Analysis Overview
Threat Level: Likely malicious
The file https://browser.lol/ was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Enumerates physical storage devices
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious behavior: LoadsDriver
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 15:17
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 15:17
Reported
2024-06-11 15:21
Platform
win10v2004-20240426-en
Max time kernel
197s
Max time network
197s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4018855536-2201274732-320770143-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "237" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133625926946378004" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://browser.lol/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa4a9aab58,0x7ffa4a9aab68,0x7ffa4a9aab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1964 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2260 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4216 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4644 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3108 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2488 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4364 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5168 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5128 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4988 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5172 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3136 --field-trial-handle=2068,i,11691769757887665398,16277548000847999632,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffa37d946f8,0x7ffa37d94708,0x7ffa37d94718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,12179739401132972363,16043571378502765042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa37d946f8,0x7ffa37d94708,0x7ffa37d94718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc2b31a07h2d97h4731h9a4fh581ba0855ddc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffa37d946f8,0x7ffa37d94708,0x7ffa37d94718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,13863873616370344479,6378653058219401453,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,13863873616370344479,6378653058219401453,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2456 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3216 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3216 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,8510346424585182081,1315731730523428757,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa37d946f8,0x7ffa37d94708,0x7ffa37d94718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,4988404376017931161,13735070990890523098,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,4988404376017931161,13735070990890523098,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,4988404376017931161,13735070990890523098,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2784 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4988404376017931161,13735070990890523098,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4988404376017931161,13735070990890523098,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4988404376017931161,13735070990890523098,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4416 /prefetch:1
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa397c055 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.lol | udp |
