd2fa71b667bd7425583228b3fb72450bbaca5833d7d18b73281501080b315b16a4b046f3700012b19a03c81faffbad47104459a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 953f407119e322524c1e37812a733465 |
| SHA1 | 263b59362b95e02e1b7583c17a4425358c48c98f |
| SHA256 | 18edaa57b16838f254770ccfada17e8c4d39652c157389aec0cb6723e10e53f6 |
| SHA512 | 6ad22e0b4872935715f9534e782887563d486894263a76920484823d30d4570188cb06c057d65437cb6dd4bea8293201e7e627ab6ec24805e48553bb2a783715 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe648463.TMP
| MD5 | 567775425b595c56f1af0c46ed9fb0b6 |
| SHA1 | 236003d3807f08283d3a5de03f9c8ad489386504 |
| SHA256 | 6556087aabfcc6520900eec9be5d50e3d7c36b95e24bee781e38c786a0f38713 |
| SHA512 | 9245bdd5b87c80b8531cd33dee4437c731e4b173f7f693e8c6cbc2a2583e2f6f72f6a8af723e04e12ee292f1575c2f92ce85996370520c9471f6938f6f9c373b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e9621986687af518821c5bc1467b83c0 |
| SHA1 | 607fb4871a9305ce1dc2c97857f3c4f66ed07b88 |
| SHA256 | d55bde40b861e70d1f9c16fc9f4f1e1dde73125a1717b87ca31d40c271bccc50 |
| SHA512 | f161d8e9b5e52b191d17f4b5b32a356b5dced0009e28ef19c407f9951a410011d2a3bddba4f9bd22d6ee883435ea7113871c3e10a0ab9ff5763a1a0c105002fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\index.txt
| MD5 | 96e9a7cc494d385268dc3d04adf285ce |
| SHA1 | 3843f1faa2a39adf8194cb6105e3469ec8f399de |
| SHA256 | b469fbfa1279da68c840582cef4bc33788c226e663292202ad8ba149f5cfee85 |
| SHA512 | 9f8ccece82fdffddbb57b705eaaf371cfe5a0c421b6e95711a66585594bf9193ad76c38e8dc532707ff3d996948c99bdab11ace07179e9d9ca36cff87294bd3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\index.txt~RFe64a420.TMP
| MD5 | b4f84b61a7576110caa09f332d1acc94 |
| SHA1 | 0afc8a315c3d37a34075813cc3d4068d00b9de14 |
| SHA256 | a0204c5f6bec3aba86299fb0ebcc23c6e78455308ab793ba988c05bf05dca345 |
| SHA512 | f78eba52eee213566d3625760fc324fb96c3f7ccc08c62de45516921b2784e2bbeecf3bc744e1271438ad1cee956484439dc4e2c6da0d74b1be9db20514c6951 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\d51489e3-09c1-4b6a-b594-9a5e2d96fb8f\index-dir\the-real-index
| MD5 | c73c2ba8bfc680f66f6f2a8a20c14b62 |
| SHA1 | f7cc75657b1912d72f7bb4beb7c6907e81166177 |
| SHA256 | 370872fff31f026205ebefb80179cf62c7fe76c23ac35eb025d8ec1f8cbcc1dd |
| SHA512 | 17d9840d62f521b9a02bad05874c4a84ea80238d6b72caae83f7a557d803b7aa9329982d28299dba725dc975539b83a8cb39588dcd9a3a2669a41fee665266c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\d51489e3-09c1-4b6a-b594-9a5e2d96fb8f\index-dir\the-real-index~RFe64a420.TMP
| MD5 | 167dc6f18b59439a915dab63f3ce51db |
| SHA1 | 27258cc5c6355a9621863178c8835044bd547ac6 |
| SHA256 | 47ecffa6371d8adb20bdfa21adc4c11a2227c66e7c5f58a78b7c1038fa6aab82 |
| SHA512 | 5dd57792efb1af348ced3396cf944124f46edc9cc483413f5b885cf897c45617cff5276d2e8629f8828f719e38bfe6b7d945a4bdcc6cdfa733dad6ffbd41215a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011f
| MD5 | 31b12be510b4fe56593c762912f23746 |
| SHA1 | 88a4139edc66e2a1fb0a244400b588b7c7765892 |
