Malware Analysis Report

2024-10-10 07:59

Sample ID 240612-kclq7swbma
Target SolaraB.zip
SHA256 2510be907ec476e8375ac7b5431536ae9a32bf99fe77ab695a5100852b111b96
Tags
discovery evasion themida trojan
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

SHA256

2510be907ec476e8375ac7b5431536ae9a32bf99fe77ab695a5100852b111b96

Threat Level: Likely malicious

The file SolaraB.zip was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion themida trojan

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Downloads MZ/PE file

Checks BIOS information in registry

Loads dropped DLL

Themida packer

Executes dropped EXE

Checks computer location settings

Checks whether UAC is enabled

Legitimate hosting services abused for malware hosting/C2

Checks installed software on the system

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in Program Files directory

Enumerates physical storage devices

Unsigned PE

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies registry class

Suspicious use of SendNotifyMessage

Suspicious use of UnmapMainImage

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: LoadsDriver

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-12 08:27

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 08:27

Reported

2024-06-12 08:30

Platform

win7-20240221-en

Max time kernel

117s

Max time network

118s

Command Line

"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe

"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
GB 20.26.156.215:443 github.com tcp

Files

memory/1704-0-0x0000000073F5E000-0x0000000073F5F000-memory.dmp

memory/1704-1-0x0000000000F90000-0x0000000000F9A000-memory.dmp

memory/1704-2-0x0000000073F50000-0x000000007463E000-memory.dmp

memory/1704-3-0x0000000073F50000-0x000000007463E000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-12 08:27

Reported

2024-06-12 08:38

Platform

win10v2004-20240226-en

Max time kernel

652s

Max time network

657s

Command Line

"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe N/A

Downloads MZ/PE file

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\compositing\CompositRightArmBase.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\PurchasePrompt\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5292_358267594\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1197160364\Sigma\Other C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\9SliceEditor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AnimationEditor\image_keyframe_linear_unselected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\PathEditor\Control_Point_Selected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\characterR15.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AvatarEditorImages\circle_blue.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\period.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\PlayStationController\PS4\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\compositing\CompositFullAtlasBaseTexture.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\PlatformContent\pc\textures\water\normal_21.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioToolbox\AssetConfig\copy_2x.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainTools\unlocked.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\sounds\action_jump_land.mp3 C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\localizationTargetEnglish.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\VirtualCursor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\graphic\indicator-background.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioSharedUI\scripts.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\VoiceChat\SpeakerDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1197160364\Mu\Other C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Settings\Help\UseToolGesture.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\TopBar\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_22.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\graphic\shimmer_darkTheme.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Menu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\9SliceEditor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\DeveloperFramework\checkbox_unchecked_light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\GameSettings\copy.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Gear.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainEditor\desert.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Settings\Help\AButtonDark.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_15.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-online-14x14.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1197160364\Sigma\Content C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\compositing\CompositExtraSlot3.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AvatarEditorImages\Sliders\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Emotes\Large\CircleBackground.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\VoiceChat\MicLight\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChatV2\actions_editing_compose.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\AssetImport\btn_light_filepicker_28x28.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Chat\Chat.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\VoiceChat\New\Unmuted100.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\icons\GameDetails\social\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\StudioToolbox\Animation.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Settings\Radial\EmptyBottomRight.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainTools\mt_smooth.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\DPadUp.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\avatar\heads\headH.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\COPYRIGHT.txt C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\ui\Settings\Help\ZoomGesture.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\MaterialGenerator\Materials\CorrodedMetal.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\content\textures\TerrainEditor\lake.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\SOFTWARE\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133626545411090398" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\version-2f99b302154c4478\\RobloxPlayerBeta.exe\" %1" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\version-2f99b302154c4478\\RobloxPlayerBeta.exe\" %1" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\microsoft.windows.search C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\URL Protocol C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Bloxstrap\\Bloxstrap.exe\" %1" C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search\Total = "56" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\shell\open\command C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\shell\open C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\version-2f99b302154c4478\\RobloxPlayerBeta.exe" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open\command\version = "version-2f99b302154c4478" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox\shell\open\command C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open\command C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox\URL Protocol C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\URL Protocol C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\URL Protocol C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\microsoft.windows.search C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "56" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3808065738-1666277613-1125846146-1000\{76C14C9F-1D3C-473D-8586-568013F2A5F0} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\URL Protocol C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\Total C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "23" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open\command C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\DefaultIcon C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DomStorageState C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "23" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DomStorageState C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\DefaultIcon C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox\shell C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "185" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioInstaller.exe\" %1" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open\command\version = "version-2f99b302154c4478" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "152" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search\Total = "23" C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Bloxstrap\\Bloxstrap.exe\" %1" C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3808065738-1666277613-1125846146-1000_Classes\roblox-player\shell C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 792 wrote to memory of 5148 N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
PID 792 wrote to memory of 5148 N/A C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
PID 5148 wrote to memory of 5292 N/A C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5148 wrote to memory of 5292 N/A C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5344 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5344 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 5112 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 6140 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 6140 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 1732 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 1732 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 1732 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 1732 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe
PID 5292 wrote to memory of 1732 N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

Processes

C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe

"C:\Users\Admin\AppData\Local\Temp\SolaraB\Solara\SolaraBootstrapper.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault65eb7732ha8dbh4f89hb66fh66ac315f6d24

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4088 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe

"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault010001achf7eah461dhbd49h957ec8c48c6f

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=5148.1528.9113024054331929778

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=122.0.2365.52 --initial-client-data=0x15c,0x160,0x164,0x138,0x190,0x7fffce9e2e98,0x7fffce9e2ea4,0x7fffce9e2eb0

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1792 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=1980 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=2316 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffd5ac9758,0x7fffd5ac9768,0x7fffd5ac9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --mojo-platform-channel-handle=3720 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4124 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4800 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4936 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5328 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2528 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5908 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=3960 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=1200 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4632 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5800 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1660 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4508 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3188 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4484 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4256 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4664 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5748 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3516 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5536 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1628 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5932 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3132 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3044 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5224 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4576 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4148 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5820 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6648 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4164 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=1268 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6156 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4948 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6632 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6660 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6976 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6988 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7016 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3216 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3140 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3840 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6532 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7044 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe

"C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe"

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4660 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6472 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5780 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6184 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe

"C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe"

C:\Windows\Temp\{3BD31457-CF8B-40F1-A66B-5EFE2DFCE3A4}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe

"C:\Windows\Temp\{3BD31457-CF8B-40F1-A66B-5EFE2DFCE3A4}\.cr\windowsdesktop-runtime-6.0.31-win-x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\windowsdesktop-runtime-6.0.31-win-x64.exe" -burn.filehandle.attached=720 -burn.filehandle.self=724

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=2416 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:PTn9_zG2R2IV-C8zEVEqfI70zmXeY51dxEtH_N9DdAXFCvBS2kb3sfLbJZLSmgkejygnBSJPEEiJJMsz1R0O_CwVskGcK5P0zlnb7lObdntbj2BszE6eAKJaXnZtjZnnCKeR2RZrwupxS0DU8X1nm0d5W8eE0QrTeoPSpUAKyeAQxHhzBW1puLT2yiS2yYmlcAj8KxD94uXUjYCeEJ5AVbTwXYqiqF3xj3w50m7zZY0+launchtime:1718181309367+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718180986284005%26placeId%3D537413528%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Ded04015d-46d0-429e-aa70-dac8aa9dc24d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718180986284005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6288 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:8

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" --app -channel production

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3720 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4524 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" --app -channel production

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5732 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe" roblox-player:1+launchmode:play+gameinfo:cv6hHT_4jEp1Fp_MhlJ7WzHZHbwq7A7xeLqscgo5UADxlIy9oXLkR63scgNMkpwlqSoXX4LG7TV4592G9Qus6EL2K4Evp48lDb74dSpELaZpVHfKnPBv3Juh3ky2hvUpLKyQEw7gqmRKpj1gZt4JW-xq_xDB3eVtD27oYyJ9_YCnNa9KYMh2Nw_oUO3yMz1d-AJPscDG3zMnlt3qv1Yzk9T-hOefHQBXBi1BtVLmRYA+launchtime:1718181378657+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718180986284005%26placeId%3D537413528%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Ddabbc544-089a-4c69-a356-2b51c6595008%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718180986284005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" --app -t cv6hHT_4jEp1Fp_MhlJ7WzHZHbwq7A7xeLqscgo5UADxlIy9oXLkR63scgNMkpwlqSoXX4LG7TV4592G9Qus6EL2K4Evp48lDb74dSpELaZpVHfKnPBv3Juh3ky2hvUpLKyQEw7gqmRKpj1gZt4JW-xq_xDB3eVtD27oYyJ9_YCnNa9KYMh2Nw_oUO3yMz1d-AJPscDG3zMnlt3qv1Yzk9T-hOefHQBXBi1BtVLmRYA --launchtime=1718181387028 -j https://www.roblox.com/Game/PlaceLauncher.ashx?request=RequestGame&browserTrackerId=1718180986284005&placeId=537413528&isPlayTogetherGame=false&joinAttemptId=dabbc544-089a-4c69-a356-2b51c6595008&joinAttemptOrigin=PlayButton -b 1718180986284005 --rloc en_us --gloc en_us -channel production

