Malware Analysis Report

2025-01-19 07:47

Sample ID 240611-y29q8azfph
Target https://m.facebook.com/events/816110640538171/
Tags
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

Threat Level: Likely benign

The file https://m.facebook.com/events/816110640538171/ was found to be: Likely benign.

Malicious Activity Summary


Drops file in Windows directory

Suspicious behavior: EnumeratesProcesses

Checks CPU information

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Suspicious behavior: MapViewOfSection

Checks memory information

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Modifies registry class

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-11 20:18

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 20:18

Reported

2024-06-11 20:48

Platform

win7-20240419-en

Max time kernel

1559s

Max time network

1559s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" https://m.facebook.com/events/816110640538171/

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{BEE826D1-282F-11EF-BB79-CEAF39A3A1A9} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424298990" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d1000000000200000000001066000000010000200000003799b42021bc1a8669a2da5ca4500afc68b56f53046a9c54e79027a584824852000000000e8000000002000020000000c9d2e820dddf2252a2456246cae1ca98a2e618d626a36d8aecf874beb324bac090000000658cf97eb87103f6d8806b31743900a180a26d23f40944c4bfc4dfb1b78106981d91557038907b0c6dda5df752821c4da071222a1f01e30e8ff5eb30b14015af13d9fffc66ea5222dfde9f40fe1e482a6f983489fc944dd564b5025d8014145f8e7e3f145cf0eaf81c53fa6dbcb3227dc7b04209a1a3f1dc8736babc692df63df33725e5d2aafea653b078a9380b2f6c400000006cb92f882e6357152704d9ed10f4750192c23b07c72fd866e18834cf6f9057512a5c9df5ec49feeceb960165cf7c57e0a7f95959cc5889ee206ba513f39d260c C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d7c7e73b934388418857a0db8be9c1d10000000002000000000010660000000100002000000060cfaf0b80e91b34b9c1a2c83d738e6d063b9de45a3b3176b726bd2057b7e28f000000000e8000000002000020000000df145bd2f668a1372f1fe0efa95313a2ed46a0654f4bc503f6bdb8ec9594029420000000a5f81e6bfac73551714ed972f4aa08dc173c837e22c6656eaa8f6efb796d5f95400000008f83ac71527f66866a3c20fb01876839b154928fbfa2ed4043d4b8cb689e7f88bbb09b6fb1773ac3c1cb9e74e2b27f17eeec9378e302fab15b462e5665be71cd C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 102399a43cbcda01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-481678230-3773327859-3495911762-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" https://m.facebook.com/events/816110640538171/

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 m.facebook.com udp
US 8.8.8.8:53 m.facebook.com udp
US 8.8.8.8:53 m.facebook.com udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-11 20:18

Reported

2024-06-11 20:31

Platform

win11-20240426-en

Max time kernel

774s

Max time network

776s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://m.facebook.com/events/816110640538171/

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3568 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 8 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 2548 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 1512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 1512 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3568 wrote to memory of 4152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://m.facebook.com/events/816110640538171/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc50583cb8,0x7ffc50583cc8,0x7ffc50583cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2524 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5440 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4808 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5112 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2395153949229903905,649689586783458611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.151.35:443 m.facebook.com tcp
GB 163.70.151.35:443 m.facebook.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 video.xx.fbcdn.net udp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent-lhr6-2.xx.fbcdn.net tcp
US 8.8.8.8:53 scontent-lhr8-1.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent-lhr8-2.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
GB 157.240.221.16:443 scontent-lhr8-1.xx.fbcdn.net tcp
N/A 224.0.0.251:5353 udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 163.70.151.33:443 l.facebook.com tcp
GB 163.70.151.33:443 l.facebook.com tcp
US 172.67.178.171:443 techplaneter.com tcp
US 172.67.178.171:443 techplaneter.com tcp
US 151.101.130.217:443 browser.sentry-cdn.com tcp
US 8.8.8.8:53 o425163.ingest.sentry.io udp
CZ 65.9.94.17:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.17:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.17:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.17:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.17:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.17:443 d2lmlpk6xgu7kg.cloudfront.net tcp
CZ 65.9.94.103:443 d26h1wdc757l2w.cloudfront.net tcp
GB 142.250.179.234:443 ajax.googleapis.com tcp
US 34.120.195.249:443 o425163.ingest.sentry.io tcp
US 34.120.195.249:443 o425163.ingest.sentry.io tcp
US 34.120.195.249:443 o425163.ingest.sentry.io tcp
US 34.120.195.249:443 o425163.ingest.sentry.io tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 103.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 13.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com tcp
CZ 65.9.94.188:443 ds1p17x7ism5r.cloudfront.net tcp
CZ 65.9.94.188:443 ds1p17x7ism5r.cloudfront.net tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 157.240.221.35:443 www.facebook.com tcp
CZ 65.9.94.88:443 d1ydwcc58seja0.cloudfront.net tcp
CZ 65.9.94.161:443 d2lmlpk6xgu7kg.cloudfront.net tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 704d4cabea796e63d81497ab24b05379
SHA1 b4d01216a6985559bd4b6d193ed1ec0f93b15ff8
SHA256 3db2f8ac0fb3889fcf383209199e35ac8380cf1b78714fc5900df247ba324d26
SHA512 0f4803b7b7396a29d43d40f971701fd1af12d82f559dcfd25e0ca9cc8868a182acba7b28987142c1f003efd7dd22e474ac4c8f01fe73725b3618a7bf3e77801d

\??\pipe\LOCAL\crashpad_3568_TYTXLPJLWPPRDKTJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 de47c3995ae35661b0c60c1f1d30f0ab
SHA1 6634569b803dc681dc068de3a3794053fa68c0ca
SHA256 4d063bb78bd4fa86cee3d393dd31a08cab05e3539d31ca9f0a294df754cd00c7
SHA512 852a9580564fd4c53a9982ddf36a5679dbdce55d445b979001b4d97d60a9a688e532821403322c88acc42f6b7fa9cc5e964a79cbe142a96cbe0f5612fe1d61cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 53f954b160acd3279bda1811d3065640
SHA1 3423ce5539647356921fbde24a5ff0742da3e754
SHA256 5d1e2cf894688e42057a0e5b97bc1899d0b7cd0370f936a2a862ed8999b2f477
SHA512 07110ede1f27f535b32eff6e7d5346bc8c9cd2b1b10e1966469c4f1d2ef861ed1042963c117108bdb086bf1e0c6a1fc0c2c20d53569ccb7cbdcaffc71d65b568

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RFe5761b7.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 975dc6061034c705bbc77812099efd19
SHA1 d6fa75cd19940c0e200d715b7c4363b378e6c007
SHA256 293673b60cfbc1dff1f917554eb2d777c1f11a7b257a3e542ade53df24856d06
SHA512 b0f53799db17dc0a896fa043acd690f7dcede26600493e586c2fdb2cd2400ea2d7d9274c5bf5fb2e0adfb5ec9d2203fffc0042e9a6fdf7c27108b8faf7d40abe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b0878d366ca6fdd7aed24f45e7493a29
SHA1 6eabe4417b591bfa46f007403853d5ed909eec4f
SHA256 80ebb373e928391de6259b44553dc95853fc288c84444bc9ffe8d024e2c72cc7
SHA512 6430afa959ca39635d096568ccfac22f12d0d07e112a33853cb39b647a4031c9565a2bb470c684de96d8159a5999103522ff501da8139cfa43ba87c7b18b3834

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 832787c6b9779c8d5067e189cb631f46
SHA1 39083c075000aa6f32af9c8a19fe5526fb50503c
SHA256 eb7774502147bb4725fe436c22f6aafd324ddc5a98f884ac970835a39780c9de
SHA512 13d384893001c621283cd4236de3a4c4eb03ee19bdd6a55a42d5e66340b89fde6abe7906a5b78d51af51a790df523ec82599515469d9b02488ffc8edb4b8d87e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a3f1.TMP

MD5 ee579fe15dbf32cb04b421b93061e00e
SHA1 302d9ff5a1934b64f50b165c3f67c34f96207b13
SHA256 0d7d9b7ef6402229a284a010e0d9aa5fb99b2ae1c8c7bb3ac6e4a3a3405a754f
SHA512 32212ac3f50d7f0b13e2a582f0fd7c61bd64a0ad25a93ca5ae838f65451e2b621ea5471cf6c2cd7fb688cc4b81fdffca38e8e2106c77e9d983397b8e1d1f0077

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e3ac40862bad2ef4aa1b382d5d6fa614
SHA1 999b06d968e7e3d3f096198a4a2d9c1e1c78f157
SHA256 41eac712b66a955e53b876bce414b962ea2cf5e28d96d2e46dc31aafa0af255f
SHA512 0f42e46cac736ed12d571a9de9cfdb311ef7902d68b87556ef427062ffe149c22d6812d4309ed7e6323d06117f4255cb7204df41d87da4f39b5ffbf4bcbcfa46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 25a87b31a75ab179c56a041e7530b3ba
SHA1 67749a2cc5a35574526ca64e8930f352267e4627
SHA256 cab0cd59f0321909b7891053973837767899bd6be88d8893254f92676e4e293a
SHA512 4ddba0eaa524221a7015a0d424fc327dc69daf4f963bd13530bb62fa68655ffd874dd78a5b278857caa8deeed2f9b7c4b2b4cfc50765bba068ea8d229dad63ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fea428170dbd62bcd7f1ddafea98d29a
SHA1 da3c464ff595032d4e4399cd949fa3bd0ebfff71
SHA256 a9baadddab8bfc12a39ab91e51bf31cf4bb41e861dbfd34d4e10324e081a77a1
SHA512 c99c4c93f1f23406271e753f7db6a603564d9d1ee3354d3ee8073f6cc5f3568175ffe3c633c3d4654e561399adaec00a78fd9519ab5969044e7242f15bf5c54e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cce8d0b2f63c2808a1558b39203ccd01
SHA1 0ebcc9023988995db2433f1ed564cbe18bf027d2
SHA256 d6375ba13132a81b28a7e91d317549d92701ebade3f554a22d66b2aa04f59577
SHA512 bc39fe3de070441194054d7d6514adb54f0474f9ec2f614abd08ffe224608ee429dea556cfb96074e38a48adcb2e5ee7578d3311558f9e0ba2df98f491cecfd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4b3bc885bd3b38481f50ebbf228faa16
SHA1 21a7ec03f2a77f42ca032711a61dcc3139e5cc7f
SHA256 6ec1a552fde6a518cc0e4f685570d4efe8ae085faf8899f0d85b49cdd364851e
SHA512 ca136ad1bf3256ff4bf1cf60e11e06d9041db48971a066c2ebb3647a8b428d67628dcd081cae6da953d135ce1aa18605c348bd6f042005b7908a8dce7ae232d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 260049010afeed2b553ffdee71bd036b
SHA1 47d92bc2113a3af811a8b30ff15058d4f19adaee
SHA256 446fa92ed280f64a1502134284cb6488ef6d1f528f373045d3af88d1a7d37406
SHA512 23dca1a09148c5a9364791d43163a64af8e66b935375bf48aa660ba46a21f2e12549cc63004f67f6867845c8ca09f1e41da9796028e0934f5e8dd698c1539ea4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8368e4a683c44979e0308ad2f40ec9de
SHA1 47a500e32bb9097ba53639abf9b7770db7ca62ae
SHA256 9376dc7cebdc4446e251caa64143a272aac678f1327f83d8a3a6ac4af0b78da5
SHA512 495ab3a21453ae437074f34cb8eeb98e44e8af61c6886e5e27778ef6cf7d20c593343ca9c7c976b2f4772eaebb35b41d6b0f9d8b37f2c1e274b5f9b4f5606e15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ef4706ffa551c56266bb75a37382bd25
SHA1 54be497b0cc9fc5422a79de746afb69d86de2baa
SHA256 7af5a77fd65491dded61c589cd9ef93d35ab7cfa0684c5a342d3116d2b589f3f
SHA512 e7387cc5137d45bafa98aa04b606393c7b67c655a2e33695bd4eb9a3a509245d9c0526d57614a0d85157fcf8078b3839980f8e1cccc97593f0c97f7ed13c6409

