Analysis Overview
SHA256
2510be907ec476e8375ac7b5431536ae9a32bf99fe77ab695a5100852b111b96
Threat Level: Likely malicious
The file SolaraB.zip was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Sets file execution options in registry
Downloads MZ/PE file
Loads dropped DLL
Registers COM server for autorun
Themida packer
Checks BIOS information in registry
Executes dropped EXE
Checks whether UAC is enabled
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Drops file in Program Files directory
Unsigned PE
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
Suspicious use of AdjustPrivilegeToken
NTFS ADS
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Suspicious use of UnmapMainImage
Checks processor information in registry
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Modifies registry class
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 14:34
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 14:34
Reported
2024-06-11 15:20
Platform
win10-20240404-en
Max time kernel
2696s
Max time network
2413s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUCD28.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUCD28.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUCD28.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUCD28.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainTools\checkbox_square.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\icons\ic-more-create.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\identity_proxy\win11\identity_helper.Sparse.Dev.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AvatarImporter\img_light_Rthro.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioToolbox\AssetPreview\star_stroke.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\Locales\as.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AnimationEditor\icon_whitetriangle_down.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Settings\Radial\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ClassImages.PNG | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainTools\icon_regions_rotate.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\PlatformContent\pc\textures\sky\indoor512_dn.tex | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Chat\MessageCounter.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AnimationEditor\Checkmark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\account_under13.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\PlatformContent\pc\textures\water\normal_02.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\9SliceEditor\HorizontalDragger.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainEditor\volcano.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Capture\Shutter.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\LegacyRbxGui\popup_warnTriangle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AnimationEditor\image_scrollbar_vertical_bot.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\GameSettings\copy.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_22.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\identity_proxy\win11\identity_helper.Sparse.Canary.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\compositing\CompositExtraSlot0.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioUIEditor\icon_rotate3.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\MenuBar\icon_menu.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioSharedUI\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\VRStatus\ok.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\Controls\DesignSystem\ButtonR2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\Locales\eu.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\meshes\leftleg.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\CollisionGroupsEditor\delete.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\Trust Protection Lists\Mu\LICENSE | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\Gamepad\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainTools\mtrl_cobblestone.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\MenuBar\arrow_right.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ViewSelector\back_hover_zh_cn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\Locales\sr-Cyrl-BA.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\Locales\is.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AvatarEditorImages\Stretch\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\MaterialFramework\PlasticWithBorder.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\VoiceChat\New\Unmuted40.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\Locales\gu.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\SingleButtonDown.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\scroll-top.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Chat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\icons\ic-clear-solid.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AnimationEditor\img_dark_timetag_bg.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainTools\icon_flatten_grow.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\9-slice\input-send-message.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\Locales\kok.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioToolbox\Voting\Thumb.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TagEditor\TagEditorPluginIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\Locales\eu.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\Locales\af.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\CompositorDebugger\dot.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\windows\CurrentVersion\Internet Settings | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\CLSID\ = "{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\ = "Update3COMClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher.1.0\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{82CCB536-D2EE-4F19-9067-40531F08D1D4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass.1\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ = "IProgressWndEvents" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\MicrosoftEdgeUpdateOnDemand.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.0.1878069257\1366405414" -parentBuildID 20221007134813 -prefsHandle 1748 -prefMapHandle 1740 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {51291f86-c163-4d13-8fd9-7dec4c8a7dda} 372 "\\.\pipe\gecko-crash-server-pipe.372" 1828 275a98d3758 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.1.312151956\1994848576" -parentBuildID 20221007134813 -prefsHandle 2172 -prefMapHandle 2168 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bac6fbf0-381e-43b1-8a0c-9a71cbd5216e} 372 "\\.\pipe\gecko-crash-server-pipe.372" 2184 2759e772258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.2.654683236\552224693" -childID 1 -isForBrowser -prefsHandle 2976 -prefMapHandle 3012 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a98b36e-92c7-479e-85f0-389dcaec8d01} 372 "\\.\pipe\gecko-crash-server-pipe.372" 2708 275ad997b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.3.1976465376\1184476460" -childID 2 -isForBrowser -prefsHandle 3512 -prefMapHandle 3508 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e1eb6d2b-afac-49c9-be3e-e0e223494932} 372 "\\.\pipe\gecko-crash-server-pipe.372" 3516 2759e76e258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.4.1677212208\16237555" -childID 3 -isForBrowser -prefsHandle 4212 -prefMapHandle 4208 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c06da340-afc5-4c27-a559-5e9b47e2258c} 372 "\\.\pipe\gecko-crash-server-pipe.372" 4224 275aefaf058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.5.47172004\12188821" -childID 4 -isForBrowser -prefsHandle 4212 -prefMapHandle 4004 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ff0b28c7-2c15-4ee3-9180-1a0f7145e1ad} 372 "\\.\pipe\gecko-crash-server-pipe.372" 4660 2759e76cd58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.6.407162076\2099439599" -childID 5 -isForBrowser -prefsHandle 4996 -prefMapHandle 4988 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d122521a-f2c1-4859-933c-6b94c220cb3f} 372 "\\.\pipe\gecko-crash-server-pipe.372" 5004 275b0c8f958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.7.148856799\1249363286" -childID 6 -isForBrowser -prefsHandle 4656 -prefMapHandle 5004 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5010ff7a-ad31-4fac-9ab1-4a58463fe3b3} 372 "\\.\pipe\gecko-crash-server-pipe.372" 5196 275b0c8f658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.8.1224458879\1624809224" -childID 7 -isForBrowser -prefsHandle 2744 -prefMapHandle 5316 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d4f6c0cc-bc05-4218-a203-e4232257ef3e} 372 "\\.\pipe\gecko-crash-server-pipe.372" 5560 275b1619b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.9.283887329\1529969482" -parentBuildID 20221007134813 -prefsHandle 2760 -prefMapHandle 5808 -prefsLen 26768 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {4ae295c6-ba6d-42cb-afb1-7064a915a2e4} 372 "\\.\pipe\gecko-crash-server-pipe.372" 2932 275b212db58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.10.1074330008\469978689" -childID 8 -isForBrowser -prefsHandle 6180 -prefMapHandle 6168 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9ce62918-0553-4fdf-a7a8-2bc3d8374b23} 372 "\\.\pipe\gecko-crash-server-pipe.372" 6160 275ac226d58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.11.719179742\630393808" -childID 9 -isForBrowser -prefsHandle 10360 -prefMapHandle 5160 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {23cb9777-7363-4863-97cc-7e2da0719144} 372 "\\.\pipe\gecko-crash-server-pipe.372" 4604 275b5c18858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="372.12.2129118737\2100212147" -childID 10 -isForBrowser -prefsHandle 7428 -prefMapHandle 7424 -prefsLen 26768 -prefMapSize 233444 -jsInitHandle 1320 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e0d2e922-e9dc-4bec-9f1d-6f2c68f67712} 372 "\\.\pipe\gecko-crash-server-pipe.372" 7440 275b5c18e58 tab