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4780 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.52\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=4784 --field-trial-handle=1812,i,5722932263803198261,14116109116612464980,262144 --enable-features=MojoIpcz --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7144 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=3964 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=6828 --field-trial-handle=1872,i,16188439730278658974,16916703979945300587,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe" roblox-player:1+launchmode:play+gameinfo:T5PuM_yl0dSqZ4TOIfPhB3QPWU-ccGXJyBvKWgZxrat5O9mpU5uBeBIH2yTafyXX9FouyJtE-2B73A2nJ9uuRYHi5iHPGHkbgXNpNjhiSTPEgu0rUP9lCvUF0C-tEJdoWOfA4NtkGcZSc7oy_3F1i0EhQT6FVTQgZgfl-vMmxISL9473lgqVvuelpRbyB9ugXc1CGgTasYRlZ8GXRreJ8VUebfhqNxm3snt0sV8Y01o+launchtime:1718181416782+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718180986284005%26placeId%3D537413528%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D96b13d4b-2534-4ba1-9e38-aacb1e9e665f%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718180986284005+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe" --app -t T5PuM_yl0dSqZ4TOIfPhB3QPWU-ccGXJyBvKWgZxrat5O9mpU5uBeBIH2yTafyXX9FouyJtE-2B73A2nJ9uuRYHi5iHPGHkbgXNpNjhiSTPEgu0rUP9lCvUF0C-tEJdoWOfA4NtkGcZSc7oy_3F1i0EhQT6FVTQgZgfl-vMmxISL9473lgqVvuelpRbyB9ugXc1CGgTasYRlZ8GXRreJ8VUebfhqNxm3snt0sV8Y01o --launchtime=1718181421226 -j https://www.roblox.com/Game/PlaceLauncher.ashx?request=RequestGame&browserTrackerId=1718180986284005&placeId=537413528&isPlayTogetherGame=false&joinAttemptId=96b13d4b-2534-4ba1-9e38-aacb1e9e665f&joinAttemptOrigin=PlayButton -b 1718180986284005 --rloc en_us --gloc en_us -channel production

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca

C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-2f99b302154c4478\RobloxPlayerBeta.exe"

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 13.107.253.67:443 tcp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
N/A 127.0.0.1:51367 tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 kit-pro.fontawesome.com udp
US 8.8.8.8:53 kit-pro.fontawesome.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
GB 142.250.187.196:443 www.google.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 104.18.40.68:443 kit-pro.fontawesome.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 68.40.18.104.in-addr.arpa udp
US 8.8.8.8:443 dns.google udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 57.250.36.23.in-addr.arpa udp
N/A 127.0.0.1:9911 tcp
N/A 127.0.0.1:9911 tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
PL 18.66.233.118:443 css.rbxcdn.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
PL 18.244.146.98:443 static.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 98.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 14.102.244.18.in-addr.arpa udp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 118.233.66.18.in-addr.arpa udp
GB 128.116.119.4:443 www.roblox.com udp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
NL 128.116.21.4:443 roblox.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 2.17.107.226:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 226.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 images.rbxcdn.com udp
PL 18.244.102.93:443 images.rbxcdn.com tcp
PL 18.244.102.93:443 images.rbxcdn.com tcp
PL 18.244.102.93:443 images.rbxcdn.com tcp
PL 18.244.102.93:443 images.rbxcdn.com tcp
PL 18.244.102.93:443 images.rbxcdn.com tcp
PL 18.244.102.93:443 images.rbxcdn.com tcp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
PL 18.66.233.118:443 css.rbxcdn.com tcp
GB 128.116.119.4:443 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 93.102.244.18.in-addr.arpa udp
GB 216.58.212.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:443 dns.google udp
US 131.253.33.239:443 tcp
US 8.8.8.8:53 239.33.253.131.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 105.193.132.51.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.169.10:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 2.20.12.77:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 77.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
PL 18.244.146.98:443 static.rbxcdn.com tcp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
US 8.8.8.8:53 chat.roblox.com udp
BE 2.17.107.152:443 c0ak.rbxcdn.com tcp
GB 128.116.119.3:443 gold.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
US 8.8.8.8:53 contacts.roblox.com udp
PL 128.116.124.3:443 pulsar.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 8.8.8.8:53 notifications.roblox.com udp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 194.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 152.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 3.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
GB 216.58.212.234:443 chromewebstore.googleapis.com udp
US 8.8.8.8:53 presence.roblox.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 131.253.33.239:443 tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 128.116.119.4:443 presence.roblox.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
GB 128.116.119.3:443 gold.roblox.com tcp
PL 128.116.124.3:443 pulsar.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
PL 18.66.233.54:443 js.rbxcdn.com tcp
US 8.8.8.8:53 54.233.66.18.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 8.8.8.8:53 aws-us-west-1a-lms.rbx.com udp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 54.215.216.30:443 aws-us-west-1a-lms.rbx.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 3.135.89.233:443 aws-us-east-2b-lms.rbx.com tcp
PL 18.244.146.54:443 c0aws.rbxcdn.com tcp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 30.216.215.54.in-addr.arpa udp
US 8.8.8.8:53 54.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 233.89.135.3.in-addr.arpa udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 60.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 23.49.171.19:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 19.171.49.23.in-addr.arpa udp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
PL 18.244.146.60:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:53713 tcp
N/A 127.0.0.1:53717 tcp
N/A 127.0.0.1:53720 tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
US 185.199.111.133:443 private-user-images.githubusercontent.com tcp
US 185.199.111.133:443 private-user-images.githubusercontent.com tcp
US 185.199.111.133:443 private-user-images.githubusercontent.com tcp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
GB 216.58.212.234:443 chromewebstore.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 aka.ms udp
GB 2.17.6.114:443 aka.ms tcp
GB 2.17.6.114:443 aka.ms tcp
US 8.8.8.8:53 dotnet.microsoft.com udp
US 13.107.246.64:443 dotnet.microsoft.com tcp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 13.107.246.64:443 js.monitor.azure.com tcp
GB 2.16.233.202:443 www.microsoft.com tcp
US 8.8.8.8:53 202.233.16.2.in-addr.arpa udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
N/A 127.0.0.1:54150 tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
US 8.8.8.8:53 microsoftmscompoc.tt.omtrdc.net udp
US 8.8.8.8:53 211.138.73.23.in-addr.arpa udp
GB 2.16.233.202:443 www.microsoft.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.15:443 browser.events.data.microsoft.com tcp
US 20.189.173.15:443 browser.events.data.microsoft.com tcp
US 20.189.173.15:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 download.visualstudio.microsoft.com udp
US 20.189.173.15:443 browser.events.data.microsoft.com tcp
US 13.107.246.64:443 wcpstatic.microsoft.com tcp
FR 68.232.34.200:443 download.visualstudio.microsoft.com tcp
FR 68.232.34.200:443 download.visualstudio.microsoft.com tcp
US 8.8.8.8:53 w.usabilla.com udp
IE 52.18.212.81:443 w.usabilla.com tcp
US 8.8.8.8:53 15.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 200.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 81.212.18.52.in-addr.arpa udp
US 8.8.8.8:53 d6tizftlrpuof.cloudfront.net udp
PL 18.244.96.167:443 d6tizftlrpuof.cloudfront.net tcp
PL 18.244.96.167:443 d6tizftlrpuof.cloudfront.net tcp
US 8.8.8.8:53 167.96.244.18.in-addr.arpa udp
PL 18.244.96.167:443 d6tizftlrpuof.cloudfront.net tcp
N/A 127.0.0.1:54418 tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
PL 18.66.233.25:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 25.233.66.18.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
PL 18.244.146.64:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 64.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 8.8.8.8:53 ncs.roblox.com udp
GB 128.116.119.4:443 ncs.roblox.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 128.116.119.4:443 ncs.roblox.com tcp
GB 128.116.119.4:443 ncs.roblox.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
PL 18.66.233.4:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 4.233.66.18.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
PL 18.244.146.115:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 115.146.244.18.in-addr.arpa udp
PL 18.66.233.4:443 clientsettingscdn.roblox.com tcp
PL 18.244.146.115:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
PL 18.66.233.61:443 css.rbxcdn.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
PL 18.66.233.42:443 js.rbxcdn.com tcp
PL 18.244.146.37:443 static.rbxcdn.com tcp
US 8.8.8.8:53 42.233.66.18.in-addr.arpa udp
PL 18.66.233.61:443 css.rbxcdn.com tcp
PL 18.66.233.61:443 css.rbxcdn.com tcp
PL 18.66.233.61:443 css.rbxcdn.com tcp
PL 18.66.233.61:443 css.rbxcdn.com tcp
PL 18.66.233.61:443 css.rbxcdn.com tcp
US 8.8.8.8:53 61.233.66.18.in-addr.arpa udp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
PL 18.244.102.127:443 images.rbxcdn.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 131.253.33.239:443 tcp
US 2.20.12.94:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 apis.roblox.com udp
PL 128.116.124.3:443 apis.roblox.com udp
US 131.253.33.239:443 tcp
US 8.8.8.8:53 127.102.244.18.in-addr.arpa udp
US 8.8.8.8:53 94.12.20.2.in-addr.arpa udp
PL 18.66.233.42:443 js.rbxcdn.com tcp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 151.101.0.176:443 js.stripe.com tcp
PL 18.66.233.42:443 js.rbxcdn.com tcp
US 8.8.8.8:53 followings.roblox.com udp
PL 128.116.124.3:443 followings.roblox.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 8.8.8.8:53 ams2-128-116-21-3.roblox.com udp
PL 128.116.124.3:443 metrics.roblox.com tcp
US 8.8.8.8:53 aws-ap-east-1c-lms.rbx.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
HK 43.198.68.158:443 aws-ap-east-1c-lms.rbx.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
GB 128.116.119.3:443 client-telemetry.roblox.com tcp
PL 18.244.146.125:443 c0.rbxcdn.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
HK 43.198.68.158:443 aws-ap-east-1c-lms.rbx.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 125.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
GB 128.116.119.4:443 ncs.roblox.com udp
GB 128.116.119.4:443 ncs.roblox.com udp
US 8.8.8.8:53 badges.roblox.com udp
PL 128.116.124.3:443 badges.roblox.com udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 lms.roblox.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 cs.ns1p.net udp
DE 18.193.195.191:443 cs.ns1p.net tcp
US 8.8.8.8:53 s.ns1p.net udp
DE 35.157.138.20:443 s.ns1p.net tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 8.8.8.8:53 191.195.193.18.in-addr.arpa udp
US 8.8.8.8:53 20.138.157.35.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.network udp
PL 18.244.146.126:443 m.stripe.network tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 8.8.8.8:53 126.146.244.18.in-addr.arpa udp
US 8.8.8.8:53 b.ns1p.net udp
US 8.8.8.8:53 3.127.116.128.in-addr.arpa udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
PL 18.66.233.4:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
PL 18.244.146.115:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 m.stripe.com udp
US 34.210.222.73:443 m.stripe.com tcp
US 8.8.8.8:53 73.222.210.34.in-addr.arpa udp

