Malware Analysis Report

2025-01-06 09:25

Sample ID 240601-fpeq7sag5x
Target sample
SHA256 9dbc69b093cb31abaa2c11ccabf37cc85daf6cf9e27e3ff0ab04530ca3e1c542
Tags
discovery evasion execution persistence trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

9dbc69b093cb31abaa2c11ccabf37cc85daf6cf9e27e3ff0ab04530ca3e1c542

Threat Level: Likely malicious

The file sample was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution persistence trojan

Downloads MZ/PE file

Sets file execution options in registry

Executes dropped EXE

Registers COM server for autorun

Loads dropped DLL

Checks installed software on the system

Drops desktop.ini file(s)

Checks whether UAC is enabled

Legitimate hosting services abused for malware hosting/C2

Adds Run key to start application

Checks system information in the registry

Drops file in Windows directory

Drops file in Program Files directory

Command and Scripting Interpreter: JavaScript

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

NTFS ADS

System policy modification

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: AddClipboardFormatListener

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Modifies Internet Explorer settings

Modifies data under HKEY_USERS

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-01 05:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-01 05:02

Reported

2024-06-01 05:33

Platform

win11-20240508-en

Max time kernel

1799s

Max time network

1800s

Command Line

wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js

Signatures

Downloads MZ/PE file

Sets file execution options in registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\MicrosoftEdge_X64_125.0.2535.79.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{62655D45-E477-4136-979C-295C51AA0113}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{724E6941-844A-4644-A640-4A4D8018AE93}\BGAUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\MicrosoftEdge_X64_125.0.2535.67.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2B1EC306-3EDE-4012-9BB0-FB836132FF52}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=B2695DA5ADDA4919AA9DC2195B411CD3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{724E6941-844A-4644-A640-4A4D8018AE93}\BGAUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Emotes\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\NetworkingShareLinks-3abfa7a8-30ecb2a1\NetworkingShareLinks\buildApiSiteUrl.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RbxDesignFoundations-4f0cd42b-a744f1a5\RbxDesignFoundations\tokens\Schema\Validators\validateSemantic.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\ApolloClient\ApolloClient\utilities\graphql\directives.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RoduxGames-c69837d6-ca9547e2\RoduxGames\Reducers\Games\productInfoByGameId.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\common\robux_small.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Lua\Toggles\Dark\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Flags\GetCollectibleItemInInspectAndBuyEnabled.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\ReactRoblox\ReactRoblox\client\roblox\SingleEventManager.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\9SliceEditor\Dragger2OutlinedTop.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Controls\DesignSystem\Thumbstick1Vertical.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\Debugger\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InGameChat\BubbleChat\BubbleChat.storybook.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQml\StateMachine\plugins.qmltypes C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Lua\AssetManager\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InGameMenu\Components\ReportPage\TextEntryField.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialCommon\SharedFlags.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\CoreScriptsRhodiumTest\Tests\InspectAndBuy\InspectAndBuyControllerBar.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RoduxGames-c69837d6-ca9547e2\t.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Controls\Styles\Base\BusyIndicatorStyle.qml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\PlayerList\NotificationOn.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Lua\TagEditor\Light\Standard\Tag_Delete.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RoduxUserPermissions\RoduxUserPermissions\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\PeekView\Cryo.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Controls\DefaultController\DPadUp.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\PlayerScripts\StarterPlayerScripts_old\CameraScript\ClickToMove.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CommunityLinks\Dev\LuaSocialLibrariesDeps.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.79\oneds.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\AssetImport\btn_dark_resetcam_28x28.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\GameSettings\placeholder.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\ClimbController.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\WidgetIcons\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Thunks\GetGameName.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\Chrome\Integrations\CameraUtility\Screenshot.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\JestGlobals-2.4.1\LuauPolyfill.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\RoduxFriends\RoduxFriends\Reducers\Friends\requests\order.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQml\Models.2\plugins.qmltypes C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\StudioSharedUI\grid.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\Clipboard\Dark\Large\Copy.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SceneManagement\Dev\JestGlobals.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\BuiltInStandalonePlugins\Optimized_Embedded_Signature\AttenuationCurveEditor.rbxm C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\BuiltInStandalonePlugins\Optimized_Embedded_Signature\ErrorReporter.rbxm C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\studio_svg_textures\Lua\ImportPreview\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SceneManagement\LuauPolyfill.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\UserSearch\ApolloClient.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\InspectAndBuy\Flags\GetFFlagIBEnableFixForOwnedText.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\scripts\CoreScripts\Modules\Server\ClientChat\DefaultClientChatModules\CommandModules\GetVersion.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\validation\__tests__\ValuesOfCorrectTypeRule.spec.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\Qml\QtQuick\Templates.2\plugins.qmltypes C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\AvatarEditorImages\Sliders\gr-slide-bar-fill.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\DevConsole\Filter-stroke.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\content\textures\ViewSelector\top.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\JestMessageUtil-3.5.0\JestTypes.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Packages\_Index\NetworkingGames-1.2.0\NetworkingGames\GAMES_URL.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Http\Http\default.rbxp C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe N/A

Command and Scripting Interpreter: JavaScript

execution

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\CurVer\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\CurVer\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Roblox.Place C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\CurVer\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateBroker.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods\ = "13" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ = "IAppWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{2B1EC306-3EDE-4012-9BB0-FB836132FF52}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\SENSATIONCRACKEDGG.rbxm:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2796 wrote to memory of 1692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 3280 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 5032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 5032 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2796 wrote to memory of 1128 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe N/A

Processes

C:\Windows\system32\wscript.exe

wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd1a17ab58,0x7ffd1a17ab68,0x7ffd1a17ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3160 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3504 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4368 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4496 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4536 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4372 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4880 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4124 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4912 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5016 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3452 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4100 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4892 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4268 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4124 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5172 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004C0 0x00000000000004E8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4220 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3088 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1556 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=216 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4264 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5196 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3468 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3924 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4252 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4896 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1632 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2452 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3344 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2456 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5512 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4252 --field-trial-handle=1828,i,9813374164665577653,512001600398645325,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe

"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUM2QTc2ODItRjM3NS00RUFGLThCQ0MtNEQ2RjM0QjkzNEUzfSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4ODE4NkE5OC0wOEFBLTQ5OUYtQjc0RC1EQUM2NTBGMEMwQTl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc1MzM3MjEzNjMiIGluc3RhbGxfdGltZV9tcz0iNzAzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{EC6A7682-F375-4EAF-8BCC-4D6F34B934E3}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUM2QTc2ODItRjM3NS00RUFGLThCQ0MtNEQ2RjM0QjkzNEUzfSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3NTI3OEI5Qy1EODRGLTQ5MTUtODg5Ni1BODU0MDFBQjkzNjV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbmV4dHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzUzOTU3MTMxMSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\MicrosoftEdge_X64_125.0.2535.79.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\MicrosoftEdge_X64_125.0.2535.79.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\MicrosoftEdge_X64_125.0.2535.79.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.112 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C58A089A-4618-4BCB-A166-F2019C98F7EB}\EDGEMITMP_CECF2.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.79 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff6f3de4b18,0x7ff6f3de4b24,0x7ff6f3de4b30

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RUM2QTc2ODItRjM3NS00RUFGLThCQ0MtNEQ2RjM0QjkzNEUzfSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntENjkxRDVFOC04ODhDLTRGNEQtQTRFQi0yODUwN0FDNkREQzB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjUuMC4yNTM1Ljc5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NTU0NzYxMTc4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzU1NDgyMTU2OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc3ODcwMDQ1MTAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzA4YzMwYzZkLTY5ZWItNDk3Yi1hZDgyLWY4NDc4NzllNDI0MD9QMT0xNzE3ODIzMjc5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUM0aERxVDR5YlVCRFVRVklYRXlzZ0JxcUZmeXBOJTJiaWxEYXRmakE4ZVYzcDA3VDhjZ0g5dTN6c2hKNyUyYm9yRjJVWmhsZVNaWncyeFVSZ3UzR05pJTJmTURnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTczNzE2MDI0IiB0b3RhbD0iMTczNzE2MDI0IiBkb3dubG9hZF90aW1lX21zPSIxNjU1MSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc3ODcxMDQ1MDAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3ODAxMjI0NzE0IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MjU1NDE2ODgzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNzk1IiBkb3dubG9hZF90aW1lX21zPSIyMzIyNCIgZG93bmxvYWRlZD0iMTczNzE2MDI0IiB0b3RhbD0iMTczNzE2MDI0IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NTQxNiIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe

"C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.627.0.6270453_20240601T050909Z_Studio_B5590_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.627.0.6270453_20240601T050909Z_Studio_B5590_last.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://upload.crashes.rbxinfra.com/post?format=minidump --annotation=AppVersion=0.627.0.44533 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=eaa743d2ec5efd1c7cd63375418c0e423354daa2 --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.627.0.6270453 --annotation=UniqueId=7838038887165469453 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.627.0.6270453 --annotation=host_arch=x86_64 --initial-client-data=0x5c0,0x5cc,0x5d0,0x538,0x5d8,0x7ff6e37c8b90,0x7ff6e37c8ba8,0x7ff6e37c8bc0

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=1168.2384.16411224799967326313

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.112 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=125.0.2535.79 --initial-client-data=0x180,0x184,0x188,0x15c,0x1b8,0x7ffd02804ef8,0x7ffd02804f04,0x7ffd02804f10

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1752 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=1812,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2052 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2084,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=2200 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3452,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3472 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3540,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4104 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3500,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4084 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4960,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4976 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5216,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=5236 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 627, 0, 6270453" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5224,i,12457075038455611242,4053324515125183913,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=5212 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{62655D45-E477-4136-979C-295C51AA0113}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{62655D45-E477-4136-979C-295C51AA0113}\MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe" /update /sessionid "{9B4380B5-F0EF-4274-8780-661F73BB0794}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OUI0MzgwQjUtRjBFRi00Mjc0LTg3ODAtNjYxRjczQkIwNzk0fSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntEQjM4MEUzNS0yODA4LTQ0QTUtOUU4MC0xQUI1MENDQzk0RDV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny4zOSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzYyMTE5NTAyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNzYyOTA5NjEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDgzMjIxODIyMyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIyMTY2N2RjLWJiMGEtNGFjYi04MzNkLTVhMTFkYzg4YThiZj9QMT0xNzE3ODIzNTk5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWRhZWM5WlI4c0RZSTlTSGxXeVNEVmIxU0RpSHJlbUE3djZoTkVWaUFOQ3R1dHdLYTY2TVZVZGlSNUdyemd5WDFSaVBTNzZ5bkpjQ0xhTkZDY1JUUGVBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDUzODYzODUiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODMyMjM4MTMwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8yMjE2NjdkYy1iYjBhLTRhY2ItODMzZC01YTExZGM4OGE4YmY_UDE9MTcxNzgyMzU5OSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1kYWVjOVpSOHNEWUk5U0hsV3lTRFZiMVNEaUhyZW1BN3Y2aE5FVmlBTkN0dXR3S2E2Nk1WVWRpUjVHcnpneVgxUmlQUzc2eW5KY0NMYU5GQ2NSVFBlQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSItMSIgZG93bmxvYWRfdGltZV9tcz0iMTciLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA4MzIyNTgxOTgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIyMTY2N2RjLWJiMGEtNGFjYi04MzNkLTVhMTFkYzg4YThiZj9QMT0xNzE3ODIzNTk5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWRhZWM5WlI4c0RZSTlTSGxXeVNEVmIxU0RpSHJlbUE3djZoTkVWaUFOQ3R1dHdLYTY2TVZVZGlSNUdyemd5WDFSaVBTNzZ5bkpjQ0xhTkZDY1JUUGVBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iMTk5LjIzMi4yMTAuMTcyIiBjZG5fY2lkPSIzIiBjZG5fY2NjPSJHQiIgY2RuX21zZWRnZV9yZWY9IlJlZiBBOiBFRTFGQTZDRDZDMzU0RERFQjYzRDc5QTY4OEUyNTBDMSBSZWYgQjogTFRTRURHRTA4MTIgUmVmIEM6IDIwMjQtMDUtMjBUMjA6NDc6NTZaIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IlJlZiBBOiAwNjZBQzY2QzMzNjg0RTI5QjU0RjExQzg0QzNFMTgxRiBSZWYgQjogQU1TMjMxMDIwNjE2MDExIFJlZiBDOiAyMDI0LTA1LTIwVDIwOjQ3OjU2WiIgY2RuX2NhY2hlPSJISVQiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYyMTA0OCIgdG90YWw9IjE2MjEwNDgiIGRvd25sb2FkX3RpbWVfbXM9IjIzNCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDgzMjI4ODE3NyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDgzNzY1ODE5NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTk2NTU3MTIxNzU4MjAwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1Ljc5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIHVwZGF0ZV9jb3VudD0iMSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjE2OTIxNTYwOTU5NTIwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins1NUU5MTY1QS03NDk3LTQxMDYtQUQ4Ny04OUFCMDczNjI5MkZ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUA5F.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{9B4380B5-F0EF-4274-8780-661F73BB0794}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OUI0MzgwQjUtRjBFRi00Mjc0LTg3ODAtNjYxRjczQkIwNzk0fSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NDA4NjlDOEYtOUI3MC00OTJFLUJCM0EtNzAwNzU5MTBFN0ZFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuMzkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTcyMTg0NzYiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwOTY0NjM4MTg2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTIyNjkzOTQtNzlFQS00NDcxLUE2MkQtMjIwMDI3Mzc0N0M3fSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7RDc3MTQ3OEItMzE2QS00N0E1LUJGM0EtQzcwMTU4MDEwQjA5fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RDZqeFBlVW1LZmg4eXR5NkYwN1l4TTFlWkRIL1RWNkZRVDJmZkRpWnl3dz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTUxODAxNjciIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM1OTY3ODA0MTE3Nzk2MDUiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MDY4IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDAyMzkxODgwOSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{724E6941-844A-4644-A640-4A4D8018AE93}\BGAUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{724E6941-844A-4644-A640-4A4D8018AE93}\BGAUpdate.exe" --edgeupdate-client --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NTIyNjkzOTQtNzlFQS00NDcxLUE2MkQtMjIwMDI3Mzc0N0M3fSIgdXNlcmlkPSJ7QkFBNkI0RTctMEM2OS00OEJBLUJEQTEtRTg4QTFBRjNCRDcyfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntEQzRCRDM0Qy1FOTFGLTQ2NjEtOTA3Ny1CQjkzM0Q2MUNGM0V9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MTAzMTE4ODMzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQxMDQ3NDg4MTMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ0MTA3Njg4MTkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcxNzgyMzkzMyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1ZdDM3MTJaNG0waURjMUtEZDN4U0gzZ1h4QTI2dkJJNFREM3E3cXBDJTJma3ozV0VJeWhiWkxHbWlzQ0xUcTNlUGN4cTg5RmlldVhHakV1MnNEdm10UzlRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjE0NCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ1Mzg2Mzg1IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDQxMTg3ODk4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MTc4MjM5MzMmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9WXQzNzEyWjRtMGlEYzFLRGQzeFNIM2dYeEEyNnZCSTRURDNxN3FwQyUyZmt6M1dFSXloYlpMR21pc0NMVHEzZVBjeHE4OUZpZXVYR2pFdTJzRHZtdFM5USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSItMSIgZG93bmxvYWRfdGltZV9tcz0iMzk3Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ0MTE5MDg5NjMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9Indpbmh0dHAiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzE3ODIzOTMzJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVl0MzcxMlo0bTBpRGMxS0RkM3hTSDNnWHhBMjZ2Qkk0VEQzcTdxcEMlMmZrejNXRUl5aGJaTEdtaXNDTFRxM2VQY3hxODlGaWV1WEdqRXUyc0R2bXRTOVElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIxOTkuMjMyLjIxMC4xNzIiIGNkbl9jaWQ9IjMiIGNkbl9jY2M9IkdCIiBjZG5fbXNlZGdlX3JlZj0iUmVmIEE6IDJERDc4ODU2RjEwNjQxREM4RjAzQzJDN0FGNzA5MUMyIFJlZiBCOiBMVFNFREdFMTcxMCBSZWYgQzogMjAyNC0wNC0xNVQyMDo0MzoxM1oiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iUmVmIEE6IDNFNTdDMDE4NkRGNDQyNzlBNDMzQjJCOTc0RkYzOUY0IFJlZiBCOiBBTVMyMzEwMjIwMTEwMjUgUmVmIEM6IDIwMjQtMDQtMTVUMjA6NDM6MTNaIiBjZG5fY2FjaGU9IkhJVCwgSElUIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIGRvd25sb2FkX3RpbWVfbXM9IjgzOTEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDQxMjEzOTAxNyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NDQ1NzE4ODQ1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ1MDkxMzg4MzUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzMTk2IiBkb3dubG9hZF90aW1lX21zPSIyOTk5NiIgZG93bmxvYWRlZD0iMTgwNDQ0NDgiIHRvdGFsPSIxODA0NDQ0OCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNjMzOCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\MicrosoftEdge_X64_125.0.2535.67.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\MicrosoftEdge_X64_125.0.2535.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\MicrosoftEdge_X64_125.0.2535.67.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.112 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{79A9527D-C220-4DE6-80D1-E05607C505D1}\EDGEMITMP_64E47.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.67 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff61a124b18,0x7ff61a124b24,0x7ff61a124b30