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 83bb52709d78b4e1fea3f4d9280d2d2b
SHA1 bb1494cc33a93ba6160edce890db664413c97c08
SHA256 d4683639a1864f20bc9864c900adfd06f0112e05a13ee3c858644c15cc330a48
SHA512 b404844537152aa19ca459811ec077996d11a0b69be173235780b53927cbaa90f5f4f7d079114537492a1da51d1a70da3f5c3dfada3cb76b358e4138d6cc07da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dc58f6edbfda53f9ad67078375365a45
SHA1 c3f9c2b410f39a3acf30f32a8f18ca535c3223e5
SHA256 b5a91941ec2a61c15606a0855d3950f227072b37f57e9c9cacfd50d71e28b5e2
SHA512 e313070fac0d56e9819b4e13e76cfe226e02a587fee5961d9f435fa8ff293b09f9432f97921c034e1cb78cc8c5688eda3cf7e7f3c8a09c8519c1f783078aa26e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 642ebe67b8310c1b85db368b95750637
SHA1 73291f759061b489b8a7ce695f5cb9e1ce9f2328
SHA256 ec45dbf893e1426ba7b3188ebeb7372fbbfc18f66a94380ada61c0821d857715
SHA512 e016f0e6c2651ee8ed01db8a45553b42fd5a136ae6a3d4b42d5fa2a406d37c030e41c69f9d81ce760aefcba0327d83282211b5acf1b6792de96877f75b4f94f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2b160793-79fe-450f-8a15-49cabb14367d.tmp

MD5 7cc6be9db999ff63d361ec42b0969571
SHA1 a7c37c14e25d60d14b40ea9dd939a92d32a7935d
SHA256 994361c3bfd2b3fc67e9cab0591a9f6ec8d308df6c5aa6ddb68b0aa243a41fb4
SHA512 e242ad22dbd5e2a62c3ecc7e28ddeb83bdee77ea8056c882f0b67b01d39443c267d9ff79bdc3d648b83e334952342b234b25e0147704de4035bb056d6e8e8b5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9a7a25c13c7d14f8f6f4c49d099ef9b3
SHA1 bd323865d1c1f31618c16c6dc9833c341c59aede
SHA256 a3268b96001055038537fc44ccd06151790abeb75ab2e6fb171b74454d9f3d9d
SHA512 580bf96abbd469818c362204a58ee0b21a6d893a27f260781a758d7123f2f6f87725a7827b75c4f8ddd582c390df0fc8aaef5f4bbf19d526750dc2e765ec49a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 031a9bef3dcc7d9b8c0063a68c8fb7d7
SHA1 e694cd1b7213486034110042a647c35b9cfc099a
SHA256 c161646c155bce6bac05a03643ced2e6a7503dcb6cf8db258974a8a9b3f1fb2e
SHA512 be568067c9ac18b6e477ac780df5735d79586a110581f6f53774c195d45adbf9663b4d1b9167aea815cc1c021b2c9b70b7697630c37d9b48f756b6c1e33e0ed7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 da355680eebbf1ffc38c225ac849a3c4
SHA1 b4ecc6a9e25ea4364cefb81ef2a957d5430dc85b
SHA256 9ddeab0f649ca1987bd2308c999113748b743e8a83abd2f8f7568119942f5a04
SHA512 71346c8049ec11191761f12bdadfd0092e5b3ff7fa17930c3d97f8f0cad704ffec412ba3edfb2d8184836791df6c4b07e0b5369906cda309bf29d7249210c053

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-11 20:18

Reported

2024-06-11 20:48

Platform

android-x64-arm64-20240611.1-en

Max time kernel

1804s

Max time network

1809s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 m.facebook.com udp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.206.84:443 accounts.google.com tcp
US 1.1.1.1:53 m.facebook.com udp
GB 157.240.214.35:443 m.facebook.com tcp
US 1.1.1.1:53 accounts.google.com udp
BE 173.194.76.84:443 accounts.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.169.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 z-m-static.xx.fbcdn.net udp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
US 1.1.1.1:53 facebook.com udp
GB 163.70.151.35:443 facebook.com tcp
US 1.1.1.1:53 www.facebook.com udp
GB 157.240.214.36:443 z-m-static.xx.fbcdn.net tcp
US 1.1.1.1:53 scontent.xx.fbcdn.net udp
GB 157.240.214.11:443 scontent.xx.fbcdn.net tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.179.238:443 clients1.google.com tcp
US 1.1.1.1:53 static.xx.fbcdn.net udp
GB 157.240.221.16:443 static.xx.fbcdn.net tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 216.58.212.196:443 tcp
GB 216.58.212.196:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
US 1.1.1.1:53 m.facebook.com udp
US 1.1.1.1:53 m.facebook.com udp
US 1.1.1.1:53 m.facebook.com udp
GB 163.70.147.35:443 m.facebook.com tcp
US 1.1.1.1:53 m.facebook.com udp
GB 216.58.213.2:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.204.78:443 android.apis.google.com tcp
BE 108.177.15.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp

Files

files/dom-0.html

MD5 77c2969e120d2d7b80f2af0176f93bb1
SHA1 41809367579266515b4453df54a1387db7660251
SHA256 f5a10f9c30f770cd5ca67c16b5131f42bac358897bd663ce9ec1fa0afe33b41b
SHA512 18543a70ebdf60af63d08a18ec4999a67e18f988f8a41ccb12c72574fdf2557d8bb2eb9c8a441f8097873ee9a0914ba0e60afe509b26f0a2d07e5a11828255a8

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 20:18

Reported

2024-06-11 20:48

Platform

win10-20240404-en

Max time kernel

1799s

Max time network

1608s

Command Line

"C:\Windows\system32\LaunchWinApp.exe" "https://m.facebook.com/events/816110640538171/"

Signatures

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File opened for modification C:\Windows\Debug\ESE.TXT C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File opened for modification C:\Windows\Debug\ESE.TXT C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{80F131DE-2830-11EF-8A80-4A72145DDB9E} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31112253" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\HistoryJournalCertificate\NextUpdateDate = "424918994" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\system32\browser_broker.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$MediaWiki C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31112253" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\NextUpdateDate = "424950985" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\HistoryJournalCertificate C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1432565474" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1432565474" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\system32\browser_broker.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$blogger C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$Discuz! C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$WordPress C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$http://www.typepad.com/ C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "1431718897" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31112253" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "1431718897" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31112253" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424902400" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$Telligent C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$vBulletin 3 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\Meta\generator$vBulletin 4 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000\Software\Microsoft\Internet Explorer\FlipAhead\FileVersion = "2016061511" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133626109489670530" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = d7a99c493dbcda01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\msn.com\Total = "189" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content\CacheLimit = "256000" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "5292" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "25682" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{A5F397A3-BD44-43A0-B615-239A2F3275D9} = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = eea3d2dc3cbcda01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B7216 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.msn.com\ = "122" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "29132" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 273b5c823cbcda01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\ACGPolicyState = "6" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "5292" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 28d5ae463dbcda01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B7216 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath\dummySetting = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\msn.com C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = c52587823cbcda01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\msn.com C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "19299" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3968772205-1713802336-1776639840-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DomStorageState C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Suspicious behavior: MapViewOfSection

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
N/A N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 5000 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4592 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 1740 wrote to memory of 4268 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Processes

C:\Windows\system32\LaunchWinApp.exe

"C:\Windows\system32\LaunchWinApp.exe" "https://m.facebook.com/events/816110640538171/"

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

C:\Windows\system32\browser_broker.exe

C:\Windows\system32\browser_broker.exe -Embedding

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbf4699758,0x7ffbf4699768,0x7ffbf4699778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1884 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2152 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2904 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2912 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4452 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4432 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4524 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4920 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4956 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x250,0x254,0x258,0x22c,0x25c,0x7ff71e5a7688,0x7ff71e5a7698,0x7ff71e5a76a8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5012 --field-trial-handle=1908,i,1510596241559824321,9655404844693735987,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbf4699758,0x7ffbf4699768,0x7ffbf4699778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1808 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2012 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4044 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4676 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4668 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4932 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3868 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3640 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3220 --field-trial-handle=1864,i,10959352789346068678,223965376945212135,131072 /prefetch:8

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1780 CREDAT:82945 /prefetch:2

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

C:\Windows\system32\browser_broker.exe

C:\Windows\system32\browser_broker.exe -Embedding

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x390

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

Network

Country Destination Domain Proto
US 8.8.8.8:53 m.facebook.com udp
GB 163.70.151.35:443 m.facebook.com tcp
GB 163.70.151.35:443 m.facebook.com tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 203.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 facebook.com udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.35:443 facebook.com tcp
GB 163.70.151.35:443 facebook.com tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 fbcdn.net udp
GB 163.70.151.35:443 fbcdn.net tcp
GB 163.70.151.35:443 fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 fbsbx.com udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
GB 163.70.151.35:443 fbsbx.com tcp
GB 163.70.151.35:443 fbsbx.com tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
GB 163.70.151.21:443 scontent.xx.fbcdn.net tcp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 www.msn.com udp
US 204.79.197.203:443 www.msn.com tcp
US 204.79.197.203:443 www.msn.com tcp
US 8.8.8.8:53 assets.msn.com udp
US 8.8.8.8:53 browser.events.data.msn.com udp
SE 2.21.96.113:443 assets.msn.com tcp
SE 2.21.96.113:443 assets.msn.com tcp
SE 2.21.96.113:443 assets.msn.com tcp
SE 2.21.96.113:443 assets.msn.com tcp
US 20.189.173.4:443 browser.events.data.msn.com tcp
US 20.189.173.4:443 browser.events.data.msn.com tcp
US 204.79.197.203:443 www.msn.com tcp
US 204.79.197.203:443 www.msn.com tcp
US 8.8.8.8:53 113.96.21.2.in-addr.arpa udp
US 8.8.8.8:53 4.173.189.20.in-addr.arpa udp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
US 8.8.8.8:53 211.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
BE 88.221.83.178:443 r.bing.com tcp
BE 88.221.83.178:443 r.bing.com tcp
BE 88.221.83.178:443 r.bing.com tcp
BE 88.221.83.178:443 r.bing.com tcp
US 8.8.8.8:53 s.bingparachute.com udp
US 8.8.8.8:53 178.83.221.88.in-addr.arpa udp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
NL 23.38.24.229:443 s.bingparachute.com tcp
NL 23.38.24.229:443 s.bingparachute.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.134:443 login.microsoftonline.com tcp
NL 40.126.32.134:443 login.microsoftonline.com tcp
US 8.8.8.8:53 229.24.38.23.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
BE 88.221.83.235:443 th.bing.com tcp
BE 88.221.83.235:443 th.bing.com tcp
BE 88.221.83.235:443 th.bing.com tcp
BE 88.221.83.235:443 th.bing.com tcp
BE 88.221.83.235:443 th.bing.com tcp
BE 88.221.83.235:443 th.bing.com tcp
US 8.8.8.8:53 235.83.221.88.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
US 8.8.8.8:53 steamwalletcodegenerators.com udp
US 172.67.150.95:443 steamwalletcodegenerators.com tcp
US 172.67.150.95:443 steamwalletcodegenerators.com tcp
US 8.8.8.8:53 95.150.67.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 172.67.150.95:443 steamwalletcodegenerators.com tcp
US 172.67.150.95:443 steamwalletcodegenerators.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 128.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 90.16.208.104.in-addr.arpa udp
US 8.8.8.8:53 www.msn.com udp
US 204.79.197.203:443 www.msn.com tcp
SE 2.21.96.113:443 assets.msn.com tcp
US 20.189.173.4:443 browser.events.data.msn.com tcp
US 20.189.173.4:443 browser.events.data.msn.com tcp
US 20.189.173.4:443 browser.events.data.msn.com tcp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
BE 2.17.107.130:443 www.bing.com tcp
BE 2.17.107.130:443 www.bing.com tcp
US 8.8.8.8:53 130.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
BE 88.221.83.178:443 th.bing.com tcp
BE 88.221.83.178:443 th.bing.com tcp
BE 88.221.83.178:443 th.bing.com tcp
BE 88.221.83.178:443 th.bing.com tcp
BE 88.221.83.178:443 th.bing.com tcp
BE 88.221.83.178:443 th.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
BE 88.221.83.194:443 www.bing.com tcp
BE 88.221.83.194:443 www.bing.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 194.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 repository-images.githubusercontent.com udp
US 185.199.108.133:443 repository-images.githubusercontent.com tcp
US 185.199.108.133:443 repository-images.githubusercontent.com tcp
US 185.199.108.133:443 repository-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 25.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 watson.telemetry.microsoft.com udp
US 20.189.173.20:443 watson.telemetry.microsoft.com tcp
US 8.8.8.8:53 20.173.189.20.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 20.189.173.20:443 watson.telemetry.microsoft.com tcp
BE 88.221.83.211:443 www.bing.com tcp
BE 88.221.83.211:443 www.bing.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 142.250.187.206:443 clients2.google.com udp
US 8.8.8.8:53 api.bing.com udp
US 8.8.8.8:53 www.msn.com udp
US 204.79.197.203:443 www.msn.com tcp
US 204.79.197.203:443 www.msn.com tcp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 20.42.73.25:443 browser.events.data.msn.com tcp
US 20.42.73.25:443 browser.events.data.msn.com tcp
US 20.42.73.25:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 25.73.42.20.in-addr.arpa udp
BE 88.221.83.202:443 www.bing.com tcp
BE 88.221.83.202:443 www.bing.com tcp
BE 88.221.83.202:443 www.bing.com tcp
US 8.8.8.8:53 202.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
BE 88.221.83.192:443 th.bing.com tcp
BE 88.221.83.192:443 th.bing.com tcp
BE 88.221.83.192:443 th.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.64:443 login.microsoftonline.com tcp
IE 20.190.159.64:443 login.microsoftonline.com tcp
US 8.8.8.8:53 192.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.237:443 tse1.mm.bing.net tcp
US 204.79.197.237:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
BE 2.17.107.107:443 www.bing.com tcp
BE 2.17.107.107:443 www.bing.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 107.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 watson.telemetry.microsoft.com udp
US 20.42.73.29:443 watson.telemetry.microsoft.com tcp
US 8.8.8.8:53 64.43.201.23.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 29.73.42.20.in-addr.arpa udp
US 20.42.73.29:443 watson.telemetry.microsoft.com tcp
BE 2.17.107.107:443 www.bing.com tcp
BE 2.17.107.107:443 www.bing.com tcp
US 8.8.8.8:53 www.msn.com udp
US 204.79.197.203:443 www.msn.com tcp
US 8.8.8.8:53 assets.msn.com udp
US 20.42.73.25:443 browser.events.data.msn.com tcp
US 20.42.73.25:443 browser.events.data.msn.com tcp
US 20.42.73.25:443 browser.events.data.msn.com tcp
BE 2.17.107.107:443 www.bing.com tcp
BE 2.17.107.107:443 www.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
BE 2.17.107.122:443 th.bing.com tcp
BE 2.17.107.122:443 th.bing.com tcp
BE 2.17.107.122:443 th.bing.com tcp
BE 2.17.107.122:443 th.bing.com tcp
BE 2.17.107.122:443 th.bing.com tcp
BE 2.17.107.122:443 th.bing.com tcp
US 8.8.8.8:53 122.107.17.2.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp

Files

memory/4072-17-0x000001D933430000-0x000001D933440000-memory.dmp

memory/4072-0-0x000001D933320000-0x000001D933330000-memory.dmp

memory/4072-35-0x000001D930680000-0x000001D930682000-memory.dmp

memory/2168-44-0x000001D878600000-0x000001D878700000-memory.dmp

memory/5000-59-0x000002B49CA50000-0x000002B49CB50000-memory.dmp

memory/5000-63-0x000002B4ACBF0000-0x000002B4ACBF2000-memory.dmp

memory/5000-67-0x000002B4ACEF0000-0x000002B4ACEF2000-memory.dmp

memory/5000-65-0x000002B4ACE30000-0x000002B4ACE32000-memory.dmp

memory/5000-134-0x000002B4ADE00000-0x000002B4ADE20000-memory.dmp

memory/5000-148-0x000002B4AE400000-0x000002B4AE500000-memory.dmp

memory/5000-203-0x000002B4ADA70000-0x000002B4ADA72000-memory.dmp

memory/5000-205-0x000002B4ADC70000-0x000002B4ADC72000-memory.dmp

memory/5000-209-0x000002B4ADCB0000-0x000002B4ADCB2000-memory.dmp

memory/5000-207-0x000002B4ADC90000-0x000002B4ADC92000-memory.dmp

memory/5000-201-0x000002B4AD8B0000-0x000002B4AD8B2000-memory.dmp

memory/5000-198-0x000002B4AD810000-0x000002B4AD812000-memory.dmp

memory/5000-196-0x000002B4AD790000-0x000002B4AD792000-memory.dmp

memory/5000-295-0x000002B4AFCE0000-0x000002B4AFDE0000-memory.dmp

memory/5000-306-0x000002B4AD740000-0x000002B4AD742000-memory.dmp

memory/5000-327-0x000002B4B01E0000-0x000002B4B01E2000-memory.dmp

memory/5000-330-0x000002B4B0730000-0x000002B4B0732000-memory.dmp

memory/5000-339-0x000002B4B07B0000-0x000002B4B07B2000-memory.dmp

memory/5000-336-0x000002B4B0790000-0x000002B4B0792000-memory.dmp

memory/5000-334-0x000002B4B0770000-0x000002B4B0772000-memory.dmp

memory/5000-332-0x000002B4B0750000-0x000002B4B0752000-memory.dmp

memory/5000-347-0x000002B4AEC00000-0x000002B4AEC02000-memory.dmp

memory/5000-361-0x000002B49C6F0000-0x000002B49C700000-memory.dmp

memory/5000-360-0x000002B49C6F0000-0x000002B49C700000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KSLURE17\4Kv5U5b1o3f[1].png

MD5 a81a5e7f71ae4153e6f888f1c92e5e11
SHA1 39c3945c30abff65b372a7d8c691178ae9d9eee0
SHA256 2bc7a47889c56ad49f1b8b97385d5a4d212e79bb8a9b30df0665a165f58b273e
SHA512 1df32349b33f6a6fcb1f8b6093abd737fa0638cdd6e3fd90a7e1852bd0e40bc2633cb4e13c4824fb948d1e012e5cb9eed0b038b121404865495d4e57e123db69

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157

MD5 1bfe591a4fe3d91b03cdf26eaacd8f89
SHA1 719c37c320f518ac168c86723724891950911cea
SHA256 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8
SHA512 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\1G6TJ9V6\favicon[1].ico

MD5 84cc977d0eb148166481b01d8418e375
SHA1 00e2461bcd67d7ba511db230415000aefbd30d2d
SHA256 bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c
SHA512 f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\OKKW72IX\www.bing[1].xml

MD5 f5e8009e3026107f2f083112c0dc5b2b
SHA1 b92e14f31318d7eff3d2312943488d401f4e2cd2
SHA256 7e56c9c477f9a3adf163cb7f98204519e7500fbdbe1e9eac5c8b8b6fdc3acdc3
SHA512 3325c7d03ef5efdb3bd9eb86f809bc5f1a4e76e73f1873a0c9ba56957016fc1c225fb575351b40b609e357eac2ab279a090182697f6500921f3f00851aec55b2

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\4TQ6xhX_0XDFyLdFRS-kPhFXirA.br[1].js

MD5 fbf143b664d512d1fa7aeeeba787129c
SHA1 f827b539ae2992d7667162dc619cc967985166d9
SHA256 e162ccd10a34933d736008eb0bc6b880c4e783cf81f944bca7311bf5f3cd4aff
SHA512 109ec6433329f001c9239c3298a10e414522f21be2a3d7b8a9eb0b0767322eaad1fdf8f5b11edb1f42882b4e75ae71bef7fe786716407c8efad4feacb3dcf348

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\tlifxqsNyCzxIJnRwtQKuZToQQw[1].js

MD5 cfcd208495d565ef66e7dff9f98764da
SHA1 b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
SHA256 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
SHA512 31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\fRSNKQanUHk53F1a1Bi8UA71Qt4.br[1].js

MD5 9085e17b6172d9fc7b7373762c3d6e74
SHA1 dab3ca26ec7a8426f034113afa2123edfaa32a76
SHA256 586d8f94486a8116af00c80a255cba96c5d994c5864e47deac5a7f1ae1e24b0d
SHA512 b27b776cb4947eef6d9e2a33b46e87796a6d4c427f4759c08cf5aa0ee410a5f12e89ca6ab9cddd86c8471037e3c505f43c8b7fc6d8417f97f9fe3c5c47216bc4

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\9MqrCXB0EVjVIRzDOArDGhu3yeM.br[1].js

MD5 56afa9b2c4ead188d1dd95650816419b
SHA1 c1e4d984c4f85b9c7fb60b66b039c541bf3d94f6
SHA256 e830aeb6bc4602a3d61e678b1c22a8c5e01b9fb9a66406051d56493cc3087b4b
SHA512 d97432e68afdaa2cfaeff497c2ff70208bd328713f169380d5afb5d5eecd29e183a79bec99664dbee13fd19fe21ebae7396315ac77a196bfb0ab855507f3dacf

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\JKADIPL2\favicon-trans-bg-blue-mg[1].ico

MD5 30967b1b52cb6df18a8af8fcc04f83c9
SHA1 aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588
SHA256 439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e
SHA512 7cb3c09a81fbd301741e7cf5296c406baf1c76685d354c54457c87f6471867390a1aeed9f95701eb9361d7dfacce31afd1d240841037fc1de4a120c66c1b088c

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\anLBCCbtVUfEVXi8CHBSo5E22oY.br[1].js

MD5 5463a4fcc6967dbb06c1c51e3e1d80db
SHA1 a47dc8a729719b7f88521ea56fb38d6f71be21cf
SHA256 9c4df84d46da7cc013cf9fb07433c6bc40d75f00121993ad51036fcdcdd145bb
SHA512 3b18dacb21624e993e8946fa69d9482a05f8f188ea313b06eb6707210e5f15c5be7d1b0f571ba20b2d56686806ad4fff870ea6fcf84e851586c518f62cf29302

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\K3hC1_cQXGFr6cxRJVWYpzZJaAM.br[1].js

MD5 02b0b245d09dc56bbe4f1a9f1425ac35
SHA1 868259c7dc5175a9cc1e2ec835f3d9b4bd3f5673
SHA256 62991181637343332d7b105a605ab69d70d1256092355cfc4359bee7bdbfb9c6
SHA512 cbb43000a142807ff1bb3bfac715cef1240233117c728f357c824ce65b06be493df2306c7b03598817f09b02e9e36ec52314f88467679c5bef3ee1504a10c7e6

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\lLk8XmbdNzzlnPRzVzDhaF9yjqw.br[1].js

MD5 3ff8eecb7a6996c1056bbe9d4dde50b4
SHA1 fdc4d52301d187042d0a2f136ceef2c005dcbb8b
SHA256 01b479f35b53d8078baca650bdd8b926638d8daaa6eb4a9059e232dbd984f163
SHA512 49e68aa570729cc96ed0fd2f5f406d84869772df67958272625cba9d521ca508955567e12573d7c73d7e7727260d746b535c2ce6a3ace4952edf8fd85f3db0dd

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\Gyuq2bqitqDJM0BeAkbKXGlQXNw.br[1].js

MD5 a969230a51dba5ab5adf5877bcc28cfa
SHA1 7c4cdc6b86ca3b8a51ba585594ea1ab7b78b8265
SHA256 8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f
SHA512 f45b08818a54c5fd54712c28eb2ac3417eea971c653049108e8809d078f6dd0560c873ceb09c8816ecd08112a007c13d850e2791f62c01d68518b3c3d0accceb

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\n21aGRCN5EKHB3qObygw029dyNU.br[1].js