| US | 104.26.15.196:443 | browser.lol | tcp |
| US | 104.26.15.196:443 | browser.lol | tcp |
| US | 8.8.8.8:53 | cdn.intergient.com | udp |
| US | 104.26.15.196:443 | browser.lol | udp |
| US | 8.8.8.8:53 | cdn.browser.lol | udp |
| DE | 18.66.122.79:443 | cdn.intergient.com | tcp |
| US | 172.67.74.70:443 | cdn.browser.lol | tcp |
| US | 172.67.74.70:443 | cdn.browser.lol | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 172.67.74.70:443 | cdn.browser.lol | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.intergi.com | udp |
| BE | 74.125.71.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| DE | 13.32.27.53:443 | cdn.intergi.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.122.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.206.125.74.in-addr.arpa | udp |
| US | 172.67.74.70:443 | cdn.browser.lol | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 157.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.27.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | config.playwire.com | udp |
| US | 8.8.8.8:53 | impression-inferences-edge-prod.playwire.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | z.moatads.com | udp |
| US | 8.8.8.8:53 | px.moatads.com | udp |
| DE | 18.66.102.94:443 | config.playwire.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| SE | 23.34.233.119:443 | px.moatads.com | tcp |
| DE | 18.245.46.126:443 | impression-inferences-edge-prod.playwire.com | tcp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.102.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.46.245.18.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | mb.moatads.com | udp |
| GB | 132.226.214.62:443 | mb.moatads.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.214.226.132.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.co.ck | udp |
| GB | 216.58.213.3:80 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 4.73.50.20.in-addr.arpa | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 216.58.213.3:80 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.co.ck | udp |
| GB | 216.58.201.110:443 | consent.google.co.ck | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | udp |
| GB | 216.58.213.3:443 | www.google.co.ck | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 59.242.123.52.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
Files
\??\pipe\crashpad_1972_GDEKJVGWQNJFLMQB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
| MD5 | 6a16cbefd2e29c459297b7ccc8d366ad |
| SHA1 | 40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe |
| SHA256 | 9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60 |
| SHA512 | 6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 725f43662642e9f7f2faffe11f32076b |
| SHA1 | 9d419d37ec93add25ab13a913c636bce0d60eb6e |
| SHA256 | 9db5eea2cec8e41c4dc745d4954e4af2051c900690e2d3aa4c21f4503d893c25 |
| SHA512 | 6ca9ad3cb3c14de89ce61d810d0102d21d0d7cf7c0f52a2985f0cadefb59820ba4ef2239d9cc5734bf76182ef09fa56e554328ff1de821387f56054cc083d8d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 613bc0cddd4049689e91675e9962de1f |
| SHA1 | d79e10dbe25dbbb20bd0f435e1c9ee1f1fd16e2e |
| SHA256 | e59ba6d05ebb861d6a40a1b4ffb43a3b4b32cc37329e422d3db4ec2bcb04510f |
| SHA512 | cb276f19c35d56316625fb4cf7b1951663ed07a27bd351f01bd6637dff9e6142c41a21b20dcbb00345743e05d6f9bcd2921160a29ed9ef10b733a0a6217b92e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b3f556e6ff1bc01d11ec5af88ed86f93 |
