Malware Analysis Report

2024-10-19 11:03

Sample ID 240524-nr1epafc9z
Target Screenshot 2024-05-20 11.05.08 AM.png
SHA256 c735814996365d94afdf77e3adb83e0bbf422f2072051f16e45d219216e4ef17
Tags
adware discovery evasion persistence stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

c735814996365d94afdf77e3adb83e0bbf422f2072051f16e45d219216e4ef17

Threat Level: Likely malicious

The file Screenshot 2024-05-20 11.05.08 AM.png was found to be: Likely malicious.

Malicious Activity Summary

adware discovery evasion persistence stealer trojan

Sets file execution options in registry

Downloads MZ/PE file

Modifies Installed Components in the registry

Executes dropped EXE

Checks computer location settings

Registers COM server for autorun

Loads dropped DLL

Installs/modifies Browser Helper Object

Adds Run key to start application

Legitimate hosting services abused for malware hosting/C2

Checks installed software on the system

Checks whether UAC is enabled

Drops file in System32 directory

Suspicious use of NtSetInformationThreadHideFromDebugger

Checks system information in the registry

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of UnmapMainImage

Modifies Internet Explorer settings

Suspicious behavior: GetForegroundWindowSpam

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Modifies registry class

Suspicious use of WriteProcessMemory

System policy modification

Uses Task Scheduler COM API

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-24 11:38

Signatures

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-24 11:38

Reported

2024-05-24 12:09

Platform

win11-20240508-en

Max time kernel

1799s

Max time network

1727s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"

Signatures

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133610253472192106" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1104 wrote to memory of 2732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 2732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1284 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 5044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 5044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1104 wrote to memory of 1800 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x108,0x10c,0x110,0xe8,0x114,0x7ff91b3eab58,0x7ff91b3eab68,0x7ff91b3eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff91b3eab58,0x7ff91b3eab68,0x7ff91b3eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1772,i,5553284659825672090,13560173947681764888,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1772,i,5553284659825672090,13560173947681764888,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3844 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4408 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4560 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4044 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4452 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1840,i,1638275125875237324,17687455108731302909,131072 /prefetch:2

Network

Country Destination Domain Proto
US 52.111.229.48:443 tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
GB 142.250.187.206:443 clients2.google.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 54.120.234.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bbdce7283f8c8e7d66ccf5cba06bcfdd
SHA1 c2e2d0145906f8992455ad7819275db251f1a482
SHA256 ac592c3e751c5521f73447f2f32b6d4fda91635f349431f89f975c1e3208537e
SHA512 b8fa50f8201bdbf43b9065e9a9f0ce5cc1a182ab5da6ce275afe823b3ea4cca84c7c43e7e09ec47523fda2013c8af5081656378326cc148c89eded6dd62e0a37

\??\pipe\crashpad_1104_EMOFNWWEERSIWNVH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1a14896048c0777397f19f49dfdeed63
SHA1 3bab260949af64db0b903bfef1f99a25b0dc9443
SHA256 528112028431cc75e46a747c395c3e7042bce029cc4913e4f6747a7f3c8f5269
SHA512 7d47df62d25a7962340660720f7526d5be16a5f078bbcff09bc8bb152138e764851ad2a0f8a6e38dbd7df8ae86e8a9e287e505856d5712e84f666525c0af4ac9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f0ef100a5253eaebfdd4f4b35f34e7e2
SHA1 031f233c7701f326789fd96ddf44e7f986adde76
SHA256 3691ad51ed122de11b6e9bf0467254831b0bce2511417fc9c85a2e374b2457e3
SHA512 5fac18b36e460a85dc4563365a060699beba03cf48b62d740ba6d89acfbdecab324f168a5adf6542fe1686149cfaf45be40ccf793903ffa23d03338dd088398f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95db8c3b233c2690e0c03eac73529d84
SHA1 5665056e1a70bd50e6ae2f9163a7943fb6497e87
SHA256 81e17d3fdeb3b58676cbb59db17f455fe402cbdb3ef898734cec245bc4f717d1
SHA512 916734a4cad5484a0f4276c7b1df97fceea4affa4366feb724450ab2952e47997e78aaa5f5238aa07e89ec23209da934715ba64f0450a3bf8e52def94072e10d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 44ad3e31593d451f773460c416cde40d
SHA1 89e4030e9b5cf8bcffba20a65069de839d549d7a
SHA256 3a7a76dedb22ab7774e7cb6fe2c6ad27fe5b1f47a9ce27812511e3b2f7d8cd9d
SHA512 b70866c8e4aee3794a4c6ee0b6644d34fe4a56547bce8f97d8b75cba525c1641c51c8bc3eda72fe2e64540c064406ac53ab14b04138e892146653f1db6a9bc33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 fa2cdab9feec32ecff7097b29a7fb84d
SHA1 5809f570e89d64b5b1f3ee543df35e890a78ba3e
SHA256 9fb56a9295b694b3fd9c74588a68e20c424c6f3a948068784c14bf00afae78e3
SHA512 1f190ccd954b62bee6f3a53ac6ae253c42cd984ced2769aa18b1141e98786b167345e66836a8fd887a6faa385985d732776cca06ebb0176ec3e80a1443ada50b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4eb8cc30cece20f77c775c4ef376152f
SHA1 c60fb9e60a893d46b520965d7a1fa42e8f1489ee
SHA256 f094d61adfcd34e3cde59174899dfebf2592da6dad1d3a08331916335333faf3
SHA512 58380ac9d953c50b5ee56b62f764b7fc3ddfc48f55a63463ca3cf035684cef526af94762be8fd398bb83e13d14865f2da06722e607f039079048d2d3a1f8dd39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ffaff37cc28d2a1f955452f4ed2bccec
SHA1 d24f46d72c49d197068fe7dc39c80b9e8188554b
SHA256 1b7ece5b47340db926602de5e441cb8ada962fa8d091bc352ffb4008536eeea3
SHA512 81a62a9add42b95722037e85770d7ce8ddfdf907aab45f10f65ee7ad57e8e1becae422d4295be09d980d1ec15ca9de69130c6cb30fe0351d170b8b77b4adedca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5ba203eb65bcbffd32603a23df574cd5
SHA1 6adaafa0afccc8314d98316466797b381da5b1e8
SHA256 65e6af10d3c3ac3a5d432a3cba77f36b0e2bf7309635f73ad7607f4653c879a9
SHA512 e90f0d2e57863c3e2ab465da282545d2e003b7adc3dfc5ac420adb161c6ea743a73cdf0ce3b6bf57b541a9e51db9971e7838d3c69acab93d488dc4617f8cd357

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0f16f84aa0839b51604fb112b108aada
SHA1 2572a54b5b953af0c36ccf4b9244b22ae22c6a63
SHA256 c2f9a386cec77ec6f21f85f70b5a84ac83a3d9b0b065a76236cf5e01b2fdc39e
SHA512 6b3a344e491753fd7f1ec09ab3c908af5ddb0964e22dcf9a09baa2798d0c336875ec6a036838fdb8bbfaa0b08455ea916c5e49290da4f8a8c7a49942b29f7cce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9eeb67848a34847aca88a55e53852649
SHA1 bf4dddfd012c810b23ca02ccd5f3ba9e3a3ccb3b
SHA256 30485cf5889f4b4e9cb9468a6582c3bb1d7eac52166022284a850b6596d44d62
SHA512 38485b932a64f386f66f7a2cb8db2e4dab56cb878c522f3ca8ccfe8921a1c4db5bd7aeeff5d93c06038aa3d15328de506e778645eb83d42eb2c75f8a18b6a380

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d8c0a5540fd59500e349e1b6930223f4
SHA1 1884a3cb563a1490f09d7c787dc178b4264eb7c1
SHA256 872372fd39e3edb9ee7e65b300eab9c620f913c41ae435e2ffaacba36c5ae651
SHA512 5e92d92685959b9a6d8fb5cecb7ba1300ed1d8dabbee6dbf1116dcc5eb7ce1fc0db429001037e0c52c700c0a760e16a6fe3cd5d766d5c34af346697723c3d384

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-24 11:38

Reported

2024-05-24 11:39

Platform

debian12-armhf-20240221-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-05-24 11:38

Reported

2024-05-24 11:39

Platform

debian12-mipsel-20240221-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-05-24 11:38

Reported

2024-05-24 11:39

Platform

ubuntu2404-amd64-20240523-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-24 11:38

Reported

2024-05-24 11:39

Platform

win10-20240404-en

Max time kernel

7s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"

Signatures

Enumerates physical storage devices

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-24 11:38

Reported

2024-05-24 12:09

Platform

win10v2004-20240508-en

Max time kernel

1799s

Max time network

1789s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"

Signatures

Downloads MZ/PE file

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A

Sets file execution options in registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO\\ie_to_edge_bho_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.37\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\InProcServer32\ThreadingModel = "Apartment" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\LocalServer32\ServerExecutable = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_click_helper.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\notification_helper.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=4B0A6CE705604A0EB547C7C707059156" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\image_scrollbar_vertical_bot.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ViewSelector\top_hover_zh_cn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-chat-large.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\pa.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\icons\ic-games.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\MSEDGE.PACKED.7Z C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\configs\DateTimeLocaleConfigs\en-au.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AssetImport\Import.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\R15Migrator\Icon_AnimationConversionTab.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetConfig\sales.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TerrainTools\mtrl_pavement_2022.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\MenuBar\icon_maximize.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\cy.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\uk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\zh-TW.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Settings\MenuBarIcons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VR\Radial\Icons\Backpack.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\msedgeupdateres_it.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\explosion.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Emotes\Editor\Small\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\icons\ic-send.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\avatar\unification\humanoidAnimateR6WithFace.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Sigma\Other C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\Locales\hr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\RoactStudioWidgets\button_radiobutton_chosen.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\Jura-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\TextureViewer\select.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\SpeakerLight\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioUIEditor\icon_rotate2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\PlayStationController\PS4\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\PurchasePrompt\RightButtonDown.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\New\Unmuted100.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\families\Merriweather.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\loading\loadingCircle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\9-slice\gr-mask-game-icon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\collapsibleArrowRight.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\PluginManagement\checked_light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\dpadDown.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\VoiceChat\MicDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\PlatformContent\pc\textures\water\normal_06.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AnimationEditor\img_key_indicator_selected_border.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AvatarEditorImages\circle_blue.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\msedgeupdateres_eu.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\AvatarEditorImages\Sliders\body-type-slider-background.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\DeveloperFramework\Votes\rating_up_yellow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\ImageSet\AE\img_set_2x_2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\ExtraContent\textures\ui\InGameMenu\game_tiles_background.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\ui\PlayerList\ViewAvatar.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Sigma\Analytics C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Locales\am.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Trust Protection Lists\Mu\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\fonts\Oswald-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\content\textures\advClosed-hand-anchored.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\125.0.2535.51\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2804150937-2146708401-419095071-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\Application\ApplicationIcon = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\TypeLib\ = "{2397ECFE-3237-400F-AE51-62B25B3F15B5}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}\1.0\0\win64 C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgeHTM\Application C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{4E50ED6A-8A46-4CB9-9E77-B99CBFED1E68}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe N/A
N/A N/A C:\Windows\system32\wwahost.exe N/A
N/A N/A C:\Windows\system32\wwahost.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\wwahost.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4884 wrote to memory of 212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1680 wrote to memory of 4872 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1680 wrote to memory of 4872 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4488 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4824 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 4824 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4884 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-05-20 11.05.08 AM.png"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcbed0ab58,0x7ffcbed0ab68,0x7ffcbed0ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffcbed0ab58,0x7ffcbed0ab68,0x7ffcbed0ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1828 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1992,i,5263306913420044107,7228808881950294917,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1992,i,5263306913420044107,7228808881950294917,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3580 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4548 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4644 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2428 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4652 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1208 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4764 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5216 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1208 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5500 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4516 --field-trial-handle=1892,i,4373919306688040250,6465810092871029513,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcbed0ab58,0x7ffcbed0ab68,0x7ffcbed0ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3012 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3804 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4364 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4372 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4724 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4376 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5076 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2428 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3260 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3236 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2704 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6104 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5972 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5860 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5904 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5840 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5604 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4940 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4972 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3248 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU44A.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTkzMjBDMTctOEM1RS00QjgyLUJDRTgtNUZDODA4RjhBOTUxfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3RjU3RUIzNS0zMzU2LTQ4Q0MtODE1NS0wOTVBNkYzOEY0MDB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzAxODcxNTk4IiBpbnN0YWxsX3RpbWVfbXM9IjczMyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{E9320C17-8C5E-4B82-BCE8-5FC808F8A951}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTkzMjBDMTctOEM1RS00QjgyLUJDRTgtNUZDODA4RjhBOTUxfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDNEJEODQ0Qy01QzM1LTQ2MjctOUI2NC04NjE1NDZFQjlGOUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwMzA3MTMxNjA2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{29E1C21D-77D3-4873-AAB8-2B57E79D63FF}\EDGEMITMP_15AEA.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x22c,0x230,0x234,0xec,0x238,0x7ff76c9f4b18,0x7ff76c9f4b24,0x7ff76c9f4b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTkzMjBDMTctOEM1RS00QjgyLUJDRTgtNUZDODA4RjhBOTUxfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0QUJGMDgxRi1DREU2LTRDRjgtOTlFNC0xRDA5QTRBOTVFQjZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI1LjAuMjUzNS41MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAzMTQ2NDE3ODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDMxNDY4MTc1NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTYwMDkxNjQ3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy80YmUwNTlkNi1hOGFiLTQ1ZDQtYTEwNS01MTE1MDQ1Y2E4ZDA_UDE9MTcxNzE1NjExMyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1mWERBR0Y0d3dOT1pEYUFKcyUyZkM0dkx4WHBzTlByT3ZYcE1BM3RoZlA3NjJReVNFMlNsVVVzZk9mSWdWNHFpTHpxMFdMZWRRNE1ZY24zJTJmWjJQSjhRY0ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM2NDIyODgiIHRvdGFsPSIxNzM2NDIyODgiIGRvd25sb2FkX3RpbWVfbXM9IjE3NTU1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1NjAxODE4NjciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU3NDI1MTY4OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEwMTA2MTE3NDkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzMjQiIGRvd25sb2FkX3RpbWVfbXM9IjI0NTQ0IiBkb3dubG9hZGVkPSIxNzM2NDIyODgiIHRvdGFsPSIxNzM2NDIyODgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQzNjM0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=1616 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3120 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:KbRKn5uFp6mLqfk9Vkp83iAZ6xki8SpQgToSm0YK6T-wMc7L9vGeKnPUFYVWqUTln_u02vy-6K-qDpEoQb3WWZts1BNouAoJjTbvhZcA6ciUqJecjrRV7_9PeiL3upIXcvelWQkh6Bsup-LrqmKOLDWYfZ4uSD5isUdogYqO_Fiez8rBmaecRs-d1t-6ZeO_ai6pVcIFwktDzzKlF1H4gfANwIA8BNRaLCUnKKr1pzM+launchtime:1716551251167+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D13775256536%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D409b9b85-92cd-478c-889f-75c1fadc63d7%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3172 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:S92_X6QGVJ-rx5d2f8sZcJ7J-6FLa3caRdf3HxYoKz4V0TdidhG_Uc3-mr-5IQt_reWeI3oYpU-DWuZZp-PiCuQ6U0OIRuEIK4LXHkUWKVB5h91sYMiF2izLYGiHo7HrT_X-Uy1USMUORiWbON9YEFZBihXWaqIUoIo0Ehuqa1ZyK130UF535CxuwLspBR-Sqqy8cuTlqY-_O8dC9Reh6tkUKfkXgYPdKoWq7pHTszU+launchtime:1716551251167+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D13775256536%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D409b9b85-92cd-478c-889f-75c1fadc63d7%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4284 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4068 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5960 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3528 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=3872 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5516 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:c7KFim1jKQ4qcpbmZP6RfHVvUGCPY60GJ-y1ame9HCGmkvRLq2rk5Z2bIapVhTvq54EfjoVj_HajqC3DqCjoCt6XzHME7i5wv-oHCsTpekkEOzjK893XusM5eW3Z2c2JN8w6GQZQLberJZiHFOca0BXvoH_0XgBoGn55nbH8l8mzqFwnunAmizz66PagYH857AIGepwuyWiijBVMzIomPt03GCI61WVVcebGeZ_gD0c+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x410 0x454