MD5 cb027ba6eb6dd3f033c02183b9423995
SHA1 368e7121931587d29d988e1b8cb0fda785e5d18b
SHA256 04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f
SHA512 6a575205c83b1fc3bfac164828fbdb3a25ead355a6071b7d443c0f8ab5796fe2601c48946c2e4c9915e08ad14106b4a01d2fcd534d50ea51c4bc88879d8bec8d

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\8CgcSSLayxEVUBf0swP_bQGMId8.br[1].js

MD5 a5363c37b617d36dfd6d25bfb89ca56b
SHA1 31682afce628850b8cb31faa8e9c4c5ec9ebb957
SHA256 8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f
SHA512 e70f996b09e9fa94ba32f83b7aa348dc3a912146f21f9f7a7b5deea0f68cf81723ab4fedf1ba12b46aa4591758339f752a4eba11539beb16e0e34ad7ec946763

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br[1].js

MD5 f5712e664873fde8ee9044f693cd2db7
SHA1 2a30817f3b99e3be735f4f85bb66dd5edf6a89f4
SHA256 1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2
SHA512 ca0eb961e52d37caa75f0f22012c045876a8b1a69db583fe3232ea6a7787a85beabc282f104c9fd236da9a500ba15fdf7bd83c1639bfd73ef8eb6a910b75290d

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\9xGNA8UskvA9WHF58zbLOHZ5HvI.br[1].js

MD5 d6741608ba48e400a406aca7f3464765
SHA1 8961ca85ad82bb701436ffc64642833cfbaff303
SHA256 b1db1d8c0e5316d2c8a14e778b7220ac75adae5333a6d58ba7fd07f4e6eaa83c
SHA512 e85360dbbb0881792b86dcaf56789434152ed69e00a99202b880f19d551b8c78eeff38a5836024f5d61dbc36818a39a921957f13fbf592baafd06acb1aed244b

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\XJ8OmILbNhm0zU9tdkuGYeXVPRQ.br[1].js

MD5 55ec2297c0cf262c5fa9332f97c1b77a
SHA1 92640e3d0a7cbe5d47bc8f0f7cc9362e82489d23
SHA256 342c3dd52a8a456f53093671d8d91f7af5b3299d72d60edb28e4f506368c6467
SHA512 d070b9c415298a0f25234d1d7eafb8bae0d709590d3c806fceaec6631fda37dffca40f785c86c4655aa075522e804b79a7843c647f1e98d97cce599336dd9d59

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\gKwIRAF4fg7noG1zyeUz8x3Jdhc.br[1].js

MD5 47442e8d5838baaa640a856f98e40dc6
SHA1 54c60cad77926723975b92d09fe79d7beff58d99
SHA256 15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e
SHA512 87c849283248baf779faab7bde1077a39274da88bea3a6f8e1513cb8dcd24a8c465bf431aee9d655b4e4802e62564d020f0bb1271fb331074d2ec62fc8d08f63

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\9cuwOQ_qE7qTGKohzrf_gIjTlPI.br[1].js

MD5 fabb77c7ae3fd2271f5909155fb490e5
SHA1 cde0b1304b558b6de7503d559c92014644736f88
SHA256 e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c
SHA512 cabb38f7961ab11449a6e895657d39c947d422f0b3e1da976494c53203e0e91adfc514b6100e632939c4335c119165d2330512caa7d836a6c863087775edaa9f

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\Gw7eETSwe7GHmKwW1lRqGPQJXRo.br[1].js

MD5 17cdab99027114dbcbd9d573c5b7a8a9
SHA1 42d65caae34eba7a051342b24972665e61fa6ae2
SHA256 5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de
SHA512 1fe83b7ec455840a8ddb4eedbbcd017f4b6183772a9643d40117a96d5fff70e8083e424d64deba209e0ef2e54368acd58e16e47a6810d6595e1d89d90bca149a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\psgXZvzYJMEW2ydikIk493Va1d4.br[1].js

MD5 f4da106e481b3e221792289864c2d02a
SHA1 d8ba5c1615a4a8ed8ee93c5c8e2ea0fb490a0994
SHA256 47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9
SHA512 66518ee1b6c0df613074e500a393e973844529ca81437c4bafe6bf111cba4d697af4fe36b8d1b2aa9b25f3eb93cd76df63abfc3269ac7e9f87c5f28a3764008e

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\nt6a1ZR520utsLoZmSYgwxdOPgI[1].js

MD5 0c2672dc05a52fbfb8e3bc70271619c2
SHA1 9ede9ad59479db4badb0ba19992620c3174e3e02
SHA256 54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39
SHA512 dd2b3e4438a9deaa6b306cbc0a50a035d9fe19c6180bc49d2a9d8cdbb2e25d9c6c8c5265c640ac362dc353169727f8c26503e11a8a061a2517a303f61d0ccd3c

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\5L3iD467J3iJWEPwIjxlK0MMDpY.br[1].js

MD5 2ef3074238b080b648e9a10429d67405
SHA1 15d57873ff98195c57e34fc778accc41c21172e7
SHA256 e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da
SHA512 c1d7074a0ebf5968b468f98fc4c0c7829999e402dd91c617e679eeb46c873dc04096cbf9277e115fc42c97516a6c11a9f16afa571e00f0d826beb463e2d1f7b0

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\K_V1CARn2Q2lTs5njJKUvUkHyi4.br[1].js

MD5 6c2c6db3832d53062d303cdff5e2bd30
SHA1 b7a064a64ceae5c9009ef7d6d8f63b90d3933c9d
SHA256 06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70
SHA512 bc2d115b53035b700d727af9d7efaf32dd2a39a2344f3f5fa1a82586be849ec7803e8320661e66ab7dd2a17e64b7897e95bbd84502b91997fa46eba4e67e8c7d

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\zXHaGKCOTtmQ_Ueik3R6GTcUz-8.br[1].js

MD5 fe1f9add646fe3c4eb695f76b6eccdfc
SHA1 caf4f7fd1142398e9a9386bce595afb66fd41c77
SHA256 2d790381800ec6ddb18f82658ff2515866a1e3e470b926d46dd8b46ffffa7403
SHA512 1f621757daa2864d4d258c6a69a60490df224ef5dd86a230f8d410e50ac1423a9e0dcb44225c17be2dd14826c54e545626b991cc7741055ba96d1d95d638a24f

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\IPjqENt_x1c56fZCsFxov2V2J84.br[1].js

MD5 9a4dafa34f902b78a300ccc2ab2aebf2
SHA1 5ed0d7565b595330bae9463ab5b9e2cdbfdb03c4
SHA256 ba98a6ebc3a03098ca54973213e26f0bf9d1e7e335cdfc262346fb491c3cad69
SHA512 1a8b4fce1c0e585bfcf8f11e0192fb04a80dbde7035a9c8fc426cd6383d6902bd77222331372ea33aa50d92b7cc7965656b11f480085af70267b3fd8355ebfd4

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\3US3nNU_RgsSNFm9Bzw6xgeuOHk.br[1].js

MD5 d42baf2a964c88aaa1bb892e1b26d09c
SHA1 8ac849ca0c84500a824fcfd688b6f965b8accc4c
SHA256 e3a15dab8cc5adbd2cfa1a162bf06583da6fb7be3831323d819cd881bfb0672c
SHA512 634bb1c984c9d74876051937240295a5ed5dc6404379decafbc4df074aefda5246ec33be84d2b21e0099c7bdd406e9cae6ebdf0ff01ddec3806b89dc50810c12

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\1rUTIFRcUHTZUBaDs_0q8KvUlR0.br[1].js

MD5 c63e610f6bfb2687ee044cee7d3e16c7
SHA1 b78022432ac754cc41335341a8e07f2676bad789
SHA256 c150d5e192ece8d69ba8029d87ecbc66674013b8418264cc86f0abcb0da0a38b
SHA512 11029009d8d0885d16a4b546816cc0f22f51ffd035fdd87d58eaf432017947460a1a78a543c0eb3875af49342a240ea606aced23654bc190ba6a4b7101e13a3a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\5eH72d5oP39BHHSOhw_GMqBua9s.br[1].js

MD5 825043269d51c23b54cf152802be837e
SHA1 10938185e146602ccf2ca06f9237c4008482a6bd
SHA256 32e36f4488481792e74374da84992305fce4878e51aeecb514050ffd12eb6bba
SHA512 039f184ac4d086d3d3a1e6fb8bd10c3ff3007f4bfc41bbe47e2dc1e0ccd802f47a4acc0c3e2f22078df0586f1865ad6f24fb5a5315adda9dfd4befc3ab71a174

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\910ptS3pcIDQ7a5acMaHuQliuN0.br[1].js

MD5 8898a2f705976d9be01f35a493f9a98f
SHA1 bc69bec33a98575d55fefae8883c8bb636061007
SHA256 5f30270aa2dc8a094d790e1e4a62b17c7d76a20b449d9b69af797a55fada9108
SHA512 c8575df93fbd1f65a285d484257adfe12733e47a6524a18d5910d33562eefd1d9da7197d16c7a3cad3bc5ad89546ff0fefe90e5c96e7850ecec9708c90334349

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br[1].js

MD5 f1cf1909716ce3da53172898bb780024
SHA1 d8d34904e511b1c9aae1565ba10ccd045c940333
SHA256 9abac0cbfa6f89106b66cd4f698ead5ccbf615ecf8cd7e9e88567a7c33cfec01
SHA512 8b641e93405565b4a57c051edefc8e02d6c929ddd4c52f9bfbd19c57896aa40426bf5ed6760dbd479719561c4f0a25bfc4102f0f49d3d308035c9ca90b1d0fce

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br[1].js

MD5 0c0ad3fd8c0f48386b239455d60f772e
SHA1 f76ec2cf6388dd2f61adb5dab8301f20451846fa
SHA256 db6dde4aef63304df67b89f427019d29632345d8b3b5fe1b55980f5d78d6e1e7
SHA512 e45a51ef2f0021f168a70ac49bdcc7f4fb7b91ff0ddd931f8ecbd70f6494c56285b2d9bc1170804801ce178244ccf361745b677b04c388b608d1471e0695ebeb

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\uiannz55FdT0j3p9jGwegfI5aIY.br[1].js

MD5 45345f7e8380393ca0c539ae4cfe32bd
SHA1 292d5f4b184b3ff7178489c01249f37f5ca395a7
SHA256 3a40a1ff034448d68d92a75ababa09ba5f2b71d130f5f6bdf160dcf8851529a9
SHA512 2bfd00bf303ad5a1e8413b5ee6a162167605511fefb8df61a8f40f80382f5520df690a53b1058365f1d81562b2668376886d0f829517a642fcd87412801fe987

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\eKvcHdnNwo1WcxoSioV4ztnfZk8.br[1].js

MD5 fb797698ef041dd693aee90fb9c13c7e
SHA1 394194f8dd058927314d41e065961b476084f724
SHA256 795e9290718eb62a1fb00646dc738f6a6b715b1171dd54a3d2defa013a74f3da
SHA512 e03c4ab727567be95b349b971e29cffb3890cfb1a1ddf997b34b9d69154294a00a5112f4ffca4df4e26bbf96afa75e5943e965edc8f8e21035ed2ef30b7688d8

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\ydDuUFvQrnTEDpvE14Ya7abrPGk.br[1].js

MD5 d807dbbb6ee3a78027dc7075e0b593ff
SHA1 27109cd41f6b1f2084c81b5d375ea811e51ac567
SHA256 0acdce370092c141b0c6617ed6e2163f04bb9b93d3213b62c2bc7a46fe0243c7
SHA512 e037dfc31d595b459660fe7d938eedb4f43d208d247174ee8d6fd0d125f211142cd73497e4601893cecb6f565b7e2e7815ce416d72bb95504d3f277e4e806d11

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\ID-70CBAEOXh6Nwxga-CxgpUq4k.br[1].js

MD5 fd88c51edb7fcfe4f8d0aa2763cebe4a
SHA1 18891af14c4c483baa6cb35c985c6debab2d9c8a
SHA256 51f58a23f7723b6cbd51b994cb784fbc2a4ab58442adaeda6c778f648073b699
SHA512 ffe417fa00113273fe7ac1b1bd83c98a3a9dc12d41c77b60c52cc5ffd461d9ca2020c2444ac43771d737c70c58eca40786a5c5762b60f30da523f709684510df