| SHA1 | 0f0ce65131d15022b0ec9c27f291e940d4b02930 |
| SHA256 | 0ee5a10c20ed651bab0ab0a98b3d32272625a4ec739ecc63ecea3f51084d5b64 |
| SHA512 | 9dc643ce69b709dfd8ca8ca7e5f08d66a6f85df155b04cee56a52e41cc53121e35c2f804e9e81b649cf100ed62fbcd84db4d95d921641b8e6ca54c09adffd079 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cc2eb37aa0fb294a3c720f12cb6f7cc6 |
| SHA1 | f6632307552dafaae71e77cd0cbb082d25039d04 |
| SHA256 | 327c6a03b522a1df1c274d5cabcc91af306dbe77d76cc10a44f8f6360927abab |
| SHA512 | 10d131ce398ccf2435d39c72f684ca51d0dd6f08dc3fe277b19f0839d27c5373f45919ea5e519e5ab30bf4a0ac34a7a036dbbd7f0c91f8bf2d0e41e106abff54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4c2ff9348f5516cd78092e07a8b6006a |
| SHA1 | b4223c6bb911ccff8a825fc0db3ef94c97e6ad8b |
| SHA256 | 5ed090480d1856ed78edc31443805e289f36a51351d6ca6111a86eef5e6a6dd9 |
| SHA512 | 138261906b158c75cecec19123d8d42c3430db8730e24013166d3f6f5f43af7df0ea0b84dbd02b5ccdc156d3ce85b56a6ac2c6a998ab0edf0f4a5eabb0e7469c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9172ab7ebb2caf389db256946d3797cd |
| SHA1 | 2a7a81eea40b3ae43cdc3a57868b57ae211c336d |
| SHA256 | 32817c3bdc372c919a6f9aa4849d8295c4d5f0f3f29807c99f949e2b08b2c433 |
| SHA512 | 6a245f6c1d6909c682cf0ca3db174481a3df3c2b1ca03ace4ecd03652e95104f91154aa042dbacfe9b6587d058e14e5a865d447727509b42ddd619793d62a26a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3e1b3a35d51f2903cf3079ce6421a47a |
| SHA1 | 1584df0d96b5b9f4a4634ceb5b253b919af118a0 |
| SHA256 | 49ed2884f8796d835e5fb261168f5740872d5d32ddf7ed1d69e233479f074b88 |
| SHA512 | d2178c5ca759d13fac1167c040ab285be6c36058c3f02354ebe82c22aa660b5a5bfd5c7d585b4d779ac31fdcab00a1ed51852f88b3a20b5dc147a0b4771d8280 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf3a19de1900f5c53496392c9e0b3282 |
| SHA1 | cdf40563cfdec023139aa564b5e52809faafca33 |
| SHA256 | 29e5c53d88c9f1e7f127e0d70ca14bc3680a530be4417215ae739e18e5276c98 |
| SHA512 | 08a954dbb9b9d6916a8d3cc39424727cc780244c96a7c573986fd180bb4d07c6facb1b5537554d846ccca10c3a85bff0268652c788209420bbf69141a75ecfa8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0ed79e4fff215ce1d315e4e92f87a159 |
| SHA1 | af1da2647ef8aa51bc7056b50a9c923f2a7a0b31 |
| SHA256 | 29138f58562673154e9ae34dbd7a1de5ad430a8bc5f4d868bbaf2f5170dbb3bd |
| SHA512 | fe08e4c0fc6bb43b569d157b18bc12114bace5fcb8f11b9a974ad8057a01e9f4ed65105e5aa78178a228effdf43185f7d180b2c3d388302980d035ff5d1c6e6e |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aea1eaf877cf223852994ae079c6e368 |
| SHA1 | f4398e21d555ae18245957b93ae965e76c00c330 |
| SHA256 | 7dc5f1450b8bf89740cd9cc3ab972fbf72d1adf1048bb8aeb96635adecb6ad9a |
| SHA512 | 2e6790f9574c412696cbddcacdebffe287d6098f5c556957db507f61b3b5ec741b6418e6afa52a260a57c6dd1adf56be69cb547d4afe1fee5e13500022c790ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6c1dbe5a20c36023fef74d43223308ca |
| SHA1 | 503fcecdc3f84ddbbfc223ad75fd90877e4ccbf1 |
| SHA256 | f56c61ce0c0d30b3059e27d51967c0698029ad7a363c594ae4d7819e70140c7b |
| SHA512 | 5bb08f96f0c9f41a192e036494ca93d5195fec63737da670356fef313a05429f771df217019b5ba616da60898d6b59a4e7e94f22a5c274d174aaa7e7080a88e1 |
C:\note.txt
| MD5 | afa6955439b8d516721231029fb9ca1b |
| SHA1 | 087a043cc123c0c0df2ffadcf8e71e3ac86bbae9 |
| SHA256 | 8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270 |
| SHA512 | 5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1db4dd3e5db5c4f79f5ab142ab1e95a3 |
| SHA1 | b4fec58535788ef523884fbe9f71461070973a98 |