| SHA256 | bd965932a7c06808bea454bc8dbe8776e4a514e50b85b8ac69e9202e61dad8a8 |
| SHA512 | 9adeb71121ff6ea4ff54edcbc136c42376ef4c13b1981d77a1a4c1b1bc700332b99f1d6e9463a6cca22e634cb286877f800f07ff79b2e5ccaed3add254166fbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000125
| MD5 | 5bbfe4f79f1696b3bc8c83b63f51a83b |
| SHA1 | 0c22e1fb6e648aa8ae1d00952e74d9da749df594 |
| SHA256 | 0dfea6e6332a9338f4d06199e05baab829baf2b706af734faacffced98d2d3b5 |
| SHA512 | 93fbe2c017b08772df90c8a18efbdf8f142a69b3f428a8dd85424846544e8bdc486f933a70bf0b5d64cf961a0fe7d25a47bd3f7fa161597c1ccc91a38d69b9df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012c
| MD5 | 794bd37e4e5b2cc3a8fc9a0ed7469aa6 |
| SHA1 | f1f85fa21f7fc50ff85db9e5b95b69229a670576 |
| SHA256 | 3bd1216186bdcd3ccf089f0d7819f54b59782043aeca9b14873a3d12c600c9cb |
| SHA512 | 906f02a00a65510a3ef779a040c60e93a4e138a793063f846a34271d8d555062e7cbd14748fdf51b61da47e4951be16d2f71f67931b81a3949b5f88f3c9915f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012d
| MD5 | 821334219ff29e8115d5cd55c81e7b1d |
| SHA1 | 02af697cd6121f8437777933113cd64b2d8ac2e5 |
| SHA256 | e9631c345d56043cef83fceaae5afb12e7df3fe99307368012d2b2efecfbd21d |
| SHA512 | 1e8c2fa051f10873214395f12319e48ebf722e1a1bf2ba687038e7ba9bb7d94582537521b4f02d00d246b0f6918d0a58fcb5231c9428267a374a4bf326aa57f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\LOG.old
| MD5 | 4c8b2aa35785acd1acf5bc4843b2edd3 |
| SHA1 | 9426e96d59673d00ed09d843a615a0beda63ecd5 |
| SHA256 | 55bc74e1342202740c813fceeb7d87c0106b1a1acec4a4b61f7930f193ead826 |
| SHA512 | bd33464fcfe7e65afdd46edcffec80c207671778b6f0ec823fd901e816976aa01614bf3d614f4232bae0bdf30352e8142e53a39b3db99d00b8b224d1ef630925 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000134
| MD5 | a2bb89902c804a2f5ddc7bc488d679b0 |
| SHA1 | 03052a99f9c9078e317db1c64dc33a493eb36963 |
| SHA256 | 2fb66a43b8b0d1f8c6b40af2a54a6787be4e97a6331834103303b44137007fe7 |
| SHA512 | be64cc929881eef19c663ca8184357c114a3b2213c175e6cf025380b88f9f2ce111414ee9479c7c04557b1d8daec5e87e178f26d46db3b9ca65c06dea241a114 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000133
| MD5 | 34626b14fd7d3ee8e775a60ad9932afa |
| SHA1 | 62f6ceb8ba50919bfbcb8851be468fbf5ae2b113 |
| SHA256 | e52dd2bbd64a741ced225fb6f82e539f6edb6fb5106e834f9c3aa90c9e7f8833 |
| SHA512 | 3c6b63f8837eb9d77ca8a65a9c0836852bfba57910c6f8a36c6aa22c4ea9a0e2574fad2a7c1dc00c1607c461b4b082b9084936c29ff5dfed67997528ad9d3e6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000132
| MD5 | b167fbef204c352fbf1042330923da76 |
| SHA1 | f8abd69021c36d5d064ec096719753ee34936053 |
| SHA256 | 353a34a14b151adb4865be2cee3e8d6ca4bfbacd317ae03415151a55694ba88a |
| SHA512 | 8857976849d8f4079466ca98413de665674fc46fbbf3de2e5c6002247fbc2becac4cbfcbc9263f7860c486e1cd069bcc574b2edbcaee3cff921a5575f2644c55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000131
| MD5 | 7f55ea7d6dcd36d5d2e731518cb64d36 |
| SHA1 | c0e2a2bb03be5b1e91d085a0a4976a71664543f0 |