Network

Country Destination Domain Proto
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.200.14:443 apis.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 clients2.google.com tcp
GB 216.58.213.3:443 ssl.gstatic.com tcp
GB 128.116.119.4:80 roblox.com tcp
GB 128.116.119.4:80 roblox.com tcp
GB 128.116.119.4:443 roblox.com tcp
NL 128.116.21.4:443 www.roblox.com tcp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 18.239.208.26:443 static.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
US 18.239.208.95:443 js.rbxcdn.com tcp
NL 128.116.21.4:443 www.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 95.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
NL 128.116.21.4:443 games.roblox.com tcp
NL 128.116.21.4:443 games.roblox.com tcp
BE 23.14.90.88:443 apis.rbxcdn.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 205.234.175.102:443 css.rbxcdn.com tcp
US 18.239.208.20:443 css.rbxcdn.com tcp
US 18.239.208.20:443 css.rbxcdn.com tcp
US 18.239.208.20:443 css.rbxcdn.com tcp
US 18.239.208.20:443 css.rbxcdn.com tcp
US 18.239.208.20:443 css.rbxcdn.com tcp
US 18.239.208.20:443 css.rbxcdn.com tcp
NL 128.116.21.4:443 games.roblox.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 162.159.135.232:443 status.discord.com tcp
US 162.159.135.232:443 status.discord.com tcp
US 162.159.135.232:443 status.discord.com udp
GB 142.250.179.234:443 ajax.googleapis.com tcp
GB 142.250.179.234:443 ajax.googleapis.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com tcp
US 104.18.5.175:443 global.localizecdn.com tcp
US 18.239.190.193:443 d3e54v103j8qbb.cloudfront.net tcp
US 104.18.34.227:443 cdn.prod.website-files.com udp
US 18.239.208.114:443 setup.rbxcdn.com tcp
US 18.239.208.114:443 setup.rbxcdn.com tcp
US 18.239.208.114:443 setup.rbxcdn.com tcp
US 18.239.208.114:443 setup.rbxcdn.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 162.159.133.233:443 cdn.discordapp.com tcp
US 104.18.34.227:443 cdn.prod.website-files.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 162.159.134.234:443 remote-auth-gateway.discord.gg tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 104.19.229.21:443 js.hcaptcha.com tcp
US 104.19.229.21:443 js.hcaptcha.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.200.14:443 apis.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.14:443 apis.google.com tcp
AU 34.116.74.210:443 e2c10.gcp.gvt2.com tcp
AU 34.116.74.210:443 e2c10.gcp.gvt2.com tcp
US 104.19.230.21:443 js.hcaptcha.com udp
US 104.19.230.21:443 js.hcaptcha.com udp
US 192.178.49.163:443 beacons.gvt2.com tcp
US 162.159.135.232:443 status.discord.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
NL 128.116.21.4:443 games.roblox.com udp
US 162.159.134.234:443 remote-auth-gateway.discord.gg tcp
US 162.159.134.234:443 remote-auth-gateway.discord.gg tcp
US 35.186.224.25:443 api.spotify.com tcp
US 162.159.128.233:443 status.discord.com tcp
US 35.186.224.25:443 api.spotify.com udp
US 162.159.133.233:443 cdn.discordapp.com udp
US 35.186.224.39:443 dealer.spotify.com tcp
BE 104.117.77.210:443 i.scdn.co tcp
BE 104.117.77.210:443 i.scdn.co tcp
US 162.159.128.232:443 media.discordapp.net tcp
US 162.159.133.233:443 cdn.discordapp.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.200.14:443 apis.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
NL 128.116.21.4:443 games.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
NL 128.116.21.4:443 games.roblox.com udp
BE 23.14.90.81:443 apis.rbxcdn.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 18.239.208.58:443 css.rbxcdn.com tcp
NL 128.116.21.4:443 games.roblox.com tcp
NL 128.116.21.4:443 games.roblox.com tcp
US 216.239.36.117:443 beacons2.gvt2.com tcp
US 216.239.36.117:443 beacons2.gvt2.com udp
NL 128.116.21.4:443 games.roblox.com udp
NL 128.116.21.4:443 games.roblox.com udp
NL 128.116.21.4:443 games.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-2b-lms.rbx.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
GB 128.116.119.3:443 silver.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 54.68.6.24:443 aws-us-west-2b-lms.rbx.com tcp
US 18.239.208.99:443 t2.rbxcdn.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 18.239.208.100:443 create.roblox.com tcp
US 18.239.208.58:443 t6.rbxcdn.com tcp
BE 23.14.90.73:443 t3.rbxcdn.com tcp
US 18.239.208.68:443 create.roblox.com tcp
US 18.239.208.68:443 create.roblox.com tcp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 18.239.208.92:443 webblox.roblox.com tcp
US 18.239.208.92:443 webblox.roblox.com tcp
US 18.239.208.92:443 webblox.roblox.com tcp
US 18.239.190.20:443 doy2mn9upadnk.cloudfront.net tcp
US 18.239.190.20:443 doy2mn9upadnk.cloudfront.net tcp
FR 52.222.201.56:443 t1.rbxcdn.com tcp
FR 52.222.201.56:443 t1.rbxcdn.com tcp
US 18.239.208.108:443 t7.rbxcdn.com tcp
US 18.239.208.31:443 t5.rbxcdn.com tcp
US 18.239.208.31:443 t5.rbxcdn.com tcp
US 18.239.208.9:443 t4.rbxcdn.com tcp
US 18.239.208.9:443 t4.rbxcdn.com tcp
US 162.159.135.232:443 discord.com udp
US 18.239.208.119:443 setup.rbxcdn.com tcp
US 18.239.208.119:443 setup.rbxcdn.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
NL 128.116.21.4:443 itemconfiguration.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
US 18.239.208.119:443 setup.rbxcdn.com tcp
US 18.239.208.119:443 setup.rbxcdn.com tcp
US 18.239.208.119:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:51759 tcp
N/A 127.0.0.1:51766 tcp
N/A 127.0.0.1:51778 tcp
N/A 127.0.0.1:51781 tcp
US 162.159.135.232:443 discord.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
GB 104.91.71.142:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
NL 128.116.21.4:443 itemconfiguration.roblox.com udp
US 162.159.137.232:443 discord.com udp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
NL 128.116.21.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:52158 tcp
N/A 127.0.0.1:52169 tcp
NL 128.116.21.4:443 itemconfiguration.roblox.com tcp
NL 128.116.21.4:443 itemconfiguration.roblox.com tcp
N/A 127.0.0.1:52174 tcp
N/A 127.0.0.1:52178 tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
NL 128.116.21.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
FR 3.162.38.58:443 static.rbxcdn.com tcp
FR 3.162.38.58:443 static.rbxcdn.com tcp
FR 18.244.28.113:443 js.rbxcdn.com tcp
FR 18.244.28.113:443 js.rbxcdn.com tcp
FR 18.244.28.113:443 js.rbxcdn.com tcp
FR 18.244.28.113:443 js.rbxcdn.com tcp
FR 18.244.28.113:443 js.rbxcdn.com tcp
FR 18.244.28.113:443 js.rbxcdn.com tcp
US 18.245.175.128:443 images.rbxcdn.com tcp
US 18.245.199.38:443 css.rbxcdn.com tcp
US 18.245.199.38:443 css.rbxcdn.com tcp
US 18.245.199.38:443 css.rbxcdn.com tcp
US 18.245.199.38:443 css.rbxcdn.com tcp
US 18.245.199.38:443 css.rbxcdn.com tcp
US 18.245.199.38:443 css.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 18.245.199.38:443 css.rbxcdn.com tcp
DE 128.116.44.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
NL 128.116.21.4:443 www.roblox.com udp
NL 128.116.21.4:443 www.roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 88.221.83.98:443 apis.rbxcdn.com tcp
NL 128.116.21.4:443 www.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
NL 128.116.21.4:443 ecsv2.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
NL 128.116.21.4:443 metrics.roblox.com udp
NL 128.116.21.4:443 metrics.roblox.com tcp
US 8.8.8.8:443 dns.google udp
NL 128.116.21.4:443 metrics.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 8.8.4.4:443 dns.google udp
GB 51.140.244.186:443 tcp
GB 172.165.69.228:443 tcp
GB 172.165.69.228:443 tcp
GB 172.165.69.228:443 tcp
US 162.159.137.232:443 discord.com udp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:52721 tcp
N/A 127.0.0.1:52930 tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:54197 tcp
N/A 127.0.0.1:54199 tcp
N/A 127.0.0.1:54201 tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
FR 52.84.174.89:443 t7.rbxcdn.com tcp
FR 52.84.174.89:443 t7.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
US 3.165.136.36:443 t4.rbxcdn.com tcp
FR 52.84.174.27:443 t0.rbxcdn.com tcp
N/A 127.0.0.1:54219 tcp
N/A 127.0.0.1:54231 tcp
N/A 127.0.0.1:54235 tcp
N/A 127.0.0.1:54353 tcp
N/A 127.0.0.1:54367 tcp
N/A 127.0.0.1:54445 tcp
N/A 127.0.0.1:54447 tcp
N/A 127.0.0.1:54449 tcp
N/A 127.0.0.1:54631 tcp
N/A 127.0.0.1:54633 tcp
N/A 127.0.0.1:54635 tcp
N/A 127.0.0.1:54641 tcp
N/A 127.0.0.1:54643 tcp
N/A 127.0.0.1:54645 tcp
FR 52.84.174.27:443 t0.rbxcdn.com tcp
US 3.165.136.36:443 t4.rbxcdn.com tcp
FR 52.84.174.27:443 t0.rbxcdn.com tcp
FR 52.84.174.27:443 t0.rbxcdn.com tcp
US 18.245.175.53:443 t2.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
N/A 127.0.0.1:54650 tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
US 18.245.175.53:443 t2.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
FR 52.84.174.27:443 t0.rbxcdn.com tcp
N/A 127.0.0.1:54652 tcp
N/A 127.0.0.1:54654 tcp
N/A 127.0.0.1:54657 tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
N/A 127.0.0.1:54674 tcp
N/A 127.0.0.1:54676 tcp
N/A 127.0.0.1:54680 tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
FR 18.244.28.50:443 c1.rbxcdn.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
NL 128.116.21.4:443 metrics.roblox.com tcp
BE 23.14.90.99:443 c0.rbxcdn.com tcp
BE 23.14.90.99:443 c0.rbxcdn.com tcp
US 18.245.199.118:443 c7.rbxcdn.com tcp
FR 3.162.38.115:443 c5.rbxcdn.com tcp
FR 3.162.38.115:443 c5.rbxcdn.com tcp
BE 23.14.90.99:443 c0.rbxcdn.com tcp
N/A 127.0.0.1:54705 tcp
N/A 127.0.0.1:54709 tcp
N/A 127.0.0.1:54719 tcp
N/A 127.0.0.1:54722 tcp
N/A 127.0.0.1:54724 tcp
N/A 127.0.0.1:54727 tcp
FR 18.244.28.88:443 c4.rbxcdn.com tcp
BE 23.14.90.99:443 c0.rbxcdn.com tcp
FR 18.244.28.88:443 c4.rbxcdn.com tcp
US 18.245.199.118:443 c7.rbxcdn.com tcp
FR 3.162.38.115:443 c5.rbxcdn.com tcp
N/A 127.0.0.1:54733 tcp
N/A 127.0.0.1:54740 tcp
BE 23.14.90.107:443 c2.rbxcdn.com tcp
N/A 127.0.0.1:54743 tcp
US 205.234.175.102:443 c3.rbxcdn.com tcp
US 8.8.8.8:53 99.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 118.199.245.18.in-addr.arpa udp
US 8.8.8.8:53 115.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 88.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 107.90.14.23.in-addr.arpa udp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
FR 52.84.174.89:443 t7.rbxcdn.com tcp
BE 2.17.107.195:443 t1.rbxcdn.com tcp
N/A 127.0.0.1:54803 tcp
BE 23.14.90.72:443 c1.rbxcdn.com tcp
BE 23.14.90.72:443 c1.rbxcdn.com tcp
BE 23.14.90.72:443 c1.rbxcdn.com tcp
US 205.234.175.102:443 c3.rbxcdn.com tcp
N/A 127.0.0.1:54974 tcp
N/A 127.0.0.1:54976 tcp
N/A 127.0.0.1:54978 tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
N/A 127.0.0.1:55211 tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
N/A 127.0.0.1:55214 tcp
FR 18.244.28.50:443 c1.rbxcdn.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
BE 104.68.69.233:443 clientsettingscdn.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
N/A 127.0.0.1:55258 tcp
N/A 127.0.0.1:55281 tcp
N/A 127.0.0.1:55284 tcp
N/A 127.0.0.1:55286 tcp
N/A 127.0.0.1:55396 tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com udp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
US 205.234.175.102:443 c3.rbxcdn.com tcp
BE 23.14.90.89:443 c1.rbxcdn.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
N/A 127.0.0.1:54729 udp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 gameinternationalization.roblox.com udp
NL 128.116.21.4:443 gameinternationalization.roblox.com tcp
NL 128.116.21.4:443 gameinternationalization.roblox.com tcp
US 8.8.8.8:53 t1.rbxcdn.com udp
BE 23.14.90.96:443 t1.rbxcdn.com tcp
BE 23.14.90.96:443 t1.rbxcdn.com tcp
US 3.165.136.37:443 t4.rbxcdn.com tcp
US 8.8.8.8:53 voice.roblox.com udp
NL 128.116.21.4:443 voice.roblox.com tcp
US 8.8.8.8:53 37.136.165.3.in-addr.arpa udp
N/A 127.0.0.1:55613 tcp
N/A 127.0.0.1:55619 tcp
N/A 127.0.0.1:55674 tcp
N/A 127.0.0.1:55736 tcp
N/A 127.0.0.1:55767 tcp
N/A 127.0.0.1:55823 tcp
N/A 127.0.0.1:55825 tcp
N/A 127.0.0.1:55832 tcp
N/A 127.0.0.1:55834 tcp
N/A 127.0.0.1:55907 tcp
N/A 127.0.0.1:55945 tcp
N/A 127.0.0.1:55950 tcp
N/A 127.0.0.1:56009 tcp
NL 128.116.21.4:443 voice.roblox.com tcp
N/A 127.0.0.1:56023 tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:60966 udp
N/A 127.0.0.1:56083 tcp
N/A 127.0.0.1:56522 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:56570 tcp
N/A 127.0.0.1:56572 tcp
N/A 127.0.0.1:56574 tcp
N/A 127.0.0.1:56585 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:56592 tcp
US 162.159.130.234:443 gateway-us-east1-c.discord.gg tcp
NL 128.116.21.4:443 assetgame.roblox.com udp
NL 128.116.21.4:443 assetgame.roblox.com tcp
US 162.159.128.233:443 discord.com udp
US 162.159.136.232:443 discord.com udp
US 162.159.136.232:443 discord.com udp
N/A 127.0.0.1:56641 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:56672 tcp
IE 20.166.2.191:443 msedge.api.cdp.microsoft.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:56682 tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
N/A 127.0.0.1:56718 tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
NL 128.116.21.4:443 assetgame.roblox.com tcp
N/A 127.0.0.1:56736 tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
N/A 127.0.0.1:56781 tcp
NL 128.116.21.4:443 thumbnails.roblox.com tcp
US 8.8.8.8:53 apis.roblox.com udp
NL 128.116.21.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:56808 tcp
NL 128.116.21.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:56817 tcp

Files

\??\pipe\crashpad_2796_BZNJVOJIJFTZNTAN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 81590d5889f35005b78e81925783b687
SHA1 ec0d4e19003a89d659e36982a3b4ccfe4f757a41
SHA256 5086408680ab8ee78ced23749654172904cd03108c6b836b1798459c6df02af4
SHA512 ab14a5e527bc048dd14622d2236382525d252bdcb55daa47612f24ce3b96ce45ea203b4636989b71aa0541dac76ff3a4174a2b49fa89940a9b4e79de2b2d8290