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjU0MTY2NjctQzk5RS00QUZELTkxMEUtNzYyMEI5MURCNjE2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyODE2QkVERS1DM0EzLTRENjktOTE5Qy1EQjQ4NDAyMEJDM0N9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MTk0NjcyNDIzIiBpbnN0YWxsX3RpbWVfbXM9IjM4MiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{25416667-C99E-4AFD-910E-7620B91DB616}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjU0MTY2NjctQzk5RS00QUZELTkxMEUtNzYyMEI5MURCNjE2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0OTJFNkQ3RC0zQjJELTRBN0UtOTU1OC1GRENFM0M2NUQyMjV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjE5NzkyNzMyNyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\MicrosoftEdge_X64_125.0.2535.92.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\MicrosoftEdge_X64_125.0.2535.92.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\MicrosoftEdge_X64_125.0.2535.92.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A5BDD44F-93CB-4296-B2D9-78FE3F65DC17}\EDGEMITMP_5D172.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.92 --initial-client-data=0x210,0x214,0x218,0x1ec,0x21c,0x7ff780254b18,0x7ff780254b24,0x7ff780254b30
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjU0MTY2NjctQzk5RS00QUZELTkxMEUtNzYyMEI5MURCNjE2fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntEQzQxNTJFNi1GRTc0LTQzRDQtOUNCNy1CRkI2QzNEQkU1ODF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyNS4wLjI1MzUuOTIiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYyMzk0NDY5NTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MjM5NDc2Nzg1IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjQyOTQ5NTM0MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMTk5ZDZiMjItNmY4ZS00NjIwLTgwMjktZjdlM2EyYTNmZGVhP1AxPTE3MTg3MjE0NzUmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9Tm9SR0JGUEVaRlZZUzhaY1NFVHBBTW9QTlBkNWxzNFpTclJWVVJUSCUyZjdOd2IlMmJoYmk3V0dmJTJiM1dBb3pzd25xNUptM2o4TjB3TEdpJTJmTWZ5cVRkWE5TQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MzgxMDc1MiIgdG90YWw9IjE3MzgxMDc1MiIgZG93bmxvYWRfdGltZV9tcz0iMTQ3NTMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2NDI5NjA1NDQwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjQ0Mzk0NzQyNSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjg2MjY2NDE0NCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjgzNyIgZG93bmxvYWRfdGltZV9tcz0iMTkwMTAiIGRvd25sb2FkZWQ9IjE3MzgxMDc1MiIgdG90YWw9IjE3MzgxMDc1MiIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDE4NzAiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2ABBCA4F-D0E3-44D2-A521-66AB55DD7A14}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2ABBCA4F-D0E3-44D2-A521-66AB55DD7A14}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe" /update /sessionid "{9DD8FA0D-0352-4B11-823C-6C683FB575D1}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OUREOEZBMEQtMDM1Mi00QjExLTgyM0MtNkM2ODNGQjU3NUQxfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InszNzAxRjgwQi02NTlELTQ2MjMtQUYwMi1FRkM1MDRGRURGQjl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjQxIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyMzM3NTYxNzMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTIzMzc1NjE3MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDc5NDM4MTI4NyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNGFkOWNiNmUtODI0NS00ZTQ3LWIyOTgtMWZmNGIwNDI1NmUxP1AxPTE3MTg3MjE3NzQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9V01QeHFJTzRKZlBJJTJma0xXMENBYzV5eHdFd1FnZFpuVWFDSkVkdGh4M0NGMzBnOEpqcWNSNHdiaFplMEpmODUyaTNsRVNmQzd2WGo2SVlGRUNZS05IZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzQzNzYiIHRvdGFsPSIxNjM0Mzc2IiBkb3dubG9hZF90aW1lX21zPSIxNTM4MjgiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA3OTQzODEyODciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA3OTk1Mzc3MDIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyNS4wLjI1MzUuOTIiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNzAiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins2QTA2NUVERC1BNDU4LTQ1NkUtQTY3NS1BQkVFNzM2ODgxNjd9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Temp\EUCD28.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUCD28.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{9DD8FA0D-0352-4B11-823C-6C683FB575D1}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OUREOEZBMEQtMDM1Mi00QjExLTgyM0MtNkM2ODNGQjU3NUQxfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7OTZBQUQ1MjQtNTRBNy00NzNFLUI1ODgtNDVDMDAxQzYyMzk5fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4Ny40MSIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzcwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTgxMTY2NzAiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODQwNDc0OTM3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjBDNEFDQkItMzYwMy00NUE5LUI2MUYtRjg4RjRFMTdEM0YwfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QTE4NzlDNDYtRjMzNy00REEwLThBQzktNTFBMDREQUEyQzhDfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IlFFTVUiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtzRzlESjZNM2Zaa1A3Q0VMV0duRHhDK3dhUmFRRXVFTHZMSWZYay9NQXRjPSZxdW90OyIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IiIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iNjgiIGluc3RhbGxkYXRldGltZT0iMTcxMjIzMzcyMiIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzU2NzA2NTkyODM2MjIyNyI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxMTQzMjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MjU5NjkzNTMzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjBDNEFDQkItMzYwMy00NUE5LUI2MUYtRjg4RjRFMTdEM0YwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0NUU2MjBDQS1FMEI2LTQxRTctQjA0MC0xOUIyMjEzMTVCQjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODcuNDEiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzNzAiIGNvaG9ydD0icnJmQDAuMTQiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzNzEiIHBpbmdfZnJlc2huZXNzPSJ7RDNBRTY5QjgtNTg4Qy00OEYwLTg3N0MtQTIzQjg0RTc5NjYxfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjUuMC4yNTM1LjkyIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzcwIiBjb2hvcnQ9InJyZkAwLjU0Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2MzcxIiBwaW5nX2ZyZXNobmVzcz0iezZENUMyQzE5LUREQjQtNEY3Ri1BQzZCLTc2MTZBQjMxRjRGOH0iLz48L2FwcD48L3JlcXVlc3Q-
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:51256 | tcp | |
| N/A | 127.0.0.1:51263 | tcp | |
| US | 8.8.8.8:53 | 89.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 44.237.65.238:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:51270 | tcp | |
| US | 8.8.8.8:53 | 238.65.237.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| GB | 128.116.119.4:443 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| BE | 88.221.83.8:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| BE | 88.221.83.40:443 | css.rbxcdn.com | tcp |
| BE | 88.221.83.40:443 | css.rbxcdn.com | tcp |
| BE | 88.221.83.40:443 | css.rbxcdn.com | tcp |
| BE | 88.221.83.40:443 | css.rbxcdn.com | tcp |
| BE | 88.221.83.40:443 | css.rbxcdn.com | tcp |
| BE | 88.221.83.40:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| NL | 128.116.21.3:443 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.83.221.88.in-addr.arpa | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 92.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| PL | 128.116.124.3:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | edge-term4-waw1.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-waw1.roblox.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| BE | 104.117.77.80:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1818.b.akamai.net | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| GB | 128.116.119.4:443 | locale.roblox.com | udp |
| PL | 128.116.124.3:443 | edge-term4-waw1.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1818.b.akamai.net | udp |
| GB | 128.116.119.4:443 | locale.roblox.com | tcp |
| BE | 88.221.83.27:443 | images.rbxcdn.com | tcp |
| BE | 88.221.83.27:443 | images.rbxcdn.com | tcp |
| BE | 88.221.83.27:443 | images.rbxcdn.com | tcp |
| BE | 88.221.83.27:443 | images.rbxcdn.com | tcp |
| BE | 88.221.83.27:443 | images.rbxcdn.com | tcp |
| BE | 88.221.83.27:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.77.117.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.83.221.88.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 2.22.144.92:443 | a1993.g.akamai.net | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| GB | 128.116.119.4:443 | roblox.com | udp |
| BE | 2.17.198.185:443 | a1992.w27.akamai.net | tcp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| PL | 128.116.124.3:443 | edge-term4-waw1.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1818.b.akamai.net | udp |
| BE | 104.117.77.89:443 | a1818.b.akamai.net | tcp |
| US | 8.8.8.8:53 | a1818.b.akamai.net | udp |
| US | 8.8.8.8:53 | 185.198.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.77.117.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | tcp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | tcp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | tcp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | tcp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 2.22.144.92:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| GB | 128.116.119.4:443 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| BE | 2.17.198.130:443 | a1899.dscw27.akamai.net | tcp |