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1092 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2704 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=1892 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=4492 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:ih7dd5juntHdHO8MpvUgX_PyQaUNjEv2Mx9_2-SH4v6xpkXqTFHX3qUmDNrPUVwOd6IYt86WgUNp4ojjRarPH7CmQOHzf2bbl6veB-EW0m9cYhwuAnDLDuXhdbay8GOTwAqcUOTL4DnrGQAfPLMiBl9qDBLBR30C4u0Wc9mE15Fpst-JqtgybdgAQDUB4I4kDyFSK6W0ehFqQ3VLsm0ehCdRDS3j9HeyOWKOzznnzk0+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=1640 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:gYJZPjYFB1e1HumYIbPgGOQS5cT1cxvpKQ1Wx0sx6Al4Me5QLlBg-Y9cy9XE5aXbbCKv8LbinTmyRFlgklDgYwD-YVGMk2mTSPuYKTG3MOvRUxKlPWfJAP8z9CZPTRq-zhNFH4p2Sx7bR7qot_7HYPZe8o_KBoYyeKcnDal6MQ1Cai9JvxQUHMqxMqrmSD7XYkEH6JxLnE2Z5e28AHXiuT1-Q4IxL9n6Fs4FTtNgXMA+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=5148 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:9BlQCcFNCIOvBOmEYVRHNdd4cPwHG7t8ZC-1L0CXhRxttA5nYHAJNva3Hkn1w4mFwVCEBNE9fE2XzX3XIa1xYIeftrfS5P-dFS8veP7dP-T-HMbPs3uF0LeDVWRolGAGVu4VM7EeR8spCe7Le9CFiNQi6QFkE6Dcb1MxHrv_vysJWKUCMTEnJDWpVaIiAtXfcKPFDnXoC23XQCjEpch64IAvA91aUDAbMmwvM3iSBwg+launchtime:1716551507231+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D7e190027-c909-4948-97de-8af14384751d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=3180 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-0a57b2f24afe434b\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Qgz9OXxWWtvJRiIFzo1li5NXY4v8Svgl9dzKdzD7wYR4Ywwib8L0oZGZXVKk3DPP3dyiTIy-fqEugYQgUwh_goBCW2C75s6S5TYHzBHcTay2ial8ZAGj3nbP7kqRsU6Idmp4p05KwFz9J8Zr6LRCb5nQIAo9zal_nsi1p7YSwlq1TXB8T6kl1j6wyrnYAZN8Y6hRKjeCQbIrf7HAw1fLhry_tDfUMoYmv9lzLJgqlbA+launchtime:1716551546368+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1716550997272016%26placeId%3D3101667897%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D54b3a6d9-bdeb-4ca8-b8fe-774ddf50c04f%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1716550997272016+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=4148 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=3872 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=3248 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6432 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6424 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=5304 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=3172 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=3904 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6672 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{1D8BDCCA-A4F5-4A56-A684-5D345565E669}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjI5RDlBRDktQjlFRi00NkRBLTlEMjAtRDY2QTk0QzY3ODlGfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDNjlCNjlBMS1CRTVBLTRGNjUtQUZFMy0xMkUzMDMxNzMxOTB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzMyNTM3MjY0NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMzI1NTI4ODA0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNzQxNDYyMDU4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTcxNTY0MTImYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9RzJHJTJmTiUyYkolMmZLUU5UNEZMeTZxJTJmUW9xZHpKNGVPJTJmb2tLejdRZ3NLNXYwWU0wUiUyZnJsUVA4TENqOWpEYzBTa2QlMmZDbnRtSGlGZGFGQ0JlVjd0a2pWUGcwUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM3NDE0ODIxNjkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE3MTU2NDEyJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUcyRyUyZk4lMmJKJTJmS1FOVDRGTHk2cSUyZlFvcWR6SjRlTyUyZm9rS3o3UWdzSzV2MFlNMFIlMmZybFFQOExDajlqRGMwU2tkJTJmQ250bUhpRmRhRkNCZVY3dGtqVlBnMFElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSIzNTI0MiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNzQxNTMyMTI5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM3NDc3MTIxNTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzc1MDE3MjYzNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjI0ODUiIGRvd25sb2FkX3RpbWVfbXM9IjQxNTk3IiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSIyNDQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=4800 --field-trial-handle=1912,i,3542728375176014293,8960273460853716689,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8BBA1D37-410B-4776-8396-2132656D7572}\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe" /update /sessionid "{5F1CC43E-D868-4D7B-8B96-F0811E47323B}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUYxQ0M0M0UtRDg2OC00RDdCLThCOTYtRjA4MTFFNDczMjNCfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDNkYyNDg3Qy1CMDU4LTQ5MzAtOTUwOS1DQzkzOTI3Q0JGNER9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzciIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2O1Byb2R1Y3RzVG9SZWdpc3Rlcj0lN0IxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDAlN0QiIGluc3RhbGxhZ2U9IjE1Ij48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk4ODI5MjE5MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk4ODM4MjE5OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM5OTQxNjIyMjIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xZGY0MjA4My0xN2ExLTQ0YjktOTQ1YS00MTY4NzExNDY4YzI_UDE9MTcxNzE1NjQ4MCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1oazBiQmVJWGhYYUE2cGljJTJiUGhmTUhkc0JkWGh2YlEzOFEzZnBVTiUyYiUyYjlIJTJmMXhlME5PaUJ1VEw5cjhROGUlMmJkUVRsVUpqMWtCQ3dUNmpTemFkdVk2SkElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk5NDIwMjI3OSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMWRmNDIwODMtMTdhMS00NGI5LTk0NWEtNDE2ODcxMTQ2OGMyP1AxPTE3MTcxNTY0ODAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9aGswYkJlSVhoWGFBNnBpYyUyYlBoZk1IZHNCZFhodmJRMzhRM2ZwVU4lMmIlMmI5SCUyZjF4ZTBOT2lCdVRMOXI4UThlJTJiZFFUbFVKajFrQkN3VDZqU3phZHVZNkpBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYyMjA3MiIgdG90YWw9IjE2MjIwNzIiIGRvd25sb2FkX3RpbWVfbXM9IjQ1NyIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk5NDIzMjA1MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzk5OTM3MjA2MCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9IjE2IiByZD0iNjMzNyIgcGluZ19mcmVzaG5lc3M9InszQTM2QzQ4RS00QzY3LTQwQ0MtOTgzNi02RjEzQjkwNTUxRjJ9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkyLjAuOTAyLjY3IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjE1IiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTY0MDM0Mzk0MTE1MDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iMTYiIGFkPSItMSIgcmQ9IjYzMzciIHBpbmdfZnJlc2huZXNzPSJ7OUREMDFEQzgtODcyRi00NjRFLTgzNTYtQjQ3Q0JBRjRCQTI4fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNDkiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9IntDQkQwQzM0NS1DNEU5LTQ2RkYtQjAzNC1BNzZGMjVBNERGQjJ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUAE4D.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{5F1CC43E-D868-4D7B-8B96-F0811E47323B}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.37\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NUYxQ0M0M0UtRDg2OC00RDdCLThCOTYtRjA4MTFFNDczMjNCfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7OEI5ODA3RkYtODdFOC00MkJDLUFCNjAtQzNDNEJDQkEzMkQxfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjM3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTUiIGluc3RhbGxkYXRldGltZT0iMTcxNTE4OTMzOCI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQwMjU2OTIwODUiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkRFOUYxMjgtREI0Ny00REEzLUIwMUItQTJDNzQ2RDg0NzZFfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7ODhBQzEzNDQtOEUwNS00RURDLUFCQTEtNjc1RjUyODEyM0U3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0Q2anhQZVVtS2ZoOHl0eTZGMDdZeE0xZVpESC9UVjZGUVQyZmZEaVp5d3c9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxNiIgaW5zdGFsbGRhdGV0aW1lPSIxNzE1MTY1MjU3IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTk2NjI5MzgwMDAwMDAwIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjExNDA2OCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTc0MjE5MDIyMTMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\MicrosoftEdge_X64_125.0.2535.51.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7e4014b18,0x7ff7e4014b24,0x7ff7e4014b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7e4014b18,0x7ff7e4014b24,0x7ff7e4014b30

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.60 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.51\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.51 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff718274b18,0x7ff718274b24,0x7ff718274b30

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness

C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe

"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe" /InvokerPRAID: Microsoft.MicrosoftOfficeHub prelaunch

C:\Windows\system32\wwahost.exe

"C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.wwa

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkRFOUYxMjgtREI0Ny00REEzLUIwMUItQTJDNzQ2RDg0NzZFfSIgdXNlcmlkPSJ7RDY2MTEyRjEtMTlENC00N0E3LUFDQkQtRjNGREM3OTAxNzc3fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins3NzUxREM1Qy00MDY1LTRBNjYtQUI1RS0xQTY1MjM4MTFCNTF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMTUiIGNvaG9ydD0icnJmQDAuNTciPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7OUQ4RUQ3NDQtMTg1Ri00OUZELTg1RjQtQTUzMjYzOThFMjkyfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEyNS4wLjI1MzUuNTEiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMTUiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTY0MDM0Mzk0MTE1MDAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDMzODIyMjAzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDMzOTQyMzIxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDYyMDgyMzkwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE3NDc2MjUyMzE2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNzg0ODkzMjEzMyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijc5MSIgZG93bmxvYWRlZD0iMTczNjQyMjg4IiB0b3RhbD0iMTczNjQyMjg4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzNzI1OCIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7REY4MEVFMjQtNDIxNi00NUVELTk5ODQtN0Y2NTJGOUMxNzc1fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjUxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNDkiIGNvaG9ydD0icnJmQDAuMTUiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNTMiIHBpbmdfZnJlc2huZXNzPSJ7MTdDRjk2NEQtOEY0RS00NThDLUE2MTctNkJCQkY3OTgzRUZCfSIvPjwvYXBwPjwvcmVxdWVzdD4