Files

memory/792-0-0x0000000074ADE000-0x0000000074ADF000-memory.dmp

memory/792-1-0x0000000000F70000-0x0000000000F7A000-memory.dmp

memory/792-2-0x0000000001A40000-0x0000000001A4A000-memory.dmp

memory/792-3-0x0000000074AD0000-0x0000000075280000-memory.dmp

memory/792-4-0x0000000074ADE000-0x0000000074ADF000-memory.dmp

memory/792-5-0x0000000074AD0000-0x0000000075280000-memory.dmp

memory/792-7-0x0000000005BA0000-0x0000000005BB2000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc

MD5 d0104f79f0b4f03bbcd3b287fa04cf8c
SHA1 54f9d7adf8943cb07f821435bb269eb4ba40ccc2
SHA256 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a
SHA512 daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc

MD5 c2ab942102236f987048d0d84d73d960
SHA1 95462172699187ac02eaec6074024b26e6d71cff
SHA256 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a
SHA512 e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc

MD5 c28b0fe9be6e306cc2ad30fe00e3db10
SHA1 af79c81bd61c9a937fca18425dd84cdf8317c8b9
SHA256 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641
SHA512 e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE

MD5 13babc4f212ce635d68da544339c962b
SHA1 4881ad2ec8eb2470a7049421047c6d076f48f1de
SHA256 bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400
SHA512 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe

MD5 15cdabcecc4ae0ec3253b1625156b0a7
SHA1 fa1b2c6a2be53578ef278706cdee6f725e00b003
SHA256 6dbcc562d627628e45187afbd2421be88797e20e36910393a883e361973da553
SHA512 c9a1740bf5fed7cbc6d91ab92222b178fe4a8ab2d75dd8f18d827046bab88d7632b0751e953e77e29aaf9a9bf390697e94f23e172cfe034a4263bcf7c7149106

memory/5148-1472-0x00007FFFD3F73000-0x00007FFFD3F75000-memory.dmp

memory/5148-1473-0x0000023F7EA60000-0x0000023F7EA7A000-memory.dmp

memory/792-1475-0x0000000074AD0000-0x0000000075280000-memory.dmp

memory/5148-1476-0x00007FFFD3F70000-0x00007FFFD4A31000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Wpf.Ui.dll

MD5 aead90ab96e2853f59be27c4ec1e4853
SHA1 43cdedde26488d3209e17efff9a51e1f944eb35f
SHA256 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed
SHA512 f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d

memory/5148-1478-0x0000023F80180000-0x0000023F806BC000-memory.dmp

memory/5148-1479-0x0000023F7FDF0000-0x0000023F7FEAA000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Wpf.dll

MD5 34ec990ed346ec6a4f14841b12280c20
SHA1 6587164274a1ae7f47bdb9d71d066b83241576f0
SHA256 1e987b22cd011e4396a0805c73539586b67df172df75e3dded16a77d31850409
SHA512 b565015ca4b11b79ecbc8127f1fd40c986948050f1caefdd371d34ed2136af0aabf100863dc6fd16d67e3751d44ee13835ea9bf981ac0238165749c4987d1ae0

memory/5148-1481-0x0000023F7FBF0000-0x0000023F7FBFE000-memory.dmp

memory/5148-1483-0x0000023F7FFB0000-0x0000023F8002E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Microsoft.Web.WebView2.Core.dll

MD5 851fee9a41856b588847cf8272645f58
SHA1 ee185a1ff257c86eb19d30a191bf0695d5ac72a1
SHA256 5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca
SHA512 cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\WebView2Loader.dll

MD5 a0bd0d1a66e7c7f1d97aedecdafb933f
SHA1 dd109ac34beb8289030e4ec0a026297b793f64a3
SHA256 79d7e45f8631e8d2541d01bfb5a49a3a090be72b3d465389a2d684680fee2e36
SHA512 2a50ae5c7234a44b29f82ebc2e3cfed37bf69294eb00b2dc8905c61259975b2f3a059c67aeab862f002752454d195f7191d9b82b056f6ef22d6e1b0bb3673d50

memory/5148-1486-0x00007FFFD3F70000-0x00007FFFD4A31000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.dll

MD5 8518e81caa4b5a961656b687300b64f3
SHA1 3079b0a84cca1f8b270a331c68cf0c134f42aedf
SHA256 4179c99032b9698a74a0b395541b8a7124531ecc053428fae0916a02b78364e1
SHA512 20a99e88e1657ca41ba7ecf31e4a1fff56b721dfa55b7a10531715bb674ab11abfa08c5e7d53ce9cef78cf63bcc3248e8131ca5674d8169d7ac4ac8f0a1385bf

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\libcurl.dll

MD5 e31f5136d91bad0fcbce053aac798a30
SHA1 ee785d2546aec4803bcae08cdebfd5d168c42337
SHA256 ee94e2201870536522047e6d7fe7b903a63cd2e13e20c8fffc86d0e95361e671
SHA512 a1543eb1d10d25efb44f9eaa0673c82bfac5173055d04c0f3be4792984635a7c774df57a8e289f840627754a4e595b855d299070d469e0f1e637c3f35274abe6

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\zlib1.dll

MD5 75365924730b0b2c1a6ee9028ef07685
SHA1 a10687c37deb2ce5422140b541a64ac15534250f
SHA256 945e7f5d09938b7769a4e68f4ef01406e5af9f40db952cba05ddb3431dd1911b
SHA512 c1e31c18903e657203ae847c9af601b1eb38efa95cb5fa7c1b75f84a2cba9023d08f1315c9bb2d59b53256dfdb3bac89930252138475491b21749471adc129a1

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\VCRUNTIME140.dll

MD5 7a2b8cfcd543f6e4ebca43162b67d610
SHA1 c1c45a326249bf0ccd2be2fbd412f1a62fb67024
SHA256 7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f
SHA512 e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8

memory/5148-1495-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5148-1496-0x00007FFFD3F70000-0x00007FFFD4A31000-memory.dmp

memory/5148-1498-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5148-1499-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5148-1497-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\bin\path.txt

MD5 6b09afc61af8884f2fc6204922e970be
SHA1 fe3da40f27e8dc2b8e2392c9590666982fff3398
SHA256 f99a87a0c9006940f0d9efa1331d253dcf56016c82f4e266b507c303bb8493a6
SHA512 69ac27dbd690d1919a5da98e5f427328147c18a338596a0cf7ccb2cd09594da388fc4bb5df660bb4ca5a630f3ffc3ee3783b24c262683d2c5992db2f1abca8ea

memory/5148-1501-0x0000023F7FC00000-0x0000023F7FC08000-memory.dmp

memory/5148-1502-0x0000023F7FD70000-0x0000023F7FDA8000-memory.dmp

memory/5148-1503-0x0000023F7FC10000-0x0000023F7FC1E000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\settings.dat

MD5 fc578b3d77a3236ea0895b79cda0114f
SHA1 ce52769b27fcdc85b2ab98c59008c31d2fba8138
SHA256 f75305e9f4d8bbf347161129f03326a79212d2737d86f13890a53dafb72ac311
SHA512 07a6155d7343817fb10de0ac505f2d4ca752f702e1ce2ddcc3cfcfcf56533b689761eb2ad896214a796c178f4125e17d32e83999d2f24a08a54f363adb0529b7

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\throttle_store.dat

MD5 9e4e94633b73f4a7680240a0ffd6cd2c
SHA1 e68e02453ce22736169a56fdb59043d33668368f
SHA256 41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304
SHA512 193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

memory/5148-1510-0x00007FFFD3360000-0x00007FFFD3384000-memory.dmp

memory/5148-1509-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5112-1530-0x00007FFFF5EA0000-0x00007FFFF5EA1000-memory.dmp

\??\pipe\crashpad_5292_PPJOBVTTUVLVRWQQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

memory/1732-1536-0x00007FFFF69D0000-0x00007FFFF69D1000-memory.dmp

memory/1732-1535-0x00007FFFF6880000-0x00007FFFF6881000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 c44fae98b0d3cf47ac937d0e77a18832
SHA1 8a352f7a7f40a30508086973f054eb6134bd3dec
SHA256 14f5d4cb07024b3ca0528fc477d339c59497b6b26a6facaf9a489c92de776f74
SHA512 b95163dc28d3e8aca40bd848ce275a0c904a410bd07cc97a60e3eee609f76d889fc174682a92478999c1948d61685dc4cc1e3d35e99d020560d01356cb0054f9

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State~RFe591d33.TMP

MD5 95c5e7e229a78d852a0dfc388c26eda5
SHA1 18f4c42a8a883922fd740aae00d6ee35fc0a5407
SHA256 fa3a7ae86d64bdc34dfee2a37e3ed1d4b756febc3a8669b065ed217307fdd0ed
SHA512 0609108226a849c9090f77499881cf6359faba1b589a428de1aff9e2f07e9cf1b2953bc833cf4ab882a582101a9bcf4ae07e8146fd11bc2f05c1c47382cff53f

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 fa17b3dd24591e0e84c55ac014c90d1d
SHA1 7d83afea3ea5b77e53a85d0b9957cba5f1f2adb3
SHA256 362433dd40ab5d2557c71509b9c347bba3096fc2c73888278c2173ce45c599fb
SHA512 cb631e5b4b162d1112b69906893357dcc38ab0ce9df51e44bdd8eb41d0319863127a5fd3c3519ce242b3233a92c6c198dbd8c27274af6d913955ae340bb12ae0

memory/5148-1616-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\settings.dat

MD5 85fc1bd65c2fa3fb6f03617557c3850e
SHA1 f16e452564289356e955ae72f5debafd42b48f44
SHA256 7a08bc2dea2ea24c0d9a0dee259de1b84c98cdbeb76ca833275d2f32a094eff3
SHA512 f0e4ae6fe260b063e64a3b4e2ea9e827f8dfaa2d7ec368a7b3fe1c7590375d37821db12554f323d04fcf66a3266b89aeea233b3881e6262460b7f9d33e34dac4

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\DawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\DawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\DawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

memory/1676-1652-0x00007FFFF5EA0000-0x00007FFFF5EA1000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\index.html