| BE | 88.221.83.26:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | 26.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.198.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-waw1.roblox.com | udp |
| PL | 128.116.124.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 2.22.144.41:443 | tr.rbxcdn.com | tcp |
| US | 2.22.144.41:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1831.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | a1831.dscd.akamai.net | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| GB | 128.116.119.4:443 | thumbnails.roblox.com | tcp |
| US | 8.8.8.8:53 | us-central-default-px.roblox.com | udp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | tcp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | udp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | udp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | udp |
| US | 8.8.8.8:53 | us-central-default-px.roblox.com | udp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | udp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | udp |
| GB | 128.116.119.4:443 | us-central-default-px.roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | cs.ns1p.net | udp |
| GB | 128.116.119.4:443 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | 41.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | a4c9427a-pulsar-pweb-4287-639546627.eu-central-1.elb.amazonaws.com | udp |
| DE | 35.157.138.20:443 | a4c9427a-pulsar-pweb-4287-639546627.eu-central-1.elb.amazonaws.com | tcp |
| GB | 128.116.119.4:443 | chat.roblox.com | tcp |
| GB | 128.116.119.4:443 | chat.roblox.com | tcp |
| GB | 128.116.119.4:443 | chat.roblox.com | tcp |
| GB | 128.116.119.4:443 | chat.roblox.com | tcp |
| PL | 128.116.124.3:443 | contacts.roblox.com | tcp |
| PL | 128.116.124.3:443 | contacts.roblox.com | tcp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | a4c9427a-pulsar-pweb-4287-639546627.eu-central-1.elb.amazonaws.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | tcp |
| GB | 128.116.119.4:443 | notifications.roblox.com | tcp |
| US | 8.8.8.8:53 | nfd-prod-c-142502592.us-west-1.elb.amazonaws.com | udp |
| US | 52.52.192.222:443 | nfd-prod-c-142502592.us-west-1.elb.amazonaws.com | tcp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| GB | 128.116.119.4:443 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | nfd-prod-c-142502592.us-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | c0aws.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2b-lms.rbx.com | udp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 8.8.8.8:53 | s.ns1p.net | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| DE | 13.32.27.107:443 | c0aws.rbxcdn.com | tcp |
| BE | 88.221.83.35:443 | c0ak.rbxcdn.com | tcp |
| PL | 128.116.124.3:443 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| DE | 18.193.195.191:443 | s.ns1p.net | tcp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| GB | 3.9.154.15:443 | aws-eu-west-2b-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | d13im6y9zsyqh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | d13im6y9zsyqh9.cloudfront.net | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | a1913.dscw27.akamai.net | udp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | a1913.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | nfd-prod-b-1076442370.eu-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | nfd-prod-b-1076442370.eu-west-2.elb.amazonaws.com | udp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 20.138.157.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.192.52.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.27.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.102.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.195.193.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.154.9.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.127.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| GB | 128.116.119.4:443 | presence.roblox.com | tcp |
| GB | 128.116.119.4:443 | presence.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.97.116.128.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| BE | 88.221.83.35:443 | a1913.dscw27.akamai.net | tcp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 151.101.1.194:443 | roblox-poc.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | roblox-poc.global.ssl.fastly.net | udp |
| US | 8.8.8.8:53 | b.ns1p.net | udp |
| DE | 18.193.195.191:443 | b.ns1p.net | tcp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 13.225.78.124:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | dexeqbeb7giwr.cloudfront.net | udp |
| US | 8.8.8.8:53 | dexeqbeb7giwr.cloudfront.net | udp |
| US | 8.8.8.8:53 | followings.roblox.com | udp |
| GB | 128.116.119.4:443 | followings.roblox.com | tcp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| GB | 128.116.119.4:443 | games.roblox.com | udp |
| GB | 128.116.119.4:443 | games.roblox.com | tcp |
| GB | 128.116.119.4:443 | games.roblox.com | tcp |
| GB | 128.116.119.4:443 | games.roblox.com | tcp |
| US | 8.8.8.8:53 | 124.78.225.13.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | games.roblox.com | udp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| PL | 128.116.124.3:443 | badges.roblox.com | tcp |
| PL | 128.116.124.3:443 | badges.roblox.com | tcp |
| US | 8.8.8.8:53 | edge-term4-waw1.roblox.com | udp |
| GB | 128.116.119.4:443 | voice.roblox.com | tcp |
| GB | 128.116.119.4:443 | voice.roblox.com | tcp |
| GB | 128.116.119.4:443 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| PL | 128.116.124.3:443 | badges.roblox.com | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 151.101.0.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| US | 8.8.8.8:53 | aws-ap-east-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | stripecdn.map.fastly.net | udp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1c-lms.rbx.com | udp |
| HK | 43.199.80.88:443 | aws-ap-east-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | nfd-prod-c-1420969030.ap-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| PL | 128.116.124.3:443 | pulsar.roblox.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| JP | 35.76.184.243:443 | aws-ap-northeast-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | nfd-prod-c-1420969030.ap-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | us-central-origin-px.roblox.com | udp |
| US | 54.212.189.199:443 | aws-us-west-2a-lms.rbx.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| HK | 43.199.80.88:443 | nfd-prod-c-1420969030.ap-east-1.elb.amazonaws.com | tcp |
| US | 8.8.8.8:53 | us-central-origin-px.roblox.com | udp |
| JP | 35.76.184.243:443 | aws-ap-northeast-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | nfd-prod-c-1199815139.ap-northeast-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | nfd-prod-a-646748404.us-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | nfd-prod-a-646748404.us-west-2.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | nfd-prod-c-1199815139.ap-northeast-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 176.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.51.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.80.199.43.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 52.33.51.5:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 8.8.8.8:53 | us-central-default-px.roblox.com | udp |
| US | 8.8.8.8:53 | 243.184.76.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.189.212.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.51.33.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| PL | 128.116.124.3:443 | realtime-signalr.roblox.com | tcp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 27.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 2.22.144.79:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1694.dscg.akamai.net | udp |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.3:443 | client-telemetry.roblox.com | tcp |
| GB | 128.116.119.4:443 | voice.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:53144 | tcp | |
| N/A | 127.0.0.1:53148 | tcp | |
| N/A | 127.0.0.1:53151 | tcp | |
| N/A | 127.0.0.1:53155 | tcp | |
| US | 2.22.144.79:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 2.22.144.79:443 | setup.rbxcdn.com | tcp |
| US | 2.22.144.79:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 60.129.102.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 2.22.144.9:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 2.22.144.9:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 9.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | aus5.mozilla.org | udp |
| US | 35.244.181.201:443 | aus5.mozilla.org | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 34.160.144.191:443 | prod.content-signature-chains.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| FR | 23.200.86.251:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.86.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r1---sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1---sn-aigl6ney.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | r1.sn-aigl6ney.gvt1.com | udp |
| GB | 173.194.183.166:443 | r1.sn-aigl6ney.gvt1.com | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:53915 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 34.117.188.166:443 | contile.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 20.166.2.191:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 191.2.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 2.22.144.14:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 14.144.22.2.in-addr.arpa | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54149 | tcp | |