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b277859255570923c5d2774c36232fdc
SHA1 07a038cf52fb6bb77ccba5306a5c3b3101b6ffcb
SHA256 e4b8506ae5437ef1b12677f77e312323717b966cdc1ce4d32665df00abd72e99
SHA512 0c68a7d77e19663f9b21c184ad5b6453269ce39ae24434949c7ceea56a7a26993532c586989108a122e3d6729afff2f6ed9541dce46b30bdfb972f02e92a3d3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d992ed7634f11a36387e3c987ec88a1e
SHA1 831d5e4a9086d3f69bdeff5117f48c9bb53ce88b
SHA256 36555fd8749096f3d0c83383f2b6c295e33d96bfe97001d232d23a9e0d51ef84
SHA512 2d0349a8d9a41ca0faa8702f0beae715c47fffec92a46c7f5efd5b20688e0eaf78226c72c36f517313d67bdc734736b5e41e35b03d8f42382755802e1ad4fb48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 951ed0408d88f7da0498ebb685924775
SHA1 9bdf24c46bceb4242f5d0aff2a36429d840444ec
SHA256 af43c7b29b164700718e085282820551ea346b39aeaaf13415929e4b9d23babe
SHA512 11545c44c63f1f3a99a89201cfc36ceec5aae635847048ff323cfa4dbf61e0fb0fd86a655126d2e37f24283a45a5c3978ce0b7ddc7b46e42be4a3f7acd201e99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 097641701c4763cd9ca96e61ad8b7295
SHA1 5310390c92e21466ae4e62bfd67d4a647d52d986
SHA256 391ef48ef4d95e57b06e8f8407e2867d4565c6c3317fec99f09fb49dc2eb6f0e
SHA512 fb1722905bc4f6983ae8a584bfa9fbf7da27107756022dec011132b143abcfaecf1396a4e101efb8c7f349f78b1f34e13d98c80d39e52b27b7ef0186e26a8fd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87878050394c5771bbfa6536266f2ead
SHA1 60424d9f88065d58ca72d67270aa5fa9ab8ce3b8
SHA256 150de71b67f4d6451b187d293b8ddbdfda4e0a89449f2fd2eb4ed67977e8a466
SHA512 cf09c30199f446ecf2bb3675e9f3feffcce3ac3c744b056df0c817936bee493cf71d04b983c821ba699003de3a6e1d1f366a76901740d99253d713696cfc7c6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5571ce7fe0d4fb25d5427d8235d46be0
SHA1 280a40380509d79efe7c28f42a4d59b165ea78a3
SHA256 10a0701c07bf1e831ad828a6ebaafe03c52726e7da0077c6741c5b2a7e35161c
SHA512 07ed6c766823e9694cd2936bda86a0a9ec00e5eeef83df72940612b2be1b3c37203ae77ee29cd47f732f6cc2c91b858a31dab01167ba892f23a6b58766f9a4e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9ec26bc380c37a2538d509cdb18354ff
SHA1 0c1958722af74edb6b2c4e036612b8f4002c20d4
SHA256 5778d715d89fa9597c64d7400b96665cd0f1a051467a152d1ba02065ece28047
SHA512 913b2685a3ca34ba2079da343ad7247cf98faf5d754c36750717ac64bfeefe0c5150118d52f0a162bfd4aaba3a479c894a9677cfea579cfe25a19a2e24e56bd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dff187a03330e4d9b2844ca14a1c9c59
SHA1 717499f52be9c05fff9fa689b763757a8e480d8a
SHA256 4fab606194c16126e6cb55ee7b55a043470457c9cbf3fa522e8105535f6b94e4
SHA512 d518403bbdc0b3a1548e9c4677cdca2936e33c9831442fb77849a0a2ae4b540304f8e4b63919eb84c1285383fe120eb0b8e055e552324a32de485bbd0883df63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d3d54f7f8f5c45fe1ea00bc5756bfd74
SHA1 e2678af35e960fecb405eced51c3421089c9e6e2
SHA256 ccfd02ef8566811c324bda8167feb8a997480dd94aba64ffdc8b53f742e1dc53
SHA512 1079145ee7a543a4922d50871db85869e06235f930acb0ff803cfa8ef620154df7776f829689ab7709e7fc3daaf28f037bde1fdd1f3b905fa1a3ba928d6da51f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe581299.TMP

MD5 36cc7ff415c7eb3dfbe7ffcab1ba5ac0
SHA1 dbc5f2e94584ada821f223b2329fb2be677cdd80
SHA256 51fae059a90b255cd88e2a46543167282bec32868f529aa83855571c5d7c34bf
SHA512 c6ce9597f1db949a9566560291d11ba0a33369d6270da66cc3eb8b72af8656e2cb84ab1355d3b9b9b5c54004a3adcf32468aedacf92b6930b17b19774147a006

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 909cbfdf75fbc9001d5d3ffa734e9ffe
SHA1 b03e4adcc2b22353782e2bf0678cea3acb0b9de6
SHA256 502755fb2908f385b895a875b791076c9b4f6eef2f49fea0a855c517b73d065a
SHA512 00eb40646c25e6989b8c7cdddd5cfaaefd6ded6866cc15cff2650ef03a8734ea9d9254903bf3adf0eb1f9c3de7ce4ef12f59f22de096d873cc7e29f613d04671

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1c555b7b63b3113b8d9ecccf0b71ec3e
SHA1 7d835fdab937022a8dff72cb055e5908bb8b54ed
SHA256 eba7fb2103106aba0ebab18f0bd0691d89a432e1dd88b43900844378918cb065
SHA512 fad5933299c3adc8dcb5369211a6486334b2d251c00d3422b26f7b0a7f95a2fe9a9d31fe696e96ec39eab3bbd2fb0683486f9f6641d64774314291e983ba1606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81f78e455c306106d11280c2846f4380
SHA1 d18a05396ffdab9498e879bbbf80c9fa6577e93c
SHA256 c78b3c2eba4061c02139e4636474d73b656094a696c88e9c112b010871b1adb0
SHA512 37d06d709f49c17f3105194e32a44f4c5eb30a08015a11235f82ac012c8b0d236b8d47173f56b79697a370e3f57582a1fe8a85b71e0edd819a5a5641ecb5957c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc9d61b9730a87862fae3f106c0ea515
SHA1 2f0fda5a3dff4a52f6340e4e8abfb53437bbba9f
SHA256 c9152202d85928b229cd530db9082a6881d3babf38af57bce7ff5c3dd7dae4df
SHA512 fdb8cd6070bddf7b238b1b3f0a73afd5af85f07f7b6a13960cdad6188a67533fc54ec943d27a05dc1e0436f5e4332b1e18744b7fb4860366ecfcb6ee6c88b656

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3a7128b08f78c1c09171491781ce2b1e
SHA1 12ad5f38b1835494ffeda985ba6f643958982d3d
SHA256 3dec772c3eefc5ae6168501b7e5945ba144c5a0d1a5225d206dcd6b723156639
SHA512 9ecf49737614edb0be9420b6f3812c1198e795d218d96a87fba02558e357feb117dda908a45a86e6ae868a45172132f1c3f44b443bd22df0d83751edc2f40294

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3750cefa17b6c222c22af9a2cf3470ac
SHA1 dcda615fa7b9ecc78a90fd389d5e2605eeb27e27
SHA256 0894a72d8e14d6a71d2df9d6eead28ce343dbc83f23823ebacbe556915e34691
SHA512 b75bf00e7252809657bc71416900eab71607ba75111ac5473f8be364a393425af92cbe268c0b7a44113ad248f98980d035390ef836deb8901d8872ae9c2e1f8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a3646d4d62dda9f54b6538be93f2b8ff
SHA1 7685d09a1d6b0642ebb569a06bec2ac254c695d4
SHA256 9b8293a7dbcebd6d486642257c253a957c4e300792bdaa32a5745c7c5c931dc0
SHA512 ec6e9e8d571107515209cf286f9cd42fe5425bea680a69d8544352165fc198aceb97e13dca761941dd9d749c5e65c0be53686f2629e2e83962b6760e47ff2457

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73289778468023d3a19e3c2d19f51e14
SHA1 c7d1344de974cc396fec94bf9f42c01328bfabd3
SHA256 9b58eac744b1abcad7132e65aa6704332c533cd430e86d7acec2c7f81b32e7fa
SHA512 7e86991c8848b7beae987f8425ce7b4a891cdc4925770876466c383ea3e8e0e232112d7cc6a3ba712293719eebb3add2ec725a77932b603999d0902c60160005

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ba7b7074dd08d31f57a72c5e0a55b726
SHA1 335175b785cf891a88d9dc4b0775740d905308cc
SHA256 2f37bf60230463dbf64e4a0f15220a575eef14cb491230552184390002d8a1d0
SHA512 9826f0c35554d865ee5e32af97923a1c1e3dba6e8567a2ef1647459156c2fda6c29e21c44e118e10f8b87eca8004d3b90700176fd75a5c86a9c77d5facd13a3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009c

MD5 13a6070c97fb5d89e985335be897d7f7
SHA1 f2491c79cf438f9d7b9c5e009f3f77ae5c5db535
SHA256 f092c109fadbd6fcffe08f0144650f26190f3d13a180de173e68ea334976eb7f
SHA512 4099db8431da2e1a4f2900c6a4dc65b35f37d26c80f64e639ddae4330437bc606099678e124e6f54bfdb6463fd95f99dcdb9e10b9196f9961a6375e61c2f1dc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4455a40b7054566866904d213d97d4cc
SHA1 6a8b56b8093765f80a6594d000853ebb8d7d0dd7
SHA256 728d93102e2b6fd8ec5f64f1fbd9b1ec067318a017468e80d72c642f47d553a8
SHA512 1809b4c5d3e743b2e2ce90a00db43639019264e317e4cd2f04ec6c0189e79578b3af54031e032da5d96b751dc7418d23d803fb63ebd0772b670bfbad58083629

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4724c05adb2ce5dabc31acc38fce48a6
SHA1 06bd2de131d49dd2083d21bb27067e3e2cbcb705
SHA256 6da64d071e69fce81724ce145d6198e5b23fab26ef2dbcdbd9bf826d3352623a
SHA512 295cfb3f0bb682c810e5f2d70819c1e4629485bf2b3db88c88e719c78c1248b1a4692c4fb537104f0ca7fb5c8d68c15139cec0f77af51ee6bcf4a95181a0d0c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df98740c72ec5643409572fdf0d8408f
SHA1 705c52a25ca89fa28fe76d14a709b0a8244c1411
SHA256 363a087ec0a346ee4b678597f40fd823a4c5e172d352ed70f42481ac116c264b
SHA512 3feb33f19ea77a57d453d4701f867e0fcc5cac2c833e435bad14ea7d017118f36a1c8309a18593af96c279af66a57064e87f195e3b6b5214aa1ec8ffde3452ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 22e53e46c53f9c85d2c3905baeb34a3b
SHA1 1a00490b2d9c2a51bfa89b6cdb584e03198b2aeb
SHA256 dd31b6892de841d4b9b209b0d3151a7c1f5061bf4a57b5fe5d48e689174751cc
SHA512 41ff5483e344444a6e311a20725721d6b5f427d0a65f49e29f6a6254a5674f67eebb514f1839a2467b54a63baa6d0bf2f93266dd607692c35fee9035ceeb27ca

C:\Users\Admin\Downloads\SENSATIONCRACKEDGG.rbxm.crdownload

MD5 16befe12c32dd32c01c4455eac433a41
SHA1 fa3156b065b2e299b0e1a57b195ce4fc699cc3b0
SHA256 cd72af645d942f211b8dfe41afbfd21ca6de9b54c51d61cec0cd3cf3e43e0071
SHA512 eb1a8883f35c7e2ffc24f723e572d25ce2e745a585790d78b0c1528ee104d2aa7058d0a6c5acd14286edce0e8cc605d37b68bb2d2657f9ccd18369f14b1a58f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b194b9a62a91e90cd6dc1b700770657d
SHA1 fe7c87d8251764fb240cac69c7f8be63e5a19f65
SHA256 599345c3c7a66957b0d2f141fb92cac1dd3a6707db54e8475fed7e44db377ee5
SHA512 057dec9cdece5f6925f4d23732d81feea6d023ac2eab7ab84de337c7eda2ca21984f0048d8eaa536ee2d3456bc3d6411328dcc345eeda614146f9a12a60751bf

C:\Users\Admin\Downloads\SENSATIONCRACKEDGG.rbxm:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 683d9ced5d668ead612359a4a010f978
SHA1 04fb72b8ddd6a9b65d0144e982a718c8e606c2e7
SHA256 4a05566d2007e0d868d873cfd6d5b7a53a0758e34cc387d379fd48c8674a810e
SHA512 7908f3dce9ef0f1b2bca899362f165281965691be6659eefb92c176fa42fd90b90dd3dd0b606c7b440cdec888e01db15be7e1e9009f5f6e1750f00b10eb48e1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eef16e68f18c91f1f9b28937dc74575f
SHA1 f46d752ad889ef2e21d70756b0f6f473e826ac78
SHA256 089aff088d7605714bd2b75436b8c0f5ba394150e5d7a9c6679204ed85e84ff4
SHA512 680d82c372c6b2eb1609a69d620af5ad10184b5db287800285f92b255a442cd7c7aed0614bce1cd928479f4b0be9460cbaf0462bc707d1e327a05c40955ccabc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5aee837ed1e2be26a20342791fe0b738
SHA1 ecd1785cd423e42177a15a643943cec225c3dae9
SHA256 b93cfb0bf8f5202d2fc9e47639de758d93d570994c287dcde1a6129451155dde
SHA512 4afa8a381ad0ef99c6fd04694d3dc91eec2177806937e738bf498e5f512bae2f996a58328d51ea891adc191730801696cac936243a1c130a4379a52d564f2cdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 5b7e9aa06fe535fc88117cab0e7b1c16
SHA1 3aa0c9111e25e9a8283ffc916928543a0969d9bc
SHA256 c8103ee4d8f485d3ad3b601ca9138048d71ec8c52fbbd166a1c47f9fa8d99426
SHA512 e8f06eb2f7e462cb83677bfd7b9ef42e9427fe596537ae85878390fc5e2819ad010f35f58ea516f80033723ce84ad11a66ed2886f4cea03a4c3e5bbfc203dc8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ba67cc3661a81a477456abd4646ef31
SHA1 99531ed9fb500913b4014b50a9dd1f1437094f9c
SHA256 e1ff56fca681fdec8ee021ea9491365fe93783ab12e7459112b338c0effa1704
SHA512 cd28959919b290fd3b230968b9fa3ad071498051b281c78990b3133956956e76a9e11a60287b326bfa0a51307e61e87c98d237a83a7b3f17df24e3a1c7282282

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 49219bc2d24d458b8c0c61feabed3cb1
SHA1 a91c364032246afc4ab2fb77aebf2b5ab039c85a
SHA256 0dab039fc2af6e7e87376b309885a369ca11086b9ac4da505df31520c2ddf6dc
SHA512 9c406c6920c93b15b6f8b2eadf1efb2e70fad052e0042e640e5de8edd56629aef4565377028891f27b82fb7cb236bb7faeec88238adcf582400aae09eee97683

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5898120c1a111e90b6188cd6b91d2e75
SHA1 2940154539323907bc9f2f0fab782f6f8f6d35af
SHA256 01a156548c2474f848c05f46ecd4b574d9ccf6cf24f5aa6ff6653929a77c2fd2
SHA512 47f904cc9c7820bf0f50a1615573f7576b6241d947c85ffd90a1fef654fdd31ebf130c2dff495ded4503b9b2d8b0a2d4e1590568ed01d6b94cdbac8c01a5b6a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ba381a6bdd74edd7892b2f88dd0a2f74
SHA1 79c9a5304e5de61c8ddc97a30bddc6f4594912d8
SHA256 8f4a900392dd79834af0a1d88c8d365f71a1a8e56f21a3ed3e6f3832b82c5beb
SHA512 64d72e2b063d3f79b9df64984d9b1f5855eb23aae23ec4930cfe1e77c2e71e9ed0fe6b7529e713e631ebac3850a931d898da1d4789c2513b8ee397ba082bf3bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 415673d5bd0b142ead4624f1110fc16d
SHA1 d161c7d907b26ee5bb3742f021dc4779f61a0c4d
SHA256 75be824bff54325f9a4fee5cc441d7d5d534a28a95e1d27b63371729d425ebe3
SHA512 3a73553fea23c9350fbb0e0b4c2afefa19b0fd531731f3ce68ded9388356f1e6a502ddb35805ba1208206b575ab73761d95c651e2ba85299e88779e6ae90684d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be80be23a4333092149fe821abadeaee
SHA1 75175082b90e33f29f434505cb8acbe6692a2b6e
SHA256 c6cf0f2bab575a2e09ea6b3fb57714325dc13f3d80f5fd1e361dea8841c5e2b4
SHA512 f2faf545c75930c5f71a1cc7356ea49e1acccc6dc05cb3cd7f329b683293bac7b53872084f893442f74916e57da6b070933581a1306dcd0e045b75961007f3aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 43d5086cd6213c0537299529d46554d4
SHA1 b00a95e5ebf349bd98a401903dcbdf5635e81fda
SHA256 38a09585cc16b40333fa1aaa440502183b0af75835ef5562d17f316d5b0703f0
SHA512 585f65a86e2b5bc523dedfee0b3a7b24559a7eafe23158d964a290a043098f2aac82c3e940fe70edc2b006b031c641235ee4ea872032c951ac886c72bacdefef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 21af9bc981d404957c6344aaff4b3e28
SHA1 e5569bc0876884ded0d9594432cc261effc66d47
SHA256 e9515acb1b0c8f7c1008358ed424d6563cae681f0e87c53547d0cb7b9f51b051
SHA512 fb42427a114a3cb5739c30f6235c4fe3102876b2063772665c82ecce483955d357dead930e6da185f2b27fb0e72b9837ee272c3271efa5b7e80f98edf4cfaae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b21c59e5d994637ea3f0d3502e28358e
SHA1 2976d633f7f538c2fca5e79524ec64d5d03de628
SHA256 ccccd070587b3d8c0c53d934065cf5bdd2cb2e8f247164c61e7eb5943abd9ce8
SHA512 c90f9ab8fb3ec52bad9294c910b4b1e8c1760efca1c3025156e2c517a3882c7aa24056a742070e96d9519059af5f19128920a4056b06174bdbd2531d593ba2b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5645b498a323d3dd0c4f819bc9b28f9f
SHA1 b36eb346c44cac9f1c81d18ce8aabd49ba28fa87
SHA256 2496bda4526bb0438e26c605cedfb4fc02d54e5d2bc83e20037ee34b75a2fd1f
SHA512 aba727ba73846aadb037e03db6bfd7e08714638738b30906d1e84ec0299764f05c88487c97227b719127a13e408dfc71a8cbb9dbaeea96f36f9c89b6789a892a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 42c0bfdd90767c5681e7a991abde5aba
SHA1 bdc6fc68032571d61c9f251011e7347c3df73f37
SHA256 8e68ea13f27e3792b714d6ba2522d542b23e0f6c20d7e4e1d01b3c71a627b57a
SHA512 72bb356db075a948ff8e254c424eb1300fde59e691e90c13905a377902744a168c15580934cc1e13bafee72c3fe66b8953b62e4e0c06e912426da24ee2211618