| SHA256 | c03ac3a446df1e4fa5f870e9a24be451eb7a26502533f8a7c038b42a581e53e5 |
| SHA512 | bb21ae9235af9dd4bf47af4771c83c8488fc08e0c4a1be404edfbf944202caf51f8d0dec308e50aacc0d7b8a7e27e129c6dd643928cfad17d4665611a9e8e966 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000130
| MD5 | 1a32325232d024a4c3945d7359cd054e |
| SHA1 | b63a5fa956ec738fcef184807508995f62d12327 |
| SHA256 | fe63629415427d6b548b12f921380fea46947b35e9ee92983459a1254379678f |
| SHA512 | 98e0f08559a3e2f4d0ebedcc76429fba29988aa091925b7faa515666dcfe44ff9d723c7f4622f48b0e43530f9a99b6e1a846549951d0d10d3a0042a6af9154b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a10e05077c343ab6e82fb19748af8c66 |
| SHA1 | 6134b91ef4d6b014059ce66dc37487f9da0bc5c5 |
| SHA256 | b19c1ccbac6b314419ae39ceaeb77686f68af41069466acf434e74b0439ea53b |
| SHA512 | 60c518d8410bb24b24aad0ab551fdfc6ecb1ba1309d10cb79c2a980e349999d920fdb08f1e8fa02d08405169969fc6fc58197b4b33849e64a594b5a18fc85ba7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e1
| MD5 | 36f7564a6c76ffb3eb8edfb55482925b |
| SHA1 | 12cb4d0a9a8fd30d0f5f6a464357819e44aa0928 |
| SHA256 | a22f49b61a3e623223df7437e6d4abd70a1705281cbc924bf9aba6ddf550c624 |
| SHA512 | f1f37bd3f7863eb520440c6c77cabb28297de169664b4a17d74de4e6c79eb7e1c4326b11a7ec450cb5ceab1627a506e0f9cc35a92aaa106a4d1f790ad6400dac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e90a78c8683fc96b11f61eca5b5d3891 |
| SHA1 | 4ca2509f28f8fda25d2ca15514ba1d0b3635c7cb |
| SHA256 | c41525826641d8182a089f7c9c72e1e73e986d671b50a45883a674325baafc9e |
| SHA512 | a16e31b41b8eaf55d912c7d75823c8a4e4e98f8a9433cae22171f7f1a591751ee1a0e18087648973cfeb034daaffaea70d84b4be95a71557c75f54953a8058fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003da
| MD5 | f71aadc5f6252cd569a47e91a8d28c9a |
| SHA1 | d190c42b0c1613c1051fc2ac42a0c0305a2fdb64 |
| SHA256 | 01c315dbefd115deaa6605e703b30c383589ccc4b2029540133867dcb9b79e76 |
| SHA512 | 0f5301076289e0b2e5e658f26ff202b99c95e15e24e72f77c9e628e4947cb09246de47a5f48e11ade319d08b86960e85f6fb846e726a4cebcb4d39b67995b1b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e8
| MD5 | bc82f9164e5e64c806b4293796c2ad58 |
| SHA1 | 81ffade27f69d0d8190ad498b53228c0483addf1 |
| SHA256 | bf93044ea9985754b8bb814e43219663dd21193810e23b10875321b4d05b1406 |
| SHA512 | fdca317143da3b64118875be871baf25bd63beb8ee8d8db8dbd6f66f7ed7fe0fbb369c2e6bc8d60abef968f6cffd1f641ac1f6b03cb28c4fea4e6ab565e5098b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ec
| MD5 | 834dee51aab6c25e9dcefabe678783e7 |
| SHA1 | 09e1c363c80682f922b0e44bbffac2acc0db29e9 |
| SHA256 | ee74878ee0da475506112eb6ecd5223c7b6f09131974be0ba99f743ca32137b4 |
| SHA512 | 72587ceaa2a534a380a7bf08039400f44994abd1cabafb5a26f1d03315959f67d1db120a88ddc0a672f2735d1817c480fc701791f5388811c7076d12bb0ab7e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ed
| MD5 | 63acf3d88edd82df20d524d686a64641 |
| SHA1 | 19e91b14d7b6dfe21c83e2fb7a1e5a9149ca2ff6 |