| US | 8.8.8.8:53 | 1.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.173.189.20.in-addr.arpa | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54393 | tcp | |
| US | 8.8.8.8:53 | 26.178.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54510 | tcp | |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54603 | tcp | |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:54696 | tcp | |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54789 | tcp | |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:54882 | tcp | |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
Files
memory/344-0-0x000000007396E000-0x000000007396F000-memory.dmp
memory/344-1-0x0000000000810000-0x000000000081A000-memory.dmp
memory/344-2-0x0000000005080000-0x000000000508A000-memory.dmp
memory/344-3-0x0000000073960000-0x000000007404E000-memory.dmp
memory/344-5-0x0000000005AA0000-0x0000000005AB2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
| MD5 | d0104f79f0b4f03bbcd3b287fa04cf8c |
| SHA1 | 54f9d7adf8943cb07f821435bb269eb4ba40ccc2 |
| SHA256 | 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a |
| SHA512 | daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc
| MD5 | c2ab942102236f987048d0d84d73d960 |
| SHA1 | 95462172699187ac02eaec6074024b26e6d71cff |
| SHA256 | 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a |
| SHA512 | e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc
| MD5 | c28b0fe9be6e306cc2ad30fe00e3db10 |
| SHA1 | af79c81bd61c9a937fca18425dd84cdf8317c8b9 |
| SHA256 | 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641 |
| SHA512 | e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE
| MD5 | 13babc4f212ce635d68da544339c962b |
| SHA1 | 4881ad2ec8eb2470a7049421047c6d076f48f1de |
| SHA256 | bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400 |
| SHA512 | 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
| MD5 | 15cdabcecc4ae0ec3253b1625156b0a7 |
| SHA1 | fa1b2c6a2be53578ef278706cdee6f725e00b003 |
| SHA256 | 6dbcc562d627628e45187afbd2421be88797e20e36910393a883e361973da553 |
| SHA512 | c9a1740bf5fed7cbc6d91ab92222b178fe4a8ab2d75dd8f18d827046bab88d7632b0751e953e77e29aaf9a9bf390697e94f23e172cfe034a4263bcf7c7149106 |
memory/344-1466-0x0000000073960000-0x000000007404E000-memory.dmp
memory/3800-1465-0x00007FFA56F63000-0x00007FFA56F64000-memory.dmp
memory/3800-1467-0x0000024057B10000-0x0000024057B2A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/3800-1470-0x00000240725B0000-0x0000024072AEC000-memory.dmp
memory/3800-1469-0x00007FFA56F60000-0x00007FFA5794C000-memory.dmp
memory/3800-1471-0x0000024072230000-0x00000240722E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll
| MD5 | 34ec990ed346ec6a4f14841b12280c20 |
| SHA1 | 6587164274a1ae7f47bdb9d71d066b83241576f0 |
| SHA256 | 1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409 |
| SHA512 | b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0 |
memory/3800-1473-0x0000024059810000-0x000002405981E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll
| MD5 | 851fee9a41856b588847cf8272645f58 |
| SHA1 | ee185a1ff257c86eb19d30a191bf0695d5ac72a1 |
| SHA256 | 5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca |
| SHA512 | cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f |
memory/3800-1475-0x00000240722F0000-0x000002407236E000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll
| MD5 | a0bd0d1a66e7c7f1d97aedecdafb933f |
| SHA1 | dd109ac34beb8289030e4ec0a026297b793f64a3 |
| SHA256 | 79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36 |
| SHA512 | 2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50 |
memory/3800-1478-0x00007FFA56F60000-0x00007FFA5794C000-memory.dmp
\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.dll
| MD5 | 8518e81caa4b5a961656b687300b64f3 |
| SHA1 | 3079b0a84cca1f8b270a331c68cf0c134f42aedf |
| SHA256 | 4179c99032b9698a74a0b395541b8a7124531ecc053428fae0916a02b78364e1 |
| SHA512 | 20a99e88e1657ca41ba7ecf31e4a1fff56b721dfa55b7a10531715bb674ab11abfa08c5e7d53ce9cef78cf63bcc3248e8131ca5674d8169d7ac4ac8f0a1385bf |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\VCRUNTIME140.dll
| MD5 | 7a2b8cfcd543f6e4ebca43162b67d610 |
| SHA1 | c1c45a326249bf0ccd2be2fbd412f1a62fb67024 |
| SHA256 | 7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f |
| SHA512 | e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\zlib1.dll
| MD5 | 75365924730b0b2c1a6ee9028ef07685 |
| SHA1 | a10687c37deb2ce5422140b541a64ac15534250f |
| SHA256 | 945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b |
| SHA512 | c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1 |
memory/3800-1487-0x0000000180000000-0x0000000180B19000-memory.dmp
\Users\Admin\AppData\Local\Temp\Solara.Dir\libcurl.dll
| MD5 | e31f5136d91bad0fcbce053aac798a30 |
| SHA1 | ee785d2546aec4803bcae08cdebfd5d168c42337 |
| SHA256 | ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671 |
| SHA512 | a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6 |
memory/3800-1489-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/3800-1488-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/3800-1490-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\bin\path.txt
| MD5 | 6b09afc61af8884f2fc6204922e970be |
| SHA1 | fe3da40f27e8dc2b8e2392c9590666982fff3398 |
| SHA256 | f99a87a0c9006940f0d9efa1331d253dcf56016c82f4e266b507c303bb8493a6 |
| SHA512 | 69ac27dbd690d1919a5da98e5f427328147c18a338596a0cf7ccb2cd09594da388fc4bb5df660bb4ca5a630f3ffc3ee3783b24c262683d2c5992db2f1abca8ea |
memory/3800-1492-0x0000024076F40000-0x0000024076F48000-memory.dmp
memory/3800-1493-0x0000024077120000-0x0000024077158000-memory.dmp
memory/3800-1501-0x0000024072B00000-0x0000024072B0E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\datareporting\glean\pending_pings\596971c9-1e84-4380-b923-d2799b9831f8
| MD5 | f997c03ec192dc9bf314e695d09c27f4 |
| SHA1 | d825345ea65e37c30b57398123df947ee9333f63 |
| SHA256 | cba86db9b5017ce17e7eeefa6880ea654c5c80445f0c672feed6728ca6e70c49 |
| SHA512 | df65f886e786fc14dfb9dd21724c34469359f1189884efdad2caf856bb59946e36c6337b9a3e47a3412278c5fdf7cc422e11aeb82ddfcd2e16f8159cde95c66d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\datareporting\glean\pending_pings\c503a998-5586-4bdc-be5f-a7afa9d34d5d
| MD5 | 357d380bd57733df8c370a2dd30aa195 |
| SHA1 | 5da6c102a08d83064d338ff8817f67b21ce7cc5e |
| SHA256 | e9e9607d7dc1c34546c7ba9eb3b9524c7274550d187ded95934e792f1d159d56 |
| SHA512 | 323a36a3ba7e41865e5dccfea631f5723e55329a18113e4016a01807ae557809b343d7abdd638b960d54fb96c0d4f76cafbadf846a01a3bae5a3e3470a7edfb5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 4d85caebee1e1966bc0a436d259a9a33 |
| SHA1 | 21b32206ad7beafe0e810b81b296baf2c073acfc |
| SHA256 | 4c80f6b654524c641af3c1d62896ee100dbd1551c4248ed1a4feb26b24089cd3 |
| SHA512 | 580bd93dc53da6af6c89254a6773cc15c8c2dc4a7969764465a2878b18f43e4c172a2473bb09dd46fea981013b4ecf964badabe87dd3d1f53605e5a672b073b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\prefs.js
| MD5 | 716e9caad78b7e4e353044c0e2920a2b |
| SHA1 | 4aa1703230a7aba12f8472a2448b128c1f40c8e2 |
| SHA256 | 699fc83f70230fe71d23ab09c7449e324ac01c32e247466989940b5f79725f8f |
| SHA512 | 26ddad9d9c294030034e749b548804049939e0d01e61b4d429b2bce65667d507648ff21f9c609ddab815c556dce6f3d6d4be56db113bba0bd85a7ee727107a82 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 3018d1aad8385b734068dbad441e344e |
| SHA1 | 2a3925bc92ec843db64b6db2cd6fe18ccf084a86 |
| SHA256 | f33415b0b1fc8c7e52356318d44aef1ae6bd9c64a89afa012d43a01a79954f88 |
| SHA512 | 7ab1a1115a4f7ac61ba41bfe5875792cfa84d81f14f71239e43848de5940bfa07e2e34ea4be85a61c091d0b4b7742f3f55961fd26734b528cdb2c0b4d169c5e0 |
memory/3800-1584-0x00007FFA69D80000-0x00007FFA69DA4000-memory.dmp
memory/3800-1583-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/3800-1592-0x00007FFA56F63000-0x00007FFA56F64000-memory.dmp
memory/3800-1590-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b7e6b6d3356384cd586c8ff829205b03 |
| SHA1 | 0b5a0825d2e899315c818b6f98c09fe39f10adb2 |
| SHA256 | bab59fb408b524eac60b4ed42944553af8f7755cd97b67a574ad3324b5ab7159 |
| SHA512 | 107dc77a6fa5b2c349d837e4715f0202faade4b12a684854d6d5376425a716819cef5a58c9f45cd69232f273ae75751b0e5d5721e40c0262caa08a8f58ab6004 |
memory/3800-1598-0x00007FFA56F60000-0x00007FFA5794C000-memory.dmp
memory/3800-1599-0x00007FFA56F60000-0x00007FFA5794C000-memory.dmp
memory/3800-1772-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/3800-1770-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\prefs-1.js
| MD5 | 8693cdd7171c3f9076788e1158d4efc5 |
| SHA1 | f1f15fd16c2a4536d07fdce3dc7e26d6777881d5 |
| SHA256 | 3cdf1d177b531204b0b24a27bbe7fee4ecaf555871522089cff16701ed5154d8 |
| SHA512 | ecdf2e31bfc9bc368c54c7188ea5d2e41dd83c0a6aedc52a4f290a07d7d68dfb24a15cf1e72fe0fb6f676ff59e4625ebd7e8706e29a575f5f13c4b950e6f7b27 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\prefs-1.js
| MD5 | 7ad2ca6e6926def6fde745ecc025dcb9 |
| SHA1 | 8b270854ee1fb7ed82d3f712b685bf3c602c3cf1 |
| SHA256 | a1a572c43aba1f4b1d43d3cc7269ea360767c14519515ea0b452291e8c9ab07d |
| SHA512 | 8427ebbebb1127f1ad8310182ee91445f74ddb1253b4bb2974909ce61d5dd12ca7c4600d76a4f68413c06c08fb934ca6e94f26968ace637669a2d2cb8593d4bf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b3187eafb59da54bee24bce81fab2c91 |
| SHA1 | df47c29abc407e3344e76055f0a6f8f91be648dd |
| SHA256 | da060acb95cb8749e851aec5c918825e54952019b190862ab66c1ab8d0ebbb38 |
| SHA512 | 8e2b306bebe81bc626499e6d787cb1195a81f3cd68dff45ed6fd418f9e94a78a7b6622a3bd72cf141dbb6082d4b2157970f8cac3805813722b985d928b303c04 |
memory/3800-1864-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/3800-1891-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7f2b020430faac22512c321849199214 |