C:\Users\Admin\Downloads\Unconfirmed 652049.crdownload

MD5 529ac613c7ac1ddbaebe9e7d9f82eca4
SHA1 fc8cb991735a98a9663776a61cb9c185a3335f94
SHA256 cd6a5d746b5c36525d781e6d40368f87a3edc3ea157bf63fb55baacc51337f0d
SHA512 e2378819587ed7eb417d0375d49a55ef9292b9e8d22718a52688e3fad59d68a711281f25d1045a9da5442f2d805b9d98aedbf4278c9188208bb2edd917751e04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 40077c586432266d11668187c5d61040
SHA1 7a788e4b1fa8eaef3d3c3b5d0e7d80142ab617e6
SHA256 995561448e245fb2b7293747a6ed244aa62319fa204503f9190ae84236273ab2
SHA512 dc3f79f4dfa1a5b319a57a18e3071e6ff914001b22ba31a69d73e77414592747d4326c6bbd5070d95b5911bdfcad24ad7c7217f54033b106aff1f544c0fd7dd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3a90af6662e3e5a852459070913d7fec
SHA1 4bd083115ca269b1546db4d0f7c24394557a8f63
SHA256 a7c32ae7912a615e3282df71fdf2aff8c46643ed98858b1963d09dd1c4554aa6
SHA512 1a297e3b58a6e305691491a282f7cd5959b055d3234a94838d004e5557a9214c3ca51565850ebc7ad0ccc545f08b168489c6c9161d3db8cfbbfa00617eed071a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ee5683e918bddd1d12beec2f773d9fd
SHA1 4b0844288087531fad6dc107771fff8071db5b1b
SHA256 df052de22a33ba424fbadf0c521aa1978059f8ce99abf0bd3a6f7ed59733ee5a
SHA512 7824165ea457a7b29d0a6eef753eed4940ab6ce075f9731505656bc1b3cb019f8d1e47ac60adba40144c3f5a39bf134a92563c8f749f1dab2806edc14bfeb49d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 204e8e6ac9837019a039e0ee2bba6f49
SHA1 ab903801b5fadcc0fff236b09469d50baffbd7ae
SHA256 c34dc2e26c2d4d525f5312a80cd4855317e6cc0202fbdb801acbf57c7c842ee9
SHA512 c004637576dbd78a879ea028a1775550a3d9e3922c8a3a0a92980591db8a71fd113284c65e97db221de4e519023d6d4b7350715b758ecee76f38c891c5f64bed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 fb40bb8eb3a09f5e28402d4d5bce6aaf
SHA1 31ca21e5e31a9c546601a8a7d61e1d79f656ff38
SHA256 26a5da5e3db263fc5f4915ea0535c3f64358a3b7c8f45157cc72cb2e691a75e7
SHA512 62b82215eb4677eac4e5afadc054b88697b8bc2ddd7d19b0daeef1deff12ff49668bf415422447ba427569ead387d1ddff4fdf60a39207f643910fac697ee98e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0e8717f892bef73d9d253b7000615461
SHA1 3569419b6ba7e07b81e6c51e40a9233481dafa30
SHA256 d80f880d8df6faad53d80f8b3192713462048e478e41586181b0b1e7b66657d3
SHA512 86620a7410e6a128902f44cb7825e0484fa3224869269ac444e4ec5a68193ea72f9b415de45d30f1a854ca00028a640ce6af39ebcb3143a35a3f51799b438318

C:\Program Files (x86)\Roblox\Versions\version-c46f37833a234ebf\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EUF922.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 a05746997613c5efbc312d2f9c828b25
SHA1 f71db032c217651be5a475ff9349767620204c7c
SHA256 45a42ebddbc6a8ed3406939d4826b45fcd6b6fd8c6c3961fd1f56d1e9e2409ce
SHA512 e644d777ad69f524b3d22a0c32dc178cffef0c94e3eee7fb19e70dc6694e1326aa35b6161c8d69a11db3d190fa09c7721b6d88e27cb09ad3f64570658c748424

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bceb86b1821ae90e0299bea1b23f9fe4
SHA1 596841d9ede02bba87b10380ded477625a0e6492
SHA256 eddfcd2d4521a28969f9f6da6e55deb45f5fbfbf00d3a9d576e2d9ce2a647f7a
SHA512 15ac8b52b38653d58e6055852bcafdd2ee858047cdd4db7770483b77b9fce3d8e7d4ad6c4808523a11940d811ddce76d3ef874330c2f9637440c04c885a31002

memory/1616-2172-0x0000000000D70000-0x0000000000DA5000-memory.dmp

memory/1616-2173-0x0000000073E70000-0x0000000074080000-memory.dmp

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 6148dd241eb32cfb6037da656fd1e1b4
SHA1 16450deea0b2a86d71f1c84d9af1abbc452a0b76
SHA256 5fa7c6351e755f685355ad1c154e548df464f9f255649f19c30e0a3199e935f6
SHA512 f94ed956443b641963fd04482c45acae5bbae557fb2985fae3460a6406526fd56049aac569cdd51ca25b4a4e3bd9c0af0ae3b501244bcc0de76ac65ac71d50a0

C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.79\Installer\setup.exe

MD5 365eb1aab5e477760126569b7f72f85a
SHA1 06aa9c213c163b7716644314ea6d3997f882ab06
SHA256 19dc1f8c7901ec057bfaf763d8354a07880ce6fa3093185c64b95d082f8055af
SHA512 0d34bc14ed5328f2ded1c48acc29872a2154db0c4c9072a098266a08c0d0b235705223f988e64e3fd418e9c62338560e33d7f3d9ae933f43da77763e88938888

memory/1616-2232-0x0000000073E70000-0x0000000074080000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19f990726adc41080063171313299fa3
SHA1 b389616abb0de5ece07a560c3ded1a20b2200fd8
SHA256 e7ef3326d09908ea9c56c58dac52f5d934f29c0f7c558abf007004f3a8f85af8
SHA512 f056ef68de9735b468edc82d7dcf817ac41eba4d201e388fa552db6699afae8f28426c64b32bf4c7c5609db8ec2fd6eb3936b081a249bf50d7fcdea9d73db3c8

memory/1616-2263-0x0000000000D70000-0x0000000000DA5000-memory.dmp

memory/1168-2269-0x00007FFD05A90000-0x00007FFD05E92000-memory.dmp

memory/1168-2268-0x00007FFD04D80000-0x00007FFD052CC000-memory.dmp

memory/1168-2271-0x00007FFD05A90000-0x00007FFD05E92000-memory.dmp

memory/1168-2270-0x00007FF6DB4F0000-0x00007FF6DC4F0000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 79328eb6f1444c6b7ee65371c780ab77
SHA1 c9b6c2861bac52d70570e9f91d80f6d133e5f786
SHA256 ca39d161540aae5e188e3495a24d138230fe9fb277c5cb3f3b81877478aac11b
SHA512 f0665db43f5b204d359a2bc980932c4e51334ac702452a383e2df2fa5af523df96324c0902ef911750f8d4fc844aff4fd3668b37838455a2232ee47387a99f60

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5d3655.TMP

MD5 d9e38deb4a9e6e1edf32bbe8a733130b
SHA1 869547122667a8734dfca277413018b871a804b2
SHA256 9609ae7446116155606e27925c7d1f17c7fb0a797960b6727fa315253e3ee471
SHA512 d951d2298b8255bbcfe3ce60e820ba2d10cd6773bcd807356b6eae37fc95979489b8a904c2187f0c3c29162a1f04672c7f5b7d8c49d5bf30b3ccde83c2d20516

memory/1004-2316-0x00007FFD28350000-0x00007FFD28351000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Site Characteristics Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 f54c4c0c4926a517e64b72a6fbd20e8e
SHA1 252ea0b98bcfc643704d1c8742184820167c9470
SHA256 bcdc6e6bfb5f898d414b4dc5bcf1349d823dd6bea2235f0fd0c99139b874b6b2
SHA512 96b9312b1a2eec56a6fa9f792d277b5ffb1ec852642fb21d8e5bf582120c624973ad3d71d112cdd1e7f6d08f4379580d99678703d387ad6a79754942066a766c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 ac069e192326ddfc35a021c7072e02f8
SHA1 3bcfd9d00595557264e7d2c84c3d36e48ea6d923
SHA256 f46e45cdbaff1af73abc002d8e8fdbfc3b440c7c817586de4cc83c1cb2c2ec18
SHA512 39673c5c9df380dedc5031a02dabd91af3b52d5f4726d3145877e50330f792ecc7819bef287a84cf1eea46baebad60db9973ced9b6201a7dea5ddc491570c2f0

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Extension Rules\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 84d515b330f2b4ede4d98abed3b653bc
SHA1 8173e8ad22b5cb8436bc6544f7273501ea8e76b6
SHA256 d651cf275756ba77e6470cf551502f2ccbe31b086f7940a4cc42fecd5b861911
SHA512 1da2e79d1817dbb2d25d528e5c8fda2c7c8646a653e97e18e7ef3c9919212dd7128ada62acfd55ca896c05a364918287952ff8b0afbe09ce9a260585cdbf5a7f

memory/2680-2415-0x00007FFD28350000-0x00007FFD28351000-memory.dmp

memory/2680-2462-0x00000255AB530000-0x00000255AB606000-memory.dmp

memory/1564-2468-0x00000245A7ED0000-0x00000245A7FA6000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00000f

MD5 0c4880fb1de7d2ef097042adee0d2d31
SHA1 ea7b12eae99f8f044352f1dd1bc4f7ea3786eecb
SHA256 506fd688cabceb56eed3a3ffaed6afe80f124c61b223b3c8cc231c74ceb5c73d
SHA512 74d5d2148505142bcfee0f99d3879a4c5baca87575026df3eac7d504b56c849f827645b83fa7fe2d64bc6bc3b53ee35ad458ba56b846b2d4a5e03996e2ddd80c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 3ff751700ab34623e0e3aec339c43850
SHA1 e304255f450ddf9655747a713beaf81af0d74799
SHA256 7f5f66f886804b357bda5ce685dca7c19adafe01077afdfb826278b7d5dab511
SHA512 a3314ba8938308f4d5d121e872ba3de5b7f2d8c81b93a919b69e4c9e6d35d0b3b9760baf7790c2b5ba99956f93bbc104f5764c22e2a20377ab5a684aa7c1b1a7

memory/1004-2648-0x000002046E850000-0x000002046E926000-memory.dmp

memory/4524-2651-0x0000025C804E0000-0x0000025C805B6000-memory.dmp

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 65617df4cda7233b1e5aafcffeca58f9
SHA1 051d3d360bd6db2b7ee4e61337a8ff779374c28f
SHA256 f2c6b944bd86bc4af7c2b2b20049df93e09020a0644c0c77943b47144b05f61c
SHA512 aec4c37bf76eea29131cfd94ae674c398887c557e0058d7645fd31193739e5a240e72b8eceeafc86b8cc5b9a14d23707ee6662c1bdbb04091e73067c66f9c4a1

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5d8a70.TMP

MD5 d4a339708d23bdb8462891eccdf2d1b0
SHA1 9726526d2357c0240a44707b59aa84a3242e97cb
SHA256 171d7dd24f98c6c213ff2fa29fbfc874e0784cfaa1e4ac14e1b7a10a90215dd6
SHA512 916991787ff64fc9afaafbed9d7a23e764af898580ded4e67056d3967cdbd8fa56d310a9deb50da819374ed3e24386dc12a67b9521cd6fafbc1997708498c2fe

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 aff5a5053d6226c2847dbbcff88df0c2
SHA1 a49ce601fd026e3fc88411126cd16b87e3fc9f19
SHA256 7f352b90b415926bc230e2b9693ee43df3ef5e1d5112637723a4db893f1d8a14
SHA512 cace0b9cffd581ab0560701c7e964364154b892c3a6948626b01a6fe92fb41a9f8a042442eec61bd18e51ee33922bbb86afdecb55e3aa2da13cfe3a514ba2165

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5d8c26.TMP

MD5 72456103d59731c80c4c717db7a26f79
SHA1 6f60ccbb2e7fb0ee45b2576694f8f85537026b16
SHA256 98676b1c7e7ac3ebe4e365a405760a68419d59b94af964af97a2bdbcb301faf9
SHA512 0c14dedf75a99baf85f19c7aee29986b2ae82cc33fad5ac6590b7d6fdf0ff38beba0bef8a20162957e651114b001305325120b015fb8f8bafd22dfe2fc32c875

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\SmartScreen\local\uriCache_

MD5 47d41a980668e9bfae197488d6d56feb
SHA1 8acd8919b112d637a18e4c2f79f61fd62d2a1e6d
SHA256 87c1ba0f3a75480bef554b38abd51d7858bbe2cff07d4fd29162b4468d2b6c43
SHA512 165cf9913129bab36c22399c3636960cff235313256262439bea6a1ed78cf80d65690254cc63148e7e13bb515b513037ab6be7d20efdfb12b07985339ada36fb

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Cache\Cache_Data\f_00001e

MD5 e0a5b5b5b60870c900d4e965d0582b5b
SHA1 324bb751461fb997107f4c2f869042b093ac3ca4
SHA256 a4658e257cd9b7c17301efa73ef9d9d66c9561ceffdbc92fb5e5b64454b87f96
SHA512 e7c17425d5a6954710393ec309e473db216db095072f64caa968b9a3e1943efa75160873c8d965ee1a36a7493816c11a59bc24c245014fb9f8e6b5d043c7455a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 d4710fce5b3f78e64bff4d3604181b13
SHA1 72dc409601b6f21916b1351ed721a1da29ffafe5
SHA256 f6295979a4f421baa06841d84125664f024bcbc3eda3663c1ff6687459006c88
SHA512 344bffe0e64b0a1049ff3942ca3a691eeffeb628d52867874a7faf636cb2364e40090dc418d9a01b93792286b5694e5203ffefa0d72b6e7d49463eae3d5286ef

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 f5bf54fb1ab884b79811716ab99e55b3
SHA1 4cf867629204aae6e7c5a63d751943e704f7eb0c
SHA256 eb92932f0f65cbf77042f7a9b25f7a3ecf75cb4660dcc0a56c5801e0fe373d8f
SHA512 812e9b9f82c91d182a61a0b4b5b4d7ef582dc86f30a0845420cbad39b56f7b95f6bec6b98715d10e29e2fe8e4bce8f175fff07e156b218a2a2151110312d3499

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences~RFe5db8c3.TMP

MD5 99e92ffd8536f42eb8b8e99f5d7fef70
SHA1 8743f02fd4bfdf4002d8d7362c4c3739822bf16f
SHA256 ad397c0f517eee7dba17ea567363463069d3ce7c702b888b4d28b0381016dafb
SHA512 366443d024ea37860b719147aa4cfa844409f1f7b8d046ab41f63040e353222ed28a9b186a86b1b532a40a2fc53abb16e1a713958c39d36e812f8d4f7aeba558

memory/5188-2784-0x0000017240350000-0x0000017240426000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 afa0adfdbf24161fcf20598f5027dc61
SHA1 7ca1c2ae147773381b774dcba1ad64f34a9ea58b
SHA256 c612276dc81150afc52658934f26513cc55ca3b263ca7f72b3ba2f65867ba9d7
SHA512 0420eddff069e45b8201d3df6441033d19ba2288941b8af37c6b4aeacd648265cd2baab8219a5daa95fc22be04da0e452072fa57fff201f0d19f8d45aa4d6cde

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 3dd631cd7e9808241c9d7787f16b0d44
SHA1 a69704318ad4fb66ac4883d76b07169a4d967550
SHA256 6438ad16de17b89f75907963cf4daabcee89e424ae6e04af391b2befad6a0cd8
SHA512 5ba1bc3bb6a152c08d2abf6fa29d8fa858bb74f1e780ae792a91c032f69c0e744d20eb1913ccd34b9d2a9dc363db142f94325c58e783ba3223d9efa2e2764526

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 91af468752fcc260a62008c322be3f71
SHA1 a3cfb25a3bb17a777e28c56a6015586eecf28492
SHA256 786da431c38b724ba00d930b48ae729c8796a9140c1051dfb7969c36f6379a74
SHA512 7b045723a2c6a9cb6e45a770aa5db04a10b614aa23969017fa7893680fe28ac86e610437957f8ea8a590c4df46579346b770a330fa818c19b52f995bd6f5ed82

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\cd015591-793b-4623-bb1f-079d4c10d021.tmp

MD5 efcc83cc4738e954ff94d48f1b89a52d
SHA1 0fcb6adda0990073507f63ccb8ab103755f3e83b
SHA256 3cafa0baa7b587c8d4ece2343b49fa616a05d3cf287bbada2655282e07cf3ee7
SHA512 cce39945226797c9146c87af00301fd45c003a7c6463158c93480b236fc9ec4a40961d368960ab32ff1b9ae93f549c25cebba8cf1831b2a61d3c974252471c93

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 81fb775a147946d5c3fbb8ab45f78b1a
SHA1 604d743c2d0bf8ae423ac75fe6ba9624249b2ea5
SHA256 cdee24af8aee8092c0dbd91bc7ce058f3a9be5eb75df93d7bfb8d2016a73d8e2
SHA512 69b88f7b7c2b959e4458510ff5f71303ab37c955173176f4fb78ea7a6846383abd8a6cbbc5e9f7b432919766b9e8f194dd7caaa9d2dc44de17e69e0a1fea08e9