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\ulJ3ckR0YcGpvIX6xhO4prJhEQQ.br[1].js

MD5 b743465bb18a1be636f4cbbbbd2c8080
SHA1 7327bb36105925bd51b62f0297afd0f579a0203d
SHA256 fee47f1645bc40fbc0f98e05e8a53c4211f8081629ffda2f785107c1f3f05235
SHA512 5592def225e34995f2f4e781f02cc2b489c66a7698d2feff9ac9a71f09e5284b6bbdb065e1df9c06adfb1f467d5627fbd06e647abf4e6ab70cf34501232126ad

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\hx1FP91l4PKrDhCLfXHf3ouMwSg.br[1].js

MD5 22bbef96386de58676450eea893229ba
SHA1 dd79dcd726dc1f674bfdd6cca1774b41894ee834
SHA256 a27ce87030a23782d13d27cb296137bb2c79cdfee2fd225778da7362865eb214
SHA512 587d5b5e46b235cdcdf41e1f9258c1733baee40b8a22a18602a5c88cba1a14edf1f6596c0ab3c09f09b58f40709ac8cf7e1bb33b57293aa88eaf62d0ab13fbf4

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\4UY2jq3mEKk7NI4y4J9sHqyctKk[1].js

MD5 9672a1df6f912de8c216915605eb242d
SHA1 e146368eade610a93b348e32e09f6c1eac9cb4a9
SHA256 89b5525e3432acfa36b46f3a88451fcf34c940fe38d8afcedd71e67b73713da0
SHA512 22d39c7937ab4d38569b6373cfc42135735356a5789ffceb8d585202f11fce72483eb21d1b28c392913e5a43b28dd0c335d239bc0e970a635c50d145bd3a8d7d

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\EAF8AA29A62AB29E614331747385D816_F9E4DC0B9D5C777357D7DB8DEF51118A

MD5 0af469f9dc0dbd2391136095bc3b1557
SHA1 1ba5254ac62d7690558101c374e7373ed2a0b804
SHA256 f416afa4e33e235b1489e22913983fddab1542bc0ada9117b762182a33dfcc84
SHA512 892e25f0883692f89c14ac4c70c1fb821e774425f694d8f64436d47ca5287f455e6f834c8070f96b9efadb378f414cfec6fd40a31d5bb35365c7d1a5cd1052f2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\EAF8AA29A62AB29E614331747385D816_F9E4DC0B9D5C777357D7DB8DEF51118A

MD5 7bafbda43230b9562a9dfdf9c3dbdedf
SHA1 5599e30aaae74e74d2bdcd89fdc05e5df399dc19
SHA256 4f023600d553b492626b7e5e9c2ee839a2388dce7db16ba907c2a4476e533774
SHA512 28e329b55d8009391cc84704a31b3fa52a1d8078a158f263ff44f71aa24d6a17c12b1981ba199449b4c75a1903cb1eff197f362f19e1b6bd20a0a485872e9525

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\IMRNG30T\favicon[1].ico

MD5 da597791be3b6e732f0bc8b20e38ee62
SHA1 1125c45d285c360542027d7554a5c442288974de
SHA256 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07
SHA512 d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\311ahps\imagestore.dat

MD5 6400b9154256540983a2329333b81c4f
SHA1 6cd31cc3f43b8a0cb2770ff85cec2da0aa3b5960
SHA256 b1cc975290c9f0eaf3d668c45135282e43cf0808585fd4733fc64d6c3b280190
SHA512 06b65b3c3a657a916f3c505031c07c21f6bb80636041e0232a2171b79191598181733814b5100c1ef72e8c7bd74ae14e185143229a1ecc076d5d1f5f9384037f

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KSLURE17\cropped-Steam-Wallet-Code-Generators-Logo-150x150[1].png

MD5 78a404c5bbb58670972105b0d7b2284e
SHA1 56ca4aeb5535cb8f9ebc51e5f4a52e01f024bf4a
SHA256 ed278f88514ad458b7d5fcacab5635443a57663d96206c161cb3a88006af1e46
SHA512 aed074ff274daf74b077a3bff3e2ae01258817097646374af3487fc34be0599157648ef249a3282d0828239477f933f595e8dc5a99ef11ec42b04fdcb46fa56d

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\E49JWOHD\edgecompatviewlist[1].xml

MD5 d4fc49dc14f63895d997fa4940f24378
SHA1 3efb1437a7c5e46034147cbbc8db017c69d02c31
SHA256 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1
SHA512 cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\1G6TJ9V6\suggestions[1].en-US

MD5 5a34cb996293fde2cb7a4ac89587393a
SHA1 3c96c993500690d1a77873cd62bc639b3a10653f
SHA256 c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512 e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\JY358NPW\otSDKStub[1].js

MD5 4ab1f8890d25b8991347267757b97564
SHA1 77e0c938ab737969ce4145a0f66f5218d640a0f4
SHA256 b0729bf573f57578c2197be145663a338b0f265c14bee646a7d2dbde4b3854cb
SHA512 a57fbc16f30213c0ad1a0e9bf030da87398d7aeb3217b90946293aa8aec83295a40ca6c2363d65452db4bd0d02c1fe5237bd93e037d975ffce3636a1292df9ed

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\L4VA959A\common.5dd7cff85de67632bfd7[1].js

MD5 cd8d2938dfcc295d8d63f9e40e79b3b4
SHA1 08a48c71162cb94c0a4737376c499de1b4666a90
SHA256 881c2664c20a836f6784a1db963fe6f69f5809912ffa0b2d54ecc1361526e922
SHA512 fc252ab5d8444efbc3072b1101c7ce89f91cca35cef475eaa3c28b33dc746aa36b6ac82d1a6d896a975a3e086d8e73882af29392d1235962883bf9e7f0feb590

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\JY358NPW\vendors.c47bf4f4981f23895ddb[1].js

MD5 01cd3e668d1acb88b93ab929d450ae63
SHA1 f44e64fd07d828ef0b41a127faf5fc4d0ccb7515
SHA256 76d32a47254928b038acae6e59dbad89eff8d7126eae4391a3a869a3ab6a4eaf
SHA512 b8c1db0645e3aca3e5953724077fa2699216e1f8f780346fba8bbe27f1ec2d8c7bef62dba1a88d3cec8db445418bdc7c3307ac3bf84abfd400d1f1678681e368

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\S7DPCY42\microsoft.8aa91a5fe4f5d8517ae1[1].js

MD5 1b4bd481201681e6e6609b4e84d91900
SHA1 712b959a52f424694b3fa5b852c3d7adf27bc19d
SHA256 ce3eeed6a430adf998eac68138d70e1d064cc81a54274c00b71a22f6c1e0b2b0
SHA512 e844c8e156b94fdedc70830471a4b8cd095926c0a0e5fa3c2685b34a7efbc8d2bfdd662513f46a2021b92d46289ad25ebe7b54d3885c438ea3d4fb7cfb17e5fe

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\7OPIOBOE\otBannerSdk[1].js

MD5 9407efa17b9fa09288ff833eeb111cc7
SHA1 4fba1d46d43eeaeff48b8493245e5cda953285c8
SHA256 9cfaaf4e24c9a20159123c632711d2cbb98854a66ab659a5c24373633f180d4a
SHA512 f864566e20f37099463b4bb39665a52293402d293f9bdbccdac3b6cda7db41f91ce79c34786129f84c822f2c35a7a0976060fcd97271dd27685e4f6255f70b0a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\S7DPCY42\otTCF[1].js

MD5 ccc7bdfd4fec43bb4e2ee254705af6f9
SHA1 9a2a188ff810fd0f025266d2b65f448a5ca84181
SHA256 0881d43075354250e7ca66af2628b7f894bca339f73be5add8c16e166d253708
SHA512 93e7b2cf7c54dda5bacede673dee2829335642aca27eb36afc4a117ee38e00bbc2ee801d751c7af5cbd1c31d0fb92643a862ca710f243e4e9fe64027fa0e39b0

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\warmup[1].gif

MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA512 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\zm0EMTpZ75AapVMNZGVIbINVVlU[2].png

MD5 a070cfad7c1820ed536cefe0cb773eae
SHA1 ce6d04313a59ef901aa5530d6465486c83555655
SHA256 e38060462b7d06778219d3bedba5b1c21a9edf1e6a9bed32936b4ef3a1b3ebd1
SHA512 72bf5d72f2a4df9131b90e1799adf0227e855a5f55d554dc9f9f8b1532381f44eb8abb4863cf43890ff88d0d360e6f872b7cd75d426c7daac537a0ac82a4f4c3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\th[4].png

MD5 83111e0c2ad9e139f5d064de30b7819b
SHA1 d9957b6449c05569a3cb23c5b72b194790a74a60
SHA256 5022941eaec046544a19e8ece59b4ab0d96c91575e553a8611d8b6b506da782d
SHA512 0e164cb1a1ecc912c8b82f953488dc59e51dcf66c4cc3ce58b35d59e7903edfea4fb304c8590233286fb6a8423b6169066942f699d1ad28b3cde5444868f1db3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\th[2].jpg

MD5 6cd31d0cf88baa2d02f9dd5f7b47f891
SHA1 0648d9209b3cc750c705ae64e4308f5b5dcf8e8c
SHA256 78d3b2f814c4ffded4f10e3657580f1dc36fd51404f205555537608330e791f0
SHA512 d861ab6da46c3136b494faafa1cf907934f2a72ba2c4915dc3231c05136fc92fbea7eb454e88166c53e1c55bdd379eef302f2e59ab4267f947b1a66fc4cd7dea

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\R14ozkkie30zM6FSjzwWFp8Ffzk.br[1].js

MD5 30280c218d3caaf6b04ec8c6f906e190
SHA1 653d368efdd498caf65677e1d54f03dd18b026b5
SHA256 d313c6fff97701cc24db9d84c8b0643ca7a82a01c0868517e6e543779985c46e
SHA512 1f329898fa0e68f65095b813ca20351acfeaa5f74db886508fd4f1fa85811a8cc683c6fab9d9f094f596c8957219f8e29a6307ea0b2d470bdc809a4b9c9d34dc

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\6mZmj1db42G_jniFgdT7MCvBgyA.br[1].js

MD5 2ab12bf4a9e00a1f96849ebb31e03d48
SHA1 7214619173c4ec069be1ff00dd61092fd2981af0
SHA256 f8b5acf4da28e0617f1c81093192d044bd5a6cc2a2e0c77677f859adcf3430ac
SHA512 7d5aae775be1e482eada1f453bea2c52a62c552fa94949e6a6081f322e679e916b1276bb59ff28cf7c86d21727bcc329ecb03e5d77ca93204e0cd2694faa72bd

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\mOy7YpeLJ3c40BBAFNUI6SmOUTY.br[1].js

MD5 16050baaf39976a33ac9f854d5efdb32
SHA1 94725020efa7d3ee8faed2b7dffc5a4106363b5e
SHA256 039e6b3df1d67341fb8e4a3815f0d1bb3292a2040334ceb9cfc4a8d6abf2fb55
SHA512 cf0d54f0368ffbc6908216fd2573df8f5fe4c34ac08e17301b8734b3fabc674672a7f456707f632f82f44b36812dad8a0cf81a51d5cea21ea7f0e18500298375

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\HqDsKR6xyRoUSYXXRfEdLVt772I.br[1].js

MD5 1db5473c2bffe85c98f9a3f692c6b082
SHA1 d5793dcc912927c670380bdc8d65c4980d8fb478
SHA256 2898df3498ab696d144a60acbad462a4c286a5e615afded2448f55cee482f4ae
SHA512 a80c4873f73f406d6422169fbb078ac3f63a04d1c2b536cbf0faeeb19a1b9ff1ccaac6efe7e8d35ee91b783cd36ad27b202eb1db9b16db318981f6ed56554fb2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\nc60aT-MXWFDGmlflZLjNBVVxkM.br[1].js