| SHA256 | 38dcd65c74ed25d997b475d62b3bd890e7653f97a1c28ccacab90f1ea38f7a29 |
| SHA512 | 769812e58a7ef2dd9c1da17a3e572b10134427f2711db301d7ad941769ee421579d5d99c2cc8117f9c0d830357affe23f1cd9735515eb0b249f20f562fdb75f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | bc92600a9d99b72c145b26d9fe5c1274 |
| SHA1 | 6d7ad3c3aa7e4cdaa063ae7ae72524d955865dce |
| SHA256 | 477eb9dcb407b4d810e8cf2f18a1401a4f58c36c8fa001c957e294148a9398f8 |
| SHA512 | 37d38aedbf796343274ebe83d31168a257ccf53d7f3656fe42209071edcf51be979057a2109922f71e516dc02554018913eb8f94cb0ae5b941ced2fbbdd30320 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58fd37.TMP
| MD5 | 2239b1ec9d0ae133ca483ac54d28b5ec |
| SHA1 | 90bfd6101ec4b0d654c42c00a211e275d669e410 |
| SHA256 | 887abc024cb6b7d55921ee11e7e4e9a245b6dd1755453ce77caf8c99f5b050a9 |
| SHA512 | 4afdfe3fc6e2d84d3117e5bffe26ad95e0053792de2e56741cdf9b96a4f1a42d630d176dda7797275a46fefa498339ba24e5bfd7322c3e2f5c3e98141c58ff1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 265521b77440fb197d2edb27fa24e493 |
| SHA1 | 22b68e39274275abf4f579a21f275ebc7387aa97 |
| SHA256 | 47bf40030b4f81dae52c0b1493303c227250377ead3189093396f12b5e74466b |
| SHA512 | a49e4ac1b9078eac80c82955b25f416ee070db456f2e09a14bb9a8a46dae10fdc42ae6f97f518a65a929d7b1a4b095566695b8557736a6e2056daf474dd7adda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ea98e583ad99df195d29aa066204ab56 |
| SHA1 | f89398664af0179641aa0138b337097b617cb2db |
| SHA256 | a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6 |
| SHA512 | e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4f7152bc5a1a715ef481e37d1c791959 |
| SHA1 | c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7 |
| SHA256 | 704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc |
| SHA512 | 2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e2fb108430ef4ea63696d3d97bd8cad0 |
| SHA1 | 754c1eb04af4117922805218d6c4f1452c7f54fe |
| SHA256 | 758cfd14be88c94b397951ad49d3909204b81b4019bed00084066ead87fc1295 |
| SHA512 | 38341a0c551c1e98967e3f4f8595a0451245f309aad18ca0275c514ee1fddf67b866580429024b4df61ab31ff3752469ef537a843c5ca0e11a1b048c9b57fc83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | f0c27286e196d0cb18681b58dfda5b37 |
| SHA1 | 9539ba7e5e8f9cc453327ca251fe59be35edc20b |
| SHA256 | 7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127 |
| SHA512 | 336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e50f49d3d68c6a7b96fa56166051bc9c |
| SHA1 | 7826ea1bdb4a46a7b9464b8c3af6a0e2169faaa1 |
| SHA256 | c9001539b57babddb6d55c84cbbcf538557336eefe3ef90c5d9e823a35c08e56 |
| SHA512 | 91dd039b4a893658deed7985e53638b35b30828d7c2eb8e544abee48c2a8c443d038547092720da93286a3c8718d92ec66d1570d9659e93503e12693cee7f78f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4c0e468aef48ae229703cc5089a79ba6 |
| SHA1 | cb33e6ea9124b947813411f5d3d4377a445e24a1 |
| SHA256 | ed2e53314f3bf47330f64565a7f15aa51a5f0c6010d154382890a00b379c0404 |
| SHA512 | 4efce89518be9d2e1023cf4710da85bb9fee92e7fbe4bcaa55f14a4819670da63f3e2895e3aaa4ec93c41ce3c8fdbfc6365dc9d2cb8b134bc28e46c6d43eb9c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9930108bcbc0a7eea07aa442507a9a76 |
| SHA1 | ffce8ab64ad09d0e075ceb5d5bf366e3aa4928fb |
| SHA256 | 1b783c30557697b2949fdc6b6462a19ea6580da191a6e8620500852430bb5978 |
| SHA512 | b05f2c4d4178d8799b97d245fdc5a86346ead737a40deb2fb85dcc6a4c8b79adf3c4d3fc5bef1d711c55926548ffe145dd4d739d2ecf495d9c47c49fa3fc8b09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4b6a5160abc45b47023a5fa8dd4feda9 |