MD5 08d9ac1e35385587b0c3c8a73ea97234
SHA1 d1db15b5e97152be999339d90630f68ed06a6b78
SHA256 016cadaa9a8494b15efea920a5ea9c02b441e90dbc7c444e73db3b307f93a741
SHA512 8061a5a92f828642ea2fcb319571efa406ed67a75b4d4da1aeb3da96391a72fcde670e3e52efef62d37ddc17f7eca5afa0d35aa02bfd1bcadd8e86240cb802a6

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Cache\Cache_Data\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\loader.js

MD5 8a3086f6c6298f986bda09080dd003b1
SHA1 8c7d41c586bfa015fb5cc50a2fdc547711b57c3c
SHA256 0512d9ed3e5bb3daef94aa5c16a6c3e2ee26ffed9de00d1434ffe46a027b16b9
SHA512 9e586742f4e19938132e41145deec584a7b8c7e111b3c6e9254f8d11db632ebe4d66898458ed7bcfc0614d06e20eb33d5a6a8eb8b32d91110557255cf1dbf017

memory/5148-1670-0x00007FFFD3F73000-0x00007FFFD3F75000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

memory/5112-1687-0x000001506E720000-0x000001506E84A000-memory.dmp

memory/5148-1688-0x00007FFFD3F70000-0x00007FFFD4A31000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 c83c084a3a94044e402886839638ba80
SHA1 ac5d25ede80c3642de525b1ba23af5fec44c01bf
SHA256 52df2b1cac2ace46e30eff65b4cbaeaed27ab2a81b3038602666e76bfefa7941
SHA512 9a7fbb8aff82673342fc8d300802ebdc9b71e2d104e694e832aeab9ffcfdd91cafd6414f998ab477a129bd61a1c8b2aec136261e9675a71788e081df169c4584

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 72666d7f93c94f157753f1a3fff08271
SHA1 04452316cc7baffb8198739886405abd5cbff838
SHA256 0f1709fda572795d177054277c3c87a1bee1a5c3df4be23827e9f2517576c9b7
SHA512 73c22a88d1e9ca437c349cd066d8fe65ba8b6a98b9568b7db522631c3f6ce85988f560c9364487a007214a4c8542a9cdf4c39d424668944ad723563c0377cc2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e262589efcc8ffedaaa2e85f1e5619b0
SHA1 94f49600889e6b4506765f257af9592eaf3658dc
SHA256 22f5efa27a86a884d21f8fa0f994a7009efc3f6d4118f2c52c6d5022bcb7dee1
SHA512 68e2f04c29ece9842799fa0187053de4835a386633759f2cc5a343cca53a540b14324c32d87337e9f5a324cd3c56610f476e13684bb06714aa6da821a70588b5

memory/5148-1729-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5148-1735-0x00007FFFD3F70000-0x00007FFFD4A31000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\editor\editor.main.js

MD5 9399a8eaa741d04b0ae6566a5ebb8106
SHA1 5646a9d35b773d784ad914417ed861c5cba45e31
SHA256 93d28520c07fbca09e20886087f28797bb7bd0e6cf77400153aab5ae67e3ce18
SHA512 d37ef5a848e371f7db9616a4bf8b5347449abb3e244a5527396756791583cad455802450ceeb88dce39642c47aceaf2be6b95bede23b9ed68b5d4b7b9022b9c8

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\editor\editor.main.nls.js

MD5 74dd2381ddbb5af80ce28aefed3068fc
SHA1 0996dc91842ab20387e08a46f3807a3f77958902
SHA256 fdd9d64ce5284373d1541528d15e2aa8aa3a4adc11b51b3d71d3a3953f8bcc48
SHA512 8841e0823905cf3168f388a7aeaf5edd32d44902035ba2078202193354caf8cd74cb4cab920e455404575739f35e19ea5f3d88eab012c4ebefc0ccb1ed19a46e

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\editor\editor.main.css

MD5 233217455a3ef3604bf4942024b94f98
SHA1 95cd3ce46f4ca65708ec25d59dddbfa3fc44e143
SHA256 2ec118616a1370e7c37342da85834ca1819400c28f83abfcbbb1ef50b51f7701
SHA512 6f4cb7b88673666b7dc1beab3ec2aec4d7d353e6da9f6f14ed2fee8848c7da34ee5060d9eb34ecbb5db71b5b98e3f8582c09ef3efe4f2d9d3135dea87d497455

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 71fe01c5ea8c7d8fa416c837df7fdbc8
SHA1 c1ebda9d73ce50ef63b38f6fdff6781db7746b6b
SHA256 45137c23a996511a7e16d1e28254469d35b9f7d6cdc303ba900592410ab51931
SHA512 f0b2032159519865fb273452e5a4b33127d08c0bcb3b5ea610fe067ac8c9a197ed4ab0fefc605515a5565b82595f6a16a6fe14948636da78b12dcf60f2386734

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\vs\basic-languages\lua\lua.js

MD5 8706d861294e09a1f2f7e63d19e5fcb7
SHA1 fa5f4bdc6c2f1728f65c41fb5c539211a24b6f23
SHA256 fc2d6fb52a524a56cd8ac53bfe4bad733f246e76dc73cbec4c61be32d282ac42
SHA512 1f9297eb4392db612630f824069afdc9d49259aba6361fb0b87372123ada067bc27d10d0623dc1eb7494da55c82840c5521f6fef74c1ada3b0fd801755234f1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3812110866b6b3552d4df86e6b7a18ec
SHA1 bc239c914228d18e3fa1d6b73178083170f8a2e3
SHA256 ef7b2444592411bc530ae7e38240ed2e115bc1ee1c1d6a3c6263e8c447847f40
SHA512 6e6161344c2da01d5407a82854af5a0c6ff844038fc3e053ca9d31840f6ecfc9e6af866669d1893c39fbaaf412421e9520ee7b4d6a5d9c6912dd5688c7c72095

memory/5148-1769-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5148-1771-0x00007FFFD3F70000-0x00007FFFD4A31000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\26076ae1-a700-4a07-adaf-e2d507e3ba80.tmp

MD5 980b2e95ed5641a6012c8a031d448aa2
SHA1 02ae2afa900b9de9ceb300f4f1b25ae476a5aa03
SHA256 a2141a8325179eb25d156380c89a892a9e9d49e4505768f665de3a51da7c529b
SHA512 717d62b496ed13f371952a02170c9c2895dde8a1a859d21f00c1e6660993875138064b0fcafd57e1589a2aa6275d15a1504d19e06f249a3e6d7bc7568a59a8ba

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\TransportSecurity~RFe598c58.TMP

MD5 3782f8a3524c900cea8e2a87aa9722c6
SHA1 fa95532c06aba718dafbc664d32f5f9e16a5d3e8
SHA256 78e81f5e48054448132b3bfd0e8b9df09ad0082a89ca232d681b85c6e1f2a1d2
SHA512 791502a5ff40a5defde92581b61b4635c9d8f829346314f258c6fd6b80e1ad883d38555f3025098f485e1b248fa2195cfa6ac564dd0b1faf4295e4e537468e5a

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\TransportSecurity

MD5 1bd0cec480784cb6acd156d2ab1f9dd1
SHA1 106c4c48bb14fe0bb29d90bc2f87635e101398f3
SHA256 2235f1aa680dca2c1acdbdc4aae0b820fb57bd6667059ceb09c12262753fddf4
SHA512 7856f397e91eff2b211f64155f3a92cdbb654c6ed04cbe75409624c8eb5534a613ac20376120e2e2c9a006cecf77504cea28afcbec2a510e9add29b042b4050a

memory/5148-1797-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences

MD5 b37adc41b170bbe7612b17954440d8f9
SHA1 eeb1d544c474e5bd99916d62097f176e9935066a
SHA256 2da76089e116bd091222cb430c849508604c11e57c8dd03b6b9f9a78644c94f8
SHA512 51da180e0bb9103076394e57da5aadea2486ebbc01404f9abce663df654e4d62658265f7891c5e88adaaff39aaa416f1a17a5e30c0a0bd9c4cfed7f0194bc580

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 c7ddbe5ad8759e5d2d11f0a88f622514
SHA1 8f91d35f692ad05e593266b9e72aed27f92e039d
SHA256 942022aeb2d0ce3e2f8081020b4f7f73c75756e0af25d668fab7e00ee6fa4235
SHA512 9573416ce5e1cd3b2738681bf5894c579967ddbe5e675f35123ac54ee2bdf0296094fe989519466db3c865af1cd23264a255d65713ba4c91ceb2264a5efcfaf8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ae98e7e79cfc2f259a44d1ab153c9eaf
SHA1 d30a6470fe6e4af189a171eb41ed6651f93a4ff6
SHA256 a1ef0cea8c76b37fcf775aa4f748aafbb3ac457d8ac0caf0839db6c1d0e74b52
SHA512 bd14b703a23164af535a9ce493ae622684e45ba5c56afac34b116c0f9d790fe31a5a148d42e98269800642dc952ef943b7eb681a400f708673d1c62404a69b7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5365285420dd8dbc0c97dcbac8d9003a
SHA1 58a46a6af0f22d101b2edcedc79be83faacac02b
SHA256 7037789a5f00da53f7725f96328376b1750c153418aee3fb5b1f7eaf4abc095b
SHA512 05c5432dec6ca4594968aaaf8096b368393528c46dae8f2bca1fa8d51ed8b6a647f4679113a4b3e7b2498ecc362fb9cfeb15ed9523f8889fed0d30ee71c616cd

memory/5148-1840-0x0000000180000000-0x0000000180B19000-memory.dmp

memory/5148-1859-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d7b9469908d0f41bf142ef4378004f05
SHA1 b9ef3f9cf5113face173a8f2edfcf1625f243f7f
SHA256 460c20254ddd9072e5346309123d0c3102bfc8bc2013e98f0b1a599ebaff45b6
SHA512 e1b98fb241d4b30fa1ca133b6123d2dd9f92e668f24d68f033455c7a23dac5a647292c74dfa03ce1dea01808d0fb012fa2f40fba216511045fd534da0cb0910e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 b2ee03f981ad7504941cb2aa940b10be
SHA1 7edaea3939d5d9ae6eea9db8b55af10f600d7fa7
SHA256 a95b63c3f0d07058367520993f22ffc0a209de223e157b1689ca66c76f458cba
SHA512 68b49a6899fc04c7915cd5d5c5ce8cccf6c4dffaa125bcc566fc270f77294e9ae61ab60af73dee2d036019434a21c0090624412aec696603d618be9d7081d7ac