Network

Country Destination Domain Proto
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.160:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
NL 23.62.61.160:443 www.bing.com tcp
US 8.8.8.8:53 160.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 52.111.229.43:443 tcp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.snapchat.com udp
US 34.149.46.130:443 www.snapchat.com tcp
US 34.149.46.130:443 www.snapchat.com tcp
US 8.8.8.8:53 static.snapchat.com udp
GB 18.172.153.41:443 static.snapchat.com tcp
GB 18.172.153.41:443 static.snapchat.com tcp
GB 18.172.153.41:443 static.snapchat.com tcp
GB 18.172.153.41:443 static.snapchat.com tcp
GB 18.172.153.41:443 static.snapchat.com tcp
GB 18.172.153.41:443 static.snapchat.com tcp
GB 18.172.153.41:443 static.snapchat.com tcp
US 8.8.8.8:53 130.46.149.34.in-addr.arpa udp
US 8.8.8.8:53 41.153.172.18.in-addr.arpa udp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 aws.api.snapchat.com udp
US 8.8.8.8:53 us-central1-gcp.api.snapchat.com udp
US 8.8.8.8:53 gcp.api.snapchat.com udp
US 35.190.43.134:443 gcp.api.snapchat.com tcp
IE 3.251.220.162:443 aws.api.snapchat.com tcp
US 35.190.43.134:443 gcp.api.snapchat.com tcp
US 8.8.8.8:53 iframe.arkoselabs.com udp
US 104.18.33.170:443 iframe.arkoselabs.com tcp
US 35.190.43.134:443 gcp.api.snapchat.com udp
US 8.8.8.8:53 story.snapchat.com udp
GB 108.138.227.241:443 story.snapchat.com tcp
US 8.8.8.8:53 client-api.arkoselabs.com udp
US 172.64.154.86:443 client-api.arkoselabs.com udp
US 8.8.8.8:53 134.43.190.35.in-addr.arpa udp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 162.220.251.3.in-addr.arpa udp
US 8.8.8.8:53 241.227.138.108.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 accounts.snapchat.com udp
US 34.149.46.130:443 accounts.snapchat.com tcp
US 34.149.46.130:443 accounts.snapchat.com udp
US 8.8.8.8:53 snapnet-cdn.storage.googleapis.com udp
GB 172.217.169.27:443 snapnet-cdn.storage.googleapis.com tcp
US 8.8.8.8:53 27.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 graphql.contentful.com udp
GB 172.217.169.27:443 snapnet-cdn.storage.googleapis.com udp
US 34.149.46.130:443 accounts.snapchat.com udp
FR 199.232.170.49:443 graphql.contentful.com tcp
US 8.8.8.8:53 49.170.232.199.in-addr.arpa udp
GB 172.217.169.27:443 snapnet-cdn.storage.googleapis.com udp
US 8.8.8.8:53 211.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.178.14:443 google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 216.58.213.14:443 www.youtube.com udp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 246.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 142.250.187.206:443 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
GB 172.217.169.3:443 ssl.gstatic.com udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
SE 2.21.97.42:443 js.rbxcdn.com tcp
SE 2.21.97.42:443 js.rbxcdn.com tcp
SE 2.21.97.42:443 js.rbxcdn.com tcp
SE 2.21.97.42:443 js.rbxcdn.com tcp
SE 2.21.97.42:443 js.rbxcdn.com tcp
SE 2.21.97.42:443 js.rbxcdn.com tcp
GB 108.138.217.65:443 static.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 65.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 23.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 42.97.21.2.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 128.116.119.4:443 roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
BE 104.117.77.80:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.23:443 css.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 128.116.119.4:443 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 80.77.117.104.in-addr.arpa udp
US 8.8.8.8:53 124.44.137.216.in-addr.arpa udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 18.245.162.104:443 js.rbxcdn.com tcp
US 8.8.8.8:53 104.162.245.18.in-addr.arpa udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
GB 128.116.119.4:443 thumbnails.roblox.com tcp
GB 128.116.119.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1d-lms.rbx.com udp
US 8.8.8.8:53 aws-eu-west-2a-lms.rbx.com udp
US 8.8.8.8:53 aws-us-west-2b-lms.rbx.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
JP 13.112.157.70:443 aws-ap-northeast-1d-lms.rbx.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 44.241.108.74:443 aws-us-west-2b-lms.rbx.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
GB 3.9.141.55:443 aws-eu-west-2a-lms.rbx.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
GB 108.156.46.116:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
JP 13.112.157.70:443 aws-ap-northeast-1d-lms.rbx.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 2.17.251.40:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 55.141.9.3.in-addr.arpa udp
US 8.8.8.8:53 116.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 3.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 74.108.241.44.in-addr.arpa udp
US 8.8.8.8:53 70.157.112.13.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 40.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 ams2-128-116-21-3.roblox.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 aws-us-east-2c-lms.rbx.com udp
US 8.8.8.8:53 aws-ap-east-1c-lms.rbx.com udp
BE 2.17.198.147:443 c0ak.rbxcdn.com tcp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 18.221.184.189:443 aws-us-east-2c-lms.rbx.com tcp
US 8.8.8.8:53 voice.roblox.com udp
HK 18.163.43.106:443 aws-ap-east-1c-lms.rbx.com tcp
US 8.8.8.8:53 badges.roblox.com udp
GB 128.116.119.3:443 gold.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
HK 18.163.43.106:443 aws-ap-east-1c-lms.rbx.com tcp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 194.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 147.198.17.2.in-addr.arpa udp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 189.184.221.18.in-addr.arpa udp
US 8.8.8.8:53 3.127.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.network udp
US 8.8.8.8:53 106.43.163.18.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.com udp
US 54.213.45.60:443 m.stripe.com tcp
US 8.8.8.8:53 60.45.213.54.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.62:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 62.245.224.13.in-addr.arpa udp
N/A 127.0.0.1:60664 tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:60697 tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 2.17.251.100:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 233.69.68.104.in-addr.arpa udp
US 2.17.251.100:443 setup.rbxcdn.com tcp
US 2.17.251.100:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:60700 tcp
N/A 127.0.0.1:60703 tcp
US 8.8.8.8:53 100.251.17.2.in-addr.arpa udp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 191.2.166.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 2.17.251.17:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 17.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
US 54.215.208.48:443 aws-us-west-1c-lms.rbx.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 8.8.8.8:53 48.208.215.54.in-addr.arpa udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 2.17.251.15:443 tr.rbxcdn.com tcp
US 2.17.251.15:443 tr.rbxcdn.com tcp
US 2.17.251.15:443 tr.rbxcdn.com tcp
US 2.17.251.15:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 15.251.17.2.in-addr.arpa udp
GB 108.138.217.65:443 static.rbxcdn.com tcp
US 8.8.8.8:53 aws-ap-northeast-1d-lms.rbx.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2c-lms.rbx.com udp
JP 13.230.22.71:443 aws-ap-northeast-1d-lms.rbx.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
GB 18.171.14.69:443 aws-eu-west-2c-lms.rbx.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
JP 13.230.22.71:443 aws-ap-northeast-1d-lms.rbx.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 8.8.8.8:53 voice.roblox.com udp
GB 128.116.119.3:443 silver.roblox.com tcp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
BE 2.17.198.122:443 c0ak.rbxcdn.com tcp
US 8.8.8.8:53 69.14.171.18.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 71.22.230.13.in-addr.arpa udp
US 8.8.8.8:53 3.50.116.128.in-addr.arpa udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
HK 16.162.14.221:443 aws-ap-east-1b-lms.rbx.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 8.8.8.8:53 122.198.17.2.in-addr.arpa udp
HK 16.162.14.221:443 aws-ap-east-1b-lms.rbx.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 221.14.162.16.in-addr.arpa udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 aws-ap-east-1c-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
HK 18.163.43.106:443 aws-ap-east-1c-lms.rbx.com tcp
BE 2.17.198.130:443 images.rbxcdn.com tcp
US 3.132.125.217:443 aws-us-east-2b-lms.rbx.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.213.14:443 www.youtube.com udp
GB 216.58.213.14:443 www.youtube.com tcp
HK 18.163.43.106:443 aws-ap-east-1c-lms.rbx.com tcp
US 8.8.8.8:53 130.198.17.2.in-addr.arpa udp
US 8.8.8.8:53 217.125.132.3.in-addr.arpa udp
US 8.8.8.8:53 www.youtube-nocookie.com udp
GB 216.58.213.14:443 www.youtube-nocookie.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 rr2---sn-5hnednsz.googlevideo.com udp
NL 74.125.8.231:443 rr2---sn-5hnednsz.googlevideo.com tcp
NL 74.125.8.231:443 rr2---sn-5hnednsz.googlevideo.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
NL 74.125.8.231:443 rr2---sn-5hnednsz.googlevideo.com tcp
NL 74.125.8.231:443 rr2---sn-5hnednsz.googlevideo.com udp
GB 142.250.180.1:443 yt3.ggpht.com udp
US 8.8.8.8:53 231.8.125.74.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.com udp
US 44.238.224.194:443 m.stripe.com tcp
US 8.8.8.8:53 194.224.238.44.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 now.gg udp
GB 18.244.114.85:443 now.gg tcp
GB 18.244.114.85:443 now.gg tcp
US 8.8.8.8:53 cdn.now.gg udp
GB 18.244.114.85:443 now.gg udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 2.17.251.40:443 cdn.now.gg tcp
US 2.17.251.40:443 cdn.now.gg tcp
US 2.17.251.40:443 cdn.now.gg tcp
GB 18.244.114.32:443 cmp.inmobi.com tcp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 now.us udp
US 8.8.8.8:53 www.tiktok.com udp
US 8.8.8.8:53 nowgg.zendesk.com udp
US 2.17.251.40:443 cdn.now.gg tcp
GB 18.244.114.32:443 cmp.inmobi.com tcp
US 8.8.8.8:53 sessions.bugsnag.com udp
US 35.190.88.7:443 sessions.bugsnag.com tcp
US 35.190.88.7:443 sessions.bugsnag.com tcp
US 2.17.251.40:443 cdn.now.gg tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 85.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 2.17.251.40:443 cdn.now.gg tcp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 32.114.244.18.in-addr.arpa udp
US 8.8.8.8:53 7.88.190.35.in-addr.arpa udp
GB 18.244.114.85:443 now.gg udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 35.190.88.7:443 sessions.bugsnag.com udp
US 2.17.251.40:443 cdn.now.gg udp
US 2.17.251.40:443 cdn.now.gg udp
GB 18.244.114.32:443 cmp.inmobi.com tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
DE 3.120.230.251:443 api.cmp.inmobi.com tcp
US 8.8.8.8:53 251.230.120.3.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c38.gcp.gvt2.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
AU 35.213.232.93:443 e2c38.gcp.gvt2.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 64.233.166.154:443 stats.g.doubleclick.net tcp
AU 35.213.232.93:443 e2c38.gcp.gvt2.com tcp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com udp
GB 142.250.178.14:443 google.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 www.googletagservices.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 142.250.200.2:443 www.googletagservices.com tcp
US 192.178.49.163:443 beacons.gvt2.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 154.166.233.64.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 93.232.213.35.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 notify.bugsnag.com udp
US 35.186.205.6:443 notify.bugsnag.com tcp
US 8.8.8.8:53 6.205.186.35.in-addr.arpa udp
US 8.8.8.8:53 beacons4.gvt2.com udp
GB 128.116.119.4:443 voice.roblox.com udp
GB 128.116.119.4:443 voice.roblox.com tcp
GB 128.116.119.4:443 voice.roblox.com tcp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com tcp
GB 128.116.119.4:443 voice.roblox.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 www.spatial.io udp
US 76.76.21.93:443 www.spatial.io tcp
US 8.8.8.8:53 api.spatial.io udp
US 8.8.8.8:53 use.typekit.net udp
US 34.199.21.143:443 api.spatial.io tcp
SE 184.31.15.74:443 use.typekit.net tcp
GB 108.156.50.97:443 dd2cgqlmnwvp5.cloudfront.net tcp
GB 108.156.50.97:443 dd2cgqlmnwvp5.cloudfront.net tcp
US 8.8.8.8:53 93.21.76.76.in-addr.arpa udp
US 8.8.8.8:53 p.typekit.net udp
SE 184.31.15.57:443 p.typekit.net tcp
US 8.8.8.8:53 o1083485.ingest.sentry.io udp
US 34.120.195.249:443 o1083485.ingest.sentry.io tcp
SE 184.31.15.74:443 use.typekit.net tcp
US 8.8.8.8:53 analytics.tiktok.com udp
US 34.199.21.143:443 api.spatial.io tcp
BE 2.17.107.121:443 analytics.tiktok.com tcp
US 8.8.8.8:53 spatiallogger.spatial.io udp
GB 108.138.217.111:443 spatiallogger.spatial.io tcp
US 8.8.8.8:53 97.50.156.108.in-addr.arpa udp
US 8.8.8.8:53 74.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 143.21.199.34.in-addr.arpa udp
US 8.8.8.8:53 57.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 fan.spatial.io udp
US 8.8.8.8:53 111.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 104.21.21.87:443 fan.spatial.io tcp
US 104.21.21.87:443 fan.spatial.io tcp
US 8.8.8.8:53 87.21.21.104.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
GB 142.250.200.2:443 www.googletagservices.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 35.190.88.7:443 sessions.bugsnag.com udp
US 8.8.8.8:53 dn0qt3r0xannq.cloudfront.net udp
GB 18.244.140.95:443 dn0qt3r0xannq.cloudfront.net tcp
GB 18.244.114.85:443 now.gg udp
US 8.8.8.8:53 95.140.244.18.in-addr.arpa udp
GB 18.244.140.95:443 dn0qt3r0xannq.cloudfront.net udp
US 8.8.8.8:53 edge.aditude.io udp
US 8.8.8.8:53 cadmus.script.ac udp
US 8.8.8.8:53 static.kueezrtb.com udp
US 8.8.8.8:53 pub.doubleverify.com udp
US 104.18.22.145:443 cadmus.script.ac tcp
US 104.22.61.119:443 edge.aditude.io tcp
US 104.22.61.119:443 edge.aditude.io tcp
US 8.8.8.8:53 static.vidazoo.com udp
US 8.8.8.8:53 polyfill.io udp
US 172.67.21.232:443 static.kueezrtb.com tcp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.22.61.119:443 edge.aditude.io tcp
US 172.67.21.232:443 static.kueezrtb.com tcp
US 104.18.166.224:443 pub.doubleverify.com tcp
US 104.22.61.119:443 edge.aditude.io tcp
US 172.64.154.78:443 static.vidazoo.com tcp
US 104.18.51.3:443 polyfill.io tcp
US 172.64.154.78:443 static.vidazoo.com tcp
US 104.18.51.3:443 polyfill.io tcp
US 8.8.8.8:53 145.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.51.18.104.in-addr.arpa udp
US 8.8.8.8:53 78.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 232.21.67.172.in-addr.arpa udp
US 8.8.8.8:53 119.61.22.104.in-addr.arpa udp
US 8.8.8.8:53 track.kueezrtb.com udp
US 8.8.8.8:53 gtrack.kueezrtb.com udp
US 8.8.8.8:53 i.clean.gg udp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 geo-location.prebid.cloud udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 18.172.153.113:443 geo-location.prebid.cloud tcp
US 2.17.251.17:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 34.95.69.49:443 i.clean.gg udp
US 172.64.154.78:443 static.vidazoo.com tcp
US 8.8.8.8:53 production-cloudcontrol-cache-cdn.infra.aditude.cloud udp
US 8.8.8.8:53 production-raven.infra.aditude.cloud udp
US 8.8.8.8:53 wserver.vidazoo.com udp
US 68.183.31.191:443 wserver.vidazoo.com tcp
GB 18.165.201.18:443 production-raven.infra.aditude.cloud tcp
GB 18.154.84.128:443 production-cloudcontrol-cache-cdn.infra.aditude.cloud tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 bis4.vidazoo.com udp
US 165.227.202.190:443 bis4.vidazoo.com tcp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
US 8.8.8.8:53 113.153.172.18.in-addr.arpa udp
US 8.8.8.8:53 18.201.165.18.in-addr.arpa udp
US 8.8.8.8:53 128.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 224.166.18.104.in-addr.arpa udp
US 8.8.8.8:53 191.31.183.68.in-addr.arpa udp
US 8.8.8.8:53 fixnlntptgvuwqeaqv7ij3bgoy0fyiho.lambda-url.us-east-1.on.aws udp
US 18.211.248.91:443 fixnlntptgvuwqeaqv7ij3bgoy0fyiho.lambda-url.us-east-1.on.aws tcp
US 8.8.8.8:53 190.202.227.165.in-addr.arpa udp
US 104.22.61.119:443 edge.aditude.io tcp
US 8.8.8.8:53 91.248.211.18.in-addr.arpa udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
GB 108.156.39.15:443 config.aps.amazon-adsystem.com tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
GB 18.245.143.118:443 tags.crwdcntrl.net tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
GB 108.156.39.15:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 118.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 153.161.49.23.in-addr.arpa udp
US 8.8.8.8:53 15.39.156.108.in-addr.arpa udp
IE 52.17.55.191:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 191.55.17.52.in-addr.arpa udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 54.217.112.90:443 rtb.gumgum.com tcp
IE 54.217.112.90:443 rtb.gumgum.com tcp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 ib.adnxs.com udp
DE 37.252.171.21:443 ib.adnxs.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 52.223.40.198:443 match.adsrvr.org tcp
GB 142.250.178.14:443 google.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 u.kueezrtb.com udp
US 8.8.8.8:53 dis.eu.criteo.com udp
NL 178.250.1.9:443 dis.eu.criteo.com tcp
US 8.8.8.8:53 90.112.217.54.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 21.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 ice.360yield.com udp
IE 34.255.242.185:443 ice.360yield.com tcp
IE 34.255.242.185:443 ice.360yield.com tcp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 uipglob.semasio.net udp
DK 77.243.51.122:443 uipglob.semasio.net tcp
US 8.8.8.8:53 185.242.255.34.in-addr.arpa udp
US 8.8.8.8:53 ce.lijit.com udp
IE 34.242.54.113:443 ce.lijit.com tcp
US 8.8.8.8:53 d.turn.com udp
NL 46.228.164.13:443 d.turn.com tcp
US 8.8.8.8:53 13.164.228.46.in-addr.arpa udp
US 8.8.8.8:53 122.51.243.77.in-addr.arpa udp
US 8.8.8.8:53 newalgebra.com udp
GB 108.156.39.32:443 newalgebra.com tcp
GB 108.156.39.32:443 newalgebra.com tcp
US 8.8.8.8:53 cdn.now.gg udp
US 8.8.8.8:53 32.39.156.108.in-addr.arpa udp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 2.17.251.48:443 cdn.now.gg udp
US 8.8.8.8:53 48.251.17.2.in-addr.arpa udp
US 104.18.166.224:443 pub.doubleverify.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 192.178.49.163:443 beacons.gvt2.com udp
GB 128.116.119.4:443 voice.roblox.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 api.cmp.inmobi.com udp
DE 3.75.28.93:443 api.cmp.inmobi.com tcp
US 8.8.8.8:53 93.28.75.3.in-addr.arpa udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 128.116.119.4:443 voice.roblox.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 ncs.roblox.com udp
GB 128.116.119.4:443 ncs.roblox.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 195.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 56.94.73.104.in-addr.arpa udp
US 8.8.8.8:53 www.office.com udp
US 13.107.6.156:443 www.office.com tcp
US 8.8.8.8:53 156.6.107.13.in-addr.arpa udp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 res.cdn.office.net udp
SE 184.31.15.194:443 res.cdn.office.net tcp
SE 184.31.15.194:443 res.cdn.office.net tcp
SE 184.31.15.194:443 res.cdn.office.net tcp
SE 184.31.15.194:443 res.cdn.office.net tcp
SE 184.31.15.194:443 res.cdn.office.net tcp
SE 184.31.15.194:443 res.cdn.office.net tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.165.69.228:443 nav.smartscreen.microsoft.com tcp
GB 172.165.69.228:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
GB 51.140.242.104:443 data-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 data-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 data-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 194.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 25.73.42.20.in-addr.arpa udp
US 8.8.8.8:53 228.69.165.172.in-addr.arpa udp
US 8.8.8.8:53 104.242.140.51.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
GB 51.104.15.252:443 browser.events.data.microsoft.com tcp
GB 128.116.119.4:443 ncs.roblox.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 2cd879c3b1b25f881f4b7ab71b67a095
SHA1 e8c477526bb5bdddd659fdd44606060d83e703ad
SHA256 d15ec0b42a1305238584533da0ddd5ec2959a76896cabc74599185af8af9e92a
SHA512 95c25065ecb23b375e233d554beb9c5fb61d877f6b5586155d5b5931d270cedfd4508a8fde3dfee5073af2215b256d7cffde9f77923d41909d4168d9bc61123a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 f732dbed9289177d15e236d0f8f2ddd3
SHA1 53f822af51b014bc3d4b575865d9c3ef0e4debde
SHA256 2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93
SHA512 b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

\??\pipe\crashpad_4884_RSFUXBNWWAPTZYMV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 231d2c070f3e39b0225394a7842e29e9
SHA1 f7aa7da2b2a78d1504c65e3cf82db5622a0583e8
SHA256 3d287c0209139fca91950c6ea983e7a80338ac4fbc8d5869a8e5082fdfb12d2d
SHA512 e3099b8871d8ab8586b3788690d4c3f60c978085b5d5e19df40b38006bebc940c6d21d12097b2e7baf277c6fd5a0b0a70e6b0489f4f206676bda7543e26de353

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 984f6fdf8d96481e972b4fa85c8f0f39
SHA1 5d4bb175ac66ea50f549ad5a2b67ecf3a9bd467a
SHA256 0e48e948035f0330b52ca36ef54a7d73cc74d2a091bf4314ab545895b5b7df34
SHA512 be5e675191af37f3ffdeac063ca40e11ff482b8f06dceec5bbb2ea6af7e95886b2cc667271df5d1b81899b30073f09d435e34aec9fe60b1cb5ede617239c728a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0cfd5d68bce5b30600527c4469369fd0
SHA1 8c1477bb0d3f06aa55adaff038e1c5541da2f2e3
SHA256 59ef78b73691a865e5147aa7039fa1b566f341e46b27c4a0828bd95943234c6a
SHA512 6cd8f61325a41aedaf30fe3f2ecd7316df9c23799a6ff37be690f9874c823e4705090f8d50fee144f7f7aa11b81075876229f49e8d2dd9fa76dcb2ad84b8dc2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 269d6e84288c9d78d753fb4b7e2a40c5
SHA1 103cd296a8cbfc30e9adbf502630e547a4065bad
SHA256 02a585a700b6aec251f4491d752aef46c03d5103cce6cc9e09debbca1b375ff0
SHA512 3e0493c54252d7f815c0090e777f0f1e225407f54996f55440a12db9287a0968efd6adef3be0faeda227fa8a3bdec71d3ad2575b82195ad4d9122f3e85fad0d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 665d0f1c5830c33e433181d7f9afb8ff
SHA1 898ab6e5f7d974385ff05c440bd21d8dfa05b40c
SHA256 fe0dc5f037ae755350d58c4262ed5f7dad3b9f9f7fc6f43255fcc6a0ae54755b
SHA512 bc4b4dd4245cd9e7d924a87c8309a3f7b9696828b66cabcc4bd7897637db563a55e38a321daaf8c1ef1cab710a522f0a8e15671451c0d6ef2964ab623c22429b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9e7bf51341c23dbae8872e3484d7b7af
SHA1 8c9d8bd3d2fbc80e83d77b4d209c1cbd8c894eef
SHA256 7510673ac6cc5081af42f4b547984d0c6bc4eab7f1a656a6d7e3fa7a1ca92eba
SHA512 92e228c7c725fe915593b3775a51a472fc70094764c844ecd4e3bfe46f81b3423a66f1bb8559ea357ee8572b6e88f6b989670f0e160abd94f5114f15cbb95f70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e10183887822715df55928fcadd794cf
SHA1 85b7ce53468ad7eb381804533bc3392236c4f4d2
SHA256 79536a7e2d88ebec4bca202ee049d7285f97c778d4bc6aed4cc5deb8745758c2
SHA512 cacc3d5e6e85322d37c1a8016916762bb1a5ee360f46365b265dd60e3873d17f5110638227701f994b10d38d4f53363cc719287443d0a18d7f34547b4ccc0dd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31f39212181c691f0ccfc33a51477b35
SHA1 f83a8adb0969452f7ba4fc0f47062c1f1276ab0b
SHA256 4db4f0414e51f85b7f2ee875dc519efeb3906ac2f6d0e27dbeeea86b5b39b02d
SHA512 1b7203a216bc6468412c3e4669bcce42761ca2d7dc6d1ed954e37185f0062788fcffa6711f9be656ec47e4b511be0168f454a401f47874a875e38541bb500ba0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0861940e8757754c08f3a411bb509794
SHA1 3cad40f59d9f7791caaf494127c19dffbee24eae
SHA256 a63418c2e172338c47ccc8af3def11bac065523ac7a458da0133bdbfb0bccce5
SHA512 f402885ab0e1979bd72d01f42b33cd70239bf844a3a22b5fe81ab65266f39425e1c4620595b7aacccb71240bcd8e30b43c501d87820e7062c5928ea034b0a4ac