| SHA1 | fc7eb4049829127d56988cd5697e122ac7092b41 |
| SHA256 | 9081cfc2dc33fe991ebf8d47c35f8cbc6c18de5399e7acc9be299553c6f2419d |
| SHA512 | 2ae2199ad6821173ee434557230673f3bf9fcea9c1ef392e4bd994641ce46ac7df1e10498c657186d85fd1e1730aee9baca648cdc4ab2b6769359dba0d25c43e |
memory/3800-1902-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 66b04401d63fe656dee771ded93487ea |
| SHA1 | c088bc90dccb42258c2b512f223022e406e3a70b |
| SHA256 | a504147ad9f4ec7c530798281d5abfa67b9636887ff522f41c6d5a76d60a39b0 |
| SHA512 | 63977114fa5362c734b8ea0dc8efbd49b7ed6bacbd3029379afa2d97c65dab95d87c0bd0b1311f42b51811a5747161443c153a00b72e4085cec71ed46b8465c8 |
memory/3800-1917-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/3800-1922-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 0ce2c05c9080fb2cc2c7a024697a6f3b |
| SHA1 | 202d530a668791c128e1e1784bacf2efad7df6ad |
| SHA256 | 69e8cf8feb929401b3f9ea9582c4226bcabd6dd938aa8a1fd62406b4883f6d41 |
| SHA512 | b2f35ccbab31c108a43bc5a7055e5950e246a2d431d57e593d06d32430b87a7cad28e4d6fb1e2c79cf8ba9e8d2cebdc110fb0e0749e2cb97f2b54f918fd92415 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\23440
| MD5 | 525df70ea9ca3538fe81432b4e94ff99 |
| SHA1 | 6c3dc9fe4ba75256160905d558e75f6e5fec573d |
| SHA256 | e589afeb0f942ad9d19700ddcbdaa463213ba8115a4b85f31631a92074bb3492 |
| SHA512 | 2f11d7f3050751e3b06339906ad584999673d52272c96dc34c7d1433ccd442c1e9f09fc3a78b95d6a333eafaec6b0d2fe1fe1cb2669f4f857e9128795cfe6d5c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\31353
| MD5 | 7fc8a0cbafd4bcdf7937d3ab5facf009 |
| SHA1 | edf6bef75100aed54cc572e387fdd53f15bdd192 |
| SHA256 | cd2a6715df94ed4d3b4d2bd8a78df38f9e4a64af54f59a0654d825bb086ef042 |
| SHA512 | 05039454e78c9cce6954ac5b26fcc72cfd6150c022632837c701d9a99847ed1427fc095ea4c247e17984a5350ad63e1a653784f192897bf55ea0d3fb890aa72d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\18290
| MD5 | b32272a86a3b6f0c3eeb1e70ca95d48a |
| SHA1 | 82236ab95fac8ca524c9a228f9731a73b13d54eb |
| SHA256 | f3508e1d1b5e8f2a1e21cb65c299ed0b0c2bdf191996c419bc2af6e9f78e3a0c |
| SHA512 | 55b2bb6245c77b27fe8821bac12bd8cc08e105c93cdade3c8eb920c3b3a0b1b031f5be8b0cc5f9e4eaa1765f585ede3d15a336a09662d8927eff4b139c928f65 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\4779
| MD5 | b58554094a36c224cc322a24ea7aad0a |
| SHA1 | 36edf27aae0dbf51c669dc9b9365c64250da6cfa |
| SHA256 | ad0ea4342f09b3b103830edf3400be2c63ba263c7079dc718ed6ca5f3ea93643 |
| SHA512 | 0edcfbc5654f028cdc7a8380001337b18ce57b1ae1f7ab8f86eea55b36292cfbaeab0c0da98f3eba3facfe73e63531d345989c7ef55d773f88aa197bda5ddd2a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\17617
| MD5 | 99f95ae124111f2f1dc0916835f69cf1 |
| SHA1 | 093a645e713022c51346848d8736efd279c3900e |
| SHA256 | b9a3d7f42464ea618ac1b4dcad047b3c5a9311eaa0cca83573bf19256f55431f |
| SHA512 | 06a7ed797961371861f8b95003e00ea48618a3c7cb993457f045096b4cccbe5eb5e7def6354deb818178c74ada6944752a6b2660b79c2f85b10c28b130a88e74 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\11198
| MD5 | b0c90784fa2ec880aea08da0b72ae2ad |
| SHA1 | d974787f83777123186bd0ea97ff87ca09bbf33c |
| SHA256 | 7ef0eb4ce47dd07b09ae1a37f8a14cc3710ef99583f3c75dde04f7b91c6da667 |
| SHA512 | 84915b07b29384b966f59516b3c0cb93f283f4afc584b1d7112bd0cd25cab24ea0f06bb998cc5272efbf76a3c8ffed8f643b7af66db232b13145c0b5702b08ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\4609
| MD5 | 45d228c39b312535035bf1934daf9d61 |
| SHA1 | a2d40b5dffd6dd0a8d93b7d44e1fa4d63308cd93 |
| SHA256 | a7b8ab7cf85db2161c379c8e8c559dba9abe75f9244a5c42db5b82591ade483f |
| SHA512 | e6508e013a9ea4b3c1d4b8f8ab42ff2844b27600a9703bf5c350da063ce93080e47b54c2a9ae53b77ded3c69f3c012a710143fcb4913dd9903cdd151d4ef6d47 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\4106
| MD5 | c9ce840af80295bf8938081cfb36648f |
| SHA1 | 64750d705901780791f4858a45ee49343e15a5cf |
| SHA256 | c3b1ec54c158e3d96908e443719e236c009179a1f8cffc5611b88d28d087264b |
| SHA512 | cfb6383801cafc204fc28a3800c8d892ef1cb94eb175cefdb16f7c73b0ec5c302456fe14f5462bdf34a9c3f208aa923f9e5a9fef4bdf34c13d180ff9ae782c08 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\21792
| MD5 | 5f0434ad177744a82ac185686c59f8cd |
| SHA1 | 434d862f5ca7fd693508cf3bc596319ca98668ec |
| SHA256 | 77dfa5bd495e53c8aa54d089b10cbfa549f3d71db03ce22aa16c9241f08c1333 |
| SHA512 | 756d55e1c4c47afc98c9cca90013144803568f92887adfc989dba4c9fa800da8716e6dd754212988d4ee1d8ae76458488cd4346e42963c7d3626f7cef48083af |
memory/3800-2123-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f9373590517a60f194ba111b4b316926 |
| SHA1 | c93be2ac1159030d0e2b8de733ba9adb8b3b5385 |
| SHA256 | 9b349881236e58ec4877b8a1a009b1d2ac0e37b8be047f967ffb2638538d89a3 |
| SHA512 | 9d493a131b9cf9e52aa3a112f40a2d95c97e4bf4f35e713efbfef4d99c440d8c061733527ca37f1d96a3954e90fe29432592734a3f6898ed20f761a6557ab318 |
memory/3800-2154-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\storage\default\https+++www.roblox.com\idb\3140325527hBbDa.sqlite
| MD5 | d18831b03b23050dfffbfccb4d8097cd |
| SHA1 | 6a100540bad95c98beed4c90e577260c1dc46f52 |
| SHA256 | 03910475a8c8f52d4e546eb5f9749f0af3c4771176f208db4b6c5122d65ee925 |
| SHA512 | 65212ee7bbc11956635090283bceb28f0f9e51e8349b19f98ba4d2327ce53a56ed6e5bae0de6d38d62219598222b271257fe8fd2d1373d88e07fdd2fe32ed364 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\28277
| MD5 | ba4b8d851c85c8ff79f34d28f1f6ccb8 |
| SHA1 | 4360b69e6ce427fb1adf021862b24329cf09d34b |
| SHA256 | d627cc515a1e5b7ef5af37a3c96372e9ff2cf244828746468cf4ec2c8fd6a0a7 |
| SHA512 | 17ce7402228561aed1500e4df65f14cf150924368bee58efb33283e4e8312a89dedeb965f9f07db8cafa27297fa1ad1fef883f7acb1a868dbe898919f2943be8 |
memory/3800-2204-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 7a6a16745d42ffc2c0d4698370152340 |
| SHA1 | 780fd641fc6989c5fdb0b6716d16cf33ef16b5ef |
| SHA256 | 7cac802a7d1d73982bb0014f06dd0ea8e6fbdc9bcd1444c475bc0959d567322b |
| SHA512 | 21a6963f782ae09701f48967a0b305263588517390032ace00bfb2a7d771c0c01eef923f2ad6833d0f4b04fba740f806cbb4488d60fce545c97afca0ca0343ec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\31604
| MD5 | 328281a5414e8acebafc0fec19fcec17 |
| SHA1 | ad76b716d383b026f7ba7ad6bcd4894de1eafc49 |
| SHA256 | bcdb053d847a33a200eee2eda88505dfdae6cdf78824e67134a9fd1e31a7d45b |
| SHA512 | 6a1bd7b1a46043ab860d09abd60b9ddeda6b4ceb7b26bb1f98af2a4323197c487672e7e4f90d5bd1b3ae3bc85d463fba3f79fddaf8689f82c75b09cf4a0ad028 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\7410
| MD5 | 7d4115d6864acf674b4c3311316b1fb1 |
| SHA1 | 5ca871d97cb5d05f221eee618a8f651289b99b4c |
| SHA256 | 07c368796a6b34686ec229e28e7b9dfcf7e83e9074165e7047b1140aa3c1df9d |
| SHA512 | 72fc2bd2292af468dd4597b3d22d0668dc447045b3622c5e715cedc87fd70229edee1193841a558b5550e6f6832730ecf7832a8d902c4f720b705fcb9cbc5e11 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\21045
| MD5 | 6212d7d6b70e6eb0d8dee3b2d15c06c5 |
| SHA1 | 259823dfed01bde6bfd44b1fc5ea4c0f4f49c31a |
| SHA256 | afa4f1b322bddaafef8cb69cf049a4bbad7cb4d9971d01ab957d51c63570ab2b |
| SHA512 | 5716e0d866805458c700b4f9923add9bd8334fe210b8a4d37ba601d1b4df946720dfcf67f84a12f11b65031c05d9e119cdb809792b187e11d8017924bb9e18b2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\CD266DEAC2A9A59C41FE9D8838D5B4D414B2712A
| MD5 | d77dcd46cfb41ef2d546b319b93af09c |
| SHA1 | 97bb1e0bf0132a7bdb82e780b1cfedee7e510a27 |
| SHA256 | 7dc1dca6f0fb92a2dca0053726809d4b0b9243f3648ab9e7f8b0680ff8cf5497 |
| SHA512 | 50e6acaaf0880ae76a66d4abde54e5a931df2814b8cb1126a7f12c5da2807f539ab43a30fd7d6b845a0222e13c064805c8819254636441f74bfca25dbadccbe7 |
memory/3800-2742-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\0D0C8B41B123A60A76177A339C5D673D74E526C6
| MD5 | 566ec07ab159acb88e5aeaba901ecede |
| SHA1 | de42f135f2620bb2ff731598a3fde1aa19a5704a |
| SHA256 | 40e359c66a046093fcae1793e67462fdaf3cdba1d9ca250ba105e5ec905fff3c |
| SHA512 | d3e592545bd08e00428de5efdde2cb4fab7a0893905036c5139b0f804856d64bebcdaba4693749f4f2d4fbb813097d8f370ef32a58b850a268d39ca52c3e0eb5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\28178
| MD5 | f833b7b06530181ff0d27222afd39cc5 |
| SHA1 | e3a73ba3a0969808fa0beba157c6b6a4b6e99091 |
| SHA256 | 87e061a786eda4b22616a5b5649c93ccafee93cf0aebf0a9e975eab94ad27d58 |
| SHA512 | ba8e685929a7523372cd6ceb0ee93fa31e96d79851e0a3d5d5a1420ada86c38c49d23125c1ad3550a54c0cfa204e07ff82773faddc03ccaaaa955647bb278529 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\A876C8AF86717633E6E46572013B957E820A5E24
| MD5 | 012f5621e25961312afd62871f467cac |
| SHA1 | 9062804ebe7a4a31154090a9ed4006722d08174e |
| SHA256 | 7a72f976628df3da5f8d134b1d8dcbde7babc5bb100c0bd3df0bdd36b4e074e9 |
| SHA512 | fa442119f8b982e050f0fa0f8a5c1de63338d590f2f40480510c6d6f2fac3f564fb189ffee0e668fcc4ade4399bb77b792746dc007362cd42600577117b573f2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\1953
| MD5 | e9ce2fee475818cbaf2580dc25142be8 |
| SHA1 | d781212d4a7dd9a6110facaaa32d6c68cf5db997 |
| SHA256 | 685375d51dc00c14531ed1e485244447aee733c2b7237fbc5c4b00ae2837c0eb |
| SHA512 | 93d61612e4a45ed55e93bb3b60fb48be370e8f030dda4f9d80ca67df4fa9921b8da7eed40fa9fcc40c1d0ef9c2fb81565c1222f6b3943d91a594be85803d2d3c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\14915
| MD5 | 8b1189b2b619ce056d9eed6bfa7d8027 |
| SHA1 | 40f7d9d0d497ce3a1e1f9f97aed413c7c391ca63 |
| SHA256 | 3fdb5ff7bfade64ba88d2b630a815625e1c8816f2ba43bca28babc85176640e9 |
| SHA512 | c034e3972ae802c0b334948652cd59154d5adeca38a0dab21caeedf4e0d6e26004e8ab5bdd4b264666e242dadfd5d211e16c7b5763de58a7c29f134517737050 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\21109
| MD5 | 9bbad02d5fadc20eb6b0a9262c4097ea |
| SHA1 | e017f4056f03b9d536ec07f4e9f363b60c9c6734 |