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2331c472650dc39fc58e1dd94dcc3941
SHA1 da95e2268b43ae127abefc476cdae99d7fe659bd
SHA256 0cb8e1ade76c707f4ca6373e2c49c0c30aa81533e7788cbefe55b559cb02e41a
SHA512 aaea5519db51332261dca201a90eb2c8e0b3aae93090f6159d8ef01d060fe8cc685ad46d05cbb0e45ff8a5d27062b79e8c058f96586c13dfa25243b692c774e0

memory/5148-2089-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 21719e0220e957f10732f437383610e5
SHA1 cd736fe73c6c15b022f44edf574d853e442c0ec6
SHA256 b9af921dffd014641c92b29c45c7bf35a20d59de35e76f1c080690a86acad2b6
SHA512 76dd5c4842e2b602e1a6987db83865d03c3aed9fd034f74432c6fb829de26e2e8394e8cc56b4558ba53684ef34506bb1a2ba6448f612ce9a096b09625dc5b142

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a1493.TMP

MD5 336dfae41212f16c08e9a91d59975e4f
SHA1 0222ad81e51efd0c38c4f9b6f4aba85735715549
SHA256 cc5b3ee7d249fc946af36b674f67766b782f0e347db984149d1a64c0c882f75a
SHA512 8ce9270fd04509eb3277e09d96f4cf0b5d151fc7d49289d5c3bf4915952fef529477686fdfa73e16b77b3b067bd67a554f0c87685a700a539f1cabef94057d4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 955732552242319e84e45268ee62ae84
SHA1 aacfb03478a6e895cbc1943801a79e32c7c33c16
SHA256 7f750daf6970ce7dc3358e6ae7d2495b5a56430ed5ce5085f0ae0a4afdaedf05
SHA512 7ce476065579682607bc3d225d91f696c6229473c0356b11b4416c3bf1f027084012bc7f4bd26d3f8dc9d565bfe314a19739a716f13358e50e38147713ebad31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 d2895d96341b1d0c1eefec5fb110bbbd
SHA1 3e8cfcf221da48d743936a5acce94851d0a3a3b2
SHA256 d389e6eb3728840e524e4aa67ea2e0cda842ba753df9390539fb3768651d27bd
SHA512 15623935d525a08f663296543a43483551b4d888367147d7def69d5752b88a169ebfd96ef425a5cde9c1263a35c8059390ace0f94c79c390a936bf52e1e84c38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 793b639f0483074bf878fcf19c131678
SHA1 b1a2ef0fd4d7944a9519e54e3201a05c62c90415
SHA256 b214fce2614aec5046a24ad48e5023ae8d29fda0d8c510f6dfa116f684566869
SHA512 1aa25f77f1075f79f9d188ee9bb4a5569db406f2cbde550c7eb6c3377d3bbea5cfe86f1328248f8772020a90093c133de90c09cd2e50048fe2d400e807526238

memory/5148-2337-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fadef7a1b7f006879c12fc68f7853775
SHA1 22ddd3abae6577ed890c3dd0443de5064e5defaf
SHA256 e48f99f72b545e0fbb135dd6842b9c467cbd2b709a9d8e1a1e58d076ed8b0e0e
SHA512 e9b5944450ce30a828415ebf678fe1a7a5e09732fd7192e01fa78ed7474afdb1a14e0d76ea9c0da554851aa55a0690b2d17b18c039050bcb143de4afc8e2d599

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\Network Persistent State~RFe5a4325.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\Network Persistent State

MD5 d85cdbb023050a538b195f6450f5e303
SHA1 773945b48fdb1b28876f8e72859a8db559eac9b0
SHA256 89afd64f13afc251b62f2abfa8374c84a033cb29133e1b50b9c377af8a84495c
SHA512 0ee4a0189590cfcac6775f2e860c9be3c63589f0fe8a2726962902bda9266ee56a6058e50e7054398c31d531ff15142994fd26d303ecf0c3c1a52c8d29a6320d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 31268d9dc422a8cd87f54ca9e72dc325
SHA1 2ef0c7999df7e5bd1aff18daa74c5fbd6869d97d
SHA256 0937ea57ec7c5a2f1086a7ed44ef903530a92cceb6578a2e8f3ba3680a185277
SHA512 d5a80e0d394609189aa5b6cd1d1f3cfc875a8185cf7fde712f81b5492bca5e7d5d4f110abbcb8231865275481fd307d9dc84580fce878a156d3b75bb885d5cd6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01248c58bc5f5db2bfcdc5ac9d6400c4
SHA1 229fed8c27ba082cc5d0368937f7013199d1b3fe
SHA256 c3d1a60a94667731ba01eec1bc14a7a158090952f0d37e9a0213a4aebe4e6a9b
SHA512 5bc1846c6bb7811e90010fcadfe51a13b85e5a9ec77e4dbdec3008c1c30f256aaa4fe5dc04c836d5d27b821d024094622cd592953a82bce7fa8dc9682cd442ce

memory/5148-2408-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd820a60e60a6730c4f3ef207b3a111a
SHA1 c8e7ed16ddf1b843ae19620252a216206b04e1f9
SHA256 00b6298f75ed2d52339f8b4ceca3fdb847342a14c45370bc751c312039680fc7
SHA512 abda9550e2f5e48ec109ea38c5b2659281200bfc6093f93c98eee5bad503d405e74041fcd01ef11d889f0f720bc81d32160faa265b47ee5c097734ce029f49dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 a2fb60e3d6c8f1fcfd465e1969b7456e
SHA1 f60c4ab974e87dda702223f85fdc438aed626dd9
SHA256 1e2eb97aa376de511dcf2a1c8697042c2bf03da8baa377c6ee941c74fa556cd1
SHA512 1ba42ca1f8c7e9a5536e1096ddf433118b98c79ba7d430119c00f4e3f23b78d01abbf1ec7bfb623a9bd22e1c952f369a4fc288e03202948d9a229d6ef128a847

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 a88694641d3e7531ff0b0ec5fa339f43
SHA1 85541f032ee7004fd11e80e3ed301b274150c16b
SHA256 03d70ef395e864fa80fb878365c86fe99d88e68d7c9665f35ee3df453b1d4ae1
SHA512 e4c4882194c7bc360c067c174d047c3c7c85156878fe528aa9de75ff16aabfbb70cc6e2bcb9462808e26f6126c39bbd26948dfb5acc7c39e85429b01f69cf413

memory/5148-2450-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 67b60f7e30412c57dd9f1ff34d9c6825
SHA1 fc6f001587cceac7cd22e120f05eaf76254ff9e8
SHA256 65efb6fb85913808f31d3364374c7198f8a0292ace2256526062050130d89c40
SHA512 e1ec12bfb243fb943a2ea94c34e87121fad6592dda28d82b87f54836a3d3758d2fccad1465036616073ed5af95bdaafd5f25877a4a3a0711929bafe64b97a6f3

memory/5148-2462-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1947170790\crl-set

MD5 d246e8dc614619ad838c649e09969503
SHA1 70b7cf937136e17d8cf325b7212f58cba5975b53
SHA256 9dd9fba7c78050b841643e8d12e58ba9cca9084c98039f1ebff13245655652e1
SHA512 736933316ee05520e7839db46da466ef94e5624ba61b414452b818b47d18dcd80d3404b750269da04912dde8f23118f6dfc9752c7bdf1afc5e07016d9c055fdb

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1947170790\manifest.json

MD5 b6911958067e8d96526537faed1bb9ef
SHA1 a47b5be4fe5bc13948f891d8f92917e3a11ebb6e
SHA256 341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648
SHA512 62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0f4a7536c4f7189438ed8ebf9bad090f
SHA1 c11e825d70e995135a0b639ea88080c73e68b599
SHA256 4df763ad9cb8ecb7dc3972b4744c6ff8b478eaae9b2325a13acdd708dd0d31cb
SHA512 28d3f6cf8f2cf4a1b19e9c9562bb7723a35042f27873a3cf40651da1f7eccea7bbca42ae00ca0afef6a1d06884c5b80abeaccbf636d4f259aa1bf55f68cd3981

memory/5148-2681-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3cc708b6b5fa94c5590eaf1bd860aee4
SHA1 d2ebf1a10333a7a8b57402f738b069e3250284a9
SHA256 571c15a69dd8cd36abf4e6270cafcb5c4f82ecb893f586033b8777bf25679a7d
SHA512 8c9176a717f8ba921e1673cf5f64ddde522ad9d8eb4a8891737a8579347f98d7ace22d1463392ce5ef7c9cd05eb365a6ffbb399447fd81645ddc4028f75bfc9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ae2287b4af0526f97fdf65ac79441b3c
SHA1 e9b6ded34ec169e7470835b1ef18027ed83fd32e
SHA256 871ff5f6c5eb555e028c6db96836a42620aed3bfae5afa653f0baaf586e17d0d
SHA512 3380453218acbb4cd5b758428864f3064665b65504aba95bda969a18fa224aab955fcc01ea22bfff67198d3966a161992e94d9613a84c808cbe731d258716664

memory/3548-2977-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2976-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2975-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2982-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2987-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2986-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2985-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2984-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2983-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

memory/3548-2981-0x000002B4653C0000-0x000002B4653C1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 62ad7b472c2b4784728a9200a691d18e
SHA1 e57c88a45b56da9ffc1ec2c471b215750736861d
SHA256 040f87f2479f52fce18f41d3d8e2a36d063d7a462b210f8ca6a49ec80f31617d
SHA512 cad93bcdd89aa04159615e0a0e37819a14781a660329839260dcc1a95bbacba9cf7ac804120fe4e46c9e7a54dbe6a64bbfdd7779ddb79bbcc38eca4f73464b55

memory/5148-3001-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 86b4d1055565e2695b353ca217dbda87
SHA1 77734ed8f9a1c8543241e7bbcdd0625f8c4aabf0
SHA256 eb9939570d4713d7b5203e8a74369cfda2ce8aade36a2169e108f0919e80dda0
SHA512 381dc33f42f7a33dded44c2dc956c31ea9b629b3552781f1d88025b6d50adeb8e916551739bbf09fb3132dd1891faae59b1731c46333c113f051a32d86291c89

memory/5148-3009-0x0000000180000000-0x0000000180B19000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 69af4cf9e9217e6844a5057d98a480a5
SHA1 5f2f96176f21179123f586a4150937951679e7a3
SHA256 78dedeed72251c08e9a5366c1fd2547cfe3cff2ca6ee71127146a12c1fb7e827
SHA512 d4cdb44c98e5768a6fa038b43b2c439f0d2b426b4c3e802e252de146e27a0e7e0d93a7a6fe039c4e7d0ac9c35e8abe6b765f24dcbee0cfbb12c9cfbbb4566057