| SHA1 | d874eeb82cface81ab31ed0e50cf9c9521055b2f |
| SHA256 | d68bc746591973f28a100a112d5fc65feb7268e926f6d17a2be6eea88725ffac |
| SHA512 | f4dcb15f7fa6df5397a1dcf244465a108aa396172cfa95b3cff57c1a910bb87eebf1276ba47e72243ff6883ea83da2ac450efda0867279b602d8928ed783613d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 91ff4c30cd81451025eb3c80fe055173 |
| SHA1 | 03bb0e61b0886f7c7a0206a638b1c05976c6808f |
| SHA256 | fab683bd7ea87b74706053ac68b873cf599f605e9f6f9b022329cc53fefc712c |
| SHA512 | 7422dc39cc1dbd1fe8f014e10e2b126dd7e68c3f9849690b4c6c229b96c3a1c3b224e0c5b0c63b8e0ece9f7bf930b08f48041dc91350dee4408ed2fe968c32df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 394632a93ff552b7a30d806419dff14c |
| SHA1 | 6ff6c40c1d4452bb2bb11594daad57c0ab795ce1 |
| SHA256 | cbe8faeb845a24532009f72a011643e9878fa043ecb53d3fc8744762f80087ef |
| SHA512 | 4f8a521f9b8045d4789c4a415a83292350cc0b82d8f21ee6975c90a90969a9590b9a1decd032e31538a7785c6a4367b77231fcea40857152fd35527f54f6f570 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8b38a40e2790f7fd22948d82b40ecd3d |
| SHA1 | 099e488bf9f85fc07603d46bfe1b0923ff9c2166 |
| SHA256 | e6b50263d6a8d6c7214f8b8435f347ce7ad0379ba2c73a835673d07e485b6fa2 |
| SHA512 | 211d94ee2f63c5f26a7bfaacf620599bc1551efd048ebe22b1f0c457649d166bd50a9326a2bf161704eba057debd2a5b01e216f58a4ba770833532228013699d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8287f3138f3b12243cd985468d5e9c9e |
| SHA1 | cdc96bb898078531a724673a4ecc3e46f7ad82ca |
| SHA256 | 0678ace14c39e8b2562ebafae1710644308a961c757c7862114fbb2bfb39383e |
| SHA512 | 5c570d5ea9473e0f2ca2909473b60df0a6433d56c7aa143cff6879fe86143fddf03ff74c3ab997c32ae6872563f11440dec8f7cf55d5122e031dce64188fd0db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 463b3d3a5f9fd62e51a54f9550e2803a |
| SHA1 | b6d83034236dd387bc8304423c235cae07e51a5e |
| SHA256 | 5b31ee327ff362a7566d87cee0c367b8e6518e35a365f365f91af49080b359fb |
| SHA512 | 560da898be1ccc8c78c243b846fc82b1f3e10e6b301f056c5a80effd29ae2d5c52309195fbd544f74adf00ec6e4c9bb7b92894a1c812a8a152e2bf0a6845787b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | d4f2803ec830cef019b1551860f427c6 |
| SHA1 | 0bcf5ff57c92d4a669756d85325beb23187845bd |
| SHA256 | 46831ea8ff81421a7376c69eee0746331d0d86d6b103a8bc9e550218b85ba669 |
| SHA512 | 8f20d75679fafb21a4ba8ad25cffeac2242d5194aa35c809745f3d3965d268ade3f359513d32e30ab9249fef6dad919d5166982d5d44d90f988f6e53e7e1325f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 846c497fa91af12d9b6d5605f74400b4 |
| SHA1 | 10b2cb640118199304a7a44d44560ee4e5676cd2 |
| SHA256 | 50b71731e1307e9e9d08fb61ea0b67a760ec949e9156341f364e3ff68094fed5 |
| SHA512 | 0770acc1149d2aaad8444ea8cf2333190e2faf8725cd816259911130542c2e3b6f5c78571e0ca5897d2435f655f782a47d22bb06fe02ab4989024db3249e582f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362592830209251
| MD5 | e39d88feffa8476bca479e9ae6669320 |
| SHA1 | 9a30997bf9503517968f37f1a744b10a21d19bfd |
| SHA256 | c02557b4a3ff2318a26b109818e799d50833ed2689d2da9ca4062fe5fc4687be |
| SHA512 | 763c9a15afc54223e64f7709f99ee8fe6ab3c2da18eb0a4d3dcc9bd202c0484b1093f086c419a66e9a854a498aeade58fffebcfecba2d308a307b80ecd927b5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | dfc39cc17c2de474c028e4a5675fa749 |
| SHA1 | f433750cfc6d33bb239d126677e895e25e18b2cd |
| SHA256 | 753555b484c2ed9c5280a1d451a4fb8926acbaa544b329ac92acf51413899af4 |