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b2b8d6e13b99ee220e3ca1e3c00a3df4
SHA1 ad9951c672234b9f5d43374213b717412c0a75cb
SHA256 1f079616e4a267fd979ff56473eee0c16b8510362f31d71cb5428653c6803d50
SHA512 24e3c29443b36b19d5bf45d5478ecbe2952192c6d663c1c4e6d9473c6fccd98edcc99ef6d407df3f1aa8b6a19544708d640e9f1d189061d62fa1ff91caa69ab5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c18a53b99823d7a715fe839570d87d9
SHA1 1d7ccfb62ff03adbbe7c12923ef40097db91d096
SHA256 2858ac8ed108e2ff89fc02b4e2eb32adf01b3a90892177b6739d7e8a797fafc8
SHA512 12943274892bf59b9a44d88712cb6158f530b776ad1d732143ca4fe4661554392954f1654ecf07775f9c0f591fe7cd39c44669a45e243717ea6d8303afe3ac89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe595e62.TMP

MD5 bf222e27bc3e027785793d9928caa86e
SHA1 7585e4940581fe6749a2db591b450d802a82fc06
SHA256 f8e7bc5d63a2fc7f59852920cded0b7dc4d4bbd4e3444ec54e8235694745831d
SHA512 bf1416a22dbfdb707a482e8d19b83f69f3f516d8e68232b2ce0bbcca695aac9452a2b9f2b80273ac44bc3a85a8c5874d9288023b2a6615344555a82592641a7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3745cd30f1cfd122eedc1493934d8dae
SHA1 571f7a02bb6e172668a99d036cebd5a2b27f5b15
SHA256 6843f97521612f2314abdb0430a8b6299b8541faa28fe635c8a691560156a2bf
SHA512 af9a9e228bd3e5b60f047cd9fbe87135bc4c2f7999a7ddf2e8e67a33e3701426a9a9cc22f396258cd8ac35118c83d116000916c504bd1ee920b50118e298cfa4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9b342c089bd586546b1044c527469a3c
SHA1 35e0a5b969ab62e1e5a0240cbcd0ae455983b32f
SHA256 32210436a345b4bf3b7fb3596c845aaf69d672ea1c5518803ec97b9dd134d88e
SHA512 dc61f350fc94799879167a505a582878cb4098d70a3923478034d753cc4deac075f6bd24f90b438b10214907c78268409cfec697efcea0e8c867760330d98b75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c2cda5ef96567b4b021d36f23b42a9f
SHA1 5b58850a99b30420179e2b0c0cc17df4864b0d2c
SHA256 f98cde187f01c715cadcde85e2768a9403d59d1096e720c2f5c84caa52dab696
SHA512 bf7d2488e355aa3b8345c3b0c6431b684a4a4b9678b17d09cb690fc775152462689096fce78d83b67fa024273459327852f4f47ae8ab4386244312daa1fce56f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d506aebf230c6c605aa441d8f89360e7
SHA1 412a07e39ea1d505e3a3c49ea702ede018096a7c
SHA256 4a4957f6ec013cfa16751ad740f6cbb28a5e915c17b9b239850a17c531df2c87
SHA512 0f20e49f44d1d3af906100f99b9a9afd85113c59da77fbe504032e07f31303ab67c5c045ef95abaa048449baca654fe1e680b5ae6b99712d44d65a22a948edb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 42402652929caccf6989dcf8501cfcb1
SHA1 42b9d0a988f9ad2f89091f1221c2b36ef49b2cc7
SHA256 8adf3395dfe19ca94f9185e766b9bf2fe3cf8f023465a3959fffc94bf1826a28
SHA512 3f3300691c4f3f579eaab58e75ed7d9532c99b5a0e60bbbc77e99d3d712808ad7f3b081f7d47d2fd72c681d43abbab29c4941a48558cc6ef93121adf8afe06fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6d7b5b779a3ef92aa806f532933f7c6f
SHA1 7dc14fc747464e29752ce8debbab2dffa2a11d2e
SHA256 8deb2162177c591e0eabf94eb24540aaf5d137fa13b233846485ad7557ba5652
SHA512 976043f705ef9d72d139deb19c0487902428c0178004fcb35f4518dae8f85567253e8b79da536ffd92626ae8eede33e28c353b3e660ba713de8bb274e9bd8e6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 37caff48f91e085034b270e2dd9eeb85
SHA1 34fbc262cbc0a4bd12537b4fceb585f9602d6017
SHA256 759c680b03785aad01a6b4048065d135eb9c476756ffd5b67ebc7e0184560cac
SHA512 b844b9e89a03558307c6aecf6c8d1d095d29dd61cc50e9c3a85dd7db541fac0e278a7d747028e0c60716fad2ffa8fdd8289e1f817963dff8fd5dccb8eb465498

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e8bdb736817891ae53240eac3b0346c
SHA1 2dbfe0e8e28a4d9e21fe24505b29c8e856c841a0
SHA256 64c920d60f7e585efd1133b06c848a61716b11c7ee569b3c71359ba5d61a35eb
SHA512 f4a6df370d6ebaa6acaa88e9f2ab0350ddb9b20498ac380436229e65f4d0fc99554b7d8f464bb9027833fb248aa0698f0dfdcdc4962f3fc1f50a68fef717b733

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8c82a575cc152e988840c5534498a0aa
SHA1 ccb4669828985646f9d0534b2fa1499420412de9
SHA256 08138011ac3617599c1a2070d47253b63ca1831a8a5ed8c717020c5acb92e2fa
SHA512 518e9c7f1734c2a0a9498b1d517d33fcd1bde79e4489a4ba366d8c37032034525a0755fc377f61804599ed842573696688e04b05d7def7421ba2f11b3f3e14f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5a733d.TMP

MD5 fc84fcbf3ae6effb44981010e31a331e
SHA1 2ba415cddd4d73a0022e1f1a18bd48744928e0ef
SHA256 cb12983a6e71fc1465915b1e541cb12bc9ee7bb82fa94cf0333b8be9a4787cce
SHA512 ef2032cccb2d35970c453dbd72a8b7845a5c5a0d11650664fbf1f40c6148d18887ec391b745d660b088bd6e9e6b9723017061b90c187b4e5a74f251427f0f6e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d726c2511e4a2077f571a9d3ec152e24
SHA1 7cdc7811361b28c45075094fe22144fac3fd361a
SHA256 b0931af1f90c682224a0ed73dfe80fc0ea583d17f5bf5bafe30f2f4dcb83200a
SHA512 7f536b4b55f1890225c6a45c0ffb95e0ba00992c6218ac4c52e414afdde540c3fde8440ab765a67faf8c6ef5f1f72c3cac9d487e5f81218e4a7473428cb9f4d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 784b3786187dd09aff629cd704093f72
SHA1 e4015dd99435d64d9e915d83704b113862bb568e
SHA256 74825919899af009a989fc14d18020027750a52d8c640d94746e6506d9602a45
SHA512 01f7a3cfefe4f850e598c31aef834e258fdf002fc1eca1a1fdb5edcae771cacc0eb5bb6631ef486248ae5edce4bc0db9bf36ee8dc09b8cd65cf8024d14ad4113

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f179381ab5a44dc64bc33ea8fae3134e
SHA1 6d6c79cc4f6e2e258a35ec007451ff12e05e04fe
SHA256 c4f9df2cb2d4c610762f9c1a194d6597b1a3fce756955a7b02e74ae87b6f4563
SHA512 5ed9ce90ce31360c22545afbae0df2352d7694dc2e0563d40c2ae3bcaa212852e6ccf413242ce09ae40c5e7e86782dc0233821efb2e6f6b2e87a37737cb050cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cb6027b153bd91471b167ad562216211
SHA1 181b47afcfb73a9788fc5fd1554c85ab3588e208
SHA256 8416637670e652915750d4016bfc0a9ad555d0e81049dc339628271918fca3db
SHA512 1e52609b27e119736fcdcac42cd5792a3124a3739a2de6f37ec6f5245bda5045b1ca906b67a25e22dcbc5519cd68f014766a5c0105af5ade62eabc3a704ab1c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2d84f6275d167c4b115aa6ea0d4faf37
SHA1 28963b94f8a9b0d403c577231543d58b119cf55f
SHA256 93af895e89aafd5e740eaa163f1e7ba4fdb90f7766a45170524f0eb994df5c15
SHA512 2394c6ca55536a8571a3506ee8d13523271fb45422756b65e59bd05f264994b4cb66e0b91536bdf4d0de2c8de76c0c6e3597ce5e8a1949da9996d57ab0457f12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 997a55f7939d3d7f1029902cf522b5d6
SHA1 4f92c9a230df9ced06c67f31d99e702b3fe66c9b
SHA256 3fec46890adb470514f6aeebaedabff4474b93ba83fca3059fc9ad4a4b26d196
SHA512 f2f78fde07e89465636a2f8128dfa30ef1dd524349ea3dbbf6c7df6e5b6c2893f88e52cd2ca0aa4961062bcf1d0a2a45e11fff0707d8806f755cd71d021e53c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 823da87005c103684aed215da65c2d89
SHA1 ac7cc66da3fd8fbb5671a3933985b947fec2198d
SHA256 c8e81baecb022973180321ed57eb02d5e4e13d08882a18371de75e4c409e9bcb
SHA512 9a538c43cf00a0544795434a379cf7fecbcff2818873c1346781fdb0e91d1602c326dca3e5909ea471d4e9660882fc5aff9639996b5b4b7eb8f34175b388feb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 114b1ff48888837c4a2649d3988e215c
SHA1 2ecee87701f97994389a1e732f5a9a650b299e91
SHA256 51a7eec230379332cc842686e8142da114333f39e4827b97552210113833a6b0
SHA512 cd2851802cad33f39e0586b2d4769e9d7c986d12211cafb910438e20bed0a4069bd51d3504f7be0b4ba40ab302e3ff07d0e8dd3f8ee0356b0ed465d779f8aeef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 ef7935213662b46ff823fac7b13845a4
SHA1 1a05886ac3b2e0e2422c3d2f63b1982c6bb4ca8e
SHA256 e26bd708d47393186e5c3c4ec4adb47d32e150a2a7f4f116effbd14afe46eb9a
SHA512 99d79c56350ed8fbd47f558091525ca7adc8c1f97165dd4b73edfe84d9a6505fe37382f6e5655a468d59ad2eb3c1426a347f69031412e878c9ec2ca75ac5b400

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 a24ab59f4d1a6326eea9222c84209331
SHA1 922429f898d828340906185e481acbbb08683bf6
SHA256 247d685c9e18fd5ec0353a3b16dc3a40a7959d525c01f4eeeff01c4819ac3e76
SHA512 cf476332989c4ae12b589f0ff4e5a41bd730b6da53c238ed8f51ca3b0ce07a7eebd4674a1d62d8f009dd66d66b4e0fa3be9b86f3d01145b8edc427b9655accd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 922d0f42f78eca8a75e195b198058039
SHA1 405f5dd8437fd81f2b543547a1cbe6112a78b1e4
SHA256 969b744178ced2d14e1fd5f6ff6b909f5a7caec881891a4fbc41b78965f4dbfb
SHA512 25d8c8d0a0b61d4063b6ba61e057daa1baba16237c9e0bafb990d67618b927dc76c23e2615823dff726d01bcead27df16792a0ffc72d49a2192910f32784b392

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 ae3b09ff1e8dfb6619d7e66818a8afea
SHA1 0adc4a2c052d86fd7f6a8d8de36f5bd784880d38
SHA256 715442365459aa3a0d8ddafc4ab949e52f459ec0ee6401d53936aeb1dd2d15b1
SHA512 f15eaf4fc1d049fce62c6b5530f6cb122e7e399db559217f26ead2f60746d248681488a7e1f6469187da605cab7b279f306e5347b8b6a33522acf52b25ecd297

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 df871043a7fd071456d6481a02c892e8
SHA1 319004da81e012e6ba9e398623a0c840e9d7e4b4
SHA256 daecfa2020a7ec11a8690e4f1d7a55fdfdd594b50d67bafb94b3d6e2e981c079
SHA512 18b507640ed1a507f61835e51fdb96ecfa0bb04f6ab3736ed59ecb3f888256aea442ca846fbe02ba7eb5fc7f0eb0b261e2884652c759c3c87fdad7bb43a7e35d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 474198f9b2eea3bb73e6cc9c8cd31313
SHA1 3a84f790ebe56d6e701853abd7993cce5a8f0fdf
SHA256 3bdaac7c761b354b9f9eafb192e78728c0eb119cbb56aff86588c083131f4933
SHA512 66c3e95edf2bfbc45e0228aedff58a0768673b6649ad4d73910fbda95046e3a10300281e72c33eec8d8aa7c0f18cb8cf08b42542819467bc1155d49fe577c4ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 6f54008d4a6793ee5fc7f20412de35d7
SHA1 70875741b65f48cdc4790bc85a29a7117585398e
SHA256 d453363c13ff5fa65849e18f6f54ea1a817d6d39b01d81128a04a9a7f752ae5a
SHA512 2bc480353830a9815531a98e1b772c4d8b33d66b2687f568939fefe06827ff9c604df4aa2dfe3257317d158b37cdfc206cb2d1050ffa6646d4516ddd99414f41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 672e4271d2d61bdd67c7204ca0591583
SHA1 5dc774fff8eb8ec7fdcc08e6c77cf5b6b8e6e994
SHA256 5ac72e8c9c1697879fbb06db290fe9ea69b9690231aa1b606fe927c81abc5ab6
SHA512 bc152b73b83892fc4160b723cf0b2427bafe2bf03d3a3ed3439d4042c6c1a04aae80cfcc3a43fd124e5ea974c2c167e66fe89442530627422854ed775ab48b3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 5aae70c00054cc7ef59ac13574a82581
SHA1 f05fc8c8af1645202335beeb76e6da6493c393ff
SHA256 d67d918feaf5ba0877317932ec25da10f705200a7c80f0d90f8baad827b7bd0d
SHA512 30bd59101baa97729f225a351846e3f655cec7c75444b2ef399e5c7d498a96a7375376aab3eba58325fd8b5ea7d16ef95940c1c9636d23d204251c3736f11285