| SHA256 | 67cc1abeff6511ef64315521ada738b0f844541c4d8b2dc4c08a442c83403bb8 |
| SHA512 | a5a1ab3a0744e3dabfa5b676505b764054a4bad5674cfaa3affda9e86d7e76589ac2eb0814e9bec264aa74aff310fb7fe389f8e4bdaef5a626dbcf2530839183 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\21334
| MD5 | 0c1a6a7188d64f0018a6245206cc6457 |
| SHA1 | c6b8b1b30a5ecbdef6aa1d382d23be32a2156371 |
| SHA256 | 4739b0ebb1b4292d784695aafae152d76e69a30cc4006e350f5717cbb8d0d7ee |
| SHA512 | ba5946d7b232fa432f9ad40f4fc865f6f49177ff5bdea0ff4194a5deac610ec9c4aba1b13750a590e36ae82a8c1205970cdd3db61676fe05037977d5b3de9ba0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\8271
| MD5 | eeea6afe38ea7774b5d0ce2a7eef00c9 |
| SHA1 | d988c09b8e4ffaf0b57b539f29120fecdc1366a9 |
| SHA256 | dc665e5488d8b061dafb7d7776b4cb7a02dab4b91a3ac472a229e5d31ef5b3ec |
| SHA512 | aa1e348a4da2b00c75cedfa060c3549cff012884d874eb373d3aa8917ffb44de64f8ef8b1d2be08cb689fae2dc8c7e1e36c30fc548fd47861d8baaa92eeb7ac1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\27155
| MD5 | 8a69176ab5f7254be6be889b17a836a2 |
| SHA1 | 6f2bbe83d433bfcc04761e095ffd8e5231fca8aa |
| SHA256 | 00fb28df0f6709cfa211cbaa3b6e5dade611e8e8c321fd1df047ba2b10c48c1d |
| SHA512 | 1f8ac8f8d49d2a1eb6d06d62add970ce0e344cfbd1e317c6f29c989f6ee7070d6a1a8a54b6e8e84c1241a3e64a8e0fc6cee264fcc327286ad0d7a3666a905871 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\5230
| MD5 | 053c674d6794948bd96a6e22b2404620 |
| SHA1 | c8d12e9bf79a4d8bb371013cf59ef3b5ddb65cb7 |
| SHA256 | 747cb2ebe00dbfa8b08ee4430c42b65db5ea5688b7e59ab2ed02906d862c5ecd |
| SHA512 | 9f03350ed78143852f7b316b0fef46d4bedd08b2abe877fdbb7b79eb8afe787b776bfdaf7e5972a129098ac499a84502e61615112f40f76e40f831a8eee261a3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\1964
| MD5 | e94cd1876e87094f3861f432a3dfc8c5 |
| SHA1 | 20e3fdaba1e879bfa72b635378e87147c3a833aa |
| SHA256 | 58f298b32cc526b2d7fe69768f28fdebf2524552c2bdd6d716bc2a6ed9c13816 |
| SHA512 | 10bb06222ecbfbbf4b2c3ac66f51185b47e700024d1de91dc4ad72c8c235ee593e95396f0dd01707d8d7c7884356d6988ee705aaaf36f00f13bfab0a53c20e98 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\5118
| MD5 | 4516bbafe4ecc331597ea23c2a359411 |
| SHA1 | 854ab7f598b3b9b814b37973d73126f3b13b4fbb |
| SHA256 | 0f43437d71419b9803787a76eb0a80ee458949032593fdedca66c973f9d85334 |
| SHA512 | 79fe55290072d370a7670d95e51333b5d75492fb0ddd877446f4231997ed834597da85f6c70fd4871ae288c1ecb37a3ecad853b5e3d9d2ef584dfe13eece9cdd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\27652
| MD5 | 1b16743fd2b1495216ae70918ee6945d |
| SHA1 | 817dc08e9119802769a4c51018c99e20cafbe1ae |
| SHA256 | 3a001c7ccbc94c41ed88bcef8fc3ba282c61f0ca23a8f4b028a3ed2d0751e9c3 |
| SHA512 | d9926f783170af675f6fcf845b61153ec4065e54a3003fee61aa9d3c003701f4366cb10a76bcf238e2c6a5421db3a7fc4c42eb551c51d0c3e5a0f4e70d298dbb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\854
| MD5 | b5294d58f737a12331b983cf40f4529d |
| SHA1 | 8da6548530307addf9b5fee09787d3c23cb7b824 |
| SHA256 | 189965d194b3afb4d27f6e335cf65eabe9ad837e081d8b18610b200411f83547 |
| SHA512 | 6f5a1370047a3ab1f9f4904fc3913bf5c40b4e54eea44286c8b39496841d78f0bc229a97f620ccdc6cfd891be0c1a7674e9188881f9d07f068ff666f23388f46 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\20223
| MD5 | 3b9f9b6d8820076033653e484c21f483 |
| SHA1 | 77d084eb666f6cfafb55005eaf8367bf7f5ff286 |
| SHA256 | 2e899eade447aadef46276105adb8f33f099388f15cfedd9dec3242bd07c587a |
| SHA512 | f978b6020113ab048923d537a03649105ff5e587ebf5c6c0602e936f34250a7bfb8cb6fa5961cd1410ffbbabadf9dfd32db3c6ba1bd7382df57b7f2e6e5b90bd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\181
| MD5 | 581ba44d2a30453fe01922beeb74a129 |
| SHA1 | a661a7c46e6d7acd48ba63e4e69c3a471296444f |
| SHA256 | 344646b8a0095a7c34d864716d036939f5b8c202cfe289de3d599e9971065a67 |
| SHA512 | 97ee3ad03a9cbeb76f626f70cdfa76562a19920307c44d8a3202d263b4812151909eb31a89cb6a687321b4697c12de545886a2610aadf0f3994367cb45a54645 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\1AB33D663B69F4F748A08F27D06DE9DC07B327E9
| MD5 | 5f3318c18340e1d32e6ee7df2bb41d52 |
| SHA1 | d520d9b4694db2099c5e9eb61d0363335e4d47c5 |
| SHA256 | f3ba9f1a37e8a1cde3791479bd8a3b624f9fe75765dc5178e1d3d7355612654b |
| SHA512 | 7c4cbba01b1ee3096f428e264ef012692efa13aa4f0815507897e4635238623d7d4168a97049bfc7d32582d7f71099615e5dbf6ae58bcc9a3a3bbad0487b1848 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\AA1F346A9657DFDC0470D6629859DFEEE28AB7D4
| MD5 | e1336adebe90f4799159f30133c06c23 |
| SHA1 | 1b8f7e75af7cfaf5e3771bc769144656f01113ac |
| SHA256 | 8bc172c6d065e2da7aba4ef4e863fb8408209297bd6625eae817ccf26dc2cae3 |
| SHA512 | c734b7a142056b54f62af0bd66ba2e616d90da74068c0489751fa03a13de1562d2de0394b37f6ca5e1c5bd3b973550649b9eeae1a8f3f916d6d713d3b206ba2a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\7813A80B43785AF552A3CC0062925770C8AEB1DA
| MD5 | 275ee78130c972b71ffe922ddcc79bda |
| SHA1 | 83570444dbaad4a39709fbe7649dbb5017d58c34 |
| SHA256 | 0712799adf7292026003369145aba0bcbf57f016b38414028177871813473f20 |
| SHA512 | 96895384be6868c5834107afc0883f3c993a2ba1b3baf2dd6b52f9973b63a30a52e20cd316fafe7f7a99c3b54c28229b0dcdedc456727cbdaa30cdae6a70d47f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\C20E036239CAF315DF30D2CDAAC4F746820BB89D
| MD5 | b8c5f88fda1e5fe46b2facad56ac09ca |
| SHA1 | 792663ffb19864ecff462ddae11ea54936828cb0 |
| SHA256 | 0668f0c0724e534eea247c5157cd9984c6a4fc49198ec59bfa26615d1097b40b |
| SHA512 | 2efa0e872cf0f765d4111db047586f99d55ceb778aefa4bd45740d1425a758da5643d4394390e3dc280c196b89e8e3b2458c69f57efe568ea45ccc1c34b9026b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\05EB7F6F7BD0BA633716511CCCAD442933622565
| MD5 | 2e5e3c26acaf89dc5cde1006be45d055 |
| SHA1 | 98eaafa2b6d4c24e0e359e2a5a26a2dc2d4c426f |
| SHA256 | acb8582d6c5929b19c898ca7f6b9e8f794c27e57c4e88484abae4007240b2d98 |
| SHA512 | 28cb5f76343e6547d66e1b35d459b7d79ecbffe85c8e1a74a9fac54a8226f3886806e81552c0f4aa013719d2cc27804849e47a1b2d7b53373cf15151e16983c1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\3CC64668187C540A26A18501F41B51C0CD662225
| MD5 | a9ed41a67a2ff4a0959c3cd03e74ad98 |
| SHA1 | 5a96c96a511b6970f642f138d553346a076015a1 |
| SHA256 | e2b017da151d3671a35ec899577f2d42b097d4ce921b9c593ee0d360a66df0ec |
| SHA512 | 0255db008db3656ce49b673ef3e6a98eea472726ae65e47592c3e63aaedfcc3d6e13a921a5a1a9c7ec719dc61078fca5190eb4120665f5661c753aafab96dc55 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\9B652E5D4286B393D5A4026D505B06DED703EF99
| MD5 | 4ae6d4da5ec7d7612a02c01be1acb707 |
| SHA1 | c7501a0f11929f709c5a7d8cfe33bccd14fbe7d8 |
| SHA256 | ce17bfc6db20ecffdb14d764d7d794e03dc842db51091b386862d5724e13e987 |
| SHA512 | e0fc5b02a229e06247f0bb143d3317322f64ee3c175c1337dcc06f9e0ebfc5328f9ecbc62724b47a9df74780ad6f778412e99cce79573ee0c84ec0c4f7d98eaa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\71BE13A736F7D4BDD8764170A171AA654BF9264E
| MD5 | 229646246922c4650d61b3d708946be0 |
| SHA1 | f9a29bc155565fa5fb25ad29c659e15db3079767 |
| SHA256 | 6dc1e43cb6bb81fc27ea6ab786c618c970766e5f29561f5497be4cb23b53d05c |
| SHA512 | 9461560cae5a7b3885d44f1eb9c3e9d89cfca25067893a189331f8a003bfcd917ab62e84e6019fc83fff49197d1d166da359ce6a6a77566a64a59ff67fee1cb3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\BE2D3D60C4D6C94AEDAA7868122CCB76EF5AA608
| MD5 | 46c56c21e919685989cbf4463baf3f6f |
| SHA1 | c03b28da6b1a05f15ada8b517fb27037808e3e2d |
| SHA256 | 60997df1debc3c3cb288376bd17a7b54b7902d949fb5c5a2feed3111a5978ac4 |
| SHA512 | aee4ff48d6836563a0503b0baa44900f16bd86cde509b0ec630e59875409424a014db3fd66b49ccb52dab4d5006b7138f4d56e22f4eb816b41b9ea438a9e23e2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\7505C2B294EFEF808B30D034AFB6A215F17E6F38
| MD5 | 968994b23854662299f5821f4c483d9f |
| SHA1 | cc0fc3c5efea37eb9a164a28c7cce6978d9a4b15 |
| SHA256 | ff374f1b36bb96576a8ef3b8d6ef6d1442697994436a02e374a39035fb3f04ed |
| SHA512 | 1a3f44f94ce6de769ceeef8b87ff216ffa658013e02060f0b7923b7181d542cbeffb4453cb741b08aa2df8edfce08f1d8327e5223932d02ef720a07c3192c3e6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\28147
| MD5 | 38edc84544d519357bb259e93b7a7e16 |
| SHA1 | 6752846a49ba79dcbe1c5eeb2e24648e52c37a58 |
| SHA256 | 00d44cec67b5ccbcee0d791eac61a3094b049769dec3ee2f983da8216954a1c0 |
| SHA512 | ca6ba5ca55556e27521bf0e2d0c1cd468a28c14df4548d593b3c77d16efeb01b8da3216905050085b1d2baf7433f2c382ac4f38a986d0ed5eda8610e5bea84ab |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\CF5FBA70D7243048D4F0F4EAE7DB9D1742EB1D64
| MD5 | dea198332d82ec50b4457aa173c99458 |
| SHA1 | 53c6258fbde26680763666cd205348621bcf1373 |
| SHA256 | 5c12c1f3902540f9605fdc7283621babab5f3b9991bad759b5d5439786869628 |
| SHA512 | 707bc0af22baa7db8ad05886d5d9727038e623e0a788cf4dc0869fc144ea87233c1b94f6e45f003aee025678c0a0337c1093baaa9c61ec317a01e688a5be7afa |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\C8346BE2A3CB54E99C43B824ABAC5F037264A4D4
| MD5 | e29850b4c2f18f029741b9017f5f2796 |
| SHA1 | e5fbe30c343646651d85b0675bd9c0d3512616b4 |
| SHA256 | 589df9351f3faa2636ee4e444e850d65dfcf4674d5577205b8e3f6a97b58802d |
| SHA512 | a319eb5865acdb24444c0385ef963c6be9ef78d054dcd3b6f5366fe51fd8630d5547de13e3b81b5d00a7db96a5e0c60400610186c05f53937c3978a517a20a2c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\2241F205D64ECA1B98C5FF7640EE620A715AC9D3
| MD5 | cc1bb98647ec642dc8b85b6802484916 |
| SHA1 | 7d671cf75b3059965251463d1216bb027b4085d7 |
| SHA256 | 14f32f591bbdc2b69b36cdda694215d838ed9c19db2f520af960de9b6f73c980 |
| SHA512 | 95f152bcd310d338cfbc4f14a75ede78ef66d3363da8353281c9214dd6e74e287253b438e43ba0eabb70a39c4d0f752a654403256d587f35cbe8c9edfaa74795 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\B5141334764A8AEF9D288548CE29C471E602A16A