| SHA512 | f13bee7ab17e35b297dc1380599b9833c62d52ea0e45704ff6688707a27d53a0cb34facfe4677c37cff91812b54151ef546bee5955c181febc9048c82f5ad52f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 8d60353b15751a280f0179d2560065a0 |
| SHA1 | 7efa85d06ff70c896c86a38c720777b4d1fbef92 |
| SHA256 | cf82a688241799441cadd06595d6f58c724c77fbfcc7d4189cd4cef9e324b31c |
| SHA512 | 65efe8a15931d4ca548c68c53ee729b2b655fdaa0d6273a5ec585c3e89c00ef9000f372f8256b580b332cc246fa43bd5041313e7b62948ec13ba4eef2394e45d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 1ac52375827e6c3c4be7779b25857284 |
| SHA1 | 9ec8db6e2484e2c53d3e6c251624f9ed9657757e |
| SHA256 | 40a048aba6b1a7ea5339f7f50f15814a14187ac34edc6421e39731ae2b0c904e |
| SHA512 | 266ef93eab0ef252ce066da751104b3a030c3b183a369f0ab899a9f24da9af63d42576b625e8577923e356a29df17ce331ded07ec21519da3c01a834315ec298 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a110c551b09a6093d0700e4faad46fcf |
| SHA1 | c6c8bb93945dee02b8cbb57cd69b430cfb41289b |
| SHA256 | 9e6713ce7eb9fd0dd8abf440e7b8a3c1ace63fc74630faa32554520391a89aa9 |
| SHA512 | 0b7a75399edaaf9d34a313a82d5c1bbbdc66b6849a9a3ea276803e9beaa0c4a375096d9336db516eaa77af370c61c95753ba04ed3ed8e280cce5eeae9ecd7559 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | d9a42f7a246f213bcaa4933dd05e03ae |
| SHA1 | 837e5b62dc259464c29711cf684ed3a9c277eeed |
| SHA256 | 9acc2b5a7f64437f75d2277bb6eed09c7701196129c7c1c2b855024ca8f285fb |
| SHA512 | b4d360d3c570fe3be70513c385d46a97c113220fd9baa44df00c518f82646c674f4c7963eff63b86c409001b0d16e1d9b1c4a3ffcdc4ee57c25f5adcd750f3bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\08ed47b6-8cee-4b41-b735-b5bc1f95c68f.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | ed9e622a2fd31dc272d7049e85a14f4f |
| SHA1 | 6671205001e0a9a48586820677b6001cebea8eac |
| SHA256 | cee7a61c40c9ccf10e271e596e5754399f5acdb7c71af4a1897d42a27e74852a |
| SHA512 | 89b8d884bb5d9c58a491bf36459524a96c5927a2e0b4dc30b12302cd0e598c9e4bda9db0e13a11889d63ba6b060e6906e1f9ce7fc6b6af61c022dba7652479e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 85f0ff12311b91273dc6ac92e78999e8 |
| SHA1 | c4f4fb7a4ecadba41696d759d5b6bfa36f600ccb |
| SHA256 | d4b7fc3e56cd095eecf84788415dfd588755a27992dc1d9d90842a158ae358f4 |
| SHA512 | b6704933fbe71b030b57830f07b2a224231d301f727f6553ef7e475fc11f74d1ef92cc433ea38d5281467dfd9bbf70c831991128f197ea5e51be52823fd61540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 9cbaf6db25d3319f4d64cf84d7c0dfec |
| SHA1 | b4e9e05acb08d04594ef4f2bc9163e39f6c193b2 |
| SHA256 | 453be421e16fbfe5c1753f595bf535f7828d0beac6c645aa352007ce044e31b1 |
| SHA512 | 5b4cddd723725bfbd94637343123e6f23c02f696b435f7fe0a63010b6c5b1e11c2073a00a7ddcacb1311233bdeb4d231690d328df8b5c79196a6fc282ff94b1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 90f5281a5670d2f965e7257b32b8fd2f |
| SHA1 | 37d6dd20cadbf37259391179972db88f41cecf8d |
| SHA256 | 2ba3ac3ccebff08aa8bc96f2ed9084f11da8810b6f97f9333c2d81b77e8468a9 |
| SHA512 | 3254915ec75a5479a42f013a7842fd0859893d0d93b2941272eecd85375836343c1e3c640c1c1cd5e56f653e01e624280f12965d55e845fb9627f451dea83b4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | 9e6d10ef744b3ef386ac86ede17060f8 |
| SHA1 | 7327c8e542da78d67f156151cb73eb541cd61499 |
| SHA256 | 558888c2575d9bd5d5b4e054bc889aed0dc2edae178622df37ad1a1b5b75c3b4 |