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 0ed8278b11742681d994e5f5b44b8d3d
SHA1 28711624d01da8dbd0aa4aad8629d5b0f703441e
SHA256 354730711c3ca9845bf98ec5dfb58a16e50984f9edcf0e8f432742326334f8a2
SHA512 d296ab1f1b418b125f09598ca6645d984a1cf67092a914956b8879d285ee35521b408363b47da195de79086e3be3ed9b1709bc8f9cd2e32d5dccb720a010bc8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 56c11e4084ad382a0834e6337ffca6d8
SHA1 fcfbe132637c8b47dc2579c54c271c4d9c1de340
SHA256 7db3cb3a28895b80866a8a74748c90360a9435bffeb3d0ad9d9ade5d0fa3b002
SHA512 8cab5a33d62629769eb9c753fda052ad110b7038ee679b478750f07b0478322d549fceba92bec76661401964cc88a49f5a791de90a4fd2d302c7a6169a5b2b5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 387ed93f42803b1ec6697e3b57fbcef0
SHA1 2ea8a5bfbf99144bd0ebaebe60ac35406a8b613e
SHA256 982aac952e2c938bd55550d0409ece5f4430d38f370161d8318678fa25316587
SHA512 7c90f69a53e49bad03c4cefd9868b4c4ba145e5738218e8c445ff6ae5347153e3a2f2b918cbe184b0366afd53b984634d2894fea6f31a4603e58ccb6bfa5c625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 36614764407badfc92fbc690b17ccb8c
SHA1 bc80b1176fa809e6f74e10dcc4553dfb7b9f3364
SHA256 48b53c2cd2d6d1d276784d23e0469bc6e3bf379ffa6907589c52bddfee7da593
SHA512 fe53b1b2887810aa842f88b5840161f406c13ad9ccfb3f6a00b812facadbfe4769eb184a090c0942dca599adfacef29417914bf4c5b072ecbedd3c0b64243f4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 c4133173e7880983fab8babbccd7b123
SHA1 59f8327bd9d74b8d1fe7b9febe2e03694caf497c
SHA256 d270187bce8766a459b8eab16519f718afdb014bde0a59d7b62ba9de9f9d1956
SHA512 95031550c2c5ec9031a898c9e5733981224ccdc198dc28305f2176e3189433d41852e738068914797f77cda60c462476b90b46ad0911b03020d2dc709d29a6da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 7626aade5004330bfb65f1e1f790df0c
SHA1 97dca3e04f19cfe55b010c13f10a81ffe8b8374b
SHA256 cdeaef4fa58a99edcdd3c26ced28e6d512704d3a326a03a61d072d3a287fd60e
SHA512 f7b1b34430546788a7451e723a78186c4738b3906cb2bca2a6ae94b1a70f9f863b2bfa7947cc897dfb88b6a3fe98030aa58101f5f656812ff10837e7585e3f74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 046fda631a7203f54364ff2d3384b927
SHA1 1da07856ae18c451d38b23b58ae7230eaafcf43d
SHA256 82e212a976cdd8a982c408e7ec3d24d3a744e6d194e226021273789c0c402937
SHA512 69fd3536cebdfeff1333987a978a04a36711bf5613eae00cb02faf7e1fdbed1c39264af595224e69ee8a37bf5465e2f4e1985bad749334b239ad4cb9eb6fac10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 0eb62227ec461ce0be8b0f6a2de6c6ca
SHA1 6ed15fee8cfd1f0d906cbc34489c25847fa80029
SHA256 ee8c8c2f6464cd4f627f50ba6582682069636ad681c72123a4f10b79eddd952b
SHA512 de9c80a208ecf786443baad9c7f0f9ac2e257274e57e4018d6d0e1e9f4ebc6bcf492c56885f4925ec730fbc668ca697ba5d442e7c37df858aeed7ca5bb2d8ea8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 e45442385246a8d9bba61a2aea2a2bab
SHA1 b4bd1c4600bc1f12259704bf44ced95ff18dfbdf
SHA256 664da5c53339c78de372caaa9527c626f8c657800df4c5232b89c1a28bf2a575
SHA512 2af6bed587e6b5cd54ed48263eed9ed49fa52134d8e3aa0a9bf5d4ae0b0c4b30268c61a2a228ea6dfcf0750ea5ba46b16e86b3222e4405a2be2c25c94061a292

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 8aa2ebeebd42dbaf0c6d4131063fe2eb
SHA1 c92955510fc789508f6fb145f98676729dd54c4e
SHA256 1a4c6c77349f830f570b16383f636dbc55949a60b1db606163bd8e7f72ebfc96
SHA512 9515eff3447a5ba666363908cb61dfd2584f0af747cc7bc0f8c5afee0aa2ff563bff6b55412ef57f6bca1d18d777723cf950fb9841b62e1fcc469b3f0732bfd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 43b741d26de7cb0d010f37da7a124ae7
SHA1 dda9c3e89e93b6d98371e5928b76116f9b765c9e
SHA256 db37ecb7ee74c1768f7d8f40d20d87b84e7356f034774017f23a40922c0eccf5
SHA512 ae81dff338038e8f4d04b09e625351792eda253c59fe8d492397bc34f51bff9f3d34580ce41ff44469ecd0467d82fb059a4e4530d0f90ce6dd1608a73872d871

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 8378386dac613806cff1adb4520487db
SHA1 0fd63381a43aa44d2868e4137e1c759b0bc283ae
SHA256 e2719e820c51e0e35a20425c8225a14656f801c0ae6bf43d86df68933112217b
SHA512 21b2b3048cb2633bd7024c60787276a46836f1780df1ad06468781c75db8e41347874953f985e048cfcce077dadf5315f40ba11f555864dae5c05a3a345399bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cdae9a0767ee2b41037f002494fd495a
SHA1 ea5c482cbf16c2346ec1dd8bcd9bff293be13819
SHA256 b925b8169b5cd87c0bf41a5d3c907ee9b2459a7a9b44ace39108b5cd60de4397
SHA512 53d0cd5ee0a1e44e5ac2ccfff832086c01529d870f384f08003d137742a8e5bac54b367d3409732074d1df552c22ec68734096eef777b658c335c933f56a58a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67e6bccafecd17c89511501a9de015c3
SHA1 dc2bb06a8abe7fc53c342b417c722a03ffb26071
SHA256 87f1d567a4d4e0def3c8859ceea394f21b5faf85226fc441d0821b06074e5db0
SHA512 6ebeba6cb95d9de64e83a0a9ecc37b8412c6bfecdadc4db12c319dea3eb037f2770b7f50c34a5c8a4d0c18d7ac27f7e94facdadd82ed6c9b620f6f4874a83044

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 69efaebd41f999d1041fa801a5726458
SHA1 75672872f799d1a20fde86b4e300d4ad38f9b26f
SHA256 28d137bf6b5bbb3da09707f4366fdabf6ed03827e60c6d4786250ceb64e04113
SHA512 c1b217eb68486e31daba526394f35f9dfcb7ccf1f3ddc88ca948cb6763b683c5b820fef01cc7ebe7549a1c804dc407fc01429c9dd38602c4bc4189ed3c59280a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1559ca371752950bf914e6af2f018de2
SHA1 89e98626f2af049c37f6ee2dad718f5c4dcfedb5
SHA256 748c1b1d660ff11d8664846877c027573e8a99495af231d34fad60261b83898a
SHA512 9a19f5b4e656684c217ef2ecd7381e03b0eff24921bc7304bb1d37bb8ddb4bd761445971049ca148d65577b51672eb17b3f2c56c60f26823ea5d5ce703686db8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4aec2b58c9736e5ee40365bbf21b9c50
SHA1 e842817a01578ad0a1e599687179451ec576ff1d
SHA256 6d1bc89d66e8f88d8e543828fba9cbbdf268b91e4c00e079c21405970d2e442d
SHA512 dbe7b2143e23c82644f350e0f7ae84259a2f13a1c3a5bf33d052ab2ec5b4e053fe19557d04926ea4b3c70b9a278a1e301990e7203d71cf4533b1f0fc641332c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1dc75656c5fe27cdeb99edbd444bf0c1
SHA1 e8b592305535bef51445fd620968e807c14e8893
SHA256 3405f4d57c99992fe7aaab50c93b36f3df3b8688cf1931b82e7df7521030d214
SHA512 af7417143be1975e1c56703f04c1522e61f1a93674ecb8ead55081bdbfbbcdb03d8aced6ec867a8de92c9561aa1ac843bf04cd1ed617725673d55333a3776427

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 92c7b0f8406eac4871d327bc90503a82
SHA1 34080dfd196dfcce61088e5b05776a0c32241abb
SHA256 9537ff7159dd7ebc1730ae9ad1090d15c930b93097d375f79c67fadef5d7fb95
SHA512 d737f7d956db5a4188b09881b149fe3c04a2184cb210e98bdc3a7fb7c2539c1cdc6f307083464db02a69b8d12d3b5afb0595c7e60c7f6da4f756fee0466d2817

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59d60b74a3312e404592afdfaac5d5d7
SHA1 3051d4343e57524efd8a86bb6dd6073a8f786c4d
SHA256 df2f99b2c6500222ca837fbb1d59f8b22a6deb7c0092b4d2dcaaa31b98ba4738
SHA512 6a602de553c904b36962d30c2a49d2293a424d414c25a3fb61f75fdcbc57b029aa7399102c9c654b1c22bb432106502057812da6251fbdd46716adc3986e4fa7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 69d7a059c302cc8ade38018c389e973e
SHA1 ef7cedbc9d9da4f173cc1683006b5ccf2947c53a
SHA256 55a9517393643a1b3a53f270d4f2f476941f900abf2e31cd590a006cc253b801
SHA512 df36e620e9028df454f4fd9cf1f46046a92027853fa4134e8ce6ace4bd79acae0abd8615736fe2cb4850b19e64d5944d89e4274f8f9cb8cedce0dab1a82289ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 29113f48837b439ee1c7cebe4b5858aa
SHA1 db4ae3e6b983b13eb56833f8160c9c155e755087
SHA256 e2402a7e5a5e8d0966086a9bf04103d0c13fe83fdda7ca498ff9304166766551
SHA512 6e3f1d03fe49cb3446cdb09a42e782d17d614e5300060f4ed1359b0310e6e77256aa88b4a0b1d0d0ece676808b6814ff59ee971309b3e1a895fd8d003eb87080

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fdcf1cd8118d0b3ea12b76c2f2948c09
SHA1 0b3f1ca1d79f3de88a7022f99d4274beb9168e8a
SHA256 a54aebbf2eabdba12293d0ee1cd871a8404b54b7755be068a27e891d2f8cbd38
SHA512 10505789a8fec330a3a3dc6e16959271cf2dde234819ef3a00482e8d3d8b494bafe1fb3407a20f7e682ec335d66f2f099484f7cdcc464a2bcb79de365f4ea63c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7222ad824ee034f2b3056bc9458d381d
SHA1 31542a317dc2b9d753be74c16ebbf79e04d2389d
SHA256 8553dd8649a79397b83e34e101978cdb60381eb47102ad46a36153d25e7dc4ac
SHA512 5dedf6432c1b26041f6b61acf5061a27dbe4865bf20eb9a35393c77e5b76e7fcc8eee75107577364d38713cbde9ee9d9b3256dcde24d8264bbda63ca673ecb00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 99bac437b68e26d777cc68474d502b52
SHA1 fcb9f464cf767692d3ef729dc613a7170e492839
SHA256 07f2a9512f338e7240fd95fdc56ce1dfffe893eca959d5fd93601a771904350e
SHA512 69c51cea736348ba2e9c357b699ecc5954dae3c7772405ccd2b9658571c30f2fb4db27254b5bef69d557a0c27cf6efc6d2f98d812761c08e83bf8cd2ca4165a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e9fdae913208bb70daadc7cab964ae9
SHA1 328957aad6419a321b48a34213b33a235903dbe8
SHA256 11463989e5b7b929bb88645852073a268d2853b8ed3d0c8d0657d6d1fd2374bb
SHA512 f73c32a24e158047958f48ecc39922bac753c1d276924153180e5d085bf66c0fa635035fbcfa30a47ebb82cb5e285e3792041e2bbcbf33b454a398453d2c54f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b44148bde3af711b0fb21f3e5c8b2adc
SHA1 28dfd67c589018e8a19eec954b0107850307156e
SHA256 53d3597ff22552781bc942b7ebd995544be160f37cde94c48a639f619c3b3a66
SHA512 c763aeca009f135788fa3dda9f47b2ec279f26e825411c9e41aa05fc14165a0f7efacbf60d1f07b3b71304a569e37cc903999d7108063c36e752d16f4a80791c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 e4abb1619c8566922c08eb9884503524
SHA1 67599dc40353187632c797ce30a4121846d23c5b
SHA256 6fdca2c1ed9d86c76529d3311136a41874fed1bccd111035a538613b89a9c2ad
SHA512 2416122563197bac3d4ca2665a8c64928e6adb546339f1c115f4ba856c789f33db5f64b71a06aea303dfc8042a1340cf9f52e7fd2dd19d0e0aad25080dbc6181

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 43b97599559f84a22151f8d2202941fd
SHA1 489da1ade5c0039c4085cb93756207b0bb0f3b16
SHA256 9987dcfd36472a1f8bbf0ff6750f66a9e9dc72fa44e4417340ab65cf3a1c1b05
SHA512 31df4e40e0b273c71223e13764a25574a72d5bd6f2e73307e33cdbb52937ed17234ed92b27902c1a48aaf7ddef802b56290e3eeeea3143af6b5870bb80bf88ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3be1fd78ddcfce0bb7f47785dfb1d989
SHA1 b92f5ff152a29294a6bc85d2338449021de3f20e
SHA256 259ae5e7fdd29de3c107f791cb24ba63cf4f960cf6eb54a59ef7a4a585a7bcb6
SHA512 f6f4baa7cb010de0127508b5b85fe103c7ca359c7bd2c0d4f5c46ebb45c51da531d24f71cad8a7c017d72919bf353de0da4546a90fe6f4b684bf71f016c10ad5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cfc467467be07be7840b762b55817953
SHA1 0f5cca09e4b6b4a3876688db8dbf5e5556cbb889
SHA256 b30ece4b0c19c6af96beac9aea2aaa2a0523cb74064716031e0fd5ded83c4c05
SHA512 db13d414ad2b28eff1318f6dbcc44f3e8e74af42bebd9ed6744d37409fb4be7a8b047e220ccf04b11a653861e9990d74c875906c93eff2b920069bdfc6a41ffc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 95697370ed6de19f00b654ffacf9ea59
SHA1 132bcdbe375545956e1f1593abd665b277b09f8b
SHA256 bc96b91b3d48bc3c12b5a4dfaa201dc1108611fa99cd68b6237bdb1842ef8b27
SHA512 a933486a8cfb9153aa96ea3e96366e459530a7db560b0e6d1f3b7eb360a2d74e6e869c031a06c9a8ba81fcc0f528642af081fa9023d68a87b766191b318af2d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3ecbe01a0b1d539f3f671ca83a2e2c3
SHA1 d15cc28416d92f77c116f90a92be3cdf25637fe6
SHA256 0572cea6adf821e67a952fa8b39e46169984581f57ab9d9c1ec5059423d4e36c
SHA512 f7a44dd40ea44f7f87e713f7d88c72b210de0fbc92eef12b720344a65c60e0477c4bb0d64be234456ef8c2364143bbac94b7733831a101e43bd8592867516b88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59e2e89fd8073fede0f911b917a480e6
SHA1 908457918d3b319ffc89862f79524ce8bf6b67f6
SHA256 a3e9b8d87db0cffdd8dd1d4d79c5891e1c7d1955c8ee50bdee1d06a982e497c3
SHA512 e1313cf235ea2a6df46715334f6f244678998a295a37007d112746b0735907eb4046beb6a17ba2cd206d39a930c25241c880c9f77d7dba805a935b33179c64b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c29deac17e4bebeabc511c1bc0d062b
SHA1 29631271beb1a5382c42deb594d40a156fd4da98
SHA256 5c352c9b24dc7a9e7c999120bc1c6285186f10765c6e675e5343facc24bf0101
SHA512 aa96f8b78f5db4562cadc7b68f20060da883f86713ebce5e773931cebb7e9b3da31acbb9e419d9cec6ccfad59dc05217537e7f381f290274b9ce7f65cd3d248a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6c3b3792a1b065a7e41a786153d6a824
SHA1 82e2b7c672b66bc9d2675d643add383a1348f993
SHA256 baf03bd6b92bdf9272c4f4bc7b9ae8335c990b6d92abbac1194ee877e08cab67
SHA512 156811c24a1c7dae03778f484c5e8833d6b4fdf5c7bde956796951e7d8761d966e11b5a76a41101319bb11470d945fc751fd1877260e5c23373b087c65bf6be4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

MD5 3f0ee90044790a34bddae90437105ce4
SHA1 48840ed9ec62342966b95d48cb209f460829defe
SHA256 b6009659920315de9133b093221289f848c3775bd92ca85e0feb38c8f2983a46
SHA512 6fd856db8f3848fa22af133365e75a8ee08b2c466d44f2231d3809fa8478862b8d628dc7df7740efd0146de7be231a9bcff353352096834e54b66ef07c13d0a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 58d31ffca5915d6eb037d5f0e6bf419b
SHA1 dc65c9d355c3e82b03bba0d9d8f5b9d0a9d6a1ea
SHA256 1b449f32bcc5c0cc1aa43b8b1ed8047eb29aac9ac82e2c78b1e6ceb9496fb408
SHA512 a57913dc895a55c9505b73d80b3a2fb3124551d01a22d6add71da3daef68e11db939255f7a0013c1e66da503286287bb95d760b69b8d00d249f15476e70adc04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5f149a.TMP

MD5 f8af6a65ac886e3d8f525ba4d90a64ce
SHA1 d1ef0ed2dc466312b26d4731c1053cf925e4ffc5
SHA256 3c9cac20a0875404465331328a99b726c7c52cea4e5c565326bd87824c3d9a37
SHA512 d27eb8817f07ebc003aa27360fa9d8549829788afa4b87089379cee07020bc5298b52fbb667a5edbf7afb46fab00c0c811c51f171a6f8349ea9e032ed3a4eed0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000102

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ad90a0ef1de241de228e1c80ad628d1
SHA1 94324742a4e585c6aa3e590c8da829e9bea4f254
SHA256 2085d555e4818bf830ea93a6afe7e8500e1629738779cfa4388320688f1770f3
SHA512 28acbd32e69f095483d90e9e35478c843bf22782cab9e3fccdaae1d008739cfa1c1579be9cf89698a697b92d44f3897ddad1889b566f523b91da08bf80b0feda