MD5 1c0981ac86e2ea5b7f08f34548af3280
SHA1 57324208ddb3a9e80abd3346607d712c999c2e50
SHA256 00ff3483d93259aedb929a9fee4454a623830b18a08f08781ac1961c1e98774a
SHA512 0f7185a8579d9bf1b89623bf126c58789010c76f7e279a3f44064c78b2e3e04bb0a89394e6be185618071153bc872e43a69211255f3470e1120e51ab0d5f2329

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\9YAQCrq1aCvJQNyORXytYpPYETs.br[1].js

MD5 be2d8a4651ce06cfd994f74999a4e024
SHA1 605b3dbe002f3480683ee7130b8098fb57c18976
SHA256 da463de775286aa611759f49ab574cd1bfddde4e390f32dce49603b087d9d67c
SHA512 0cecb0fcd377b14b8681b58e42f09e2d82af78fd67066675485c91eec0d45f7de670960caafd9471048d2c1c467c234bf27fb48c09164888fa04e84759b5d507

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\zlfm-hC70pZAs62UVTTl3KShKOE.br[1].js

MD5 8c8b189422c448709ea6bd43ee898afb
SHA1 a4d6a99231d951f37d951bd8356d9d17664bf447
SHA256 567506d6f20f55859e137fcbd98f9e1a678c0d51192ff186e16fd99d6d301cff
SHA512 6faa73d59082065426769a27081cbedcd22146ef948afdd9a86801f205b2dddc63e03ac5d555ef0af23ef05901ebffe7e8aadd82260ef505cb89d99e572fdf4a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\TA5w4JZB_Bofmi4E2NA9kDEyusQ.br[1].js

MD5 65125851782a676455b556d771d3ac70
SHA1 f201fd1277fc51d53ebb8611cba3eb2c083bb3cd
SHA256 d763f1e7e5ddde8e9c79bce466a9f4fffbd1fe8018e46ae7c75df5fdc29cf8db
SHA512 a2c9f13bd9be96d7fadf43ff1b02ac357767b432e63b80394ac86864ce3f8bf306c5cb52489240540dde87353451eef2d298f840c585670d603c31694c4abd29

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\UftfQbYuKvGGEUHPU3QGHYd90Z8.br[1].js

MD5 8d078e26c28e9c85885f8a362cb80db9
SHA1 f486b2745e4637d881422d38c7780c041618168a
SHA256 0bf9f3ad9cdbbc4d37c8b9e22dd06cc26eea12a27ef6c0f95db6cbe930177461
SHA512 b808a972cd44e6bda01ac1f8d904d5a281f33b9238b8caab03decb6adb6b494b19dd9bb35e3d1ea3ca914ff4957155f6d2cb5a9b3a00c2195f80f52804ffb244

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\hulMy94NWe4P3UsIN3zt_iGS9n8.br[1].js

MD5 472e4c0f78992e66f029d6cfa0061b36
SHA1 c04a9b6151f4113564346bd2d3ddf4b1bcc3c7f8
SHA256 627cbd6266a53e45d4a8cd0dcbb580dc2e07e7f2327d936c103031c2003f187f
SHA512 c02b98dce8cd787f5bce00c590d08dda6761b3eeff0de4cb92127ef42a277160145c6eed66e1b1372ca723c5fe5ae899a13c593b31290ba6b48e6e3def1c3016

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\Q1Z1cF6gZCkTBd0Gx8Q7LjbPAlQ.br[1].js

MD5 7a0dd3b8ac06a6b4a01953955606ed27
SHA1 af6453882542d8bd119a768c025af1c94bf7b3ca
SHA256 f1b3acd8757d2c9db87cb851eebf25909c0355483520475c2ed1f29bb36e062a
SHA512 e5cc3aa206c4a62e746ea9743ae92fd5efb4d46f12c9f51ba04eefffc58e04fc8b085eb0fbeca42290a8ecd3d8c07b40ad80f80db3cf3309d098022f948865c2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\JigriHckblqcu1XwKpT4wumVS2k.br[1].js

MD5 602cb27ca7ee88bd54c98b10e44cd175
SHA1 485e4620f433c02678be98df706b9880dd26ab74
SHA256 f1c39ee3528b8f6bb887150c10152cd3bbf849c4b305da9be3d4a92614e2f3f8
SHA512 b27a3b7737ce984e6ad448f68b31074f8a98c6ca5d66f3165d1dec650097077da9c80ef3045758c591a1cf0dda74fa4ba8039426d312f50f082d2a0f8e7de21a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\Bq5XLXS2IAyPVC8Nn9yIeT6NYOE.br[1].js

MD5 4cd8ae0c7d5bfd8612fefa3502360e72
SHA1 cbd05db258e737055cb85f7015a05d64eb9e1bca
SHA256 bec4348c91c7671de3f2d9bc0f4e4d29ae6af0543e2dd367a76579c2209cfdc2
SHA512 fd9019b9a431f31751dbe1ff3a68b851d1cbfe780ef53ec7d20a959561a83eebec61242c29c21d414c432a2c6856dfb41570d6501a6aa7d2d96b734ca3b77555

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\lcj8996lLPHohM7LK16sWWtGSzE.br[1].js

MD5 2937c6dcad55e5e4a67945f4f803c7cd
SHA1 27399487b23109021f178841013d476f92b057c6
SHA256 acb0819704ddc4062d6a3b565ba7fe999fef298778b4b56c284e8f1bebf3c9b7
SHA512 2c07163f841a09d2061af35c7183984475247ce50a9000b4b2b0b5240701a64b140eca99853238db08bb94e9b9368bdfffe9e83185eda1745fb02e6f81110d3a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\RvRBoZ5KQDNHwbHfo-_ZBZIoYQo.br[1].js

MD5 718c9d9c2d2a498de3c6953b6347a22f
SHA1 b2f1a5400618972690d509e970cc3abeb72513f4
SHA256 66133f155e3a433e9eeca08dfc3b4e225d358e1a89ab0665379eff319f9f0081
SHA512 ac55ef9f45d29cfcf7d80c009df4c55335f7c3b55d66aadde275f580f321125a2c7669f7157d5bf9a34b3513c1231935a461f46eeebdd87b7801685fc95dc6c3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\8aj_I6fSAQ2HauP0CPPAfDwa2j8.br[1].js

MD5 4ff32905762c3a445028e11ed69f04a0
SHA1 809535e72d3dbe00f945893f7581eb3897f4439a
SHA256 336342b76b1eec2f9698dacb5d7d7749148a2036172435cd0c1a80a80a9886e7
SHA512 8b20273037fc33b549b6322d4b6a7623b0e24cf737c8d562e226f3bee2f5ba5a0692569fd0039e296146e9845e4f00ed5f08566980ede5fe449be08ff1f0b79f

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\jBIkCV7jrEq13WeSObdKprQ65HI.br[1].js

MD5 9a8aa12e9602f15ed71571301da78859
SHA1 e404e501788aa409f476b3aefeee122476814e14
SHA256 259f58f6f176e8dfb4589b8a1fe0b11e308a0806d0316da4cb5defb2a19868f7
SHA512 3e20bd493d1bb3cb8340ad95996bde2599c3987832bb834ab3a0db3e01860f73f0b135f71ff8633fa77a7589f4b811dfcba06f9c7a45c6089d1b31d34dc5fdb9

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\y9cMttd-SwSaYuiqhqk701fxHs0.br[1].js

MD5 142a83c5800451a9731a262400de2419
SHA1 1e5f6598f7f6b43a6f4e1b2a900ce1676e0c024d
SHA256 7d49a33d66c98ab838f9a15d2ff49bbac72c1588d979644fc174116d0afcb852
SHA512 b1d7fa83b4bc787409c088f7cba58acaa031fe3239a7bc139b6d4839ad6c66156e44cdf6f545d7b6b9309b3ebbfa0b17d9f307884f679cb6d2ae11c6935eea2f

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\kNUdPzzLEbQzYr3icm3MTxwk6-Y.br[1].js

MD5 fc3708a7ac43ace3d3406c2e5f7f1116
SHA1 cbd3116ecd59fd4a44f8b3cd958cbff724989a29
SHA256 37d9b83c929f1a8d94c4f29000cbfdfa72c4bc61c3950df02523252928591c29
SHA512 12122417b29aed27eebf3bb36e740c86567daef7060b5e8d64d11c83a5045e6eca5f3b1bc5a6d6b1a8e3eb23f8c34d48b63fcb41e43143e6b146fb2d51cdbd58

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\pYx84E5QxKsDa_GCjDkQj38YO0k.br[1].js

MD5 487d9ac02e3cf57172045869ac3f97a2
SHA1 47c9870beb200a74d274fdf9e98aa2efcd54efbd
SHA256 a97799ff4c48323ad3314a13e6a20a69145d0f8257fdae6882551d6fb6610ea6
SHA512 f13633d84fe8133da9d1823ce418cf42717cbe79176c9c11f4a7dd66905ba1aef571b968bd29d7c7ca91d802b4b36aefdb0c5d715e480215754c5d164eac27cd

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\5cNYI-KHtSpU1cTpIG4CXkdsXFg.br[1].js

MD5 4bd9efcb4aafe3b855d455fd01d22463
SHA1 6be51274703da67c1becaa6d0196bc8c93050815
SHA256 851dba4ff4d8c05904831a927424bde15a8d037313ced005820f4b2222ee1d03
SHA512 56f563a5d16d3e55852140e5eb5006f610fc3c0e1e3567a8549ba16625e4dc1a30bd51c2bb4888ff83361921fcfd8f63f0b8b1b8cfe32933cb263e7b684e4b60

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\WPedHfV8dQrn4qkif5azDZSqmn8.br[1].js

MD5 f5dfb6428494da3c1f195528588587cb
SHA1 7575a1f3dc367b2332d837a46d1dd2748b225c38
SHA256 f45968b3999174976d6fbea229f627f0bda56fd84f8b1924c01da624bfea01e3
SHA512 bb677ee6f22dfe28ca9ebc94a6ea7b5bdfb95288ba246c85c135f083c3af765964dbe5f3a028dca6e8a6396e967f24c2734442432abf00e690f34bc8106dfe9d

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\BFQDsdSF9E9Gp0u-xRbmGVfJfe0.br[1].js

MD5 60c8196199a6c715bc20652c09f64e7a
SHA1 fd861e01ba063850704195b35e44db2562ae815e
SHA256 708df52a72db22b1a287439cb9aa3ef2037bb67c8246835e36e673f70695a390
SHA512 7f16a9c7f5e6df6d78fa1d08818580dbcc4c7453db9d095794c730bb0f67e14070369e610b90225acf6961fda6471c7f497d59da0a7fef2f95e8bcc180b63a0d

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\ciI4DrhPUNmhXgxM4MW52bFXjfw.br[1].js

MD5 ffdc7892743e65d4e1747d695ab8fa3a
SHA1 02c6c4d62ba6806b28f1c69462e55e631ae13970
SHA256 e7f80dfe7b61e64faef1f7408f32ed0194ae648931d406fa987ec50c7326eb2d
SHA512 d85141d067a79df5b680fcc0d2a49e913847fed449315c238f08b2b92847cc5549798428b4921483604898dd44a75a3595e08e14ae132c4ac72f72caf731422d

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\HdiojNH85n4iu87NAQvDH5bKMnM.br[1].js

MD5 794184fae3c0890ae4ea642fd8f7fbf8
SHA1 91f8e72f3517d86a28edeb1b476f90fa5f972168
SHA256 00ea5dc006fa84e08d604bf9708135b98138ae0a092bd2c101a912b5efe3fe17
SHA512 3bcbc295c3e482ba7d8d99df3ac396fc1da973745a82dcae8d02270afed54b758d3f2c9811ed3c08e817f78a1a6a73eb5564d05e0c78d8009cf2608d14bb96fc

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\2RFgnacsz6nPw9vvxd8AGFyaQr8[1].js

MD5 e849f94cd30ec77987643a0d405e33e4
SHA1 d911609da72ccfa9cfc3dbefc5df00185c9a42bf
SHA256 b39968f3ab3c3867efc7115c77d0239b0a2c505ae87766231bf46e32f7797c43
SHA512 dbc5ef102c16d14a99f090821176b3706ba08d87d1efba817d763af969a10f9058c7aa0ce54d442dc816e84d294b52dc78623416044c1b6efa59a28055b48504