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5dea72.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

memory/1168-2996-0x0000015E0FFE0000-0x0000015E101E0000-memory.dmp

memory/1168-2995-0x0000015E220D0000-0x0000015E22510000-memory.dmp

memory/1168-2998-0x0000015E20DD0000-0x0000015E20DD1000-memory.dmp

memory/1168-2999-0x0000015E20DD0000-0x0000015E20DD1000-memory.dmp

memory/1168-3001-0x0000015E20DE0000-0x0000015E20DE1000-memory.dmp

memory/1168-3002-0x0000015E20DD0000-0x0000015E20DD1000-memory.dmp

memory/1168-3003-0x0000015E20DE0000-0x0000015E20DE1000-memory.dmp

memory/1168-3005-0x0000015E20DE0000-0x0000015E20DE1000-memory.dmp

memory/1168-3004-0x0000015E20DE0000-0x0000015E20DE1000-memory.dmp

memory/1168-3007-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3008-0x0000015E20DE0000-0x0000015E20DE1000-memory.dmp

memory/1168-3010-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3012-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3018-0x0000015E20FC0000-0x0000015E20FC1000-memory.dmp

memory/1168-3017-0x0000015E20FC0000-0x0000015E20FC1000-memory.dmp

memory/1168-3015-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3014-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3013-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3011-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

memory/1168-3009-0x0000015E20FB0000-0x0000015E20FB1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c764ef227714c3308545699ff17e964
SHA1 ae6692e245bc507f17472de5c208bc7da396a470
SHA256 9b0504958691a3a4f0b5cf973cb92883c9730f5b18392f6c7816af1ebb0fb8cc
SHA512 c5d89c9bf86c31f2b4fd9dc51357eea273743f930118ca95b70ba1a45ce0ef4115d519e7b6e541911ff5627060339db3c4c41fdff0893e5df93c65722f1e653d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a1aac6bdbb2642f3f23fbed64d042c3f

MD5 2c65a49f36fbe81aed88d7626a0112e3
SHA1 832fc429cd021f288f5ef9531e7dad6c9c6507fc
SHA256 eb8f138e67962a5c7db64722b78454da2e3c3d656ec8d72c9bec566f10a942de
SHA512 4fe7c7a7e439f6b43bc13af9291994ff913fa65ab1d77f162c97b18ae505b1c46ffb2c9236b7c9010580b095526a58204bf182aa5d476e3d0a006b2ca450d181

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ceea000e430b7c9714bd62a61ef5eb0d

MD5 e6bf3b994b7bd85aa47c17406d367d2b
SHA1 b18be2803acd9576aaa72bb19116b09680f0cbd0
SHA256 92638ea5cef2b20242923fd21757df86c8c434ff12243d480250364b8480f2fa
SHA512 3e207bfe1b30c981fb533971769a4051c0c87ffbfcabc012606ec939c5b66f2bf59cefeb85c2b903856d6396584b2c96472965c11d90d6a1ac9f59b29cf3d664

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0f10b6865c21c904e29f52a54a31f37a

MD5 38b25c1089062288a7a9a8876138e465
SHA1 d7dc1955cdabe9a50ef4f6b345c9012e3efeb56c
SHA256 e39aceee4952e730f1a101894520b046ff21156ebc79c0f8e070e87af20fdd29
SHA512 198469bc9aa03de2c29b322cee7714a67b1b421a8fb0b6ade7148f54fb5ea0a37f6afe5e80f052f41815174363ca2b2dc8395534c624f0f87d2f7a0e9d773dd5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3acc8af1251b7ed321f9b36da661d9ed

MD5 808cb55c51b6fc55fa6cdb17892dc876
SHA1 4487b86a3a42ff05e109800b1827c100390245c0
SHA256 eed0725bdeac66a2e53e7daaa033f06c360314d751df70176a0af3f23eb08c7d
SHA512 0d2e6534792e7d417a6fa8403f22397f406352a38bfe1019d87e0308d041b3e69d7defae77e2bf6b87adb3b7d59718efea7d5fad340847c681eeb293beb0f24e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\95d98e1cfee595f720d12856399cbd72

MD5 39be6457e3ff988375205765c4660895
SHA1 8e946b84ba320df9c28aaa6e759e24719ec38aba
SHA256 1194e8aa1e2ff45887bca03f3ddee55de61436c660e162ae343ee64e7d146da1
SHA512 80f75601d5887291d0f2884945dd2ca197090431fb30dab6e6ee9ef601076950922a75f23a577dc58824a8ea7f57c48c1a742cdbc13a28215bead6b2b0b47033

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0cbacc9a3c6aa07deb13db83f658936d

MD5 e3690a37568ee9fe7f191a17a47e2146
SHA1 476c939e0ca065001820946509e36ac2842fb1fa
SHA256 b8da756d34febd98745815e7ee643c49dfdf1adeece7fbdeda22487c06472f28
SHA512 c7b777cb3616fbe210b58c1e2395ffb378ffb36c2fed3af8c634e7d39667b9b433386d1a284f936a1d4e10e76c7a678e97216fe801cf95a0fc3fb313fc4514a3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX3993A7FA08AA48D19721954AAB6F8729

MD5 c76ac26f80988d0fcf03874d625b86af
SHA1 b04a5e95018f8eca571daa4077e66626b9ba0de6
SHA256 3dca66141315cdee30f7604013deab2fcc1dd74af93f9630fb700b7606f531ab
SHA512 23ba1357212eb135ad87fcbb81bf73fcf2e189da34f08ca1cccd40d763a856e9ca8ce5514af395caeefca2b0dd3a6fe3b8d43e060c5baf5139fb357fedb90a59

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b0cd0725ce628c802aea646becfd46a5

MD5 b7c03229a5a8d6586e4532281bf1bcf6
SHA1 e2cf4dcb1a5ed9ec90882b05fd92a1cb2d9b7031
SHA256 2f68626defe72fe2f0f653e4f329dc40a4da28ec0b6805b7e372df74503490e4
SHA512 4b33587bd1e348c0c3c90ab22556c1a1634c9c16a7986d5ca92cf409a6bc9a2d4ef6ff29f1c56fbaeea7ea42b9e6bcac980f3a13869c7321dfa94b3d4c68498b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e14d3946dcfb1d3207f48a7a426a900b

MD5 655f8274142fe39fd58adc948d1e9551
SHA1 f88784dd34f4aff655f61df9d318b5efab731899
SHA256 11005056cd5fae51319531f5c7797c6e735c5291219838a838479f4aa98f5858
SHA512 c794c8e428df6d80688199c1d243959208acb6befa7da3ff5a38528b9727bad297cfd058871ade880d485413941b9dae63333fafc14af7c8934a45b555df2453

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4c09f3826e0acbed3b59a6fba9234bc8

MD5 97297640043f07d8672bf787f8f8df6a
SHA1 730760039349b3ed36394388c508b6689736d34a
SHA256 f387330d7cdd369601c336187c2db973e93e2e02d2ce06eb047ea1f395edb536
SHA512 29eb96fa90905f5fde94ae4b1f610f98b99c9343706495e15ff6951430efe3cd5955eee2b8368d5b8192f9c6a699b1bfdcc0a32baa9ecf389c93f4748109ea9f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\60263c61c0e63bbbf8fc75c6c5d396c0

MD5 8a844d0632efa4ebf03a93c99f9d7390
SHA1 ee697ee755faaec2448740d684eafe97b44a99a1
SHA256 8c1e0c72179308fe3904c284bb609b58226200a6384d3cf9865ba9e008fa98d9
SHA512 1f6d0bee7d2896e038f51a55624ccbc84b7eef1d4d98995b0e3e6ae46df6b39016d3308b2c9a211f7ca1ad550a0ba41769f96f1d705384a98b081829fd352f2c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\27ad6f7d7346dfe77241119847ad9ae2

MD5 4fba444bd7a4a509bc90d6ea7e03bf68
SHA1 d4b202a2aa85d263c205c44d180fa26f164c9b2e
SHA256 3b5e273b236d33b4e3f929a110b20482f42a215287eb3e502736668f1398ed2b
SHA512 d1f74e914784928bfc0937b447fd8a138d980090d3b1d1d7b043b30ef672377154845361999b2cdb81a240185976607fb05df78130698a49edd00e2bb4065a57

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e9276eb14c110667c2a79299838b77a3

MD5 dc52bde319368e0a316563e142fdad16
SHA1 cb7e457c7e3aaad55465ed3e784558441355f1ed
SHA256 4f16e4da08547b6107f71e5fb6c3f6748c056c4d9d7f4f17e3d6e89f0cd333a3
SHA512 b3603a726c98e3e1f2648c88dbd49c97b2fb805846ec84bda49ff42d69c29b05695d7e59756599ea0d4a696b8cc3f3e3d1f401b5649498255c115f340fccc777

C:\Users\Admin\AppData\Local\Temp\Roblox\http\baccacfaa70c50cf5a8aa24ccd91f8a0

MD5 25d6afc8d79857382a100bdd42e1fb3d
SHA1 e91acf9098ef7472553bfe258731088631cf752c
SHA256 7295090d4bb0a07ea22366b7ed444d3fc3dad7e9329bdf9c46d7cfda35886a4f
SHA512 db140e88615d885982038400a24d084f145d7ae71795bfef2cada13d74a06dfcee2b7f6ef40d69dcf0e1ed49ce1eceb34493edeb28fcb7502c11958bb69fa4d5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\97649dffee443b97ccf9312c1f68962e

MD5 aa35dbdbeadb413dc89104bd9752e83a
SHA1 57067289388a4976ade450e5dc6b885ab7fe3e65
SHA256 f0a8a22b91f1be1c064ce13a232cd6628b5a97138569a8631df9d678bbe38e39
SHA512 5a418f2da6792588ee7522cce8543d0836061c7840555b91716b206f8dc1869dfdc38f10fe554906ef43eab0528633262ea855a49393de08bfe32e77d7c18882

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f2fa74990639daa94a31bb9b77a2304b

MD5 253dde6821e4054de7ca1a7e5f0ba60b
SHA1 44cb23f38f117d8f926d13b08e34f16177d5693b
SHA256 afe03d1beb9607ebe2faedf3932e2ff43c890c33c51debef0defb83472aaebc6
SHA512 af76d639d1076608e0f371c8bb8b4a4196d2990ab488c12f73a294f82b8020a2696c78a5d272e1355f25b21976e9e530bad418ce6dfc37dfb9138434145e2bff

C:\Users\Admin\AppData\Local\Temp\Roblox\http\aaa91836b6c9982126b9d155562c0ad1

MD5 d32d01855c25c859c811b652df74e31e
SHA1 bf052a24c1ad9eb8bb3de1bdd743e94a5de6b01f
SHA256 4a8d847bf6593312cccb08586ff1672165e89ada2304a459fa93487f5c6b2617
SHA512 583ef343db65ed22e6065e2db0c1cc9a65320434e15c33ddbdab90e1c5e9bbf1b64499bddaf8823f3b80aae0221f5152c632d4c51d1fce0f09c70d1eebd633e5

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6f427f1b32eae250f1e2cd49ee84c412

MD5 47244fad2c58ac1c08389b405a367967
SHA1 0160d505160f76ee8020c9b87e44ab93a0a06315
SHA256 f0318db6a49400b737958eada210858ceb161a7483989c35e639d197d8592077
SHA512 2cf4fb9bb705221aa4da438ab16c8aaed6ec40afce2084bd68a2fbf374d7952979d87525f5f43870ec8633d61c5da559b45a1c757583b2a9d3f967c095d2c390

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7cf12d1f89874b04ca0d02b4264bec90

MD5 8d0e0c88cb841590b33804ec18fc9b9a
SHA1 7acfe00d982e0b895e4a01d12f2a52f8de847061
SHA256 d73de26c98d65d40fb9858efc9983a25243c8d573d9e4ad1c06fe6ff6d17c3b8
SHA512 51898c74381ad6c278aa40e7249caa52e18cd348c005f740fe552d73293398d21d244bda4da26b69d9af66bf5c82cc0ee8abf851f683d7c3a4ad6ee2c51a7d41

C:\Users\Admin\AppData\Local\Temp\Roblox\http\45ba4244a775e185b0561b3035a3b3e1

MD5 d34809720aff462749d8158bbdba3186
SHA1 273f64afd425645513b058a3d60909e1d8f2d7e0
SHA256 7c722e4549815239d040c9ff5e055551e349570feed29f07847789c816aa5152
SHA512 4c9ea0111ea076eb2e2568823bb7ab9b026fa97ed5bba62d8e8fe4130e815c24012d53a8ff2c7ce35ddf4124c82e00cac992af05b474f7e1620c8623a138a899

C:\Users\Admin\AppData\Local\Temp\Roblox\http\78da0b72e2527ed07f3d77a9375a2ecb

MD5 90c62386f6eeba0bd9fef6a021d02538
SHA1 a2aa06d6618960965f091dbbe8fe879f024f4ca4
SHA256 9bae0140e0a7960693116485fbc861996788ca278d96ed5894179e008d7283ca
SHA512 d5ca283c57717fc04dc589f0017706ac74783a41cc342e62d754d8aed623001a6c223ba2ba2316409e3f30f54ba85da759578c142295d592fe1597d787af6c42

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8e910b39797cacdc2d7d9f3dcfd80136

MD5 d35b03bc8167fe1ae6daf0244c1203b6
SHA1 eeae3031c451976bed18413b448c708325a5f360
SHA256 62ef81e479482f692600404c8e0df51c67ec3a90532944d97c729d7a8bc8370f
SHA512 9d0e915f37d90d7e3802208bc7273303dfa39b601840cd306909f232086dedfbb012134b1366da50af86d96d9fc6c6df11fb7d36f32a3f90274a27ae987de7c0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8861dd07890deda4205be2d7d87b9efd

MD5 ed781cc77e9604e5312934dea7e0d045
SHA1 c04a3f4505a08574b1520ac1217ceb71f91b9a17
SHA256 8c263601b4fc05cae11dea6b047e21fbad8b97c3463ba951da04677095680cd2
SHA512 3ce17adb648a941754d9406f6a4b5ec5d992b85b0a8d727d5f1e6ab6b0fabd892092315ca2dddbdb58c5ccdac91c5cd79b27042ff0ffdb4e618b5474483b3dc6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d19a26cf6948bd74c6af0221086bc5e8

MD5 623e7cc5008a49334793cac181a2e84c
SHA1 d1961c7bf3b9039c1a26f431a77c4b30d8b0652f
SHA256 66c553ae98957ced55b81348b8b5e73cd67d377efb2a09710b8fa03669ed844b
SHA512 5cb63556c490047cd1a27607303d242afe6f7afc1ea4cfedc427f1322d5f9f14f04403e4cd0eb5589b45dadb16717dee5df3de4b66f344c746dd047717de5702

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8b1f8282aa1544d0115f432c5189f141

MD5 60283676c594712cec8a52952a77a1eb
SHA1 621d5d5a9f5a198312e7f87322e86af0ea10b885
SHA256 71785e943e30109fdc4ac38e891389da662e09d28853392fe6b3a03e87c57c49
SHA512 3fa1784b253f77b8d0ff638f3c04aa9f184c655f2b79da27f0264619411ead8f466ee8979a34653395a7ab0b5600d803fcde08d6ebaf719d6fa3677d577b589f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\38e5c904f3b6794a12d7a157864617c0

MD5 d65bb18e7ea6edef18860dbd694d2a37
SHA1 da9e04a7504680411c101f1374adee26e0a9a4eb
SHA256 d483a8c348ab4853f9fb4c7087c058bf033154afa011054ece1eb886c0f636af
SHA512 e54f3d219a3ac359f43558bef9a5e00f3c80b2fa4daf677bd1e3080e4b51f540bb656728f1c102ed64f3e58813c53195bae247f2e3630046d1c41e76d1d54f4e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9832b637ee321fe2812473479b38c78d

MD5 b856dd802f137699689177fcfdc6aa5c
SHA1 9201060eed8d35e398fa81a90f76993f0f3f4f85
SHA256 93fb460e9482b938a6bb471e04143ae489c759e7b0d8be89d2c94ddccd893b35
SHA512 b60f9d9dc405b96553635dda10119e4ad297e3b9316e9f97c2ed842c727e152155534f3c6520e4a2c47039e2980e148e36d054aeb2e7ceb1039e2a415d506c2b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\db460b4ea4ba2e670ea2c11f4726a88f

MD5 be3778679c84fe341c72ba48d2fd1ae3
SHA1 8925cbe560a26d4db31a57c90a7f39899a5cfb02
SHA256 c7d57f447da3cde21cf89840f2f268097837d2e6e63ee1ac0ddb746f8db6f3ec
SHA512 b8a510cbf62dabf285057b915cee8026b496cb85937e3b175ed4eb907c311394f5f56929051873897d6b0372807a01afe0ff454b20f11cd814d2336788b4e0eb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\093c2e159e13125dbdaa9b559920f994

MD5 266953cef05a80d15f0e798b0bef0e38
SHA1 2486a1221261d218a8f272579c3bc30510e1cdc8
SHA256 91941fa095af8284e1f73be4fe2bcf72ddb087eb1f7a0c55aed8f6d5e2be4fdc
SHA512 852a82fe9efcf51e9b7e78689dd3611678993f8a28d354699604f07ca398624422ac08cf36b171e53bbaa44ae316c0b68d680f9875a5f6ac147aae123f8b91ff

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3ccd4e6d6742f97ea037076503b0cd9c