| SHA512 | 3550c5d7a797090fcd832b83e1575f9cd1665a2847d3df0b42b78c88b509ae2c90bef10a626dec319a6aca777d4cc41a1041e8b8dbc4bdeb4910a0f709c95678 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0df10157cbc2df791276b16093a71673 |
| SHA1 | ef1d7fe67e849eab353aecb964c7c4bbfbb6ba4a |
| SHA256 | e3c4bd7461c10fd0c6db47b9776171bc753889f0e6fb092318613e9e7385b44a |
| SHA512 | 9b2a3d60cfda24fb7d41a6020053d6f66b234ee98edbd7bdce5b4944fc143b32da4c484393c580742401807dcae8c8839c59f3c4de256fa10883884298027b15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 644fafb35db62611265a8a98e34a59b1 |
| SHA1 | c80daab54cbf7a724bd8f1accf69c6a6d9faa430 |
| SHA256 | 58559aede8282b306fd502a49982764b4a978fba5edb53e89db4e7b45cac3790 |
| SHA512 | 3210d4668a5e09305d987a842eb9856b51826de61ba41983deb213561a71090d04ef92553a8742a45bb45fd4da8e7da26886a8deac3e0f595d0d963d8334d3a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 3c918f818260a3d33d5dda95f6c154aa |
| SHA1 | e4807ed5b6f2d94a956c4ca67c4038aee1a19a94 |
| SHA256 | a4a1a453c4b0adb69203c324e7a23349f3df6d4eecdcfd7ac24e871521c90e37 |
| SHA512 | f9862c1ca2952b992e5fa161b78c0a1c7327128d37e26647087ed4ea51cf3a4c90eea7da31d12d5cb39cc9e1c473fe1bf29a0e77b8b1276d6c0b2e16d84bdbb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | dd1867b2dcc692712acce922fc6d5b70 |
| SHA1 | 118a6db4b06b0a60b07aaf19f8efc7b76dcf9991 |
| SHA256 | df69f06f6c3e4e631535f21a0e11e97750f78dc4bbfbf878121cfe1ca2380685 |
| SHA512 | a2b5aa9c0d1df8dae55730644631694ae89fe35e69b757e34f3e0a8a19aa0f53936a6329c31917c415a5955a7793e8c72488bc1e706e3c1f192b5961acff7255 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | d96cfaaaf17a6bcf00d22c1646dd0faa |
| SHA1 | b234df7fa67134ac8a1757b635d8c21586c67e20 |
| SHA256 | f4958d10d6db6e3bea07f4f3937e4adf038fb8b75b3783de1eb5b7dcd0146d4f |
| SHA512 | 47fdc0e393e267b35dcb68633f055a9c7f2e7a50f5e8b345a2f863aff2cb24f7db3d4be508b2ac4c30fc688a91e5584665afb9a9d30ed820ddf145ffb3233f3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | a62d3a19ae8455b16223d3ead5300936 |
| SHA1 | c0c3083c7f5f7a6b41f440244a8226f96b300343 |
| SHA256 | c72428d5b415719c73b6a102e60aaa6ad94bdc9273ca9950e637a91b3106514e |
| SHA512 | f3fc16fc45c8559c34ceba61739edd3facbbf25d114fecc57f61ec31072b233245fabae042cf6276e61c76e938e0826a0a17ae95710cfb21c2da13e18edbf99f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3442a6d546a09cc6e6131b943bcbe9cc |
| SHA1 | 020cab711b8b58acf06fa3b088b035a73024fbee |
| SHA256 | ade58352025166f559ab07ab5a911f0cb64168150f6732b0c10a066647c661bf |
| SHA512 | 2fb764d4d09373ee2b73fbb519fffedf958f411e9f01d20cbbd3f2a2dd5dda7c991307ee75b25f5956d71d14e136c509e7010539e022e5772df1ae90d5172d4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c8e6d531-cb70-4c08-9a49-f17fb24f9dce.tmp
| MD5 | f86f5e57a28d2243fbeef7db39f26fa2 |
| SHA1 | 94dd5e382c57a19547beec6b9e6cc9d46b1d72fc |
| SHA256 | 6162ebc234eade60a2e0b9ee9a049cb8ae5c7118fd15e5ad80f9f0a9cbaca2be |
| SHA512 | eb5abdb464a33617601f1308fc8491cb41a617621a1c3343f69f3201a43ab13b258aa60cd4c6be113878ae532b22c2377f28375be6280968d4bdc0ce33f708e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 436e35d5318b766004c992ec0f73ee94 |
| SHA1 | 177041949a82611efd966e4d732c1131a1c352b1 |
| SHA256 | 23cbfcfabb91b8edfa96b364e3c4389655e4c3b993a4e286e92a3c2c2ffd0b5e |
| SHA512 | 8bc126d79c235868ef6cea7c899d6961dd4b8cccfc8b6f1a8fb30ce5b11f5e8e097d29e8ed7fe1ec64c606430ced56749bc8cb8fa8d60254de4a781a1efd7b1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2ae91db0f08130a7a5c3eee8ed55ca21 |
| SHA1 | 33675bf0031203a02ea7712064596281967ebe12 |