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\LTCT2zdUcB3ayDDUpC7BI5zxXuE.br[1].js

MD5 480df9ada0ab4f05ef58e5cb2e2392e1
SHA1 5510d9c30128875621b2f587563e7c1d0153f164
SHA256 1c56cffb0e9950e4a61b6955e8708befa2ceca71017838f1fc233e2038b23c2c
SHA512 dae1a6680c0f1dfcac1c2b7b23c459f162d3d00d83548dce37bb86a74d2c04f2ec6b68449631eb53dd176153bdec74086f287b02688ef8d4d977671060709d09

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\IpXJDHKzfGJAg49_x5sRfvVvsvk.br[1].js

MD5 6100d2a3324e8efd4da73ec7101f3000
SHA1 cb9987c5bba13d8fe33f0b420155aee4e8ced2d1
SHA256 75eb6620c2b15bbbdfda091dbaef7b9db040db70de388c30ec9df68bbc33ddac
SHA512 4db99f39035adbf3688ff934600817fd52dcd048b7a7fb2a5050d4376861f966ee11ca13f1744adeee3f3b1d620683853b64b36f6a88f28d65eaebe4b7346fdc

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\wNhUjm3kl_kvyfrio44J6j1zdYo.br[1].js

MD5 2ac240e28f5c156e62cf65486fc9ca2a
SHA1 1f143a24d7bc4a1a3d9f91f49f2e1ba2b1c3d487
SHA256 4325982915d0a661f3f0c30c05eb11a94cb56736d448fdc0313143818741faa3
SHA512 cb90cf76cd9dc16829a3ff12be5274bd26a94097ad036f199151f1c88534a15bbb8f8dafdd699e51df5c38e73c925c00728f807b20c0b097a5842963525baf4b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\2pI-3yxS71qnL6vzhVIltDQouTg.br[1].js

MD5 12ae5624bf6de63e7f1a62704a827d3f
SHA1 c35379fc87d455ab5f8aeed403f422a24bbad194
SHA256 1fb3b58965bebc71f24af200d4b7bc53e576d00acf519fb67fe3f3abdea0a543
SHA512 da5f5485e1e0feb2a9a9da0eaa342edaeeefaf12ce4dcd50d0143bf476356cb171bd62cb33c58e6d9d492d67f281982a99fef3bfd2ebb9e54cf9782f7b92c17b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\e5E3S-lkItFHIqVf6KjzTWPZb6Y.br[1].js

MD5 00bee03327af12e5db14aa0967daea24
SHA1 c8afb873b9fa284b539010ca72220db8aee40fd6
SHA256 c8f912cc21b8a576a62b9f03976f49a6b6f96f10fbd1042ec56af4da02d985ec
SHA512 494860cdefb1d070b4f390ecf9803fbdaa88a94bf91c84dbd9b95d4e86205c1ab7b28e24aa074ca13a86fd74194cabd25fc4a64e4dd8730707879dc351f1826c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\MCwdqGFTwqu20jt3177s57V4wZk.br[1].js

MD5 41e1135d5d4aefe240c4dbd7b71f40dd
SHA1 cd1d7feee9a4202cf3a32172e8c5b081855f3061
SHA256 2e51a8c4ab5b014aeff1eeac9da5a0937f5ca7dcde7f089f88db05460f2c47ca
SHA512 8b43c0246a2a3447dd0fc818a67faf5c76d4bdbae52989c80da3004f032033cd2fd45e484727facea150125766a8c6b9b1094b855b9e1d23495e85d8ae1ce041

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\IdUTPeerhJUBvXEe7f4gFEe3qoI.br[1].js

MD5 f8867659eec16d15e723c56aeb7c34d5
SHA1 fbfb3436e5ba3b1653aa2216c717db403d9a0b8a
SHA256 c33b076ea6748367e9898c67afea2f0042988e544142d42bf324cbb62fd89d70
SHA512 808bb92c1ed4ce68711ffeb5836ce93cd4daa66d17c3ffa60cc317ae32dea841eb00e7b2b19fa3957ab7f1fd6c88f6cd5c45bf1c7ac67c30e5acac0acd8b851c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\QtJVX2BWG_pKK8Kg_EqULgkLsrk.br[1].js

MD5 4a7fbd9e7ea63c6d763f333644256a62
SHA1 ef3dc9076b76d0a6109d42fa88915165e17f14e0
SHA256 d27b551812ab2092c10677a8a587f808164cca3fae2d49d0b2a89fa348330084
SHA512 de3966360449e59d45f0671ab3a2f0a6fd2c6c61328320d257fe17877168029e4515b06b373433f2e0eea7eb4d07184710e0c01b643ab7f836c586e6ceb91c5a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\02NAP4JI\DUK18cY3cfD0zk-_nBEv4bFX75k.br[1].js

MD5 600aab0f07672850c21b8ad1f208c021
SHA1 1164fe094cff4bebd4a1d307f6083aa13dc2f556
SHA256 be32f8b54035cf1dc8c7eb6e9b7b297262bf16275c97df2988f02084e4843390
SHA512 f6c1195c7dca727848d863d0d653f8ccb814d9a0c2b0481d511bafaa5b2278bb9b7b3d954cd26593a8e277bcce0f0b555457068c4e992eaa011bdc900bb05535

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\5RWA6Z5A.cookie

MD5 867097ff590989544b1b70bee6b83fd9
SHA1 d6cd1b769a06a784a8ea16865d2743dba0fe8081
SHA256 e6b0aeab7521a7963c147882c7b5713256f893ac209505c7c339f35debb0adc2
SHA512 c0a6784e4ca770b49f590a6752057370be509dad9956d452b1e7d7083e9965d03874fc040990d8bedf23b32f13bbfba4b524a26f9e04d6af81223b5cc177da89

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\u2k1jj84SPAViWHBjNpkhFEunis.gz[1].js

MD5 be90c5657fc460ecac37e9562a61398e
SHA1 78da66ef6053a78cccab6e0d6bd7d7d18c6cc3d7
SHA256 365cd55be8d007923569c20fffc7303d0b2b99f176ab5a99fc275ba1fcd65fc7
SHA512 778d4fee82c12eb2816503ad826ddba720dc29944f9efeffb0a9fd2457c1fe9cc3870f6024f22044f98a50be06ac1a85ca4a8c51fb0727225ea281c2bae03a10

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\tPLNa5UcMaQEzzg0acZfPM45N6I.gz[1].css

MD5 9baa6773c6549250a3393e62c56eb395
SHA1 5bb4eead8609cd30b9b96b23ec4fd0082ae64c1d
SHA256 dadf403df8cfe888e59e6a051aee3783a2bf0bcc60dc1d09a7797daaee726ca2
SHA512 cf12319cf07897864828d9c950df4a98a0628d828a7fee75f1235fc5d3a57c90a40b5ded2743af2e62b1d13d3f6be0d302ada054e7c0d7164b8ba12054909b8d

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\VbSztIaSY8XAi9dm3h6m51N3zH8.gz[1].css

MD5 f8a63d56887d438392803b9f90b4c119
SHA1 993bd8b5eb0db6170ea2b61b39f89fad9bfeb5b5
SHA256 ef156b16fdcf73f670e7d402d4e7980f6558609a39195729f7a144f2d7329bf3
SHA512 26770bb2ac11b8b0aef15a4027af60a9c337fe2c69d79fddaa41acfd13cac70096509b43dc733324932246c93475a701fd76a16675c8645e0ec91bd38d81c69d

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\_ykiGO1K5rjAQeICdJheT3jfLeY.gz[1].css

MD5 7a903a859615d137e561051c006435c2
SHA1 7c2cbeb8b0e83e80954b14360b4c6e425550bc54
SHA256 281d6234fd292800c2a5dbd14e524c9cee0d4438188b0b7d873abf41515a7666
SHA512 aa47efab7ec689b838d1e5adfe26e035e8b93f2b806f1954214447cb2065fa5906f81a70b4c656b3ce1490d8ac2009c7e7b0f96491d6d4559c41fb25d08fe35c

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\0COXO0MT\g2mFaePdYzQOubI8JEItbebrED8.gz[1].css

MD5 6d94f94bfb17721a8da8b53731eb0601
SHA1 ae540db8d146e17cfc3d09d46b31bd16b3308a6d
SHA256 21829c74fce2c9bbbb3099a7a487de71465ed712410c32bc6c69884db07a90dd
SHA512 bf33fb4858b56f888108bcd5c2691613b68715e260e59c1e37a050a709be04a8e0eaf5509667183a0d51f1201e58c02df4f744a0772242ee5b61595c44c072e7

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\KSLURE17\favicon[1].png

MD5 346e09471362f2907510a31812129cd2
SHA1 323b99430dd424604ae57a19a91f25376e209759
SHA256 74cf90ac2fe6624ab1056cacea11cf7ed4f8bef54bbb0e869638013bba45bc08
SHA512 a62b0fcc02e671d6037725cf67935f8ca1c875f764ce39fed267420935c0b7bad69ab50d3f9f8c628e9b3cff439885ee416989e31ceaa5d32ae596dd7e5fedbd

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\primer-primitives-4cbeaa0795ef[1].css

MD5 f78dad1c29b12057a61e4031fd6cd307
SHA1 36953db7f8d8ef34aedf6d6a608287f1b93586f5
SHA256 6b4f34714b5e626392f944037b222b232adb545d407f96136d31934f685a0a5d
SHA512 4cbeaa0795eff125cd72798ad6d5db8682a910a200d54aa52dcfd3e8334f62a59eb4a2d7eec3158756bc196e66559f7e08a7282e7c507902b26891a6ce3eff09

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\primer-87f353b17355[1].css

MD5 1732aea9daf5bfe3cdc102e90bf66de2
SHA1 007a102fe73f49de3474b348269cc73a21a0b564
SHA256 7374a1e61da8969c1e35f78558dcbb08e86fc3f990f886c118d4e192aef9d0e6
SHA512 87f353b17355a6bb57653dd1a8c0b193cc3e42c1b178ddc95fb3092258eec1b76f49c67422ce14a1bccdbff5f060c5171d2fdbead0dbd48272e0a74a9eb9b952

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\dark-4589f64a2275[1].css

MD5 f61d3d72b892ced3002fed1b6dae1a06
SHA1 efe5d615d7f12c1e089ed7e68238d3e161b7ef4b
SHA256 b459cea038df58dd56e1cc7df606193ea027792427343f4d35a535fb0e96ebcd
SHA512 4589f64a2275cb4827c2f43b254ce635913bf9eb54a20d479c2cd12b1c506105de508d551bad833ee1e9396c31e50a552d5186966ac974646e84330c3348161b

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\light-f552bab6ce72[1].css

MD5 57b715fb666fb30b8734dc22bc74467d
SHA1 9fc81a5dceb105e5cc83b1b3b859d3f54b8ac898
SHA256 e9f53883f1a355c1c0eaf1e6c7e9a278da8cd726c7da7a5db462ebe436496d59
SHA512 f552bab6ce721c39d04a62d52ccb9d360387b45011a271807c7c677c45458ad0acd77c5f618a3172dddf0dec7d555f78e6d3b6217becbc97d28d62763f26da13

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\github-f1af66156f94[1].css

MD5 837cf1bcc858f007f7639fac65f6426d
SHA1 9b4377d76468d6786dde49e0521d173e633f7db3
SHA256 6ba40ac0936fe04a8fa60d907799d58d481ab153323d65b92ccc9219ccf6ba19
SHA512 f1af66156f947ecedc848f7ea645fb556da9a697d818a7a0c6daaa26530a42fa29d9be6f9fcc1ec5bb35ac81fd3e7b16b5e17a369965525acca3c44c8efbd19a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ERB75GPG\global-545513c45073[1].css

MD5 00dd87ad233982361cfc87d246086590
SHA1 54ca129f85a02ced8e26ce325a7bbe36a11a6d5d
SHA256 b7251f9d9119c23f1a2a83192425003284c58d5b117f30c551c2617addaa42b5
SHA512 545513c450732d23237cc1844c0c0e07b92ca929c9f6dcae347e600217d83aeadd1d08e19eb76181343b9cf7ab37d1bfb2e2277e09944a66183a5cb176a32943