| MD5 | 702e7a32c3df20fcc2a529135969cd7c |
| SHA1 | 27dec1a4e84a2fc3567973b462d8e5dcd5a94daa |
| SHA256 | 68199a5ddd0c6eaea1aee842fea6ed318c868bc77453e8111beca37f404fbdd6 |
| SHA512 | 1d9e99069befe64923d0d139ea97b906c7ff34a6698f466931986548ebe7d9721647bb37344918406e69df37c2aebc779ae3f95be45df5112ed56d444270510e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\6C3E98A33DC9184060AAD2B595620A00C6B0F8DA
| MD5 | 92c68c168a5bd2ffb0525c260de8f0d9 |
| SHA1 | 10b1a722ecd94ca3de7fe6e0e396a9e744a81490 |
| SHA256 | b0ab6d361cbeb92c646b50a68763c8bcdd9a0912a838f6d859b812f7f3413d52 |
| SHA512 | 35c0e6eed12e5659ffa7252c0c14076d38ef9194615224ad1e79017937217637b56f1ea0cf01dd663ba88a79589c745816a1082148dfb2bbdd27a9ec0ba33d23 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\E1E5F90C5D42E8AAF6267CF5C1D4F4D7211B2A50
| MD5 | a18a679ff23518492106008383924d83 |
| SHA1 | 7a52a7a1f98c74de66870a0b1cd60ca5b4f0d1fb |
| SHA256 | b0b909e1e3425b5bb7f4abcf0102ae5e523c68c750f45bfd4240874f360825f1 |
| SHA512 | 8aa6db29bed9d75b88b6dc088ef37d4df95ecd3e35de38f8818bb7b81dd698c5a91a2d5bc52ab000bab5163a4b7dc70818095f2ab8f334552dccc6137c09f1c1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\55E5E6FB4DA0D621CA2B27FEAF7A867987DF935E
| MD5 | 560e27d571b1c7c399b8fbc124742357 |
| SHA1 | a10a3d4e049b4a50e7d91228f0b7586f38dff816 |
| SHA256 | 6048e09461512e720a9aadcd3c2c11836d8e9dff646173469426a00c8dd7f196 |
| SHA512 | 459421ada04756ab9a8c0dbd0a649a157b4ac7e8ccb78229171454041db4e2bb67309b1824df97230a12ee1aa3caa35ae6df024b840ad7b27471640a3178e3df |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\8B7287CA6C1FA675E9D1A953060967D1E282BF10
| MD5 | 46494bd26646ef10d9316926ea889850 |
| SHA1 | 1cae13911ec466fd3f1628ec036619a5d35419b0 |
| SHA256 | b7c21c5892cdedaae7a65e33e3ad2a8ccc9a6f76e4cf48ec484f8d909a4a6d8b |
| SHA512 | 2328def2246b05085c54af99c46639660356b940dec798a2e120cc3d0224ed3176f92ee266fcb1fee19c97e083ba0014e596cd4e2e1b99b57baa473fedc6a943 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\739025F062E977A263D0043D9E01EE529DEBBEB9
| MD5 | 86fb256c55309f11fb56a4d31898a0fa |
| SHA1 | 5c67af27c5561b7f3232d7107b067f18ebcee7a2 |
| SHA256 | 76b0fc816ed74197e2203282b5d07223a0b1d6bf42432872c3eecf729fcbec60 |
| SHA512 | 6e3a0871817d1e0f3ad4ded23a646a5a2003681762b72f5d20a50770725af02be2457222175045c124310d107be6f3cc5ffd47d5ba2ba5027f4b3e01671ec74b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\3CD97724EBF47B50AE59221DC942CCA5EE96ED82
| MD5 | af83f685d42895db75be1104c92de001 |
| SHA1 | 31711362a60c0fb62b2d1d92a87345bc3268c00f |
| SHA256 | 026c569b4f54dc6b89d766eb0b476b739ffc3269db672d85cd71abea71ca586f |
| SHA512 | 7fa9b49f26a982f69863c2a226bf09fa3c8beb017f4fb6e8856df4cccb3ca3e8e8e6cbee879c6ac1862ae43f3bc4f059867e73fd3da5b04f8b9b471d122b79a8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\22715
| MD5 | 10440adc934224da5a39cd5b0b3c35fb |
| SHA1 | d2fb4ac1d9bd80168edb0483b6a337cf63910e3b |
| SHA256 | cb5ab0b5f0315547cbe1ed216bf1b818246f41fa3cef53eadc4b6b7f6f8d7442 |
| SHA512 | 5544d5abb36e727877e2abd3b37c0fc6e2b0c48e03faa8b2438b26577c5d47fa597a227aac262569a0cba42eca916e7bfecb1b8abe0cf6dfc7ac54fef9940a8c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\6B995C7CA46FC5BA0EFF9F15DA86A8CAE4C276DF
| MD5 | 8ab643a0acc53c84eb1f9d309a9b759a |
| SHA1 | d4a9ff1d30f6cc97bf5c0430bba7a3d24b36513a |
| SHA256 | 31ebfcd41a3d8ab22317c5d81486ba5b4468e36f29d75be1a6790528c3ab104c |
| SHA512 | ac26141a4ae446b1e737f6b2e586a224ef3bff3dbf4c1ebfb91abf6d6e5413fae4e47421e290d65f869fe330ef419592f91b8785067778e4d172490ca4540bbf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\11993EA3BF3D355927605B079BF182BDF694A9FC
| MD5 | 843246b555ca2e06cb480afe5a24b32c |
| SHA1 | 971ddedb3eb0a7d6c7137765f5de3dba477001ab |
| SHA256 | 02fd2bbbd747642f5b58268e893f3418fe7046e8c895c605996e383d6ff356a4 |
| SHA512 | 60d3b308144b6d9efec53281c1dc10c1f4c5bea456a927ae6b62f0d85f5de79a19deddc5b7af8b2aa07107200d157419e2bebaf5d603f14f6bb39e80168a96eb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\4019
| MD5 | 15cb0571bff868873af711cd505aafb5 |
| SHA1 | cafbc7add7f85a45e6c204b92d7d5071a3dd08c4 |
| SHA256 | 9009707fe931368fb39012697522396935af938ad82e276b0dd571b7c2e41474 |
| SHA512 | 2f5b3bfc5b691248429778ef3db5a800ccf4a21e818af781ec6228eeb0da193a604f64bceceb5653cfc3283ef983aacfcf4530cb876f47e517b8e4fcd1ab7fc7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\574CA2D1FC75772817A27B20A0F129C386A0113D
| MD5 | 9f75cb101481ab417b9063aa86616246 |
| SHA1 | d0ef0a79f66852b9c8e51e24218314fa53a96e80 |
| SHA256 | afd5ab95000520466e060f546d95836dfbbc027c47d0b0f8af3654f7c8382e2f |
| SHA512 | f869a49fd0cbb0873bd341f84842073cfb50a0a94e7b409ba7cbd955545571ebe00fd3165d2dbac17b775a8c8845065649180540e71f529ef60f7ca11da156e7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\050DB43D78BBC79DCD9ADCBAE96500FE04597F1B
| MD5 | 33a44db2040c55097d4016c591b1e58d |
| SHA1 | 46972e234cd9c7d372a90e9c130cc4a0c0a7ee41 |
| SHA256 | 3d33980aab7c2535ce1fef8f0630c0f55972e7c024dd8656f4baa075c1519a39 |
| SHA512 | 12c51d5c936271e1f14967e5e9d9a2685bc5d114ac8d2a069b7abc3bc79da2b7436bf3b000b82605666be48b6d07b9aa40f23432749bfd43e7e15e75e62b2b9e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\5759696408CC362AAD43661B4E32560E15A7872C
| MD5 | 28e4a7bf8a308df3cfa70771e46f7a54 |
| SHA1 | 3f27c1979dcc23a577eb5fa6dd15beb07a31f2d3 |
| SHA256 | a6fd2c619a6d107126cb425be5d3cfd242a1fa147793096b6db24dd3e54f1f14 |
| SHA512 | f3ffbb45e653920685ff19a1c896d382c6ca4eb7202b39f41a727d5fabd8163baf532f7b6c778c9aa26555a8a9c5f52062725311466a72d7fba93d3015e80a94 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\522337E965BAE0D93049A98760C05212D1B6213B
| MD5 | d95d58b98144cc33f48932cc8598c0ea |
| SHA1 | 5bd2e2e2defa20341ea5895b2484753c8618cec4 |
| SHA256 | 2c435100762f793d77f16b408565ed6ca6cb32fa32b5919f866dde891fab43a8 |
| SHA512 | f891d00f54416e3090973548db5bf1d22fa62bddf2ab60c25725e26fc011edddfebec1a3f5d32735211c748743515396c23aa7b6ee54a7cdad97c7089eead068 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\4E3562C55341939E493011A1EC297C2A4CAF51DB
| MD5 | 91ed0162d594febc7ffc7e335facf764 |
| SHA1 | 631561e7b8d941f38d4276b1d64a92121cc2abd2 |
| SHA256 | e08badfb257a431581c952e921cd931f2672f52215e7aebe149b0b0ac46e3035 |
| SHA512 | bf31030143a6bf542cb208e50c898c90fb80c4864c3d2c3904060520d7b471e50fb41ad7b796392b98e5090714e4bf034e870453e193ffdc560a741880cf0f56 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\AC5B4849CAB26A6FF5E0D69715FFD2D5203EA01F
| MD5 | ab182d03db8927e2fa929bcb2392390f |
| SHA1 | 730d13247db841c93b2613c0fcf92376bb0bb75a |
| SHA256 | 4e9ffd118486b7b3260a6a18b6b49ea9c85da29a1fa0a90b61956cd1f71029ae |
| SHA512 | 7067caddf39faffc1ab551a95b306c66b6d057ccd676466227a137eba57c5f53fbb34fd57d5cf688e1bef190e777ffd83e73bf57bbe57ccb1cf3013b21d85deb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\E049536DEABDF445A5A39B7D6289FDA9A6F2C5AF
| MD5 | 81e5561b8ecab76bcc4841b7208a8680 |
| SHA1 | 96fbb966cadd3ea118d2998d94548a75c0135532 |
| SHA256 | bab7f87787e1714ca8718ebeae3cc99cf098e7280371cb4ff80289ee4a143820 |
| SHA512 | 17999de058a055fd893df0ca9ac8987ad68787f4830835503fef71244fdd5fb98dabc37b5cd5665e668b19dd38ad0787ad9031788379f0531aefd44404e9b292 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\96A0D2F1C4ECD10450EA183542E05ADB3BBB4257
| MD5 | 76852e58769dc6f7a426d50a27774df1 |
| SHA1 | 3737a0fa121b7c7f51b471604815218b5648c575 |
| SHA256 | 811f48d0ba9ff1aa57c1456e7aae1c7e8675f758fb4079c845c209052561c5e8 |
| SHA512 | fcfde24db418eb3e9ed29f93f2ab66561e42e5719d35566208bb147214c40b7d95caee4fe4576eea316012dec2a7f854da304fc7c8969df617d737e945e8d337 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\DA784CCDD74E697C1B9356166222C06487BCEA54
| MD5 | 23269c45681479ef4eb7894d3baf7da7 |
| SHA1 | d92f1619fe7cda4d7d4bc0587874d37becf2aebe |
| SHA256 | 3427cf19d3d8b76e28c67e89544991957440dea805776cf6983c56609cf69501 |
| SHA512 | 4d62dd7c46c06dac5e35d247ffe2bf4e545f8dcebc24701a8d356943c0263eefe35fb55f2cd7a4c705513196ff70f4e11c45a55c866eb8a4ac58b6936412344c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\4C11E373FD9A73A5E61FCB5291518B290C3C15DF
| MD5 | 5b0d0cf3bc271b03ccb163780f7eda40 |
| SHA1 | 1df1bd7bdcf7db3c7b0656b3ae5ba672083da6ba |
| SHA256 | 453059128fac96a72cba660372824636704576bb9e59638bae35415207092d9f |
| SHA512 | 95dde57348e33ce691f701c2b54e900325515ac8ec790b4c8846ff95353e0da5606ea41cfbc9b917248f007bdbd1b8c01aa1c33e858d2f6ab46e69bd082d6a0f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\36BCFA23A4D04A528CE70EF12214E3995E132134
| MD5 | f1acf0e663b534257d92a4fc50a09c62 |
| SHA1 | f865f81462c86156ae03828a36f3f0bf26b4e55d |
| SHA256 | f26a469e923a9a4771f670f064143f4e5e712acaee80839124920bfa15bc3d4a |
| SHA512 | 556f8cdb0fedf24c897a8a098708d675c2b6ac3419e29948d2e439135642ba8b454b5650e0a4ba5ebee8b92e9447be2e4663f486ff0077c19e8367ab3d61ca28 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\entries\F27E0CDCD1C7E6F6CED7F2BE71ED722173C6CCAB
| MD5 | bcab97366e247143e48318e253623db0 |
| SHA1 | 2eec4a8b9a3e69e84a245a646cafafb4e23ac224 |
| SHA256 | 09825b3e1a679f43bf62f35b440b815cfdfbe37a35e563e5261bca6adb2b2bd5 |
| SHA512 | a6fc389cc289cc4ef2fb8083344f2793fe2319ad9d9781c029b72b3246fc232ce306329e8bb6a6be6026f5b16f12c66bd1e9c5f44711c77f3ec338cee46adf59 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 058ad5d90c056fecb30794a33f66c8f3 |
| SHA1 | 1808bffa1706258adb52aa3bc68a59ee52c44fe5 |
| SHA256 | 17468c3dd997867b84b9bf4e5ab5ee493b41ece7032d5955488060ae9d71ee7a |
| SHA512 | d26fea37dd941b338bc227a1c1398ad3dc36cc12aa09c86aafe3ab565c3cf0b7b939333b4ffa2ed918b6ef4525016982c2898929af472295470faf3547602f7d |