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences

MD5 e728935beca51c7a5f955ed962e277cb
SHA1 d96714bd75872cec5461ebaea706d84beede3245
SHA256 2685dd5a92d00fc6f574e755bcd7a201836fcadfe4238b7fa5602b1f5d02df24
SHA512 e93ac304082c9eaca11be60d1dc138a1d3fd0988ac8a7a9a14b781e1a8ee2b5776dc088ce071e9e23b90d886e809357dcbc7523172d377e73ad99b99db1742c2

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1448045423\hyph-as.hyb

MD5 8961fdd3db036dd43002659a4e4a7365
SHA1 7b2fa321d50d5417e6c8d48145e86d15b7ff8321
SHA256 c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe
SHA512 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1448045423\hyph-hi.hyb

MD5 0807cf29fc4c5d7d87c1689eb2e0baaa
SHA1 d0914fb069469d47a36d339ca70164253fccf022
SHA256 f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42
SHA512 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1448045423\hyph-nb.hyb

MD5 677edd1a17d50f0bd11783f58725d0e7
SHA1 98fedc5862c78f3b03daed1ff9efbe5e31c205ee
SHA256 c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0
SHA512 c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1448045423\manifest.json

MD5 273755bb7d5cc315c91f47cab6d88db9
SHA1 c933c95cc07b91294c65016d76b5fa0fa25b323b
SHA256 0e22719a850c49b3fba3f23f69c8ff785ce3dee233030ed1ad6e6563c75a9902
SHA512 0e375846a5b10cc29b7846b20a5a9193ea55ff802f668336519ff275fb3d179d8d6654fe1d410764992b85a309a3e001cede2f4acdec697957eb71bdeb234bd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a577db48dc3c3046452f6ad53cf5faaf
SHA1 e660226efe6e572714e90b546e8ffb191a036061
SHA256 a653bbc64dc021bb5451beda423e80a90f6027e882ee743e48483fba31406063
SHA512 ab6ce2eb76074221dd1c0bbd0e74703b4d9761d18d30a6cf85543175629efbc0e09cb102136bfc9517648b4f3c40eaf59cfb9f6871b8c79c3c1dc934859ae9ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23c0678bc35dd8dd4fa2b2227571fb7e
SHA1 ac2823a57c71e6686a2a2afa6f87beb8c8db2ed9
SHA256 647ba3301f3faac6e8b9d2d8c88a945d63b9d6849e4400834b601781f54cfbbd
SHA512 65ea39f18b1dc1cf8bcf4f7ba41e9188f7ed87c35615b380c5179c1465d95dfff4ae85b5979a744c0f8ef982e080349a044607ba9b4c2425d39af1af6fdeb3d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1238e75a33dd069af0fcff17fefe8f68
SHA1 2c8616b1edc39d6f006e0962a5c6152883ee7fe2
SHA256 5c71948d2a03ce6bfa1ba30a500b5ec34bb62dbbed2c4acd2bd96bdcf014e58b
SHA512 fcd07cf9181e77854b2701486ee00488733813f8b84ec015d63c7007d240a7598f02ce753780bc0fd3ceca8fa2e3df114f5b06c56eabae6717dc4f52981b1ff7

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_219818076\manifest.json

MD5 55cf847309615667a4165f3796268958
SHA1 097d7d123cb0658c6de187e42c653ad7d5bbf527
SHA256 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877
SHA512 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a4204f03e4b516a27c9d2c5e923d3378
SHA1 e8d54b27d8c12a10af537303028a24abb11f1b86
SHA256 fb8e93640e7ee7cab242bd282bd642dd8a7411fea39473c145cf7d0b906e7784
SHA512 5e7ab7562bb134d5f24b6a90460c55bf3a5d5fd990b592924f2233f87e2c223908fb178bebea42d8ea103f1f5d72b4e6ccc7b605df027fa7355cf4290026d365

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1190941aeea7e02e04d6a29ac2732472
SHA1 a2e76c5cbea37f28882a60db9a717c99a37f72f8
SHA256 f2821b761629bf6f9ce9aa09bb3e4f7808f2b8805904264fbf682c5020c0b05c
SHA512 2f274606e48c57aa2344464393f711af261cc1bc721abfb9a011c31a89a3589867e475993c591434558eecaaee266fd1f3367620d477f1aee09b44c70332ae9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7dfcde34834000a8daa47d7f9c6a348c
SHA1 9b3167357b7c2a9664b115e222b69dfbf82e3adb
SHA256 1c0f2157a4d3f1809ed19d2b99a8d90851613677e53d64096c49d285d1358748
SHA512 43e5e099060d00c614c6864d61397280dee13f60befc3880edf770a2b5317a2c8d42e735be1d89841250379f62cdf9ce4478dbbfda2512eb451d92a3cb676d78

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 df6292c5605441de634dc5f452facbcb
SHA1 e9bd78baa1ad1e3d99530e2c0bbc90afe036a0ea
SHA256 721b9030047688cb9b0bfffcb19d538ed02da9c435be7c86315c12286e1e3f18
SHA512 d97d48596afaaf01669078b03b26cde3480990341d5a0300f305ab280b716af8320f667916ae2f7ce3b2e7aba7ca1413cecdda02a40adee689d5df054b2d637c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f245bcf08ba024519c77e05d3d4eccd
SHA1 81e5b45bed546b35f2d0187119084013217a51ba
SHA256 a9caa74a68bfdf05c5a72b4a36b33361f3303edaab5621f304a8d754077107e8
SHA512 04693af829aff6002584dfb67bb999a976b537537ebf3bf3bc0fd247c89347eb620e94be75af143be630bfce243793a10a42612c0080068b9568283a82e8b9d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0ce1263adf31fe2899a088f80c83fe97
SHA1 fba2f87953461afe8e73025faee074db73e03d98
SHA256 a6dd4d87788e8d7ec12f4c4f318d414804b6d8da2addfd7aee5b78e12b9b453d
SHA512 4518098358365635a9e9fc5c21cc83e6956aa6a65c3dc03ead5c6734c83b8f00ff86e4f400d2f7265bd5bf0436e58fb71b199b3becb975c344a8418152953bf3

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1085069526\manifest.json

MD5 ba25fcf816a017558d3434583e9746b8
SHA1 be05c87f7adf6b21273a4e94b3592618b6a4a624
SHA256 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11
SHA512 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c7

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e601a0ca31cfc67ec296f84d3229f8d6
SHA1 e8478d89f7f53e6aeee0076dc39d57082cce28fd
SHA256 f0949bb5af66b3ea7e2b7c21edf433b30cf42bd9fa02260aef3cd84101aabb69
SHA512 36218306ff1c3ae1a4a480ce2a2401888fb277fde90205b17dfc0c10db963fc78a0f7f9698d8dee384b4e622420fc48332f75dfbdccd9b7b4e9ad470d888fb39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a29258b9a28eb9afb5235db49ef69513
SHA1 135289c8ced3b9cb5e4a708fb1fd00083c7ced08
SHA256 13d4a3e392375b53d2cbec98a5e607a601e2910e9cc290ee619326faab0859aa
SHA512 6da51cb6bf14b9211172d5ce596b36cb21df343cbb486eab3f9fefba05535cbe108cb78d2a295939c2bece7416ae1034abe92d7a4bb2b8f6df9044e90cfb7965

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e10d3b7a98f7b06445fac721288c5b4a
SHA1 5b69e235f254a8c758e00bdd88694eadf24d063f
SHA256 357f0f805094b657f981e7a17a7855cd395d01edabb181df252c1bac42553141
SHA512 8e58e170b4c87108495a21a969916a7bad4077fa274cc1fee268fca7085e1e6cbc17d107418dcc1b0adceb186e327f6a39f87c29308bbaa7ae35415630f9d5d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7bcf5e4de6ef3cce833b9301c1b8b65d
SHA1 3bf5f8ed04e8b9c6fe733624a32f4f1b7f00c15f
SHA256 3611ca2c8f0f3c3360a6c72a7d7399c69bbfea1546f84e66a0aa37df6bede902
SHA512 271c54356c126390007db7c99c4b6a924a7ccf5b3b561909b1dbd282b4efc9582e410ade306c678a9f851f11dc76cf57d641b8de43dd8f123707b51e87d99423

C:\Users\Admin\Downloads\Unconfirmed 216537.crdownload

MD5 84e67989f7ccd11c2b7db38f3d3443b8
SHA1 c3e821de715aa7508b3273de16c9156014d81922
SHA256 5eac06573fb9289a5ad1dfa8b88d2d7b79f1bd89e61c53247f8cae50143e7a2c
SHA512 d0ea7235f591f31edeb7183c91fb0bb1347a9386c170c43b21e2c5fd93b7040e73e1a1a9f3ef6f83d097b1af0f9e2a9938dd59ae47588940491da25248eb7d99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 69b1496039fcaafdc077dd9af8fa1c7a
SHA1 95852d703b602f63b170555572dab7f24db57e03
SHA256 d116247ff92c7dc66dc826f9a2b869763ceb4bdffc8d1930c62c6c827b5fefed
SHA512 df4d9f7abb2a38c0d4b58bbeeb7d69cfcd21480d2a1c00d49e5b598c253d79ffa0cdf9e10962e4e2f33f5d9999038642154947c438d4b087e8dee17b1615b8ea