C:\Users\Admin\Downloads\Unconfirmed 52106.crdownload

MD5 f8abc05327115c321307efaf662498bb
SHA1 4d848adb9b0a5b278f97f75fa125145dcbffd572
SHA256 c89eda2b48317bd4da398d59213d86afa0c06034cab5e3ea5df5865e369d2a0f
SHA512 a6b70331ad553645cd82edc5f6bfa50b4bb16bfc2443469c7eb1ff79e6b4a246cfd7de0691da400777651529a2bca20311645a763dffbf7e10cc4334ab074ae4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4665fb9e23ca7675dc38a4383044fc91
SHA1 27d3ff92cd063886cd5920f01e6da35fe10f5476
SHA256 7fe5e30cfe65e6a142e7f2a31902782820e413872b5d330533869e71de68fc54
SHA512 4526688477023f3c39c955dc383e7dd7cc8b3332f18c2f49591a99ac98f7a76b17811a83af0e030837ae9f52090809e783034b4f517a2dc4852871e445ec9695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5c3bbc5c22d0b9c57cafa4c29e62ba7c
SHA1 5ff94640e0165de67e3c78de4e1aa95f81afbef5
SHA256 a959b0fc0a9ca1c8a68a74ea4913003966abb10e1e4a4b325e2e75fac411ac42
SHA512 5b55f10fa0821a32518895284ae423cb028daef46d141936cefb0cdd974421e65093d613ea4c3d17a1213a5c588c6eacb86171194f4da9cf9514781be2a3b89f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 0e2d3e5d5d3978943272cbbf24a966d0
SHA1 bfe3748ef41a6d168b98059c1a5b9a99d1b06d49
SHA256 7abc02429a933afe40dcdf7b933ebcdfb0f6d8b0b9ec369faeb958a47e278836
SHA512 7477e54e4ad3ad5a80d047b75251a673968f0cb354ead0d28d8e4b6a829e70c7fe9db812a897307b9cbf11e6b233658f57d6008dd02632c7965b32ce468ad1c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db6c7bca37bb897e0d3f668102b265e2
SHA1 c8ff5874fa4def294f837942219719d7def5f014
SHA256 7f078457d360e7f7fa204f1f4f01ed7e25a80351bd127077e0584596ec5d82b6
SHA512 466903c83d9f0a3d44837e6d056dde5c158d5d5f5823365fee4c3ed0b0d5bfeb119a08ef348cf30be79726f3665c18fad1c326b2a1339dffe7a7cc79cab969d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb507c7b0c89411c06440b6a834352f9
SHA1 760515a8d4d81eaf0cbba8dfa98027dc99fd9519
SHA256 1c53cc196ecdca348eae8044ed3916643f8e2de3aec6841ce194c421040c99ab
SHA512 b0038aef78372a5e920618a9466ccb4dc02563da12b1a0daab9bce027973011130973ff8c3526242945a8b03adb61699c39109f387a485e69317bb5cfd7bbc0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 563a52f4f4ba854b9e8bc40a2536a168
SHA1 03647d3187177faa9dd1f4e151991f543e22b8a7
SHA256 7f3c7440aa00104177a669933c0402f2a4c8b9ba2780f88fff7df14aad38f8d3
SHA512 fc81b134bc246cf3bb99206845f662e4becfa7695352dedf31370b3c54d23631fb764c0ede6287508fe9a9f14beb8a8640c20d2741a66cc55530d9d7a710be53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 172ce2c2da23bd09327bf090f29b87c8
SHA1 26bbc2189a4c562d457e6facefb857bf6b1f3d37
SHA256 3c1031a9884db11c6bb6c57cad749824ae8bf3df5fefc53a426c7fb93fbb24f7
SHA512 81b5e99e2e946a98bac4ca70de699309f8ec7f2f119467af03155f7b292b03d9c2eb1ef9cbd345ccad3a54130764c75f32b9ab262ed3ef7b82be2280e6088ded

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 0469bb703f1233c733ba4e8cb45afda2
SHA1 a07afd7ecf1d0b740b0e2eddfcde79dcf6e1767f
SHA256 00314da401908da37ebfe9b642506cab81a4467c092719fcf007be045bc4a9e0
SHA512 342c9629e705eb78c7bd52b3efe4a92b6a8bece9933956390450600635e4c0511ca96ccaa25e6920e9d25ccdf444dabfea7b09f8fbcba2f371655f87633b6d67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d5366b25479644284c1e72a4e09fe0e
SHA1 d616ac4c31fff430d1ae43e89223233e20551af4
SHA256 9182a8f20c535e6912c1c27596b05ff5223e5ca3caf3b1e5089c0ecfd9dcf4b4
SHA512 b93ae7cf5ee6494c36e8381163eada48f97415b1e1c6ec8afe6cd2d692e0afc100a7e45220209be4d243726f65a19ea676d94ad0cf3477d17c6db11695c5ad75

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\938199ca646378b696716037afc964ba

MD5 938199ca646378b696716037afc964ba
SHA1 2d865bfeccf3badef2f64e5d6453e6ab71d5f5a7
SHA256 2acc3e0879e4a71a6b08e2d6af7b238198d2eda73518b9394d82d00b010c9d7e
SHA512 1a37727c5dfaffa3023845592b400acc226face537176064698b8415d79284b6276fe68bf0e5870dc8898a846f923bd95eaac1d185613759ad6ca1068456b322

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 8146bcada44a7af3594a534dff24800a
SHA1 3618a21207e284923ef7e4f8a9e81caacf2ebced
SHA256 3099442387822deb76680ec5e5533b5d6fe014d4c7ce7cec86a0444dbd662beb
SHA512 507b58722388a9e274c96e11537c25ff86b82a0a520aa42a9591308c0485607470986f66b387ecc75352f48a4a86319279963b1deebca838a1b9dc5c84b345b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 810371040440fec52878a6885e969c7f
SHA1 1c193682dd94d7d7eb5a6d422f2d6a9d8d011935
SHA256 5f7865451e5b6875f083e1ec1e62630fe2b05fd138a9fc47aee74da4c4d7eec2
SHA512 bd48c28b89f7a2f6cf2d7359ae91a88f8506e7af5086ab26445301c79a8928a7e65ca8f5caa2e13b184c898124f8715b2971782f00059752525377e2f9a6ae21

memory/3940-2182-0x0000000073530000-0x0000000073740000-memory.dmp

memory/3940-2181-0x0000000001000000-0x0000000001035000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8368e22b0dc0fbb5b121caa681b7c133
SHA1 0bfebbad78f8f24623ee5b008bee75fbd138ffc6
SHA256 8a119e4942eca2a1f0f36480ea7c51ec2175aae72a3c4eec3ffd57f3de498915
SHA512 56ce6099b93435b202aa3b3a877fee7cc6657fdf66e35edfad26568c5b047468811e56244a64600670aebaa826f4810c321c5790d9d563269978679e686f1858

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5fc050e255b540d267d7aa1cc5f0d3cf
SHA1 fce51ca25faa285192d9d452a85f987254172f51
SHA256 a479d3bbd6a22fb4b50237f99b7f76b8d6fb7e76ef75a4541718a2a710c5e9ce
SHA512 b4b6a68ef6fedc28fee0a3a4d5b9d070ec3d4fb54d6d5ae472ad494c6fcc4ecceb3e7c03d3310b755015f71090207d90c1e29930fbd523ad5292203a8335ba7a

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 21470d97723a45f537cfe3c3fcffc2ad
SHA1 311b5acdbc0a5eebefea5d199acaa398462c83dc
SHA256 b478f4da1495b2222490a64ec9be37a76f8695c2d9d19990e196dc99adfa8412
SHA512 06784f11edd90e1d3af6d6f11ae69e0a053d0dfef59d7d8e462b11dd73065406c2a4665677ba595305771b2801f6b5a655ae6c2183f6bf8b40d29dc0ac35edb9

memory/3940-2227-0x0000000073530000-0x0000000073740000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.51\Installer\setup.exe

MD5 0e2485bb7949cd48315238d8b4e0b26e
SHA1 afa46533ba37cef46189ed676db4bf586e187fb4
SHA256 1a3d50530e998787561309b08a797f10fe97833e5a6c1f5b35a26b9068d8c3e8
SHA512 e40fcfb989e370606469cb4ca4519ce1b98704d38dbfa044bf1ad4b49dbcaf39e05e76822e7dc34cb1bb8f52e8d556c3cbf3adb4646869aba0181c6212806b96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 490e8179277b6b95e2c1c8d5e9456c3a
SHA1 309e8786c58bda6b707255b5da28393cba4246fb
SHA256 94d9ed08395e1ace86219315b359ec0796365aa7c596ec64d02f2c041aaafe4b
SHA512 8622812d72c8e6a0afee929e02556e089464180a71fbe8701569ea85f8beadebeea18429382d9f87435699e535a0e7f95ee5883263df6a502226c13e4e794522

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f52556bbed867466111b3d6bebd4afe5
SHA1 cadee2b5bb9d25d4d58f78a9f87cdf00cc054ecf
SHA256 8cb2e34399542b5545f407c6c7561e097aa363b0c91ba6ff9bd56abd5963ce3f
SHA512 7c8a455213f96b0eab36f1ad1d4e0ec13f0c85dfe394ef4667e668fd6a7cf5a82e4fb5c7adc96b09403a02865405043a669f2facf59e22f3c6ab783536a5ae00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f317dea75c1b2cd82e3fd008abc2780e
SHA1 8d0738437c9d74c3d2ee61ea47810548080bcd31
SHA256 8013cb7e873ba4fe76458b541811ed0fcb7b3fb90ab17e8d18ee1c5825bb0d31
SHA512 29ad1af5e776a3e16c1edf33e426535c51fb514bb7d9ee67bc0117d84de02d03d0ee4b3a8c5c29ab91e7553b7488bf897519151d477a946d304f80adff4bd2a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c1f512fcadbacd795d9d7cebb0eaeace
SHA1 f967cddfb194ca3c4bcb0bab88dea5d18c1854bf
SHA256 be705db1cde3c230e1b6102b747bcbd947023daf0f07a90233679d4f9d937a44
SHA512 677d0c6fc6019b4e94028ce56612943bbd8ea38dfa5566fd0073654ead8c9fb9afdc28d31f3fcd3617c91269522b0b8d4b2ee3311405b99b115f9b918ebe5342

memory/3940-2290-0x0000000001000000-0x0000000001035000-memory.dmp

memory/1980-2296-0x00007FFCDD290000-0x00007FFCDD2A0000-memory.dmp

memory/1980-2300-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp

memory/1980-2304-0x00007FFCDD480000-0x00007FFCDD485000-memory.dmp

memory/1980-2303-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp

memory/1980-2302-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp

memory/1980-2301-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp

memory/1980-2299-0x00007FFCDD3F0000-0x00007FFCDD420000-memory.dmp

memory/1980-2298-0x00007FFCDD3A0000-0x00007FFCDD3B0000-memory.dmp

memory/1980-2297-0x00007FFCDD3A0000-0x00007FFCDD3B0000-memory.dmp

memory/1980-2295-0x00007FFCDD290000-0x00007FFCDD2A0000-memory.dmp

memory/1980-2310-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp

memory/1980-2313-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp

memory/1980-2312-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp

memory/1980-2311-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp

memory/1980-2309-0x00007FFCDCD40000-0x00007FFCDCD50000-memory.dmp

memory/1980-2308-0x00007FFCDCD20000-0x00007FFCDCD30000-memory.dmp

memory/1980-2307-0x00007FFCDCD20000-0x00007FFCDCD30000-memory.dmp

memory/1980-2306-0x00007FFCDCC90000-0x00007FFCDCCA0000-memory.dmp

memory/1980-2305-0x00007FFCDCC90000-0x00007FFCDCCA0000-memory.dmp

memory/1980-2315-0x00007FFCDAC10000-0x00007FFCDAC20000-memory.dmp

memory/1980-2318-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp

memory/1980-2321-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp

memory/1980-2322-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp

memory/1980-2320-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp

memory/1980-2319-0x00007FFCDAE90000-0x00007FFCDAEC0000-memory.dmp

memory/1980-2317-0x00007FFCDAD20000-0x00007FFCDAD30000-memory.dmp

memory/1980-2316-0x00007FFCDAD20000-0x00007FFCDAD30000-memory.dmp

memory/1980-2314-0x00007FFCDAC10000-0x00007FFCDAC20000-memory.dmp

memory/1980-2328-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp

memory/1980-2329-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp

memory/1980-2345-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp

memory/1980-2344-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp

memory/1980-2343-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp

memory/1980-2341-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp

memory/1980-2339-0x00007FFCDABB0000-0x00007FFCDABC0000-memory.dmp

memory/1980-2340-0x00007FFCDABB0000-0x00007FFCDABC0000-memory.dmp

memory/1980-2338-0x00007FFCDAAB0000-0x00007FFCDAAC0000-memory.dmp

memory/1980-2337-0x00007FFCDAAB0000-0x00007FFCDAAC0000-memory.dmp

memory/1980-2336-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp

memory/1980-2335-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp

memory/1980-2334-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp

memory/1980-2333-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp

memory/1980-2332-0x00007FFCDCE60000-0x00007FFCDCE6B000-memory.dmp

memory/1980-2331-0x00007FFCDCE40000-0x00007FFCDCE50000-memory.dmp

memory/1980-2330-0x00007FFCDCE40000-0x00007FFCDCE50000-memory.dmp

memory/1980-2342-0x00007FFCDABE0000-0x00007FFCDAC06000-memory.dmp

memory/1980-2327-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp

memory/1980-2326-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp

memory/1980-2325-0x00007FFCDCC80000-0x00007FFCDCC8E000-memory.dmp

memory/1980-2324-0x00007FFCDCBD0000-0x00007FFCDCBE0000-memory.dmp

memory/1980-2323-0x00007FFCDCBD0000-0x00007FFCDCBE0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 661705b3f4d666f271e537a8ae50f914
SHA1 81c6ec7ea95c03c7a676f63237ad14c40f09d877
SHA256 51821d87ac8fac6a9ee2ad40cfe6ea44f44df90a97b1b96666abae388293d729
SHA512 4dc08d2c3d1fe6a9fc97b257e47ed5fb5b4233497be9cbcd44fa9a5fe64658bb806fbae5c55e06f25b1857dc9f39a9f43ae83617612d405b10c2599bbad12d1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59960d2212341a0ce18e5d1ac572d67e
SHA1 3da9c0d3b23dba72816bf5cb30dd2e0bd5097e5c
SHA256 3d170c29c1a2886fc8232184353cb0d3a6d71304b69c2399e8b5d30fb291f616
SHA512 13f4c5ed2703ddbbfe58f20dc50cdf70a7f778a617448873b8c72242ba03a2eb97cf08ea0a5e988af3085cc014ebabd5e0005acfb8e7ddb07a022e7aca8954ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e80a60e24fae57afedcd9b114b332e75
SHA1 1fe241282251caed0e85e41669a67d543394b0bd
SHA256 063ce8f0560a06ed4bb901cfa2ddabbcd6296f7de59b57a537de93ee49d29a11
SHA512 39b866423038cefc215b70094df61e5fd940c8ebd0ba7dd53c3cf489d4dfad6cbf5a17ba698bbf3de8c6a93ddf616f0d23de04745396545bacf9b72db659e595

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 598c279a8f57dca61c4d913806e6b886
SHA1 a0052889a6abc5d170d0a10cb7a9bc27ab025b03
SHA256 c3c487f19a19447d840228a4e195e9ddcbdc472d4bcd6962ac9589fd9a9ce65e
SHA512 e061387747eadd5e09aa591d226ef5a61cd9fa2912d2c227227a193d552e028a87dd36689d632cf8078255295db65aa73a78177e75350be9e7acf441b0b6cb3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 072ddeccc09fa9557de32c06241ea36e
SHA1 c95ed3c19431caa820a3814dd6e0fcbfdb08e29e
SHA256 7a990850a6a0c7198d9add19449b934ed84262e77683f5351a1606ab613266e0
SHA512 e558fa6aa6fd98ba9824c81e0e46200fc70d8cabc79b409603c576e0235393e46a2e85a802aaf35b56de8a0ee13ca4e96d3d7ac3ac501b27c96ac1835f2b1fbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b619dee6-2726-477b-9b6a-177c2507a529.tmp