memory/3800-3219-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\Downloads\RobloxPlayerInstaller.8pgUYN8n.exe.part
| MD5 | df391e6f03138fc43f1c2baf50c42cf3 |
| SHA1 | c726515f16a8f143a223b1f0f9e421bf5314d5bd |
| SHA256 | 8c995f34102ecddf8762017b02a100cada74b0a8aec869be8030b04ab33d7c48 |
| SHA512 | f172c0183b091df7be17c448eade77f23b54d8ede7db6eb356c5d80ea31810d1daa2463a8c6d8de08adb5c3bee84bb64255ce73d9682316f0132d9eba29a2c80 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | 84e67989f7ccd11c2b7db38f3d3443b8 |
| SHA1 | c3e821de715aa7508b3273de16c9156014d81922 |
| SHA256 | 5eac06573fb9289a5ad1dfa8b88d2d7b79f1bd89e61c53247f8cae50143e7a2c |
| SHA512 | d0ea7235f591f31edeb7183c91fb0bb1347a9386c170c43b21e2c5fd93b7040e73e1a1a9f3ef6f83d097b1af0f9e2a9938dd59ae47588940491da25248eb7d99 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | d6ec3ffe6c3b16f94d459947f56cab5f |
| SHA1 | f6a05ce1e412ac4273ad362ab9ff8c314bb80747 |
| SHA256 | 87eb356a07a15634ab05fd847c70f26fcd9ff745dc62afaa4404d6fc5206eaf9 |
| SHA512 | 9a3c46f18b8527bdc02e5a0a442b9bd08326e2f59e40e80e555f3193dac5e649526e27259f1dee7260b9b66642a0aefeac9d7854a2024451db398cb078ffa484 |
memory/3800-3269-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 31813873a4d255d30c541511b8b81910 |
| SHA1 | a64056cd0a0b4e6ee8e4043ea55760f4bc1f1e92 |
| SHA256 | fb8bf35bb69702b1aef95b12f937e5a542c31e0d932ce0402b4944c7a6968121 |
| SHA512 | b1f43d58aec86ed070a8e8ce2df8ef565a7d6b4d774d880a57b592872ce9dd9db4927825abb7f0e577b55fd99c6c18bd283bb877d55d62c6f8b966494e69bf9d |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\d711fadf1919a05ac8eccb48c397156c
| MD5 | d711fadf1919a05ac8eccb48c397156c |
| SHA1 | d316ed33dda1b7170d56e086e53d280854f301ec |
| SHA256 | b17555f65d11b29752665637a871d3cc2ad874076d2bee06a8dabd3520e34834 |
| SHA512 | dd5ec72eeb0e5fc28f122e46deb8a6c8464cbc2d8c74f545b27296b14c8b133fe009b38eace44e76af07a3db3fedbc6069b638348e550dffce84314674a01282 |
memory/3800-3329-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_fr.dll
| MD5 | 64c47a66830992f0bdfd05036a290498 |
| SHA1 | 88b1b8faa511ee9f4a0e944a0289db48a8680640 |
| SHA256 | a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961 |
| SHA512 | 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_gu.dll
| MD5 | f9646357cf6ce93d7ba9cfb3fa362928 |
| SHA1 | a072cc350ea8ea6d8a01af335691057132b04025 |
| SHA256 | 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150 |
| SHA512 | 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_id.dll
| MD5 | 03d4c35b188204f62fc1c46320e80802 |
| SHA1 | 07efb737c8b072f71b3892b807df8c895b20868c |
| SHA256 | 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95 |
| SHA512 | 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_hu.dll
| MD5 | f4976c580ba37fc9079693ebf5234fea |
| SHA1 | 7326d2aa8f6109084728323d44a7fb975fc1ed3f |
| SHA256 | b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791 |
| SHA512 | e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_hr.dll
| MD5 | 0b475965c311203bf3a592be2f5d5e00 |
| SHA1 | b5ff1957c0903a93737666dee0920b1043ddaf70 |
| SHA256 | 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0 |
| SHA512 | bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_hi.dll
| MD5 | 34cbaeb5ec7984362a3dabe5c14a08ec |
| SHA1 | d88ec7ac1997b7355e81226444ec4740b69670d7 |
| SHA256 | 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9 |
| SHA512 | 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_gl.dll
| MD5 | 84a1cea9a31be831155aa1e12518e446 |
| SHA1 | 670f4edd4dc8df97af8925f56241375757afb3da |
| SHA256 | e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57 |
| SHA512 | 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_gd.dll
| MD5 | c90f33303c5bd706776e90c12aefabee |
| SHA1 | 1965550fe34b68ea37a24c8708eef1a0d561fb11 |
| SHA256 | e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c |
| SHA512 | b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_ga.dll
| MD5 | 3b8a5301c4cf21b439953c97bd3c441c |
| SHA1 | 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a |
| SHA256 | abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0 |
| SHA512 | 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_fr-CA.dll
| MD5 | b534e068001e8729faf212ad3c0da16c |
| SHA1 | 999fa33c5ea856d305cc359c18ea8e994a83f7a9 |
| SHA256 | 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511 |
| SHA512 | e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_fil.dll
| MD5 | 7c66526dc65de144f3444556c3dba7b8 |
| SHA1 | 6721a1f45ac779e82eecc9a584bcf4bcee365940 |
| SHA256 | e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d |
| SHA512 | dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUC2C9.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 9d5f3cc4e8d0b4796db5a83f43d4b12d |
| SHA1 | d91e33f7cc1ec7078c70624c66ff08b67274aadc |
| SHA256 | ad831430db17921cbd30c725b3a62fa54f4b5dc556023b582ed8b3e1da198309 |
| SHA512 | 7b76220c9388cd8ff516a37e97397ec5ab91bc65645790067344858e7b8466433d1e62e7960a0f795afdb24bd831daa6b83aa8b4c95f8535604608b1bab95f11 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\storage\default\https+++www.roblox.com\ls\usage
| MD5 | d86997ca76ba3fff285a8051b845f186 |
| SHA1 | b39d8ac5df91f5b01ccf838a74962b37f3faa965 |
| SHA256 | d7ff87ecd68be187e0cf132ba492ddeffac0ddf101c079da0860f19748c4195e |
| SHA512 | 3fe398a10490b1e16625215ebbb01195d61e52de05e22292ae3edc292042f2a2b24d3b858c4c6e7ae92bc11ad0851603e607205cf095ae8ef7eba7322752d099 |
memory/3800-3554-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/5296-3556-0x0000000000330000-0x0000000000365000-memory.dmp
memory/5296-3557-0x0000000072E70000-0x0000000073080000-memory.dmp
memory/5220-3559-0x0000000072E70000-0x0000000073080000-memory.dmp
memory/5308-3560-0x0000000072E70000-0x0000000073080000-memory.dmp
memory/3800-3569-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/5308-3577-0x0000000072E70000-0x0000000073080000-memory.dmp
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | e3b46ca16843e516a074d2140515edbc |
| SHA1 | 8b499dfff051881927a96fca8af0fc3545fd7f41 |
| SHA256 | 6ff01c3da9de80e98e2d667250778957c8128c243b069d330a747ca26b8952b3 |
| SHA512 | 33f9f4eafd5c4895bb944e66b516969237451542245dcc92831dab15c37da0ba526a5f7ff4cef0f63bb1867ce7ec4749a2d0867562f6c41a789f383e514ea076 |
memory/3800-3605-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/5308-3614-0x0000000072E70000-0x0000000073080000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\125.0.2535.92\Installer\setup.exe
| MD5 | d42926508ba6626be0143a2aa5275ba9 |
| SHA1 | ca2b45426611211dcd47fe66c9255ab81b843943 |
| SHA256 | 9595008f51be8ca7c82618c84d30f0a7fdac9fe7433b806af504da0d38aef10a |
| SHA512 | 53aabfbf20389f4d28746c41109b5a194ed5d21521fa67042bd5a0fb38407e877bed5481a7502bec848a54d0fd4e33b09e3c6bc47a576f8e14a4458c64bc14e2 |
memory/3800-3633-0x0000000180000000-0x0000000180B19000-memory.dmp
memory/5296-3640-0x0000000072E70000-0x0000000073080000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\prefs-1.js
| MD5 | 840bc5e733d03a52b91a1febd362c316 |
| SHA1 | 3d8bf270bbaba3857da605edf5787104206116d6 |
| SHA256 | c7c795ab72133f52aca5799aba970d525a094bae71497c98696af6c34ec411da |
| SHA512 | 750516e85ee65e9ec005e4e95e31d3d175eaee21e2c810b7274ba343443637ff31097c50f96ccd6b5c45575c9dc7395e0e2af1918b8cabfefd061077a5f0dbdd |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
memory/3800-3723-0x0000000180000000-0x0000000180B19000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 2767c60a7340ae04ce663ca854d27e97 |
| SHA1 | e52d7fc57df942e9bb2575a1ebac8352b54c4e57 |
| SHA256 | 23399acd0c7219bf5bbee5235698ea1efecb2b7586b1321e2e60a90d99ebd85a |
| SHA512 | 7e647f4d847d5061e637e0d401f3e17417bf2a2eb747d62beaab2d6d188317f7460d90d2f125b588b48c2c9a9d6fe0b268e2592aab5faa3a65cc30fbf7c8ca23 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | ccf0621acb37bc1f893fd6e66106eb43 |
| SHA1 | 10b21390dfc981020565316dfcc39bb101bdd827 |
| SHA256 | 625616473fb367c08c8e55b963f72ef351c4b633d26bc1898e3f7145e198eded |
| SHA512 | 7c31067a160857c40687625e8c2781bd126059e9b70b5f92efb9c209344e5ee417b5b256a04f6a2657b84650f17205f91701b6c045e131234f10240652db0180 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\cache2\doomed\26067
| MD5 | c07739c71ddf2c365a1a5a80ecbab3fc |
| SHA1 | c715fd8ff8f43b18e952224c6a3186a97f28cf85 |
| SHA256 | e051115642486de58299481dce4828d1c32d7e9d52c834fc0233915c6f38a51e |
| SHA512 | a96bc938d0dc6c7600df4916e1c9f08069c5ff686b68ab0557078eea4b6588972bad3d105ace84555e6256c622b8e448784363e1f58161d1e3668005c0c3f0aa |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\sessionstore.jsonlz4
| MD5 | c204cbda8a994eb8a8be1b6e392e10be |
| SHA1 | cf3e922e6075358ebde5aaff5af8a693df67c6c1 |
| SHA256 | fd6350769240ebd36f337bca7993e4d84f0f60d5dc1feaca059e2c6ea3c45db1 |
| SHA512 | ff65e8eeeffa42931ecfdc4c6f3e1206e3920c517b0ffd8c06469b94718898a6c1717dddf5651516474efc143887d9673ed468fdad93776924331e3ee269708a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lk2b5bo.default-release\prefs-1.js
| MD5 | 5290d765c8487590b48f92124fc1f230 |
| SHA1 | 0ea6b1c73f3f241f95ea2ca3d355545e14f4c9f9 |
| SHA256 | 826ac05a9fe426194e18262a1364e8c7c7672fd2900533af35adb567923778d1 |
| SHA512 | 53e9e274252dab62d266a4e332a0ba1df9d52aa308fb2781660b140a028c85bc9a7e42ab99c39c38abe7cab79595a74990d2e3265ef8be060b3b284960963904 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.41\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe
| MD5 | a9ad77a4111f44c157a1a37bb29fd2b9 |
| SHA1 | f1348bcbc950532ac2b48b18acd91533f3ac0be2 |
| SHA256 | 200a59abdeb32cc4d2cec4079be205f18b5f45bae42acb7940151f9780569889 |
| SHA512 | 68f58a15ef5ba5d49d8476bee4a488e9a721f703a645ddd29148915d555ca2eb451635c3b762e5a0f786d69bb5cba9bffac3eeee196f1ec7ad669e2d729fe898 |