| SHA256 | 8234ed485f52642b83b2e076f38b910168af822e3c4b3add65a7105837769ecc |
| SHA512 | 11df81183a9b41d23f032137792db96ea91f1290fd86dbf0cca732b2b20cfac64e7d5a71a67fc2cd0f5ef8dcc56f8edc5487bf005cc586de9284489444a2c893 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ee
| MD5 | bd851e5599fbd9b4dff31d6558f19fa0 |
| SHA1 | c411d804f6dd38875f9730b4e384e53210dba041 |
| SHA256 | 5186fee6a34e00c15e8ac7e14cecd7a95004d8011fdf31c08cff5fce1c7bb9ce |
| SHA512 | 7a198b8820385b485ff2fbbc1971f5a31ac9abba0e340d35cfdbe13db9e09dba7ca7506272292a01336789c516360d9f508c49a975a26682a763541bf55119ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e7
| MD5 | 1c6f055472d709eef7710f1c0787523b |
| SHA1 | f2623b83fe1d0147bbd342a8b64574c2df596bcf |
| SHA256 | c20dee521debd3f415a887af86f144268016835d8c16dd4d2f86bf82ef577864 |
| SHA512 | 74457b36d29d42aa7d8d270f7d2434f6e1736b9ec148d65189359e4495e8973a006f29ece4e46e942cb9d29233f6dfc5a039e400f8f19d925f78ddccccf755f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e5
| MD5 | 0e07a9d9042aad8bc66879e5fe3b5d88 |
| SHA1 | a6f298a5d7272239e01f6670f9068e86c18e3f33 |
| SHA256 | e3aba28169c1009adc1e49e6310b2973dadad25c1aacfdd567484cdb9d7958ba |
| SHA512 | e8337b58a9f40a26f679f074949045d2c336187eb766fcb1264fa5c823ca29a971d014010a61b8258a362d98088864595664a230d926fd33dfd1558eaff3a00b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e4
| MD5 | c5e22861d9c34b9aee5ddc0fa24f81b7 |
| SHA1 | 3eade4e63c309205ef0527f437886d808bceb732 |
| SHA256 | ac1ac94fe65c16b238b00460d43ec6b9c3dca371c735783db5dee37d24aba294 |
| SHA512 | 1069c74c54bfd2f2f8b674ada14ba191413b76eac6ced200c7052fc9a4dd7234109b7b4805e4b903894e1a5c2059af1ddd2cd03574d859f511813cab5032dc72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003eb
| MD5 | e63c9c1b63d1846bfb1ae502f06cdc12 |
| SHA1 | 5a7d9d4a1080fa7c3a0ea2d2f790ae694ed5f62e |
| SHA256 | 6713aad9ea7362ee518a5efdfc012d55503c5611b2a862da231d81c16c8a4acd |
| SHA512 | 36ed93291231995b2b4bc2e7cc305e54fe54b473520e0d63c36ea8dc089d8ad87537f78f64d162839b3234657dcf6eb8ba9dc373f56f964475ac059c34706cf3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 86db444d8674809d7c2e6bb0b2e4c05f |
| SHA1 | 355fc4e1aa6bb1a9dc8a78b23b7c226577882bd5 |
| SHA256 | 4fbda00d691973c1b6c152431e90f3c3405a60b86520872d9424dbddebafb5a0 |
| SHA512 | 9819c58021d72f68695897836fcb8854d0d9225905c33b000764bf93421c5dce727ee3e6f85e6c242fe51e8b1504218c4ec27adbf6c48cffc491648e67527f5c |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe
| MD5 | 3f208f4e0dacb8661d7659d2a030f36e |
| SHA1 | 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff |
| SHA256 | d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b |
| SHA512 | 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cc74b15c0c57bc7958c5b9d1d00e6dcd |
| SHA1 | 36fd627c36a1e6024b12f98a638b679ce825de3e |
| SHA256 | 8ae3ba0be7a65f3bed1be9360dc0f054e1366ba9e70544c67ec8bff806fe1dbc |