MD5 94e422b5c8f750a7973cd9dce627dfc6
SHA1 42fe4cf8327ec6a29cdb45544ba7d0a86a3f4d0b
SHA256 483571447d011d26e9bb0eac4d1c88f3714fb486353a9e35fe7ebdf9a2d65e1c
SHA512 f0224c637a9a71984454a1641cc9f76475a93d44cf2aba626ea0a104e2d8a4d87eef19ec9b8ef4e9934fcf230455b4893c9aae5a779f7dd33e179b3853e53002

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b9f12e52c472d73be71e4466fd721795

MD5 356806382eff893d77d284014d146166
SHA1 b5edf35a576ba6eaabef9f882e2170602c3dfe6b
SHA256 fcd04fbace60408b142c4d0accf078f53fb0cd80f4a254b8f5fbb22694210bfb
SHA512 985ee27437cfe4cdd7d36768818e1516bd5ed3246fae19ed0d59de16922cc094764df07d364634ce614b17078924bca086be65ba01b8a6d2027fb98c8c0b31b1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b163b6f78afd3d9b39f1190832a915a3

MD5 9f5c7653393703023e8afbf125c20a76
SHA1 16f1af961441170fd8367ae5167203fbf3af2984
SHA256 0acf24dcde8e505112cc2cc44eb88290b3c2dcbf1426ccff8571c0b5e6c146f8
SHA512 b215c36363a4cc47df75db2d83e3d918d59cc67758ff8255a4fea79507ba44f3d11401a8b4cdafadd87340fba15fee9a1645d942a4b121e97708d222fd1d4bc4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\823a5c39a80e4033e41f1bc6ae5cc1e9

MD5 63d28dae573287d1c20d0e317010e8ef
SHA1 d230f3ec4c71e73bac89281cf8507a1932db4daa
SHA256 a4ddeecbaeca13194e6e2c36b6ea2867ccafdb69481ccbc586ec50ee200501f1
SHA512 76a7afddc4ef65cf98e6c45ba8834a6a4f5bc9bc95d6eaf7f56340530d4aad48ef9f2be341ccbeb3a67890b0872474250652e034bf9de287cba7748351d462fd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0d406d76c555d7be17a401504def3378

MD5 7585f3937f8decf375c2626004f9ec3e
SHA1 cc7fc1b3acf8c6629f9ea66f608abde726846bb1
SHA256 8048c54d550ebe2ed0035a72b4b24c40a0435f254fac4da0aaf30eb97c9b780e
SHA512 ca6515e20aa4ec0a17e6a44bbce0616938de9813f62e21dee7035b2a6b7be6db4aaac9a5cabbf967f4f086f795518ea77c3bc44db11cb617659273547bf9c5a7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\db80b579ec8d6d61151bac64dd250c28

MD5 5305b85d12035df5b4d784f64b119b32
SHA1 723d53cd6918f6528e1f98c139f05e2d8a96fb98
SHA256 99b0d19a69c8a6ca6fb2ccf5b8ca636f68a403874cc49c6f261d4b862df562b1
SHA512 5dedc88b239759e30f7fccb71c1b5ed92b5d39f75880cd18cc3931884e88b4b3500dfe8e7c9144b14283b91d5ff3947e519bc1f05642fb23d9f6ebba6f05d8b6

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\0\settings.json

MD5 a124ac9f9f82ce9bfa4465e75bfad473
SHA1 465ee8d621bdb73b9987dbe479b976e1cef6917b
SHA256 97c10ff6f86f63a5fe2097b8592321a600ee8415cd1822e441c0ff138139261e
SHA512 2e5205b90c7de76a8ff73163520fc36db7ced0f891209e6f2223ec5419b0a08b0aaf866d9f57ccc7f99a1209d9b94567f840374387282090f54b33f35fe367fa

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\4725618216\settings.json

MD5 e70608559d2cf9bf53b0676b150525e0
SHA1 fcbba629e74f372447cfc9f6b6d986f1efe5d2b8
SHA256 3def99f3841a78d5818ddb1f574ed280efab184259dc06a6938c1fbdc1a1c229
SHA512 5af43f6e008e06ae0d95b9492e88185270ba084d82cbb7f547aa09667da3bbba12e693fcfe8c34a5e84bf4f5c5c81ba25bb912252f26753e8719489b3977dac9

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\6415005344\settings.json

MD5 fdf2bf5923a37f6dc02cf0eabd432388
SHA1 fcfedde5f3df2db44a732515216c7e47859def00
SHA256 0d6d44326578c589db4efc50c0eaf93a44fa5974ab475c4581d6519d17f1b93e
SHA512 ced98f24fa90f16637664a65cd0598341430b6ce2023a92c910ff0ecf24e9e52238f41ad4192a8064595e5987801ec3e38020330e36bbd6b5b3bd13d232a6665

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b58feb4c0d2494da34f7758aaba37670

MD5 86b6727ce6bc7b42348f6959b2ff22c7
SHA1 9a1c84a8b841a6dce2afd894de7d7da3efba1fb2
SHA256 a9aaa87684c9164e154c8d88fcba8059635be5f7e4cd13bf406087f8f686d050
SHA512 10544fff20475c5357e42a35328432dac9f924fb43d74eda7deb04741292909f00090eea823ccb03e4186f880b8f94b9f0bb45492112bfe8c8ad27a35f2295e6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5014ecd2a9419adaf9b864195a55f366

MD5 0f27c54bd73d18cb8d447a37942ce301
SHA1 aa6dad762ca9962748b4139d752eb950ea723e94
SHA256 3b082bedbe4d340dc0558824691c22a767f8559737c170790ebb7999bfe92bf6
SHA512 9b38f774e5f400b3f4847e496405b5a205ffe1dba52323cb05718fea82fcffeb4562ec577aec318d3ee9751c25543a7f70adbf141591727798c4b2d4c1a58a25

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5414d76478faf47879f3ba2747adb82d

MD5 e47880fa53ef363123adaeedb628751d
SHA1 3c84b1f63f95ba85693567520488b466651acd55
SHA256 2f9a13455cb518f8e75c31d2417ca65c6a4b6a8fb666094b1c75e60d400b7594
SHA512 2e89782b6b3580b6ebff6ae510691375abaa880d27bd67979f8326b16930a2f141fe38ab8e43ecfeaf0c198561d839112dc250f96f19032fbbbfee73cd1d95ef

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f8f39662beaa8aa90a16d6e37e88b2a1

MD5 8b79df1a697d809e830f7d2e30eb661c
SHA1 561a4e6e3ab1133fe57c5cb3ec1078bb36c388a9
SHA256 f07f00de0e5578f6595c60667905710ab2d4cc22765f9577e2b63d051e75f9d7
SHA512 2daa2df4581f82d32848433093f89719a70b44868db14a7f6cc909e2a191502cb4c1111f0ad5f92aad215b1f7a9d6755b9dd9ef7750d914a5ad183adda554b03

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4dde5168b67b530ac3eac33b5b2479fe

MD5 e0cf115ae24b72dcd02f2f55dfdf7436
SHA1 3ba20bc0647c79ad67bc96c2f5bf577d981c7d02
SHA256 fa27b669ef04539398776e2945188f2e7c1ec14d0707f134b9dc07dc36bc413b
SHA512 8f1828dcf64984adbf27c3c45881bbb7e60a985092ce7687076d3c3e70a3b64462139175e7e3a7d8bf9ad5f2af02b9a75185537876dd72b594817ffcee9f1b62

C:\Users\Admin\AppData\Local\Temp\Roblox\http\696f9e34bc6bc8f8ced06e4a050d1bec

MD5 a7c6944abc611975ec014a22a4cff315
SHA1 76c95afd96309ba684a7c233f95cd2d2d445a746
SHA256 b6bbe44e64712a1af50f21495c89ba8d3064bcdc4c313f2a94084cc96cdb96f7
SHA512 609688cfde0901348eb038914e8ce4f45ddb5cdcc7915264529a7400f3f23c8de1f06e11c4b27854151411b09cbb3f355b5393c3fdb0c7b425718c721f042d4a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\5976f56155577a6f2cffb70195ab2ac9

MD5 8ec84528fabc0207e4561c91ef395ebc
SHA1 5e88c9b09dd41c057976d396cff48893019a797b
SHA256 cb90e2da9c04d188d2c468dd97c882c7d549b9c739eed6ad58f112cfae20232f
SHA512 e4af578c2040b631d65cd1de9332c4c2da5f3f8e8d4804e33382f9407bc07b654b392f7c804e9d49b5c54c8a01567a47ea32fb05c9eab0c41ae062bbb6bcc2d6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4d8d15e296c92b0f0f68c3c268b045b3

MD5 3bb6112e92a18f302d762fe998bfb5c0
SHA1 389fa4acfed884c89b4a0419e931a6f1042327b2
SHA256 872a04884d4226fbea9a2affc8eb9d744b18fc7e39e4f5c26abde15bb77687e4
SHA512 8971ef94602fef33fb4c45bf83e63d38f1e9740c8ed59634b87c639a119948a86bf157f0ba024d040b55f7e7e0788f5a255ca5cf0465856a9b6f564f9542410f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a251e4bebf450e4f72d8f3d91797fe7b

MD5 9155ccfb630a84cdcdafc49e404ea7bf
SHA1 23cd510380415f8b6cb772fc2676b99a9a093012
SHA256 994803de3fda266984fca33ec438b501a4652c1824d69bde728da8b4c762b9c3
SHA512 5951a1f6ed93c983c81ceba6f17609c54dde6a9165415b0ba98286a311cbc851e8b4300a98e1bf7de251731413fb08faf3447464698f427c5a5bd1bf2d39dd49

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4162ce9b1f420b57bbbce41ceed06f8f

MD5 3cbb2bd74f6ae504963248179b929e38
SHA1 75bd62dde4fec54a8a7351e03cce17d3fbc53f1a
SHA256 953094ad33adca0c89537d4c21d170b053f5324a1188773b3c5b771fab15e7f0
SHA512 6dcee388c14b55a919fd111f98b2bf286154ff9950871cd5add8696a43b7ad63f7db034e93346481424ba60a88e8513758974eb0834ce1fba2fa7cf4349c7999

C:\Users\Admin\AppData\Local\Temp\Roblox\http\0fede11e07e3c85b02c7f8d1e5c9a47f

MD5 c5d0c20dff62c3c2fd1a87cec6e1908c
SHA1 7904b05b8cada45ae0e4d646c8ef3b9cfe3ddbe0
SHA256 d0ee60fc8599499ef11a9aa8c9c11c09f3ec68645634566988daf1fc841de522
SHA512 0275d13b957bded83f7ad1cd0b93d0dab69c52728651af51143aa3450a84f63ab9e5014c344bc7050aa6c6eb735828af519c25422f2987d69ceb5beacb8e4905

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f36872c3440604c080b87017e1deb692

MD5 47054c38f2d9848033562656745d78b1
SHA1 07e5cce1fe236393ca669532b3f79731e9ef0a47
SHA256 b5656a088a64bb17a3a054433849279b1ada32444c2e5af69d6257d4c85e48a5
SHA512 7381b39c9c7a648e49d836df95bbec10f7b659df3ac99c4c0577f20d2f007cef7636ec377f2076a8ad87eacc2923031fcd30bdbd95c15ba51be9d10d5af3971e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX9126D105F2DD471F811059F94BA94DE4

MD5 7f14a06b8b26bc1c7018ef793df4c8e8
SHA1 593a7c91515de6169a074dda3950283580879a56
SHA256 cffc5d4750f93709fc48b91ad4125e5a0e0e4a82c9f0e672a7db628aa066ffbc
SHA512 21218c917f97f9539dc9d3c4c983e2264c712e5c3053d8cf3881e18e7dd2e2a18f42e2dc94c38ffc5eb20a4cf30aac9ae5bd3dc4518d00d7810815376a635ddd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2e6eef066d11f853a30619a25c893084

MD5 c008ec563c9b7bab5d1b078205cb7d7b
SHA1 722ac18dd420ffa514c429eb85358c98039bf191
SHA256 5dc97473c9a378337ad15132e31ff911b4427dd44094d0e70539dcf55eeacd29
SHA512 662016a2daaccdbe4608f1eb836937a66f411fe46a5afe6210e8281d03639c5c132843c731a73894364be9b34752a29ee199c2fee04783ccd8b600a0762d402b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f12c8684596ba6adc948fa61c144936b

MD5 35d92b5ca77dfa925e200742c372a369
SHA1 6d945afa7d775b2aea6aef207f85bda1ac36dd43
SHA256 b7e0dd255bf555a319f706d10fa20aebd40c793bb257cff75104b74116b0acfb
SHA512 07415270012bfeb0bc90b353a4a67d59dde1ca03fc9fc56d012f64ab42313959e8835285a0bb4bd5fe1579ea3018cabc349b5c10cffb8f9966f5ce0664b0f902

C:\Users\Admin\AppData\Local\Temp\Roblox\http\31ad728d502c88756571f11b67644595

MD5 ce1921286cafa3d9f9bcc442c9fe4002
SHA1 25a29dcf26e1e27c706adde8288f99f0c8d73f36
SHA256 cbe9a26df1eb60cfc3358e6acf5302102095699b711df4139be3d8835a6228bc
SHA512 305e462fa750b44e12eedc2ca3b0fbf13b67c8d04e28ee84443b31a666503154bb0667494393c7d571b477ab6d88278418c468ca2fc06e539c4099d727779e8f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c436f89478b2a2fb0dd49ac36aca8168

MD5 e59a0f53d649bad51a4ebd255add6a00
SHA1 dfcbc1939faf9c36dafab969079d4398921cbac8
SHA256 3b2265b26295d98c27d5d4045559ea9c45d40500685d04602bf5131c636789ff
SHA512 fe825c99754e60e49249153c81892f13d8a9de4d48bf3fe739f99ab55ccd29fff54dd5a2652114d99b0868ce25b9838285df68b2799ce2e0b945027028f06e42

C:\Users\Admin\AppData\Local\Temp\Roblox\http\9817c812e3b874fba677daa530458c63

MD5 37f2d57b7f59d16cc8e0f2e043f0379a
SHA1 b98a18eb5805fcb2f365593a89eff39112ca4cdc
SHA256 5fd3403a560ca27af2dd7a3eb19cc0f194617cb35de2840fea9564ad847e55aa
SHA512 c98aba3c00eecb82f58a97c63bf01dd0a8e13ee0264a1a87dbee82d5e0fc26dee277b3cccb379178eae2b32439df5358caf95cf949f576039a18706bf69eb213

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3d9aeecf4e449e07d3728569eaa9c7df

MD5 39e01542e0546d2bfac5001f49422876
SHA1 4251b637cf372c8dfd89f637cc2726149744818a
SHA256 0b1f281bab832aaa1c95ac039b596ac61e7ed8bce575c057779adf3886e20f59
SHA512 2559b3a867c8b4cabedbaee4a283b347e18168191d2c3f8c1bbc909612a0443aa9f51fe25d56dfe984c134062b2d2f2a3b32b007212dc7fee2e8845330a30a8c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a68497953c3298757462556cddfe1b64

MD5 63b374234ab806ccefc48c6454937471
SHA1 369efc55f3c32b5fe59be2f6cba59788b57044b8
SHA256 e0ea8001e9978042ac5124c5ddded3af683d1cc9fac4b818b7eb9eeba592cdb3
SHA512 00dd7f78d522b46c10ba68e08bba994ad6fc73b8a82cae1aafc4fb141adbc69c500c72e0481653b00167520650cd8b9f06d3a2f884823f27023b34a0a717148c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2def7b8ca81c3b39dd9c33c1b834e966

MD5 db800aeb90e5bddc842e4a9fce5f03d3
SHA1 65e5bae920d4e01236926715d33e3eae38a884df
SHA256 67592ea9548b1182cd812f03132267acaecc38af0502a618a8e622d3e6fe7103
SHA512 48c6b81b49f387641ea82577b04a4198ca27db1b62c3b19999e0735c4630dd8344d66afb3a86e5db209d4f5d14ffd08b78c0bd026831c4dfa3a80f2d94b4a804

C:\Users\Admin\AppData\Local\Temp\Roblox\http\50ee377b816db3889ba8485fb2a3415a

MD5 f86d05405030eebb143c2e8cec701ebe
SHA1 f14edf8601508295f0727f01ed28c0e0590170c9
SHA256 4217464e5437c300d9e3234c68ee52bd7d4d1a3db189613247d8c158422c5ad4
SHA512 2a0b2fd298f2aefae38e5a7d8974355a503e87d8464e5d2219e5b11efb772a301d8536a97aace7adafba878c3e9ca05278fb7e97dd6ef12c7aed28147cd808b4

C:\Users\Admin\AppData\Local\Temp\Roblox\http\53d2168a260f018f987d12d3b3205dad

MD5 d3d11689374351db0baf8b3092227c70
SHA1 06173683cab43b45e0e022a463ec89c0de80c4c4
SHA256 b28edfbfb803e1a24713f5e14dcf62e1fa4b2bc6714e38e372c21cff5f8de5e0
SHA512 df6f36ec2d301389a954594fe08e70ad436def81770c49090321adeae15ec3ab532b5cbd18f762c821144d0210731e08828a51cf4c5e62e31236ce07ee7c5593

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fc83ee6995b1e8994e92caeb45dcb294

MD5 edec5ee4e825107d3ea2329985f0856c
SHA1 2e5b822cf33cf647780af71d6031b56079a3a788
SHA256 0f34cfa28da219f642a5f2ecb6334883ee0e4900c5730ba43dbb56d8f27c7320
SHA512 6263d8a935b19b98cc6cf41de40c99594df89c41ce6ae0b67b15ff37dc5bff704eef3581b6c9de664eb7d3e8e31c30c53d3bc33a919331989a3dfe49a445dcd9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fbe00eb459c9631cdd6fb8ba042b089a