MD5 020aefdb9d00aa6d2f65a0c418c290b7
SHA1 80fd8b43b6ef5ea20dbf188b4e06b5f5dfafeac6
SHA256 a060b02e7f0ec6988ca91d5f273fd92b114dac177153c780cc49b12d65d94bf9
SHA512 fa1b3eb1be2ccb7effcfb9912c868a126f65de7c61a4b66bb75801fbc9fca71435f9b61233d0fbf83b06923eccb43b36e1229555d6302559e8c4d203bb00ce2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 edba9abce4584a95eacd9b0d9ffed2a1
SHA1 aa6ecbe736576a92fc4dc92001eb7b439049e571
SHA256 50e7df2b8c460fe86b656fc597af7d34a01d4837e07b579f57dcae2979e94db3
SHA512 af7d6ffd9b482db7a4a45723054f6c053bb0e72c05378132c2c28b6a2351575b74a0c44dce3e7b6b41c1fa06296f74d95595c4a44351798d36dd085311ea96ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 81a6f249ed89816539305c8c9aa91350
SHA1 a76b70a032f04c26fc7b227a00d8f43c5c827fe7
SHA256 0c00ae8cc02bc08c0b3e20ec2ac5c3c840074a2266923f21b24e6ea91aeb4bc0
SHA512 7a161882a84fce30866efb91350f36f7b4a58db036fa1aa426c52a78f09ec61951bd50c846edaf8c0026868720423b43826eb468a63f9125ce5d3b93b5bcb40a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 00a62e9bfc499c1355d25b0b11f1ad13
SHA1 9731a03d697b8b4bf7ab688e694b4b0769295771
SHA256 46c3d55998098f4ded119d1def726f957dea7cb1cc5acd97d5de4ca09137f09d
SHA512 b7ce1a116ac8eda8b477432928da108fa359433e7165e779ac2e7b8f47eb648ce95ccdd6881d3d90844de0cb390a367ac63e49eca685e688aa384e9cfc50d0a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7137237d205b55770d1114e9fb3e781a
SHA1 dc86cbffc5150499ea48c3109ff2ad3c70d60693
SHA256 4266d811aa8cb1cb377fea296e7f4965953bf7261abfc901097e612e425890e3
SHA512 8d4c38913a2bac6640e85b8401cdce175d87827ea014953df341b661bb8c080ae1e79d954dcdbff1f39fa0c9ae5a8129ab8d3301715e3a91cf941774d4f89af9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7f6c6a9a8af037949f2a8f65a5bea74d
SHA1 e56b5fd187d0e7e1574d467c04841184d9e7f98f
SHA256 2b9a0854f3242cf679b51a15ebe19c60d4dcd9db364f0aebbb7c81da2d4a7382
SHA512 5adcb6257845bd63ad3d46abf94e77bac7775b53fdf052a967959bdce889704735e87660ef4a10ec717711ee7d3ebf1f132f9cc3bf640d20d87222735cb22bcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fb9c60b2ddf142b401bd19911b5faace
SHA1 a5a0190317f39ab3d752e9e9c8dbaab7a4da20af
SHA256 929bf08cd52bdea9b1fc271e2cc9da838d6a95fdbfd0daa11cd57362507de162
SHA512 f8b03ec313b5e5256712a67fc4fbf5bf274ac72092eaeecd2ad90c7c363021ff3ef8284f6a04109cfe5f84c40838c70ec707c0f4331c46e8a2f5657d6f22393a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 9d473ea21d6ac2bc8350f20a575f04bb
SHA1 516e11a7a16b3663ce744a6270acbca9852b26b7
SHA256 4ea8952b1963611e571cb4b73e2700c81d0fe2df1a6ab02c4f3457e62e3e8bc7
SHA512 c2849c9387a60276429d9c3690e68fcecbdc567652e0980e88cb01dc7a4b50c4842a62d16b7185ee66bba33ee28f8fb5f29016bb9bebbe5c773965eb16922248

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c717da79228d67f8fd1d47813ad561e6
SHA1 5a979820d3c81b56482380fd0936d8775ab6df0d
SHA256 dc3abe76dedcc3f1905787a8beae5175be0764045fd07361799c7a570e362e61
SHA512 43127cda4f1d51951f3a9b214bd6b9103287f71b8110fb7cc10a143c3d3845e7c1fd29d82109c697a1f52297cbdaf20d0a45136a8c3faefb95efc9d14a1aef29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc

MD5 5dd8e3bc29624d9dda6a9fbe1f6d3b51
SHA1 edeac7215a768d5ec0bc5af5bc622b0aff7f9b2c
SHA256 194e8abffc3839c137765529eb6156900c352fbb1a700b2fae265df97591219e
SHA512 5ae229b4f43a460132a41134abba1ec19e7ebb3d6bc2f9c546ce75425268f2187495e1b528c53481107d8f88cd57e1ad9792b6f35daad3739e493dbf841ff42c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ff

MD5 10eb047857c4293421b039d35a82be94
SHA1 c30ba1aec0a4f040973eaef61d710ee862a4cf3e
SHA256 ab8338a2eabacb905f063f4caf0cede53a0adf2ca73e3fd1b66cbb252101ad03
SHA512 3bea35d7c2e3022353d7dc0400e55d24c1194480eea08b437627ada2295667a3fe512ca04e90f36a58b7f7f115a458245bd823a439537a4a19275c6ef4795b34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe

MD5 d23797aae3d3e8c553242232196f655e
SHA1 206c2dcd9b0091bd78a107096e277d3f1ebca7bf
SHA256 50a375f4c8f8e49836c4305bb3807a0aa02a55a923fc58b0e5e2d1c4908f3f9b
SHA512 c8cf760eef919e1045ffd9342d4af2e6dfebf9ba846677ec6dc6355ec1576a1d280b345513a41ffa25a2d4be36f110354354b3ddc4b4493996778fc3eb45bf69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd

MD5 6b75f742db13c54dab1548568d311104
SHA1 6a470ecd60233ed5f0f4ca9ead39e07b51c3c8bc
SHA256 1a1d0ad64146a5622bb3f1e202fac1265193ec7522b6fc5c75578a007a3a5f53
SHA512 91ce1682c864a2ab290e5a45eeb65e719fd79c34b6ecc9cf4a5b984f8aae67eed223f71ef63b8df432a793a532dbc183d48b83b207e9f5e6aa7fb3c99222c994

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 e8f5440de79979b6cb710ba0bf7d898c
SHA1 3b7c15ca41ecfa4f3e1b43a0ab15e1e88072fd59
SHA256 159608070006605c23686617ad382ffc7c8d531b89452cc2243c7c6c5f7624b9
SHA512 9dfc5c4e57a7a09ff323529a4f985049c6ce1f02f68a530bf57ab243f93f67da5953d59d26134284d35b151054f69b3c90fab44d850723e388342fac69bf002a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000100

MD5 b4e733dbd5a2afbaa0cb1277d148b1da
SHA1 b8f9e331481f5833d523e17aa797a3a609a8b167
SHA256 1f234f530e60be6e94ee61603a63448401ce77c8a0ee32d3b98f5074b0cba322
SHA512 ee7ce90e055c7452e1c66b43374ec79569cd99de7a4b4a4efcf7d0102b74bddd8a6ae576923aad3eb0495a7cb620aadb17a245212ea0af8a8bea03dfbb2614a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt

MD5 f20e3754e2b27866706242f815e40aa0
SHA1 d49237dda106593ee821f60fc9a60b7e22bb74a7
SHA256 8b59141f0f77ff8b31bc5560782211faaa19feeea20c9529da1188cc79bf0d3c
SHA512 0120cb1eb5d95fe7574c994b163d788c511d49f4dcbad15cb55681de0aec17e898b3295b7e88c8f616d73fc5053ac703e0e3e2ea0cf3bc22a62a8ed1ff8e8fde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\32cadb2b6d359d069dd3f3d132c212a43d223701\index.txt~RFe6307c6.TMP

MD5 d8f8afbd5390a3dbe01bf13d53193a3e
SHA1 47402677755b31bc6a21c70699a8f28ff7c60943
SHA256 54c33df0750ce92c7aad94037df30dc123756cec40f1832b7092b3a440b172e3
SHA512 84b7dbf30bed5ee830017dbade68d6237d29893cd881587eb61bf23fd53080dd97e57aa820daf578db6ccbd1b6b20df2c4cbe1b855c75ea59f66d24757d7b45e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 6132feadba75110023d8f77e27f49046
SHA1 308c266d67f158bbb707b6ac37d35b7b733c2a21
SHA256 cf6335dcb4a9c9f2fc6042144ed47510d3cfe376612869b7c9277bc3e1869752
SHA512 c93365cdf6bf5fe4068745cb80fbeb9703a65138c18fda25277d50dc1dad17d45e391fbae5a76041d01926cb41c460d9bc4fcc9b079b0408b8585cb5ff7704c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a03b3e66503bbbef6f66ec22d199bd4
SHA1 7d2eb1a70e5e9c4401c5c4705bab29b21df34d5e
SHA256 32c640c00138153d64f650b76bf50e8a2577211b7dedb2dd89093d29aacd1bd5
SHA512 44fa1132b9d0d1a125be653300b1d7a66661c224982f2d7ae73fbb2ffa058bdb2790125e0b14901de77af08f76dcceeda4028ab72567ebcd4814830fa91f7381

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f55bf188d5c6d7aaab74b3d25a05e5e6
SHA1 a2f795b5cdef9f877a545b0cc041a0a5bc6fc774
SHA256 98b8752e73caa5370326d7ae1ae42f8445be3b4a78a8c139ddea950a54a2054c
SHA512 985ec49e25759681a2b49ee7c16a09f24da1a4bff147f5ab97843a3ea6694cdb2fb520f3b7ed24cc048bea187be7fb4d5cb6d3aedd7cd7d4751dd592b6a9f5e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 9ab41c4849ebb621829f2664f6e04a9f
SHA1 1e0fa8dc6272684d21b216eccb351ec074ee3552
SHA256 4b005e01812a08a8387fe21cc08ff63738795feda2e44d77361514c458faffb7
SHA512 ab76382618ee728ae6f8b59daa065a6b4219f505d2f5f23b6a9a124866bcef14456c3b2663c7e618b8c5613b3aa3d1882e059781322fc5b995ee1c597f8ba2c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 839d826840b9ad4900a53027f3a10260
SHA1 ee9acb17ccaa694af2ee934eee2f12c8feea3634
SHA256 439c773d3af7e2a4561d5dfa5e17b996bbbb150e860a60a5a0289ee8223f6752
SHA512 77683566d71963f7d22ab2012b951c286778c29330ed26faaa1976530dbd141b4872885f21124ab82f436ddcb4f1d6797dab4ab39f018a0392b44386c62a784a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f480e949caeb52f467fd449110926d40
SHA1 d7b3ff87be58ba13bede188d8655cc28856b9d82
SHA256 c818bb913908a70063a4e3467d20d366b7b7d9eb43d708cdb16a6608a7b1fee0
SHA512 3939e843d48cba8c10db97cef9a03673552d57530bb525c53af49adb898a979b60815a56ae4985529896151c3c6377e0800191e1fa04d63eb3afdeddaaebb199

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ae036115a486c9154731b0e3d01e2746
SHA1 b8d5fd34cf190558d1ca35a5cbfa1a3cb53b983b
SHA256 20c9e440d22325131814a82026caaf4bd348878a0e743e372fe010a4c28b2280
SHA512 8f5460670168d6a909a3fae0fe83f6c4fa04d573a51af443dbb1863a982fc3b34c281d5e3994fc7bec012cc4c48c7393bcf2c9aad7433b699f8a8eb889356c53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 38d3da2ec56977244eadcd5f31d5d555
SHA1 ad8a4d1feb0e5b07e76f46d9e94c33e70157582b
SHA256 d72c43ddd63c8b628835c0b60e287f44997fdcafd7921da54c3237b294fee98a
SHA512 1c3dd00655b3ccd1cab9e88ad77a9b2576088a55896f85b0377920ea466f24e931d3241f4af14d81b26d651162672e22a1ac70967b481c541730f28685b7a6e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3640d87d06f9b05b221ac7ca12b5a396
SHA1 9d82f06c0f2ac5878e60fae76024d9221082369e
SHA256 2fef48b55642e40e4de95d3966b6b9635c93fae6c27de882316e4b9aa55a89f0
SHA512 9eeb93d457a9b3ed796b6c3824878df3b80333abd6889c4a41b9587a8172c736b01ab0dcf85c8d7ba03d6ad6ddc1ac6cd67af308626b74b7139320fa7ab6e6ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b2a127212ebd428441ef4b1b6912e506
SHA1 5b6d90d6e8356ef7f0f809b9896ccf1a26e8341a
SHA256 6682d80c91be237a4269718243f826969826311cdc7080acf25c92deebecb877
SHA512 d87d7fe45788788e8ed673b490f2bf411aac63c5624aabf06c78bd8ed7bb6ee78fabf2e6b0a4c8ef7082b22e48eee53a43ea36847a47c037d6ff622560f2dd88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60cd3292bd75734b3e4e1022944a8706
SHA1 ea43b2a735d3ebee0ac3c2368dc8e5e90d4f4928
SHA256 74528d4504338dee82b96af15271fdfe201da94699d4f72741ceb8e20489bcb8
SHA512 68f5c9eaa7e09904a9d9f544290aa1252d226919523330e9088a945beac91cbb4f47506bb3aac19f197fbb43ee1ed88702bb50055537d3082568b2f2f7a75927

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000139

MD5 cf705738085572762d3f9c7babf6d70b
SHA1 ecf2ec96a8102bb2bdc177fcdbc2080d2977e3d7
SHA256 d7d0e51921bbd1687eaff4d632845c36f4ed57a49ef44ad56de4d515cd9a3633
SHA512 57ec6b648d47241b9fb9250e3990e898ae61a0f3142d6a5a0671728e8970500bbd73d874781e172e30c60fcd015c84e21c484e0b53f8fb95b91a9372c2ec8c9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\LOG.old

MD5 5fe94426d346b30639fe014e8783e591
SHA1 8a53f5a551b0c475ff7c7e97c8388d499d710ac5
SHA256 6f712270ce8ce99a2afc184580ed5bb7c5df3caf19ddd828d64dd1fdd0c48012
SHA512 a9dd3e4a3bdc1c47a211c555ff860db7f6168fd9ccf9d2a7ae51612f0ec5a10b768153f6097c38a9c2aac54a6899e4d6667fe44e33a631459b789f64983c6e4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\LOG.old~RFe642ee1.TMP

MD5 c13cf3420ccbbe37514817746ef5cf19
SHA1 72b41564d5efaf3d49f304acf6aee15df1973155
SHA256 5b55dd803dfc544b7b64a34974ebcbbb992aeba5f71df4341c87af7a424309f0
SHA512 79ca9ae72ee4de24d08d2ab70b7cd1ddd045fa3e060d343cdcbf5023e7c1f419d397666b6f86359a6f3b5ea88eb63bf86076e38da23c489d1eea08591acd8637

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 046fed27e0e280f612503e553bf7472e
SHA1 800d76cfa4a64e08e645c75884be0e2073bd2724
SHA256 9c8fe24d9d49fb7b9b426f845249aff23bb44126febaf4ab7ac4865bbc147acf
SHA512 485202e61568c2167d87fa3fdd2fa71b667bd7425583228b3fb72450bbaca5833d7d18b73281501080b315b16a4b046f3700012b19a03c81faffbad47104459a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 953f407119e322524c1e37812a733465
SHA1 263b59362b95e02e1b7583c17a4425358c48c98f
SHA256 18edaa57b16838f254770ccfada17e8c4d39652c157389aec0cb6723e10e53f6
SHA512 6ad22e0b4872935715f9534e782887563d486894263a76920484823d30d4570188cb06c057d65437cb6dd4bea8293201e7e627ab6ec24805e48553bb2a783715

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe648463.TMP

MD5 567775425b595c56f1af0c46ed9fb0b6
SHA1 236003d3807f08283d3a5de03f9c8ad489386504
SHA256 6556087aabfcc6520900eec9be5d50e3d7c36b95e24bee781e38c786a0f38713
SHA512 9245bdd5b87c80b8531cd33dee4437c731e4b173f7f693e8c6cbc2a2583e2f6f72f6a8af723e04e12ee292f1575c2f92ce85996370520c9471f6938f6f9c373b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e9621986687af518821c5bc1467b83c0
SHA1 607fb4871a9305ce1dc2c97857f3c4f66ed07b88
SHA256 d55bde40b861e70d1f9c16fc9f4f1e1dde73125a1717b87ca31d40c271bccc50
SHA512 f161d8e9b5e52b191d17f4b5b32a356b5dced0009e28ef19c407f9951a410011d2a3bddba4f9bd22d6ee883435ea7113871c3e10a0ab9ff5763a1a0c105002fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\index.txt

MD5 96e9a7cc494d385268dc3d04adf285ce
SHA1 3843f1faa2a39adf8194cb6105e3469ec8f399de
SHA256 b469fbfa1279da68c840582cef4bc33788c226e663292202ad8ba149f5cfee85
SHA512 9f8ccece82fdffddbb57b705eaaf371cfe5a0c421b6e95711a66585594bf9193ad76c38e8dc532707ff3d996948c99bdab11ace07179e9d9ca36cff87294bd3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\index.txt~RFe64a420.TMP

MD5 b4f84b61a7576110caa09f332d1acc94
SHA1 0afc8a315c3d37a34075813cc3d4068d00b9de14
SHA256 a0204c5f6bec3aba86299fb0ebcc23c6e78455308ab793ba988c05bf05dca345
SHA512 f78eba52eee213566d3625760fc324fb96c3f7ccc08c62de45516921b2784e2bbeecf3bc744e1271438ad1cee956484439dc4e2c6da0d74b1be9db20514c6951