| SHA512 | 5057860278ffec082d71cd1148712215f97370646fb2f9660f1103ce9a0331010a7a4f191d6ac70e8f0d8e5d050087042f3abfd5c4f3e5180184abe4f7289ef2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84ff6e28573bb59b06aa7f99fa61afb8 |
| SHA1 | f5dfd974e5d5cc58afe23faa77bebf16f39c3ce8 |
| SHA256 | d579ac6bacd28dd951c3e6ef4e13db95e31b08331a9bea1ea31c22b07dd78a9d |
| SHA512 | 0d508d8d36c66266c29105d682f5489b626febb2c1e035ffabad8dd389b6e75d6f8c071402eb07f8b9dc2e2c76189cd6f496a192956b2811594be86eeeab04aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f9a2a256df756087d375cd2519ee2da9 |
| SHA1 | 6b6c3eb3f8dc53794c008084789002cbe6aeb687 |
| SHA256 | 630e81920f0457696ca9cc8be5b04f9f28fb481db6b2b95bd6110157277d6c81 |
| SHA512 | cbcedf9ad9d3b3a78a20332600ee6eb6fbf345063436d2a58879270a8dcd184696d85f9d97abb328a4e43b9911862d3e5fd430294b645bb4941e4116d91b78c9 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.37\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe
| MD5 | 160e6276e0672426a912797869c7ae17 |
| SHA1 | 78ff24e7ba4271f2e00fab0cf6839afcc427f582 |
| SHA256 | 503088d22461fee5d7b6b011609d73ffd5869d3ace1dbb0f00f8f3b9d122c514 |
| SHA512 | 17907c756df5083341f71ec9393a7153f355536306fd991de84f51b3a9cdf510912f150df1cbe981dbf3670bfa99c4cb66d46bc3016755d25da729d01b2e63b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8130f40e6f53b7578d805c84328b6d3 |
| SHA1 | 347588d0220e2ccf4d99dcb3615650f46b14e7d7 |
| SHA256 | 2b177789a41c7e6239ab351c7decfd770d48e065ca522398c5399516ba081fa8 |
| SHA512 | 1e9c76b3091e5581f663beb58067b240ab005511ccb70748fdecfce715a7e7df8857cb0d8f33e96e1fdb2269cfd241e3f9810f3724529296ea5800a4a6ffec82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ac39f34b-618e-4944-8738-222c7adaa80d.tmp
| MD5 | 6385f9c0edb5357cddf5e9d71501d119 |
| SHA1 | 1bea4e1ab655a07dde8c579bd47e1b533cb84a3c |
| SHA256 | 9aa9098b4f5b6118e68453d3327d801a43a9be8d7854bceb3e7c10810cdf2adc |
| SHA512 | 846140b13861ee559f1249db1c6240450810823d08831da47c284bcc999f92e51564ea5ac0f25ad5da017262f3a5e44eb282984da3cbe827d748aade3a073b98 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\SETUP.EX_
| MD5 | faedccf679a8d88c91909018d1b30a6d |
| SHA1 | d50c43ae0441a8526e52d6bb04cce233e54d3a86 |
| SHA256 | 17a00157a757420a5cbeef48ffc3585bc7794823cd607c640256d67079a982f5 |
| SHA512 | f3dfff27cb7883302486e1ce65d495612b43f61bb9dad985c6149a97f25b5fcd090d8b4ec4e14aad246ff223a70072534338f3bbe647ac2b0f2825428d2ad44d |
memory/4508-6116-0x00000243E4960000-0x00000243E496E000-memory.dmp
memory/4508-6117-0x00000243FEE80000-0x00000243FEE8A000-memory.dmp
memory/4508-6120-0x00000243FEEB0000-0x00000243FEEB8000-memory.dmp
memory/4508-6123-0x0000024400200000-0x0000024400449000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\ThirdPartyNotice.html.~tmp
| MD5 | effecce1b6868c8bd7950ef7b772038b |
| SHA1 | 695d5a07f59b4b72c5eca7be77d5b15ae7ae59b0 |
| SHA256 | 003e619884dbc527e20f0aa8487daf5d7eed91d53ef6366a58c5493aaf1ce046 |
| SHA512 | 2f129689181ffe6fff751a22d4130bb643c5868fa0e1a852c434fe6f7514e3f1e5e4048179679dec742ec505139439d98e6dcc74793c18008db36c800d728be2 |