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 d6ec3ffe6c3b16f94d459947f56cab5f
SHA1 f6a05ce1e412ac4273ad362ab9ff8c314bb80747
SHA256 87eb356a07a15634ab05fd847c70f26fcd9ff745dc62afaa4404d6fc5206eaf9
SHA512 9a3c46f18b8527bdc02e5a0a442b9bd08326e2f59e40e80e555f3193dac5e649526e27259f1dee7260b9b66642a0aefeac9d7854a2024451db398cb078ffa484

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 85f0c096d3df74d568ca07830651ad14
SHA1 75ee4e2530dddf9fadb0f03a525cdc6802ac840b
SHA256 63f0b0c74bdcf99bdcc5a34eb184883e89941ed0a23f1da27411dfa0f3a0efef
SHA512 cb93f6d1dd02134524eb89075f2c2d677df70adc78a30d924418c9bf93750cbf452c23c6697a3468ecd6f86d3c72678ab09f82ea3d9c243ab066d690a3c6c9ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b7997c31c29a56ead37708aa177a8bd
SHA1 3831b2acc3221ba05a90548f30048b57fced2a8f
SHA256 77f40ae00ad8e53fcbfc2b9e3314fe6c3c59153587f5acde39be5f18687fd45c
SHA512 1d6ab37a67112b186a05efd7a1efe9fb189515a3faf52efbbb0e759c6be48c56fa13f176b40d59a549e72c0a48dab5b48090b79cbd7fb1fdb0cfe1eddf6e4da8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 21e645207b8372e046505dc5bec28cc3
SHA1 f45fdd05bd3b70f15abff8241e6db8258521fe9a
SHA256 ac89a40ed8ee6afa9fa0e7673dccf21e9059f7008ce986a1062d59ff1bada0bd
SHA512 528b1d7c447e829b9919e77e61db845f2367995ccfa85eb9fc0323a7dfaf300476250678a8a668b48df50211702f89de162cec344cb7bff098936eab942b2b67

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\d711fadf1919a05ac8eccb48c397156c

MD5 d711fadf1919a05ac8eccb48c397156c
SHA1 d316ed33dda1b7170d56e086e53d280854f301ec
SHA256 b17555f65d11b29752665637a871d3cc2ad874076d2bee06a8dabd3520e34834
SHA512 dd5ec72eeb0e5fc28f122e46deb8a6c8464cbc2d8c74f545b27296b14c8b133fe009b38eace44e76af07a3db3fedbc6069b638348e550dffce84314674a01282

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 388b2b9f8e454c229a31e89573c5f342
SHA1 b4d1bde8a14fa41cd1ebe61d7ce8c5e44ea813bb
SHA256 25805da226f4694c77e5d0ff0669f8b9b42137c46bb81aa43f7717a91a6ac1de
SHA512 8aea64ca83e03cc9823ab03ad5ecf57dfbc44bf39794c6d6bc8fedc29b21bd921693875949cf0ff80608f5e4f6f4090eda0c7ae47a094acf52a6ef54b035f7da

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1513419924\manifest.json

MD5 9a8bf54f47c416df62f5df371674963b
SHA1 cc7a28747dd196612fe86c566ca3a66ec0376671
SHA256 f3b0221bb32f8cd0f14dc3bd148eff3ff29bc0834d5fa5a73fe5923e6f4528c3
SHA512 3cef10c8621ed9ee7c8b670dab1a47a4ab44d8384b8c8a4c36fc2578a78abfcd424cfe39b1b32b32198e5cf0f052ff45feca1e49aad845d67aab61f971e79df3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca891f75f209624fa0b6acbb549746bd
SHA1 b8a19dccef4dc027d73936a60d1d2a986dafdd75
SHA256 cb21022c73c50ef4e65de2a1695dd344cfb2ab7260a09aa4c697de6c7e7c597f
SHA512 0b9fec7d6460baf692ac9c07b65946c411233415593fbb57e5ad4c7fa32e72b5bf8f9e92430346175c6556474c6ecdc08470f59de314ca9933c5fbdda9225100

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 51c74f8c54b231989d43aa91e5b003ae
SHA1 cf73f08e6f07d2e0ac8a32f5ce131c9d25e882a3
SHA256 0e434e219b2baff8827dabee9e806329d5b9fb7bbcc7e4fff12af9735b15c1c4
SHA512 b0749f8901b3bcd73f8d83c497e049aecb402575123e86873889bb38aebadf24ba52c8fb4fe96d86bdc4d159e169c9bae817c85df7c851335eacacf94bd82120

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\TrustTokenKeyCommitments\2024.6.5.1\keys.json

MD5 d7275bbd33c42029c586a3c4162f7727
SHA1 62942a391dedf1eab7bc9ae2fa68ab5885cfc231
SHA256 fc926f3dc9c0051fb2cdae123be615576aa63d636a08b2aa48564311758e702f
SHA512 849a7c5f2617035eb84b88c7b014f2424ae7fd05cc51554e7e4462a836477f1ffec494025f4b09024bd374cbcd5330ee896a8ff90c3e44e96858f5ad72012e67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2a234c29651b87ada9691159b28ce21
SHA1 669abcc5bbe08e120544650cdcd1fdb1167df004
SHA256 8cfec11f0a7048e956e6454abece31e16937fc0b7a409fdf8c3e48071eae225b
SHA512 f2a41c76660b26d2b42ae48520a3541588dee0dd0d5b943c990785d2e43438c81b9b40c307e574394330fa58a493758a5eeabd1796521e7b1978cbd2bc0adb30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a7ea1f6e6ae49ec35e6299de9c18c639
SHA1 0b4cee64f38121ae3b4ddcaf9888d456ea145f5c
SHA256 357bbb81221a59587b1fe9367c6469f7e4913378c8751bfdeeec08aec5fab287
SHA512 cc3d042220e0bedfcfe50db94067fe8eeb1f23334d722904a829f7f1f4c31f9c300e21aaccde2d350fbb930b8472f5a1177a29bff15d6da361c090aaeaf38141

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a455f5728804451fa02bec6dd07ba16c
SHA1 87917aaba410031d0a304dd2bf0244de4d20d3ed
SHA256 310f4f42bb02e60b801a8110f486cd5787e0809caf982f667293b4443e1f5466
SHA512 8bf2a14979c2f5eb017c7806f6636a91ee2373cec5e4e7f596653c9294aaa16ba301327b8ddad3bfb34644a1db2639bd5f7dff0cd0333edce578ff37f2cd264e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3502296f6256b857a712bb4e693aabc0
SHA1 ce92db474a6c5ffe23704bdb8efcd6a33a22faef
SHA256 3a36bbf907a3a78f55fd23227f7e33f2169a07271b5127a2295e7910fb5b99b6
SHA512 6955e7d23c03a624e079efa598385f52a3834a2fa7b03dddd89a52e30d856813dc0dc85518947e2719c97ca378bbc0398df8a0dce12af620fa8693c97c25ac82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 28575a5f358fbe28ba1d5f6968a658bd
SHA1 b7954403286a219aeb72560e1e53e2e27a8bd4f3
SHA256 b8bd829a60d339078f3d6ee11c8e65ed14a8c04ec4fac73ad55b06d412ae557d
SHA512 2c116b6a356b52f2c51eec11decc0151f48f3679e5c66d02512840749a916eb525656285d2e16af15d78d722401cec6bf6619ddc28346b6d1c4d4f39d16a1012

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f6

MD5 91aba671d01790cd073f98f07d478bd1
SHA1 30f5a51338c58dbb585eb80f5cdc9a3586694e79
SHA256 03e18dd23a3368f2e4b5ce9949ce008e9472c79f6b5db37fdad39fcbb95eb1b0
SHA512 0312f460b117b2e154a5404b422f0d52f1281fda1cf05a04fbd35bcd40041298c3bb7bf9adeb2006e95c838e6bf3a1c5b299ac603c59cc94138e5bd83ccd9558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f7

MD5 d3d747f42b7b13b2aad27fd2a18be80b
SHA1 4e3077cb7ef676a4c7d81b18bc9429c473e46de1
SHA256 99eff48a135ed9e4e343b096a2c08cf3ca47cfb8a7e4957bd2a0f0814c24389b
SHA512 76381c4c21e8481091b1396698a6fb5868ba2b5985b6d0711617c412d57fef6c9466f7446239b19615b9c2460eea252974a25afedc2ea53d131616bd1fd415ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000f8

MD5 82184d01f31478829c8f00e74cc3ab12
SHA1 102dd35019bde5d1ae354ca78a3f47bdf6ae5806
SHA256 a4f60d0546b7d64ce364731a1fb8a9386bed39a70111e811c3977f3c2773e22b
SHA512 4fa76b197bdaccf85a36e22292103edea0a6ba8802350563c7e6bb87a9f1f3e7086bce687d840d0441f3a47f10225dd9855c786e4a034dddc91e487eb67fb941

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 933b33a6ad63e5c35ac0cca0ca072187
SHA1 fad2426e89d15799dbaafdd024737ae40f43fedf
SHA256 c10db1171a2f6dc650c1f363d1f1742e6bbf02bda6e2ed8ed05ebb42b42f89fb
SHA512 704b488a8b20f837055468d7958990e2d1981d30c9ab71c4c6cc103d3ecef08a786b3fd198871a6cb284e64e0d0aa1178ad1993a9cceac4f4c276db12a606aa8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d64026b20710b4ed9bf5bbefe18afe8
SHA1 38bdc4e5318d6808a7a36ffb933bdf301c2bad8e
SHA256 b069b890a6bbe7460fd393f89efb39cbc1f8b818b088875d160fb8884d35ec56
SHA512 b4080d5cabd974f69d702324d4ccb4b11ba5b17c027855e02dfd28dc7c426a9c60d56da1ca66ad7f9b35c16d6cc0c438589abb88ef420cd19b5cd360f2d26b4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d58b1c7de86e9f74bb8ee959150b82b
SHA1 95e5381f05cb0bcb001e2c98952e02688cdb6a5b
SHA256 6d6c3029ef32037fa77c4d380b0359559516381da991ce9409053b7b134af4aa
SHA512 538145641d8d570a2e8ae040858e58634598593067b706c999e0a2f84bdb28ba5c5a954edc57f9b70a4008d37dcfd0cf644a678adbaae4bd531317037bebf757