| SHA256 | 4dc57b7dea2695e9c4bb207ff055cfe76e7d9b587f389e44305980b9b43b144d |
| SHA512 | 80b4b18823f17d8b6e5d12e50e6f24d6ca1687d91dbc23458a64c0b7e12b09e7353e3748078179436ad306c934a64ceb029ae376dec055b1e261f575047ef18a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 477fa3ec042a57a524ad8478e0dc3142 |
| SHA1 | 82a58a47e7ec458d8e94a81a7e03ef76e0b09eee |
| SHA256 | c4299fe1be14c33553ab1d71cfaacbd2da9f2db375e16555163f36e516db65e1 |
| SHA512 | 8720d60c5557036d46cc06000e42f3c2ccb0a42c5658833593bc8b72998b18300a88299084ba78a289ce4a15116c6a6dad0f77e1a147deb63cc1a688209ce4be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4e5f07e8113c4b56efac5fbfaedbab9d |
| SHA1 | 0b9f8a671f34f9fc69a81a55c64c6d3693e4ae95 |
| SHA256 | 1b5658fe3b68523dd2655624fc94929a285db80256258d6200477b7de3af9a5a |
| SHA512 | 0ad675157b3f866fe40ca00b2c36c5633b917fca5f3e60061a6a0ef6f7ca817d940ed8bf9b1a20b35a70a3a3473c7382a973ea3445e8ac37c1368dc3541e2a93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 568b2171387dfb48927a5a58fb4646a1 |
| SHA1 | 918e2454889c3920f65e8aa45e7bb6a4aae04b6c |
| SHA256 | 3a8fc02a2fa902a98ccbaa30265bd02ba8b411edc65b23809eb1258908e5cd72 |
| SHA512 | 34b1653d5c795815dbf2dc4bfe359cbf844a2ace5b9c266665e07397a55851b8f7937c8d3ee6186168ff4a200d4626b393ca1118c2782f6c2d3ab519a3f3adaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 13dc5c3bfd46c36f79f08d9adc6c9f12 |
| SHA1 | 6385bc9180434a21ca2b2e0780bac418e74c7ee7 |
| SHA256 | 5396dac7738eb5e48ba5082c20d683c4c3ba1fc50ca4aa1501b06ac2f9f9fbde |
| SHA512 | be368ed193dc865e95131c7f73d46be646a51571fad4f48811ec1b1a470a99040dfd856568804fd036311fea1acaebce864d728d015ecbdac88b66efe22688e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1f4d4ef70161277f9ab9c65a56f0971e |
| SHA1 | a753e9cf369efe74c94b30642eb53812e7a14c1f |
| SHA256 | 854a658ff0e92f4b6befe30025041fc977ab6b1a8f03087cd4cb0e314f6a962d |
| SHA512 | f51eaad52e3ccd1c8291f7912c4402fbb685fd8617e209785a4440fe1dfb457e5a943044643e7ed739d86a483f49e0f2cc1ba0a3c535634d151fd8e69faab6b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7b2fc414239970d9c279abff1382e641 |
| SHA1 | dbb130b36ce409be034b9b783934ba449747db4f |
| SHA256 | 3811d59fb1bfd75e633212d24796ac580f2ef863b6310485ca59857eb01c85d5 |
| SHA512 | 01b4a5273cf517f27d5c1f348d18e3c682ca647e049cf479f37649c4b80772b32863a7615f1fbd716706f8188fb2eda8626d767c6d2b8e177c945ef9e2b423ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 71d968645d912628330bee6f977370eb |
| SHA1 | 8ddd5e781a1e6a8c95fa3559e8aaa282270ca85a |
| SHA256 | ad07129b4b39b2f664c84853dba16ef95dce8f46102eaa6cdcecd1efd1119757 |
| SHA512 | cbd6bd7f4498b8b109e5fbf0201d20aeb726f97e3f747414e0a2d1946909da73754404896eecaeb886871a65fbd95b49e6b6e0553e5bb2145783977c7ef8fa74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4b0a62cab4f9ee2ac52d4b52495c2e8 |
| SHA1 | 56ba6a84ceeadcc01f7e2132ef993f9a47229ae7 |
| SHA256 | f5896d710d27a8d9192714a818403d035ac2fe7b9712e439dd3ad34fdc82110e |
| SHA512 | 411a8222715b4170944d1803b42d7866050a709240f977c5614d60db3f260c1356eb5fc0b84c96a9559fa11900d3c391497d8fd0342742359431e4f8503e8e04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0c2f08929ebe9fb8d2ed720567946009 |
| SHA1 | 18723b7dd3958ff6f16d56ab2284e61fa5b670ca |
| SHA256 | a0a9152718c3d8eed1d2aad4f5c471fcbd713aa591abc5c47cc1913749de6354 |
| SHA512 | 42c42428c31783c49f63586c16fc5e69eb19194730ba90442dca650e03587cff63f51b77bd19a35278d2a3911007794a88c9702d5e988c0065a39419a46c45ed |