MD5 dddf5dae573e54ddb098de9edb0872fe
SHA1 0a39006c7168b6acc8bded63b65a9fd430f11a32
SHA256 4f4c8e96304d6ccee31d9c771272078e41249b1ac2851254d51186925cb3a0b2
SHA512 7842f0ec9cf50c79d2c96483a07cab06bb6e3ba4eed5656de66fcbe878cac854145247aeadb6661905f52522996ca008d489aaff6c26a98a595ece267127dcce

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\1802787806\16965177770\Plugin.rbxm

MD5 615a038c691ed073e86e0a98d7bf5dc5
SHA1 96495fad57168f2e71c0288e02dce39c8832200e
SHA256 2514dcc6934dd2035306a0963304715253e38cbfde99bc68a4e4fa453c82b7ec
SHA512 dfe52a1c4e3b463984dafb4ab427a61039d0b60ba792f87ded7ff8863947aaff7f9c8bf5a4fc79fe0fe86bd540a74a1e53c290c9d4225a7b1b20b022fa72d9f7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ced6a13d47f9eeb79aa284249094d8df

MD5 3a9d50e67ac54fc61979ae50a3a0aa71
SHA1 88f1d793305173f18ce93f68ebe0cdb95980b5d6
SHA256 5759bd15b587705cadeeb8d80d93ae9977d71e036de6a02c3ea4573a61a1ad82
SHA512 5174ba7b75540d2571ec40263703475569b6007aabe02a82c721e4950aef124f0f7eba53350d0daf7b33a7b22be02f0b854e73b10c40d9969b0962080c47c2ae

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\965352286\10142245694\Plugin.rbxm

MD5 00a7dccfe511a68f36203f4eb476cdc9
SHA1 ff10877852973720d05ba2b79483d38b9edd4adc
SHA256 c9caef6a45fce06598da10da22b9a1885dd69af50adb11692842cbab9e906b64
SHA512 daf6b6b3f95adcbb6755878e22f609b6a6979da49b6c55901c0e2edc7c4ca6add4077ad3d5ee6deb8a711169e80acee3439c02c3547786dcffe3d8efda01516c

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\6841543504\8891902732\Plugin.rbxm

MD5 574325cb056d54ad4053652092e4e37d
SHA1 429e6080cfb606e3eccb01a2b8831d140b057abe
SHA256 a3618fe705dfa8d99bf1f7b420c0033d37ea10bf3f627dea336e36a2e702eacc
SHA512 9fc19f0f63956d4dc4d3abe0b50d8b088978acda2ed2661a61e0d9fdac551db6b5ed766be3e044d3a6868504934c4d60018210c200033033fc2d1f7b364b457d

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\6415005344\12700603554\Plugin.rbxm

MD5 60a31ddca2f9b4eb2c565c485fae44ec
SHA1 785a0c149d0b9592d9535f2954fb21f53f1fa500
SHA256 f43901c64d766a41148ed2d95cf4eef64532325bbf9db80c6fb805ac283390e5
SHA512 badcbb51557f1972a5033ddcdbcc968878669ce613df939e15b7689f1f2115f3d611c05ebd2578a09eba4a3c73bcd4fb71ab43ab1e1ba76953201af3092f913c

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\2813501134\3438756394\Plugin.rbxm

MD5 d9b818e58adbee0d0c1e7820e7fcbae3
SHA1 e053fa5590cf2716141a179d9b58b0fa2e13f258
SHA256 11cddae05474fb17651d3b1ef46ca652292559044ac6d239b04690c162168014
SHA512 248fa4e601ba814b2aabc95b628e26a5ae85e8b3ccbedef4ca33eb22cfac62cba0183ef6bc84da01d14a8a93f5d01e116208554a9d5c465f632e5c48d76dfd3e

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\2273628561\5018104093\Plugin.rbxm

MD5 3624fd9ebd9274bed99153b02a609adf
SHA1 d798e6c623aac28875483dbf7b2912df2a4d333f
SHA256 f08ed8d8785040b44dfa9373173ccfeb05a70ae5c86a3727caeffe3c402c99c9
SHA512 141cc34253992b64bb94c430f3292442e16e02b261526d0e2253b1bf0f6100e629991865c4c67046126f2e8751fa66174a70eebe695c89f0caf2b1d7c17c1f07

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\400812710\9979878834\Plugin.rbxm

MD5 83f50cbe28f3752771dbbc1fc5590e5d
SHA1 7108dedf8dab6c09b0dbf14575d3da9c3e575425
SHA256 9c02337430e47b155de1c472e5e86ded3594de68b1f1b6cbedb2d82292305e7c
SHA512 9a8d51947b8f87c8339a2ba96471384ccbabbac24f9d2f536ae51da0536aefa1b898a4b0a85c22c970920a2beb1e3254f6ae0bd9432d1d6c36353228f14088f5

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\948084095\13402741569\Plugin.rbxm

MD5 a542334aa4289fa17fea5fda7a6312de
SHA1 b812ad3b7ff6b9e96fbefb255834ee8475cefce0
SHA256 f6e48e85ab1be42ff786348384c4ba8dfe21f57fd495aa7411ba9606a899d6bc
SHA512 d27cf7b444a48a9cda2a4a85ba4dbb7cff199c8037fc296c20022f579f6e8593188ee0b98102452641aa630395ac099ce3883e4a2693d4caec30812717a6cc65

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\338813970\5329002021\Plugin.rbxm

MD5 4e62b8d95da306b53472a5ee06fd4737
SHA1 dad154821d4d8b5b3137d4a6bf5165d77a431a33
SHA256 2a82233f781d49a4c7fbbe81bee09147a24c852534c288069dba0c2975c2cc00
SHA512 8c8a822e4908bba406f7d13d471dc9672c7e83adfebd150116043038e0aab429ad30e796f2bf1efec35477ddf1a50f56a67e323867d1298b182d6c459cbc094a

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\2537608092\5384286168\Plugin.rbxm

MD5 ac0bab00124ea02ed9665f92ad29bf61
SHA1 c4a853499ac34a17417995de986dbbb1c9b2c403
SHA256 e174c00cba7e022beeadddeb9f2d42b04028cad16f21dab47a8060d766c6ed2c
SHA512 0ba6fdb39e86d242f903ed67881b1b64ab58211d3d9e87e65479b9601a5131056974ddcfc8067b3f03bbcc4a3bc398dd41795e048c1004f1180ae7cccb5e3902

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\752585459\5340028439\Plugin.rbxm

MD5 889c878258500f4072a98c3b40ec3d70
SHA1 092d11d9bb2353b00110d0cee78835c03b59111c
SHA256 9d45d5c3f9ca277caab4f6d3a45ef2cde34ac64fb698d8a8a9afb1d9ec295cdf
SHA512 a87f47151174d335557864c60fc65022de715129a000c45fa1fc38916660ce3071f9ede3ac7bcc891be6320764d19bfdce9f6fb8255f44973530eaf897520372

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\213664111\9250301031\Plugin.rbxm

MD5 16ad39f2f6c023efcec0080cb82f1eb5
SHA1 ff1e0277800eb9c92d672d67d1cb61dd4b1a31d9
SHA256 04ab531e82dc5889326cf021c5714f89d6a08771d456ff2f0b4280e245fe6fe1
SHA512 10176178b121f42a6364335b136dcf8e0438bc4246b711176ca8b10ad3fac95ece729fa7f6c60fe9fbb836ba64fbf23dd39a1de88825b5b37723d5127ccaf181

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\4744020228\10437928862\Plugin.rbxm

MD5 84ac60b96c46ebb0002892944017c73b
SHA1 83bd16ec4ee03169ec83b3ebcfbf190efaed5e62
SHA256 ea39c438c1831a29c5f2e8197c1b955273fb5b7e6b9efd33f6919a3c6ef07e39
SHA512 eef659f922d56a2dbcfe19f6434d7e498456afaa7181df50f44b17fd23e783a482cbfc08e4052bcb8e91716be61ff575f1f03a658c6fed9da729ec298c889f65

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\4725618216\16100660726\Plugin.rbxm

MD5 55b26d0e9e63a455195999bbefdcd58e
SHA1 8babf5ce45b44004ea712b0ad6c5def004130e91
SHA256 3d6108b15a61ed3f7a4e8e3a0bd10ea6f266a1db1c3e689e1ff24968a68ef4d6
SHA512 43babed028633c8f42a293530c9b29a31fb59268f8136de955de4609a0b766b9d46d7fab17fb0b3d8a6032302acdd29be52c54263a45328dfc657bc86a88f0be

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\4698032063\5551330967\Plugin.rbxm

MD5 a85a03221926a112c1e904d8d07507aa
SHA1 26d586e6f1746c4aa6fe92f0f276ffcf47a3bfbf
SHA256 53c9e7ceaba0cd1042c3c9bd271da1bea320b634ac7cc2dcde07c9ef6d8e5ab5
SHA512 489da1f2aa49a37f61395ff7df70130018e4e37a7103cb703ad5c008012e70e2695b7651597539b3c5c577c3a0cc07e77e6d23cc51ed0488c122ddef12083ffb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d1d5d05f216f140b74d698723711e7fc

MD5 1eb85927e6fb7def32c0902e54647caf
SHA1 18f496a8995962a9f31186bed0bdae9af9f1d8f7
SHA256 96a6eae5a9c9641936f53a0db80bcfb510f51381927eff4d71b30fc3ca09327c
SHA512 f8363bd061b7c8f6233816ca01091abf38b338e111a9eb29b24f3775a7b5712eb8fbb2fcd7364b7aaa52fc816986c68dfeab5f5fdc1ec626d619821a4f557f29

C:\Users\Admin\AppData\Local\Temp\Roblox\http\3f7e355b8320bbcfdc454df19d0d67f4

MD5 b8a5ef37fe5b6ebdaa10011f50758c07
SHA1 d779f4ff4a8f77dad3e263c5332975abeaeaf5bb
SHA256 d72e0de6b346712bc6fcbd012be6d3d563d38699cdaf5ea5da55a5a86be565b9
SHA512 c3a3bd1ac96dee0008d36917cd2e54e2f8caa71e9cec09e157c7aa14e460308eac94073b189082b0f2abf411f3823ae1300f795274a04b5d83f9fd9205062c61

C:\Users\Admin\AppData\Local\Temp\Roblox\http\8f6fa42e1bbf25c14a302f01f8e436e3

MD5 eef0ef95e1b5a18497fb2f2372aaa583
SHA1 6f4cdd52e7dbd86459e5024933fc741391d441d6
SHA256 f44a367632a26a3bc9d3736ef83003760419a45a07e713f1e0a359adf7262c31
SHA512 0fbb3ba364406ce4a7e206ce961b7208e380edc24262d0902fce2854c2ea29b083e7e711cc3f7116c570755b5ab3364c5d029624d26dce753e4c787bb9a6760f

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\4725618216\settings.json

MD5 c3d63f68ff48dc0368a9f2d4c68f8c38
SHA1 1656a5202d37410b4b35006f157829493575de87
SHA256 99b0c8342bb60933c993890c18d85d54215ce9fbe618fad74e06f8699ad888fa
SHA512 4c4082c3ff5cfb626834dbfe790e0c2a32dfd100088123a284a23ec235719ab898ce5b529a6e487ee469956626c90e807963b986a56de1ace0e686c470d51159

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ee007c1cfb4247e74c635a47440815b1

MD5 9d885a0cb6535a40c25adc9e590bb19d
SHA1 6346864429f0d383b6757fe18c1563e93173a6ad
SHA256 0d8615e3f4c005c24c8f3fef13468718d54b1aa5341dd9f7579f3f95ed1a0127
SHA512 1e24e7fc48e24e9d18b6c47bd24cf1aed6e4888bf1b71a2246ad87ac9e62d7471b96268261e4dd7c9cec800c93c54eccdd27b0695875ff866377496c80e39f36

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f9ebe266b30407d61eea5e98459d3e4c

MD5 46aab8447d1f2b9a59d5cfde12816be5
SHA1 4d8273235bcdaa103c5ac0e502d68d78360759f0
SHA256 ae971193dbcc8359c1d7dc725194fb8af7cc81a448e5f4cdefa0630b8daf1a9d
SHA512 914f8a1b08a95605a21846530ceeed391bfeed5589cf6a8c5e31405cdbd881069e7fa7fc1a2f87338ce5ad36cd64aff787a455ffc7b9a2db21128b32321840a9

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a19fdc1f7a7d204ad47d05e5074b1c49

MD5 b0b89913427cc8e7e240f7086b94ba27
SHA1 a193390058555aff775c472021497ff8b13dc55a
SHA256 2af2f750c8d3c2aba2e45834781714495a102194dc622d0677abf76b7228c41a
SHA512 8a3b2a291ce692733fbf33fd575f96dd80ca72670bdca629eff407697f778d8bf7267ca54a72b52473a67c8276416d51787e8eb644bc50c21bfddadd22a7eb8a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\7e73929939df3a7c3c4376636797c3f9

MD5 512b7efb1d9a528748b477b1bb352d95
SHA1 5597668d13f38bd9636bcaf0b0945656c9f836f8
SHA256 16ad13895841ea222ba5d3d80da9e248f527f3b1108e6dd2a5b9c4659e526a29
SHA512 a45aad2ce0b781c9bfd5936814edaf2cdd6a7d215731dfccbed70c0d3a4f447903162687d691b4b067eaf1f2222bdf603d7684968d5191ab3b7e80fe4648ffaf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\16fd6982a956845ced634598d9e14543

MD5 d3da51a4dc6a0ce45d4bd79cd9770391
SHA1 9e92317fbcff5b7b7590056b7d1b9699a7d560f8
SHA256 a61c76a676b340a624a99c26a1c883cdae26f00d7b994f9b0c7ba8b56b9f8704
SHA512 e4b0a171ce71b652c0acfaeb9ee8d71c7e9c337136649b58af805b9ffe6457fc4858fc579c166b4b5ba29b4cbfa5f74cbbfd5c0606aef2908d9be31559dbd9cf

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a9b011678b1b02eab8797cceaaa745ba

MD5 6ce49538e9c1b81ced8d06084ca78cfb
SHA1 a292a76f3765e76b3f3fa8a932219858c6ad00df
SHA256 ea916a8885b5059db3ea89090c007e32a1091da6ddd4d37c5389d73d70bd8a7d
SHA512 5fd27452a0d66dbcbcd1391e00b7075e540ee11c23254d74687222d67c07ef1934727d723a8c7b145ddb9af4bf0643db70e27095a243bd18462ad593b60644e1

C:\Users\Admin\AppData\Local\Temp\Roblox\http\ccdae3ac0289f073a90c5f5373febf5c

MD5 14976b0ec16725845fbf61e1ef187719
SHA1 74896b1e17274deabd5a7f9fd5e4de668dd1f753
SHA256 77f6e97d8912b75b59876417fa126acb631aa43bd61a5e178997e7b031b93429
SHA512 d884dd80020cca5726507cd139a6c675e58236fbd5af6fef91ed92c73edd8588cff8611343da10dae0e72bf2d47a3b936e38c6f54ab8ff4914fab9943adde892

C:\Users\Admin\AppData\Local\Temp\Roblox\http\cfd8ef3090dc53894a12c03dfea4ab83

MD5 c27d60ed1ba0e60b24a1dac8588a7098
SHA1 44529b08bb33192bfcfe024ce894efaeee5fca48
SHA256 89f929c7a28ad7eb8d1c03e5f7f0392dc008da82e997a8ea7f0f9be1367ffcd8
SHA512 ba7bab87e2853a55ba1a3a991d7a44a1b20dd33f3c08c894271f064bd0422062aef3df77cb107166a1d93ad94ee363ed8dfb26742b2e4aabc575ee63c042152d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\b4e587d1fea6f8cf851c77884ff75eaa

MD5 d56a7b72ffc148cbf4dff86cbd110fd2
SHA1 e2f6ea372311ee58aaa15c6d06e1febe2057a880
SHA256 e05f632f8a18b63af7c6be7749885188ee35aa48b2c9e87fa3084701f25eb6d1
SHA512 a2d0fa047da9e9f026c940ce6d61b891a9c66409250ad6ca08ae5b38f81b2753daf79d72b3a0adfc72b703bbf00b152050df99f86b9ff510b55b8eb4cb8103eb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\6b9e184b4d5f9d81786d730787c2373e

MD5 fb351269172f1a5e256593c83cd62983
SHA1 75e55c01b26339ac4a801c314965e63caf03cb8a
SHA256 bb64a2c58cc60d8a009bd433db5f213ebd05957b59df96999200d66bec96288d
SHA512 33e359cb8b5dbbdd55bdf179420084b7b98066dbd9f775dc259c1c4765ce2b9b257409d1a6921499bb3652815669296eb894e7cc7adab829c688e4573e859dfb

C:\Users\Admin\AppData\Local\Temp\Roblox\http\2be4ae1aa66f8e68cb762bf1a66e98aa

MD5 057229a8a032ec3a1df38ae133b7fd37
SHA1 f2394085516645a48679a5ea1408c338b24568a5
SHA256 9bc001616e2df2648048a3e2ac38a0bc706a6dafa3240196a3c27e0556e0ec0c
SHA512 e294f476f7c108ad46a0b754fa47552e77c2cc852c3ef178810fa5a8dcda4f79cd87ba74e6b67e0f5207b2815184d42856398d6deb3442a4e6dc0cabb705b229