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF0FCF79C28825F93C.TMP

MD5 46f84a1ce62b1c7eadf92f62b942283e
SHA1 2310bbf19ff5614bc12b45c6dad804130baf1f3f
SHA256 f4ddb7f7d429e2428c45aa01ed5914ad2dfdcf629d3f365c99d8dd598237ce0d
SHA512 2362ba4304d32f257506fd52a3054e0607dc828a958345bc133295c0413ccf772ed01a796250eb2d8914cc17cce673e4988c535e7dce863a1d29402011a43449

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 81bbebda9d49a956f3432875ba50de78
SHA1 a1d836f0be96aefd37c7af09eb53b36dec6808cb
SHA256 118e1c5b07af9f6183620bb69842b2c70b091c774e798b9200c5cc8c4d72acaa
SHA512 a567bca3996196e572f53c9085a10387bd9bcc3e537012467fe8a65db0a72d9e4942a53229ff1ea08912ae8fb99f2b9b7a85170275ec514f4a31635ae083d3b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1c341e582173d52a76e0247d7b0f62f1
SHA1 d976c7c32bc1bc565d582baa76e2463ff46a53e9
SHA256 086fbaa0607e9a545733e4b5853dd36d3b5b3f7dd63810fb240aeb45efdd94d3
SHA512 92d40dc0423865131db5623f42a1fb4843328d6178a3e508615cafe115fe83813a86599788f895f53e49bca86d5077fec2aaf946f85f96b43d1cbc9863381ea0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7960079f3ebf1740066f8f8f8a3590e7
SHA1 66db8e2524d9efc234d200c543db50d5ffa82e0b
SHA256 f4b409cad3ea93208d1fcd25700466a296c4ad3db6e5ab092d69135e2d533bab
SHA512 d4cb0a0af6ad719e98d2841da2f25106106c7dc292b869e432628e737a578729ef164af4f3a5ebcc7daa7ba641ee64677d512a19a5d89fe7c29281da65cd25b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\258b3a81-8e71-4e46-8967-eb2e67ccd9ec.tmp

MD5 652988a28da2d731943f1499b5c96bbb
SHA1 49a9eab586bb75ddae1e0093a95f0859dbbcc6a7
SHA256 727d90a2e767d81a4c92035a0217bd5a2ceee76a311f8479caea4ee80156d897
SHA512 62a06e990fdf10cb6c19fc8eabb13cfe273377515158b2b3e635812c10eaf936755b2a8b30dbfe491229b8f77c4770d0323cac343d4c6e36df33e923c708732c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 8c5699561f1b98dceea1f6f40c943891
SHA1 62c08aa713b036f6020a21ec61d3e7945d3369da
SHA256 fbe067962b4d03c5cf98079349991b72de98cd7f6b52aefa8c4af391caff4b3f
SHA512 7143fbfe051f1bce924e8fbad608bdba6a6fdf0c799799fc94b556b69a8eb7e0aa2e2fe69595ec374f2975cfeb8b88a2d81793626ca5402c72831ad002e4bbd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 6a16cbefd2e29c459297b7ccc8d366ad
SHA1 40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe
SHA256 9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60
SHA512 6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7a53f5c6f696e1ae7960053a9b54e08
SHA1 45ea321afa0b727c65f6cbd02aa10b9f8a2ebeb4
SHA256 03e362b7b7f5e573d282a53b30d32ac3ede4d01164cf3b219bb4eb05acc464f9
SHA512 a72029bddae714decd9185a850564b6f31973ceb6bb1713b7b790560a75675b64c9aa835ca7a29b045a5a9ac32d9367f4c6f4e6ec6ffc3be53b0a0617045f0b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d1867b2d4b797494376646b719eda5c4
SHA1 ec4e8f67257784132398ba5139910c0d2b218b91
SHA256 21b6292a61866d0e9af8361af18e1d6a2890d40a58cf39da7cfae3f8494d1a95
SHA512 16df3fba2ff63e27fbcc2a910302b7c97f71d9cc84a80d3d5f05f15703af3584e907b19a55b29e7189f644dca0eadd805d449f6317e951ff2ff0693a93ea56ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca117f0d8a16d29f000557cae5989af6
SHA1 625c03e4bfcf8de4d626d47b6bb0855833c13522
SHA256 678b3b5b3693aa2bd74870a44cffe0c40b3e920a00734b0f91dcdf7eb2a99e34
SHA512 1b0ce2aa6cd03423ce769043b3c46c696d9a5a568f922ccdfb527ad41228267000f2578ba856eec50c609230bf63cf135fa26623379ac0c68f72c2fae8258ace

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 19ff63254c8b243c92be54ef402f7166
SHA1 aad9ad20907c3c7796c41452e200c6794c0e556b
SHA256 67c7e5a70c9e0e399e0b704e88bfcdf5d00c29b3086f5394fb7507c4800a83dd
SHA512 d6038329a55af424d1a143876a732fb1347459c5000c51b1ddf03a36d390accdc49a23abed7a87d20e3d8718a646b824c35fb7526cb8681693d2f36a61716b26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ba13f83a18994a0c30fb383f27e4b8b4
SHA1 736669cdbf2f38fd8f81a2627b23fb5fcae3a782
SHA256 7c4719f501f7e18bf1808dcfbcc01ee0c2619f2f7ff225cab1e627a763af6bbc
SHA512 0f2e5107cf2e833df48f76417fc88af0cdc204d9edc5c9f6fed1c7afabdd39f27bf8a72369c78ef299283b1ca78a59f13ce40ac4b80dd16c2be59e72b580ae4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 acdad9483d3f27ed7e86c7f0116d8ad9
SHA1 dd2cfd176ad33d12ba7e6d260e1069b1dd4490c4
SHA256 bff5b4fff4b34ed3ea2754985b5ba1a8d6921517b0fa370f71f37ee0845552ba
SHA512 6e3ab4b6cfa73a7ad3c36fa621b1d2817b26e8e3613b78a40df6691d65e1486e6c2281efa0f8d3f30d2c6647b7ba3430a8be77df770f1cc575e8db76be6836a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b17c139dd4168702c57fa8c9980d1fc1
SHA1 990315bf5039e1a6a91b9d92541e1150d8044773
SHA256 d06bf5065aebbf6a3270688adfa2dd962108461722981d304d3d542f97555fe6
SHA512 322ce28bfc2bc8811811767896fd23e07fa9e11fd0bd9b99cac31ca765c84307be5e6f7619d6fc930048ce01d663f9056335dc48d0280cb2ec07781e41018fc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adca6e7e655e46659fcc1509a0ea4b78
SHA1 372e3499f95e8f9907b137a3632d00269e75c069
SHA256 9165455fa562ffa7f1d7e1206b11aa815d3ae315d1fd3d1d5245c2b57d36149d
SHA512 e89f3b347e7638c77605d4c6cc02fb7707fe685041d57c54f2514ba775986d57d653c9ed1406bf73b7edfb6d936e2a7f78b808dd82821217a1e7779609cd4773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 02ad312ddae1ff5c257eba7b01dcb484
SHA1 68de6b8c3e44551d2e31eaa4b339b7510e8dec72
SHA256 ad2fd8b02f14f221727ca44fe6f407fe3160daed35fe8027df2e3696b58dabcb
SHA512 5abc7bb629481c130be7bb792cd708b29d06c327d73be8a3aaa82719b6d9033156901e50f92126f0588250855221ade560aade2942cfca3273f093f1ca9ee50f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 23d636ba38b2dcbebfaa570ca271bedf
SHA1 ad01baa42cfd9e57047361c740d0846e07cd5818
SHA256 e10e94f700e8f6807deb2ddbf12f2ea5b6505edbd436735c1e508e69039e9a6c
SHA512 c01b4b8b40e6744afdca43468223b740c96ba538f60948d6495e80c26142dbe5df01e60fb02ae3589e906da9f142ac0c0d23d370e0e28b3ed5894fdc9a26d96d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bc85a0400e5bb79015bee3f7b8f8033
SHA1 09febe9734a3739f9532e0f32f93007fb374f865
SHA256 2346408ef41a4d9bc280663aa8fc9339f66d4bd375cc956b8d503cd6fa1c60a7
SHA512 11ac14ad52e90b752596402338cf4ca950ce5c64149297b455ed5b97cd256904ebb120d0a4731788fd30e3a51f1768b4fae1db91df0a0d178b765f9f6b25d962

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 694e27e15a2fea0b1e87afe748ac664d
SHA1 e859f19df005b45607417a726e11a3d722475e45
SHA256 e0b6a43812f96a6b7e16ba6358715a133e84e113e51278ae8de65251ee8e008d
SHA512 5c747b371e312425da4ebb3729a9412bb369ca13ad5c1f3a550e8a0569993e8d7f9ffe7dc5fe0280ec819063a8dac57e411ca7842a43ab274f5891fbe6cbc278

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fc921f6cf3168d58a99d53e8fbac5aaf
SHA1 0d599b570d1a1e8d67efcc6b2919ba65052fbe41
SHA256 2581bc99ed9340e627a9c346fe1e1d9bb8b908d5d6d8332e5cfe21ef616c6140
SHA512 e112e3a4c538fa1729778d5d7ab67dbc9f2ad993e0a5709c78dcc04cbd1d14599a35ffdf33367cadf6952c042ddef39ea5f1a4ea984f830d671e36a251e8df89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b27ce5b61b9a7d2f2cb06429703c6d0
SHA1 0c3a2a8da59172f708b340d87f3274065c116289
SHA256 4573db43d919dc08df8b63619d2abe9348674d6c06a29520d17458b984e1e8e9
SHA512 39a6b3e83136b29771c30db3bd7c3ae5e33d8092dea00b5327792af0830ef83dfe2eafeaf1447907fbc64007084ebceef75aec9dd7b43f39ea3d926b71e714cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bdefd052d0d9fad2308234dfe78af4a6
SHA1 baf0ab7659a3a4e7b26ce921841d31ffb8884691
SHA256 e8da72526279fc6f2bd7a3a909c2e5f0fd293ec6fde1de557266d0ef289e844d
SHA512 6cc0f5672a321764b5d8703244e8bb137e6810265d85ce9737bc4457411f5b9cd0b31de310bca55f69db90c8a19741fdde6f6a0854cc4cf3cf05c151929ca71a

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Z9W2O3CU\sbi[3].htm

MD5 b7e6a3f9df874cac4824ce6f37a958c6
SHA1 9219d33e44a7887cda00bfc40ba3493505d7b75b
SHA256 376271f18801c13cb082aada30e5cddedacbdf928eb4acc2b25a2be0f0d007e3
SHA512 39836eb574c3a97355fe51e25ad7e0f1cd88ff96c788a57714fb2cc59558101d67bb43ae46b010cd288194431fa4e9cd0f5315b90ff0f14a7b7fbc72b4159790

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\verE305.tmp

MD5 1a545d0052b581fbb2ab4c52133846bc
SHA1 62f3266a9b9925cd6d98658b92adec673cbe3dd3
SHA256 557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1
SHA512 bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\IOKXFE4P\rules[1].xml

MD5 a87271512937a308ca9442032a0029e9
SHA1 bc5fd38d28683bfdf4556a499bd8184159d29301
SHA256 70e8f749d63636609f3d60d85c00e7a1230faccc59adcc9ead0bb9101e7d53a6
SHA512 d60944a41ff8969de33eecb68dbb02e09005922b5eae87e39e28e52669edbc65c605f181a82f4eac58b4fa9b0f64669d9dfc3a6e052a9d873c02bd52a821ec83

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\E49JWOHD\instrument22[1].htm

MD5 ec098d4e1a36718ea29833d4af0f011b
SHA1 938c8a202fd2710c4f1d0792375c47149aa64b98
SHA256 bc4163aabf74b8fd1eb2cbb57255869c815f9bf9f01ea1da5b3b66adaed34dca
SHA512 837bbd530eb2d1e75d6048abfc15c398016a8032331fd8740634b3d7cd67bcb7d9a11e78b6bad6496678639fc816223bf9c90695e3e81fc11683bf65f0bc07d4