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\d51489e3-09c1-4b6a-b594-9a5e2d96fb8f\index-dir\the-real-index

MD5 c73c2ba8bfc680f66f6f2a8a20c14b62
SHA1 f7cc75657b1912d72f7bb4beb7c6907e81166177
SHA256 370872fff31f026205ebefb80179cf62c7fe76c23ac35eb025d8ec1f8cbcc1dd
SHA512 17d9840d62f521b9a02bad05874c4a84ea80238d6b72caae83f7a557d803b7aa9329982d28299dba725dc975539b83a8cb39588dcd9a3a2669a41fee665266c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\3a8bb8c97eb2a317252af450810f794cbcb7c0d5\d51489e3-09c1-4b6a-b594-9a5e2d96fb8f\index-dir\the-real-index~RFe64a420.TMP

MD5 167dc6f18b59439a915dab63f3ce51db
SHA1 27258cc5c6355a9621863178c8835044bd547ac6
SHA256 47ecffa6371d8adb20bdfa21adc4c11a2227c66e7c5f58a78b7c1038fa6aab82
SHA512 5dd57792efb1af348ced3396cf944124f46edc9cc483413f5b885cf897c45617cff5276d2e8629f8828f719e38bfe6b7d945a4bdcc6cdfa733dad6ffbd41215a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00011f

MD5 31b12be510b4fe56593c762912f23746
SHA1 88a4139edc66e2a1fb0a244400b588b7c7765892
SHA256 bd965932a7c06808bea454bc8dbe8776e4a514e50b85b8ac69e9202e61dad8a8
SHA512 9adeb71121ff6ea4ff54edcbc136c42376ef4c13b1981d77a1a4c1b1bc700332b99f1d6e9463a6cca22e634cb286877f800f07ff79b2e5ccaed3add254166fbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000125

MD5 5bbfe4f79f1696b3bc8c83b63f51a83b
SHA1 0c22e1fb6e648aa8ae1d00952e74d9da749df594
SHA256 0dfea6e6332a9338f4d06199e05baab829baf2b706af734faacffced98d2d3b5
SHA512 93fbe2c017b08772df90c8a18efbdf8f142a69b3f428a8dd85424846544e8bdc486f933a70bf0b5d64cf961a0fe7d25a47bd3f7fa161597c1ccc91a38d69b9df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012c

MD5 794bd37e4e5b2cc3a8fc9a0ed7469aa6
SHA1 f1f85fa21f7fc50ff85db9e5b95b69229a670576
SHA256 3bd1216186bdcd3ccf089f0d7819f54b59782043aeca9b14873a3d12c600c9cb
SHA512 906f02a00a65510a3ef779a040c60e93a4e138a793063f846a34271d8d555062e7cbd14748fdf51b61da47e4951be16d2f71f67931b81a3949b5f88f3c9915f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012d

MD5 821334219ff29e8115d5cd55c81e7b1d
SHA1 02af697cd6121f8437777933113cd64b2d8ac2e5
SHA256 e9631c345d56043cef83fceaae5afb12e7df3fe99307368012d2b2efecfbd21d
SHA512 1e8c2fa051f10873214395f12319e48ebf722e1a1bf2ba687038e7ba9bb7d94582537521b4f02d00d246b0f6918d0a58fcb5231c9428267a374a4bf326aa57f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\LOG.old

MD5 4c8b2aa35785acd1acf5bc4843b2edd3
SHA1 9426e96d59673d00ed09d843a615a0beda63ecd5
SHA256 55bc74e1342202740c813fceeb7d87c0106b1a1acec4a4b61f7930f193ead826
SHA512 bd33464fcfe7e65afdd46edcffec80c207671778b6f0ec823fd901e816976aa01614bf3d614f4232bae0bdf30352e8142e53a39b3db99d00b8b224d1ef630925

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000134

MD5 a2bb89902c804a2f5ddc7bc488d679b0
SHA1 03052a99f9c9078e317db1c64dc33a493eb36963
SHA256 2fb66a43b8b0d1f8c6b40af2a54a6787be4e97a6331834103303b44137007fe7
SHA512 be64cc929881eef19c663ca8184357c114a3b2213c175e6cf025380b88f9f2ce111414ee9479c7c04557b1d8daec5e87e178f26d46db3b9ca65c06dea241a114

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000133

MD5 34626b14fd7d3ee8e775a60ad9932afa
SHA1 62f6ceb8ba50919bfbcb8851be468fbf5ae2b113
SHA256 e52dd2bbd64a741ced225fb6f82e539f6edb6fb5106e834f9c3aa90c9e7f8833
SHA512 3c6b63f8837eb9d77ca8a65a9c0836852bfba57910c6f8a36c6aa22c4ea9a0e2574fad2a7c1dc00c1607c461b4b082b9084936c29ff5dfed67997528ad9d3e6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000132

MD5 b167fbef204c352fbf1042330923da76
SHA1 f8abd69021c36d5d064ec096719753ee34936053
SHA256 353a34a14b151adb4865be2cee3e8d6ca4bfbacd317ae03415151a55694ba88a
SHA512 8857976849d8f4079466ca98413de665674fc46fbbf3de2e5c6002247fbc2becac4cbfcbc9263f7860c486e1cd069bcc574b2edbcaee3cff921a5575f2644c55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000131

MD5 7f55ea7d6dcd36d5d2e731518cb64d36
SHA1 c0e2a2bb03be5b1e91d085a0a4976a71664543f0
SHA256 c03ac3a446df1e4fa5f870e9a24be451eb7a26502533f8a7c038b42a581e53e5
SHA512 bb21ae9235af9dd4bf47af4771c83c8488fc08e0c4a1be404edfbf944202caf51f8d0dec308e50aacc0d7b8a7e27e129c6dd643928cfad17d4665611a9e8e966

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000130

MD5 1a32325232d024a4c3945d7359cd054e
SHA1 b63a5fa956ec738fcef184807508995f62d12327
SHA256 fe63629415427d6b548b12f921380fea46947b35e9ee92983459a1254379678f
SHA512 98e0f08559a3e2f4d0ebedcc76429fba29988aa091925b7faa515666dcfe44ff9d723c7f4622f48b0e43530f9a99b6e1a846549951d0d10d3a0042a6af9154b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a10e05077c343ab6e82fb19748af8c66
SHA1 6134b91ef4d6b014059ce66dc37487f9da0bc5c5
SHA256 b19c1ccbac6b314419ae39ceaeb77686f68af41069466acf434e74b0439ea53b
SHA512 60c518d8410bb24b24aad0ab551fdfc6ecb1ba1309d10cb79c2a980e349999d920fdb08f1e8fa02d08405169969fc6fc58197b4b33849e64a594b5a18fc85ba7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e1

MD5 36f7564a6c76ffb3eb8edfb55482925b
SHA1 12cb4d0a9a8fd30d0f5f6a464357819e44aa0928
SHA256 a22f49b61a3e623223df7437e6d4abd70a1705281cbc924bf9aba6ddf550c624
SHA512 f1f37bd3f7863eb520440c6c77cabb28297de169664b4a17d74de4e6c79eb7e1c4326b11a7ec450cb5ceab1627a506e0f9cc35a92aaa106a4d1f790ad6400dac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e90a78c8683fc96b11f61eca5b5d3891
SHA1 4ca2509f28f8fda25d2ca15514ba1d0b3635c7cb
SHA256 c41525826641d8182a089f7c9c72e1e73e986d671b50a45883a674325baafc9e
SHA512 a16e31b41b8eaf55d912c7d75823c8a4e4e98f8a9433cae22171f7f1a591751ee1a0e18087648973cfeb034daaffaea70d84b4be95a71557c75f54953a8058fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003da

MD5 f71aadc5f6252cd569a47e91a8d28c9a
SHA1 d190c42b0c1613c1051fc2ac42a0c0305a2fdb64
SHA256 01c315dbefd115deaa6605e703b30c383589ccc4b2029540133867dcb9b79e76
SHA512 0f5301076289e0b2e5e658f26ff202b99c95e15e24e72f77c9e628e4947cb09246de47a5f48e11ade319d08b86960e85f6fb846e726a4cebcb4d39b67995b1b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e8

MD5 bc82f9164e5e64c806b4293796c2ad58
SHA1 81ffade27f69d0d8190ad498b53228c0483addf1
SHA256 bf93044ea9985754b8bb814e43219663dd21193810e23b10875321b4d05b1406
SHA512 fdca317143da3b64118875be871baf25bd63beb8ee8d8db8dbd6f66f7ed7fe0fbb369c2e6bc8d60abef968f6cffd1f641ac1f6b03cb28c4fea4e6ab565e5098b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ec

MD5 834dee51aab6c25e9dcefabe678783e7
SHA1 09e1c363c80682f922b0e44bbffac2acc0db29e9
SHA256 ee74878ee0da475506112eb6ecd5223c7b6f09131974be0ba99f743ca32137b4
SHA512 72587ceaa2a534a380a7bf08039400f44994abd1cabafb5a26f1d03315959f67d1db120a88ddc0a672f2735d1817c480fc701791f5388811c7076d12bb0ab7e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ed

MD5 63acf3d88edd82df20d524d686a64641
SHA1 19e91b14d7b6dfe21c83e2fb7a1e5a9149ca2ff6
SHA256 8234ed485f52642b83b2e076f38b910168af822e3c4b3add65a7105837769ecc
SHA512 11df81183a9b41d23f032137792db96ea91f1290fd86dbf0cca732b2b20cfac64e7d5a71a67fc2cd0f5ef8dcc56f8edc5487bf005cc586de9284489444a2c893

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003ee

MD5 bd851e5599fbd9b4dff31d6558f19fa0
SHA1 c411d804f6dd38875f9730b4e384e53210dba041
SHA256 5186fee6a34e00c15e8ac7e14cecd7a95004d8011fdf31c08cff5fce1c7bb9ce
SHA512 7a198b8820385b485ff2fbbc1971f5a31ac9abba0e340d35cfdbe13db9e09dba7ca7506272292a01336789c516360d9f508c49a975a26682a763541bf55119ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e7

MD5 1c6f055472d709eef7710f1c0787523b
SHA1 f2623b83fe1d0147bbd342a8b64574c2df596bcf
SHA256 c20dee521debd3f415a887af86f144268016835d8c16dd4d2f86bf82ef577864
SHA512 74457b36d29d42aa7d8d270f7d2434f6e1736b9ec148d65189359e4495e8973a006f29ece4e46e942cb9d29233f6dfc5a039e400f8f19d925f78ddccccf755f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e5

MD5 0e07a9d9042aad8bc66879e5fe3b5d88
SHA1 a6f298a5d7272239e01f6670f9068e86c18e3f33
SHA256 e3aba28169c1009adc1e49e6310b2973dadad25c1aacfdd567484cdb9d7958ba
SHA512 e8337b58a9f40a26f679f074949045d2c336187eb766fcb1264fa5c823ca29a971d014010a61b8258a362d98088864595664a230d926fd33dfd1558eaff3a00b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003e4

MD5 c5e22861d9c34b9aee5ddc0fa24f81b7
SHA1 3eade4e63c309205ef0527f437886d808bceb732
SHA256 ac1ac94fe65c16b238b00460d43ec6b9c3dca371c735783db5dee37d24aba294
SHA512 1069c74c54bfd2f2f8b674ada14ba191413b76eac6ced200c7052fc9a4dd7234109b7b4805e4b903894e1a5c2059af1ddd2cd03574d859f511813cab5032dc72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0003eb

MD5 e63c9c1b63d1846bfb1ae502f06cdc12
SHA1 5a7d9d4a1080fa7c3a0ea2d2f790ae694ed5f62e
SHA256 6713aad9ea7362ee518a5efdfc012d55503c5611b2a862da231d81c16c8a4acd
SHA512 36ed93291231995b2b4bc2e7cc305e54fe54b473520e0d63c36ea8dc089d8ad87537f78f64d162839b3234657dcf6eb8ba9dc373f56f964475ac059c34706cf3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 86db444d8674809d7c2e6bb0b2e4c05f
SHA1 355fc4e1aa6bb1a9dc8a78b23b7c226577882bd5
SHA256 4fbda00d691973c1b6c152431e90f3c3405a60b86520872d9424dbddebafb5a0
SHA512 9819c58021d72f68695897836fcb8854d0d9225905c33b000764bf93421c5dce727ee3e6f85e6c242fe51e8b1504218c4ec27adbf6c48cffc491648e67527f5c

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cc74b15c0c57bc7958c5b9d1d00e6dcd
SHA1 36fd627c36a1e6024b12f98a638b679ce825de3e
SHA256 8ae3ba0be7a65f3bed1be9360dc0f054e1366ba9e70544c67ec8bff806fe1dbc
SHA512 5057860278ffec082d71cd1148712215f97370646fb2f9660f1103ce9a0331010a7a4f191d6ac70e8f0d8e5d050087042f3abfd5c4f3e5180184abe4f7289ef2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84ff6e28573bb59b06aa7f99fa61afb8
SHA1 f5dfd974e5d5cc58afe23faa77bebf16f39c3ce8
SHA256 d579ac6bacd28dd951c3e6ef4e13db95e31b08331a9bea1ea31c22b07dd78a9d
SHA512 0d508d8d36c66266c29105d682f5489b626febb2c1e035ffabad8dd389b6e75d6f8c071402eb07f8b9dc2e2c76189cd6f496a192956b2811594be86eeeab04aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f9a2a256df756087d375cd2519ee2da9
SHA1 6b6c3eb3f8dc53794c008084789002cbe6aeb687
SHA256 630e81920f0457696ca9cc8be5b04f9f28fb481db6b2b95bd6110157277d6c81
SHA512 cbcedf9ad9d3b3a78a20332600ee6eb6fbf345063436d2a58879270a8dcd184696d85f9d97abb328a4e43b9911862d3e5fd430294b645bb4941e4116d91b78c9

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.37\MicrosoftEdgeUpdateSetup_X86_1.3.187.37.exe

MD5 160e6276e0672426a912797869c7ae17
SHA1 78ff24e7ba4271f2e00fab0cf6839afcc427f582
SHA256 503088d22461fee5d7b6b011609d73ffd5869d3ace1dbb0f00f8f3b9d122c514
SHA512 17907c756df5083341f71ec9393a7153f355536306fd991de84f51b3a9cdf510912f150df1cbe981dbf3670bfa99c4cb66d46bc3016755d25da729d01b2e63b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8130f40e6f53b7578d805c84328b6d3
SHA1 347588d0220e2ccf4d99dcb3615650f46b14e7d7
SHA256 2b177789a41c7e6239ab351c7decfd770d48e065ca522398c5399516ba081fa8
SHA512 1e9c76b3091e5581f663beb58067b240ab005511ccb70748fdecfce715a7e7df8857cb0d8f33e96e1fdb2269cfd241e3f9810f3724529296ea5800a4a6ffec82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ac39f34b-618e-4944-8738-222c7adaa80d.tmp

MD5 6385f9c0edb5357cddf5e9d71501d119
SHA1 1bea4e1ab655a07dde8c579bd47e1b533cb84a3c
SHA256 9aa9098b4f5b6118e68453d3327d801a43a9be8d7854bceb3e7c10810cdf2adc
SHA512 846140b13861ee559f1249db1c6240450810823d08831da47c284bcc999f92e51564ea5ac0f25ad5da017262f3a5e44eb282984da3cbe827d748aade3a073b98

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{11E706BB-8782-4759-9C54-15BFAB0E0372}\EDGEMITMP_4B24B.tmp\SETUP.EX_

MD5 faedccf679a8d88c91909018d1b30a6d
SHA1 d50c43ae0441a8526e52d6bb04cce233e54d3a86
SHA256 17a00157a757420a5cbeef48ffc3585bc7794823cd607c640256d67079a982f5
SHA512 f3dfff27cb7883302486e1ce65d495612b43f61bb9dad985c6149a97f25b5fcd090d8b4ec4e14aad246ff223a70072534338f3bbe647ac2b0f2825428d2ad44d

memory/4508-6116-0x00000243E4960000-0x00000243E496E000-memory.dmp

memory/4508-6117-0x00000243FEE80000-0x00000243FEE8A000-memory.dmp

memory/4508-6120-0x00000243FEEB0000-0x00000243FEEB8000-memory.dmp

memory/4508-6123-0x0000024400200000-0x0000024400449000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\ThirdPartyNotice.html.~tmp

MD5 effecce1b6868c8bd7950ef7b772038b
SHA1 695d5a07f59b4b72c5eca7be77d5b15ae7ae59b0
SHA256 003e619884dbc527e20f0aa8487daf5d7eed91d53ef6366a58c5493aaf1ce046
SHA512 2f129689181ffe6fff751a22d4130bb643c5868fa0e1a852c434fe6f7514e3f1e5e4048179679dec742ec505139439d98e6dcc74793c18008db36c800d728be2