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e95eef6beaadadc1313f1a4ff336cc84

MD5 fd7e2ad1366381a9dd235058bf8dbc3e
SHA1 f40cf1734224dd0983254ef57cc773b9c013ae64
SHA256 02099602373df78a6098c595ec10857621c5c3950ad0fc52f4295be5e31e5862
SHA512 36edee07ec0f82cecccafc4fd2b6f6ea12d9c90743cf9a9ba6c3c7726d68a7e001c4dbdbacc68013bc1e7db8c188882d2ad0390c5b8de7975279aaeae9565c99

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c677b3bb4990be9d64d5fc5cc72ce306

MD5 4a2597c15235f0e7e0727e1ed17f058b
SHA1 036b70b0bf40399c4454395f935305d6fe4e889e
SHA256 95ba1a6a5149e0e66a792bcf2df6ba7df62fe7b85083aeece68d2129f44ac99e
SHA512 46d6c7123bdc32c4062a5fa613e79db95d7c7d94de8df03503d5a65d7a418840de8b5fbb1c044a3f2b53ba682a77ce9d8ef6ede6646e4529229dd69241377f90

C:\Users\Admin\AppData\Local\Temp\Roblox\http\dad3116767a1fd3f0e1039a934e347f6

MD5 0eda9f5bc78866cb2b36acc06240cf16
SHA1 a55f643b6f44d40bb05dc8aa4ee9d76633afb0f5
SHA256 3ead5bcba744c718e0db06a44e0a2de60ccdb92961c3abe3bbb06d4e300edb71
SHA512 1cfda288b2ad6ace49ed0a801a7aa88004812b1bb1bef2b6dd487a2de32178f95f1836aa4861a2c1dd55b5746339fd8fcf2cebde7df6e030940ce91da20b56e7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\257c1814d0ce4d062d4722343fc6c43e

MD5 0ae6365c1949f61a81378302c6d7a183
SHA1 b19338be823c112960d1548fb24097ca42100c82
SHA256 88776be0eb8b4d921ea25aabfef5a38f0b915e2c7e157f382788e0c280f257c2
SHA512 70091c14194d7c11a5d0ce914f1aaeb5c26b47544b8bba59a7dba3fde55cb6ffeaaf98cf39a7bc95fdac567c9b9534ac2112c791a6a62386a02594f6a9f5396a

C:\Users\Admin\AppData\Local\Temp\Roblox\http\fcf6edc6daa9beb8408435b9fb5750a8

MD5 927431ddef2ef4974d38fa57a3892683
SHA1 f20fe6a7c36f07d1add4523f1b27f4d349889f53
SHA256 9919af53241273077511c550a1290042f11583113c0b6b2914797eb335aa7dc4
SHA512 4f3add7576b689c7dc88b3cc36d6512ab1cb7bc46d2476f7959153be1d349257299a13f446a262867f4d50f28c7b9d2dab6675325a4ed17abc344f87336e055e

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX849C200BAE43470CBD9DB0751AA3F039

MD5 d1e44be596290997cd26fe1feec50cbf
SHA1 745c45f80e039e97a60e639efe9b60e63039b91c
SHA256 4dae9e7ea6319a043e95f13f9572dc2945e60e3ab6a3c6652b0ecb198448dcd6
SHA512 3b0d7dfd952142f197abb17ef1d1b0949ee336d380ff3ce7c6d5c717edae6c2d00b338865e1711a95cc55a7410e49dad7d3acfd05191561644d5342d7683136b

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a5fb1e0bce62bde4d121e05002d91bfb

MD5 5ec4e63bc337315dea6537d120184ab2
SHA1 f9ea85a92337a0c00d653dd5bd7fc3d08985a66a
SHA256 af3c410f71a5b8a9a9fd91a235fd1d89bca24256673493d1850e516c281d4f60
SHA512 e139227df49e260a15473922335cc27b93939a3257a2f5401231336fe70cd9257a4ac2f140ff0356659c60407de316955501a0b4fef04f20795013edd2fff0cd

C:\Users\Admin\AppData\Local\Temp\Roblox\http\d8ac2ef57af5caee240aab73139cf93d

MD5 b864c1bb69120a5c1284bf49c1451450
SHA1 0b621e0da41f11edbbcc296034c3230108c654e3
SHA256 e4c9c328ef92208e8c375f0c80859682bf15802c3a084783cd0ff40e10350b14
SHA512 31adc5cf7f16e4d68f490356224cc3515577bee7b13ba133818d936c87e0945358b216d31f9ff71d3719c21e92212cd514967f5c9274ee10d5896314d8c0b90f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\e9f27fb553ed920cedb712422a8dab05

MD5 25333678b4cc03dd4194ffa4e0fbf30b
SHA1 06418cdd831089b95a1bc69cc7fa82fd55180eec
SHA256 26bf512283486fecf67513e3f5a47cda9eb4455b21eba784fb15b4c19892d4fe
SHA512 46f0eed47fd5f9efce12471f98d4b0414fda05bc5127a88f3a316325eafba9643815c97c883540318688c41cd8117c60df705bf0ac54238fa93e80c71fe35e14

C:\Users\Admin\AppData\Local\Temp\Roblox\http\4bd51aa53e4617998e92bb205dd91866

MD5 da466185f687e8bd3d9820ece225e264
SHA1 22f51c89af9ee38110761fee8fcafde62e6d267e
SHA256 e33284a1298277a14fc86bbce9766edb2bdd64f6c6e90bbafce126434fefca82
SHA512 2b7013d5f75634a1a48e7e999e0efa94faee71b9186b4cc7f409111913d91b152d3480461ded721ff2da302180672cabf55b0838509050f071497235b5f357b6

C:\Users\Admin\AppData\Local\Temp\Roblox\http\be0cab83b8f8dd340bb7457008cad543

MD5 c8e604dbba8b879c5fec6ea2b139d0bb
SHA1 b3f4e334858ee770bb0319a1a933399a3429593c
SHA256 c08aed65e3ab64bd7ed271f0693cc1bb012869ed55dcd8fbf0ffefe014f364c2
SHA512 811e9c62594973f2a574f5e4e8ef063cf367dbe3ae93c298b06376624b2923924add8cc07a022f1e186741f071baa31a8ee2c21654e8fe092ccf131c0b70c688

C:\Users\Admin\AppData\Local\Temp\Roblox\http\eb4fec0bb3deee7f9acd81c9d89401d5

MD5 89e7e3ce9f9064a23b5a924b4b499644
SHA1 4c945910309022d73abec5bc96c782222ab17804
SHA256 324ad7aeb3c983c3e552ce1c9882cab9fed9c7573dd20167e87387f5e4639e6e
SHA512 7e9cf07712bb3b143afe55e8f19377f17ec95eb16275daa70ff7918ebe1c5aea15d9f2cf2a3ff899288b7e9d23f7e6dcea10745984d04f7ad042596b970f2ef3

C:\Users\Admin\AppData\Local\Temp\Roblox\http\c4d4cb2b330d764aa19ac6c981f44d1c

MD5 02423fcf9a047d6cba3fd53986a9b1ea
SHA1 7db08351a63fe4292539f039c7dbcb2a4f35f6ee
SHA256 4a42c9243e98f2f6f1fed38028f157cb8f6e221819452b7a57f1825da11c295f
SHA512 23d75674dee86bf190d2febe66313562936adfe6094952381d19ece3339f7129d3b34f0aa86566c6c3cf536926da3927c1ce7f2cb000ab25fd22f6a7f0ed5c42

C:\Users\Admin\AppData\Local\Temp\Roblox\http\487d12e124266ffe4600bbd01ec268e5

MD5 b94cbdd8c581684da0d97c344dbdf9d9
SHA1 c0be785bcb230b7432c2f357cc217cc163d2082a
SHA256 918e657a5f90568746e2ded29ce7abb63df8eed9df0cace0e9e85d8025ab263f
SHA512 13c698726eaf97606c99e5fe93948f91409df131312f687abb9c06d67a523d291a70f1de057aa906dbd7f5b9500f70d429669ca41e4764c990cfb7beeacbbf99

C:\Users\Admin\AppData\Local\Temp\Roblox\http\eedf9eb2133624f7f0bbb1f31e884e06

MD5 0d040efc584140d65f5d919defd10f18
SHA1 e63dae9ecb8d637d9088ea3a81dd4ed28b81a376
SHA256 3f06069f28aff93f947c8871469377e44b1fd74aa8ed13b52098d54489488b27
SHA512 6f91b96707af7a3522cd9d051b8cbfb7a1aceadfda2fb7efc5f2f37024f65fe91f2f1d80cf9fc45bb9c021fe36c8f65d3fe1db827732ba3b22d083bef05c6cfc

C:\Users\Admin\AppData\Local\Temp\Roblox\http\66d0cf4e19b4c0095ed4d60f0b519f8b

MD5 ce81041a39e12263806177ce9245525e
SHA1 8ea2e317faaae9e84b7f0c79fd1277170fe8988a
SHA256 81676221d5f70819c874867c5fd33662db000bbb7e32137a11ebc39bd820c699
SHA512 d4d8b9383d4776532b66f910c3a7339c63cc1b2686e4af7fa6fad1dc7194d5650d7525bd750a9e403ccda6b9547e07e1fcf814cda2bedcbd47243e6d38b8bdd0

C:\Users\Admin\AppData\Local\Temp\Roblox\http\01746df379c8c92c47675806b862d9ae

MD5 9818c1b5717e0bcd33764dd0c0df2792
SHA1 679788b0f3fb251fa44118fc10d14390ba3b540c
SHA256 90f8117117f444a088a79b87941ddaba99473e8b1158343040c5291d51967647
SHA512 3732ff2c9f8307b2e1541b2e1d54b2f8e5554fe8fded9c2c6845097e561ace1ea43c0fc4e2ba4de55577bba8c4128f8d715dc78dbb8ad968096d8a27d96af06c

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a8cf9d12a98157dec5eba821146d7625

MD5 1874dc3a15c171100bf5717b39f30366
SHA1 a54c231b325b4bf341cb7368a9be12ea8060485c
SHA256 7e35ded8a7346dc10ffcf6668325cbc6304f75a82f32110f3532423152956a91
SHA512 36e297117a903474ff347419fb18b8b1182c6d8c66d91fe4561c407d82d3066e2ab6cf21ac17b5b46782e0731a84dadaf4a0a0691e40be6d82fd5d192556479f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\76b7d95633e0d413df9e8848f2ae71c0

MD5 7ddd35dbb363e0d4253f749766a556ce
SHA1 0e4c8c5b23f03c89a91e24a6deab2863abdbd288
SHA256 d9e82a49f912c6925bcd1fc4abac4e969e223081220cf4f07a37af0a33b4fec8
SHA512 c8c202fa75678d4b1eaa0cdeb2293257f9597aa7925f8b87b2bb96b5b1b8e307f4ee8609a9db424ae5cb951368884f331ac664b84480e2ae0f7ac9ed667fa51d

C:\Users\Admin\AppData\Local\Temp\Roblox\http\784db5c131b2c49d411d7a930e44f723

MD5 0797ac785547fbf36a5c33105a3930cc
SHA1 6907a9bc16b0f951a2d3659853af7793fa04881d
SHA256 9330bdf100e3ee7d3ba143b94eee2440497b70a0dbbfabce468699985d2fc4fb
SHA512 0e97b4f7a302d52bc76393711ab763c9c237bf915f375f97783d0d56b3607be6821e23fde453c6db3c8fce6c63ee37fef085f5d9fda13f743fba8801ed53a4c7

C:\Users\Admin\AppData\Local\Temp\Roblox\http\f4aecbfe2006c145d08a39a96f689478

MD5 08784c1c8f70da5489d8d4718c10ebb2
SHA1 d37351d310e39a48e01f0d11695741954e7f2be4
SHA256 35959d0e66e14449b91000a4121c2fa3b50eb35cd991440bd850433875f96062
SHA512 23ca03566cc54a0a47f7d288e0d0d38adccc792338e76aaff9889183f07068cbab7c3ef778accc99f958d70f0dada1a8d5cd6ba181a50e78d21ac46052121bf2

C:\Users\Admin\AppData\Local\Temp\{36CC9A84-C645-4331-92A5-778A0BD2C255}-MicrosoftEdgeUpdateSetup_X86_1.3.187.39.exe

MD5 1f744e1c802560affe8b308640b6ab67
SHA1 bbfecefdf891c11d573760d4dabdf86091463421
SHA256 fa7d8a8cae60ab620d2aa887de62039d2647e4f5c1c649d75f0f52e14ec11a99
SHA512 780440aa518397e52bb429b5a8e7697bf0096db0fe343cd40a541b60f34ad4976ef7fc2204737d296a8c1fbed2951496503dc50158d6455617c67483f87f3015

C:\Users\Admin\AppData\Local\Roblox\710135439\InstalledPlugins\338813970\settings.json

MD5 3e1e1221af438908bdb97901bf9e2acc
SHA1 61b40f9fcbeada727d4de681a489d95fdaf85331
SHA256 1a9e48419ca0ba947c1655040ac2df0a3c32ae01d09d981dd691b5a281c7afdc
SHA512 c9cc3b4c9f80e9f8aa91d35587bc467cb5c26e7d714c463c5a90869c26930377e3960f1eb2ceb392fcc151243b868935ab182e986a74a53d33ec3fe0d07e7b4f

C:\Users\Admin\AppData\Local\Temp\Roblox\http\a2f3fad0cecf63e774e8ef6cc9c97b4e

MD5 a84bf38b572cfdc7ead3ee09dae35b9c
SHA1 847643d99ffc3e3131ca671f9b3f5ff07894e72f
SHA256 6d2bf13566c1f6bbdd0042916e2fab3f5c0c1d5709722c0fe909375091a1bf35
SHA512 16021913dd44656ca19da9555fbf472cad2b7c49adb12e5229789d7bb7c3d7ff4596ed1ed405160ddced5bdeb9782cce817eeb32873faf0b322d8cd4cfecf423

C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBXD88122ED0A4A458EBEF45E3F386BD500

MD5 c9d7a5449c2416cea3dc4b8697273ad2
SHA1 452f66798b4f15ae1c77aa6c20247d202fc09fa1
SHA256 2b94005f0e346190d6ba38deb3763858acbdae197a6a200f0c7c1220f5f5644a
SHA512 dd637977954052362cf59ab76b8d707243d519398fc51e188ebbd882d4b82abd3cb18f80d0faced0fcd37d06373748ebe493faa0b45b12d41f0af1700c6ece89

C:\Users\Admin\AppData\Local\Temp\Roblox\http\22a87dc2fcc1d7f2d4eebec174141c11

MD5 63bf8c1a127c8c9d5b36f2608128cee2
SHA1 fff1366b848e46aa998173fc52f99489618cbb8f
SHA256 b2c5f6dec2f407f0347a4d0c1632700aea2ae8f94c387209dd6648ef1c9c5ac8
SHA512 8a377be8a088812abc265e0828ae4f2c44d754a620b081b27b96e75bc1907be262a273bf0aa46563d43b929cbbfcb53e432cceea072a90542ea0fe3567452391

C:\Users\Admin\Documents\ROBLOX\AutoSaves\Place_AutoRecovery_0_AutoRecovery_rUSLQw.rbxl

MD5 8486b5ba3433ebc871d2a37faf96a4c6
SHA1 ce7ea22b9d4d94c9d02ec997bb2ec51c67edcac7
SHA256 656c6e6d085b6fcfac6c10201f26e83d24af2c26b78622bb59211005c06b47ef
SHA512 5001a78bf661475b2a65fed4ae48bef00729954ee8b789857e5926d7b1bf36ff020b063a98935c94dbedd586ede030faff155abfb115e14888ced72fc6f8e638

C:\Users\Admin\Documents\ROBLOX\AutoSaves\Place_AutoRecovery_0.rbxl.lock

MD5 c4357b5e233a97f281b315e4fb0bee9e
SHA1 3a0a5e34d4ea8801970efa748265c5acd308b6c4
SHA256 baba8188761bfbda4bc47b6254695ca08e4c7f1e0e97dd2ab61e2c088f67779a
SHA512 110b0a6ff38a328bd87d5a6708552dfe713dd9daba9c291b47257d328478a301255de4ed17a3faee32abec35470fe3929a852d5148b85de59f45ed9a8924850f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cff320d0d809ca1462fd475244381dea
SHA1 3851bc6c83a56014c747044874786983cc0ec593
SHA256 c272d1f8d7cd96e82e27b770a234635ab3f1d85d0460ffc5c6c45d7e616d68cf
SHA512 c7234cbc15e3ba586e2ad5121894c4c20af27070187845b93d4a3ae9987b96b9d49d5cb5ac536a0360b8824a5d6bcc5f07c111128bfb965ed533cb0efe547d7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4cc34fff4f911874127e6fd59c4dac8e
SHA1 0ef580b38539e4f5083d717cede5ae2f352d9b2b
SHA256 d44ce6e56c5e1493c9a68c7db100dc9b063c1cb2cbe5908097da5692a2e7d631
SHA512 88b86a01d856737a87c8f4c3c70c903cdde5d49cd0deca53b98a6e3cb054876bb6bf0e85324df7fab4dcc978a21559f799e74d951226efff05e5dee80fae4a04

C:\Users\Admin\AppData\Local\Temp\{AC35B54F-94F4-4D1A-8C4B-208559E6EFD9}-BGAUpdate.exe

MD5 3f208f4e0dacb8661d7659d2a030f36e
SHA1 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff
SHA256 d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b
SHA512 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740