C:\Users\Admin\Downloads\Bloxstrap-v2.5.4.exe

MD5 dbb820772caf0003967ef0f269fbdeb1
SHA1 31992bd4977a7dfeba67537a2da6c9ca64bc304c
SHA256 b2ac1e407ed3ecd7c7faa6de929a68fb51145662cf793c40b69eb59295bba6bc
SHA512 e8ac879c7198dffb78bc6ee4ad49b5de40a5a7dbbda53d427d0a034941487d13c8bb2b8d590a1fcdd81cd6abb8f21fdfcd52924eb00c45a42ee06c1e4b3d590f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 795c3845122ef80c35752abbbd14d701
SHA1 76514481f6b9f66b70e1bb4e7fe908fe2c7e395a
SHA256 476fc51a337c501bc83e2a3319d8513f0e197de3bfc62fcb97bfc72c9225d5f9
SHA512 a3d68d36533fde95c6b40e84a315bb0b598422ce725a1dd95fb7f0475813c6c2795d95252d03a916b960dbec6990a5d2fd256007394eb562b0f7b9a3a2ed87ce

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_358267594\manifest.json

MD5 178174a0125d4ff3ed5211426f1ea113
SHA1 26f72c5a2f65c767c4edb04d8da62bdadc02e809
SHA256 64986dfeefa8855069e799b28e5523b35c9efcf2ea152a2b03461471c218da1f
SHA512 c0d1d9555f4cd7e9a4b0ee5fc1b069782638ba1680d18ba9c83f796746086b6afdf1400c80b7f586422c3a2a73e51bd04fb250e2db818ef723cb4f7a8b3b15a2

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\LICENSE

MD5 aad9405766b20014ab3beb08b99536de
SHA1 486a379bdfeecdc99ed3f4617f35ae65babe9d47
SHA256 ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
SHA512 bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.52\Filtering Rules

MD5 a97ea939d1b6d363d1a41c4ab55b9ecb
SHA1 3669e6477eddf2521e874269769b69b042620332
SHA256 97115a369f33b66a7ffcfb3d67c935c1e7a24fc723bb8380ad01971c447cfa9f
SHA512 399cb37e5790effcd4d62b9b09f706c4fb19eb2ab220f1089698f1e1c6f1efdd2f55d9f4c6d58ddbcc64d7a7cf689ab0dbbfae52ce96d5baa53c43775e018279

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49b57a63f0a3a162e6cbc26bae981b38
SHA1 f8d1ff61194a6ac048df99fe8e1bb6a938be68d8
SHA256 33311004c00bcbc247ddcb2d94eb96e0a4b96ec6190bcbd6e22e8d4199840deb
SHA512 d6f8d55df651a343b45ffc4ec3dda78c2724bedbb98703a3fa45d4575924fe08a0914615b1a5a61911f01ad5df8444e1af0c71a087b6f40dff3eb7662527c001

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eadea72c3eb5ce8d9a2bfae521d94bb8
SHA1 86738eea274bd46162a737cfb96effd5ff38b4e7
SHA256 dc14f3f4e2f8a1fec92d73bca149844f70ae6f98d8996025b9bbe0f01beb0c80
SHA512 e64d4792cf2c777ca70e6c9de2380a213726f6b30d1b07d59c6016ec337841bf494749b9f04226d8804dc7802078bcd5e8d68a20114a3e952aa60cb03cefb0f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6635bdf8f92eb079f663ba6dbde7a5f8
SHA1 1bd851a93786d441c3b68eaa855d54fe3f7eb318
SHA256 773dc1788a8ae7f4acab87cdfbf3ff00c6d162859075d7ae9b0390fc696cb273
SHA512 f3f903cf162bca55b258e967311dbfd6acadafef7242927e9a0b8ea93b4bb605a77951de6b5cc2574d63963233ace78bd980ae25f00c46d373079eee6634d369

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f3cd1fb97c1d09607f5a78aa7cd25c74
SHA1 4dcb0f23f77880fa1c180fb6b0c51f6302148173
SHA256 d49fb3e83856513d1c210aa8aa0f93265069c32edcfaa3a3b67ca621795f142f
SHA512 c36d1923ece9dfcf65e547cc91c7d65909f2c2d77d3b50ec66b85b766e47687ac40b99edfdc264286c60b79fb048df8b5eed6698fae9a50e15f3919e733d6b6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ddab5a2a-3260-4136-b40e-a04aa5fce664.tmp

MD5 1746735f37876a8fedf62b951fbfbe48
SHA1 bef94a298b6663ee0d3446c3481ed45588d836e9
SHA256 c587be66d1690419d41fe50058e04c3d93698f0f00d3bcdc82f0301fff9b2d90
SHA512 a2393afd4ed9125cac03948a201fda88fa527c5137e6800ee045b3c5cd94756f870f8918c32453f756884ffe0c750528ce5e0b5862b5ba58af3803721e0a3432

C:\Windows\Temp\{2E0F2B5A-0365-45C7-8C44-61B3F676790A}\.ba\bg.png

MD5 9eb0320dfbf2bd541e6a55c01ddc9f20
SHA1 eb282a66d29594346531b1ff886d455e1dcd6d99
SHA256 9095bf7b6baa0107b40a4a6d727215be077133a190f4ca9bd89a176842141e79
SHA512 9ada3a1757a493fbb004bd767fab8f77430af69d71479f340b8b8ede904cc94cd733700db593a4a2d2e1184c0081fd0648318d867128e1cb461021314990931d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19ecf66a131ee848bbfeec6281806087
SHA1 19da1269c5cd7e24d74a5f0514454f9895ac5507
SHA256 5c24509877612d42821211171d118d3f5b66af22ed224d8b2d4b07c465cfa22d
SHA512 43e8a3b7e6eea2ecd66796abc23559a0c9ccac4555f87eb11b8798f3e5e71632d23da7c0b5b04f41f56b50aebdd85aa39821432097f83ecff5de7a73577a3a05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8fa268722563db6bebff4a34cf306dfe
SHA1 87498822392c75dfb4bfa0cac282fe7d5b84ebdc
SHA256 ae432aaa21cfbb5dd97a266329ea26508aa0495e079cd0e26852cb2ecb24e03c
SHA512 0fc24a17f7527a45d3915db29eb10455be415a734d9ad0b64a6ca5f64901b7b2990e3733831a664ee3921fcded16f47dca5c7f38ce4452448556655f8e2d533a

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 18513e8757f887c2a860279a9f9e80ea
SHA1 c4e5dadf496ad11f0839a01af652a1710fa080f2
SHA256 4c8269a407108071e5a2f5b72ed2810d52b7dbf11064ffffcb394779c89ab9a9
SHA512 f5177859353afdcfb1c41b84c0c3bd851636fee6c486852ce4386d333ec2c5bbef493002f97655ba0bd1b770c1e17cc281d926e8e9a6a1a32e78cf8c9e2cb6bc

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\configs\DateTimeLocaleConfigs\zh-hans.json

MD5 fb6605abd624d1923aef5f2122b5ae58
SHA1 6e98c0a31fa39c781df33628b55568e095be7d71
SHA256 7b993133d329c46c0c437d985eead54432944d7b46db6ad6ea755505b8629d00
SHA512 97a14eda2010033265b379aa5553359293baf4988a4cdde8a40b0315e318a7b30feee7f5e14c68131e85610c00585d0c67e636999e3af9b5b2209e1a27a82223

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\configs\DateTimeLocaleConfigs\zh-tw.json

MD5 702c9879f2289959ceaa91d3045f28aa
SHA1 775072f139acc8eafb219af355f60b2f57094276
SHA256 a92a6988175f9c1d073e4b54bf6a31f9b5d3652eebdf6a351fb5e12bda76cbd5
SHA512 815a6bef134c0db7a5926f0cf4b3f7702d71b0b2f13eca9539cd2fc5a61eea81b1884e4c4bc0b3398880589bff809ac8d5df833e7e4aeda4a1244e9a875d1e97

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

MD5 cd269dc2573e4afc83708aaa8ac2dcc0
SHA1 128a2895ac530091cee9e93e4526c6e5079c91bb
SHA256 3f7220b064ac0c01262a75202b3c4b026884177644dca01294920db7dc1899cc
SHA512 8b8f850e88e4139ad5f48cde1061c72ecc7a8474a11b639ad06554cbaa27af8407f53f723a6b0798749c4ba89fd240e37408ee5971a4f57e9d7712b972ea7381

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\Cursors\KeyboardMouse\IBeamCursor.png

MD5 464c4983fa06ad6cf235ec6793de5f83
SHA1 8afeb666c8aee7290ab587a2bfb29fc3551669e8
SHA256 99fd7f104948c6ab002d1ec69ffd6c896c91f9accc499588df0980b4346ecbed
SHA512 f805f5f38535fe487b899486c8de6cf630114964e2c3ebc2af7152a82c6f6faef681b4d936a1867b5dff6566b688b5c01105074443cc2086b3fe71f7e6e404b1

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 7dd731711a9fd9d5a6ea5e06e56750c1
SHA1 bb8a835dbcde50d0072334eb22feb40f5d489ce9
SHA256 d7e74b8cbef24cdfc4028c8babc63041699c86c737d44704c8a4cea5827765bd
SHA512 9ca9d9f2ac4220e14aea3b4bfb5f5accbc56e6a4995f0bccc5c0bbaeb96474c993260cd9b3aab263145ea01a4834f319819cf9e5eb3167c681a4b85396c2db2f

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\StudioToolbox\Clear.png

MD5 fa8eaf9266c707e151bb20281b3c0988
SHA1 3ca097ad4cd097745d33d386cc2d626ece8cb969
SHA256 8cf08bf7e50fea7b38f59f162ed956346c55a714ed8a9a8b0a1ada7e18480bc2
SHA512 e29274300eab297c6de895bb39170f73f0a4ffa2a8c3732caeeeac16e2c25fb58bb401fdd5823cc62d9c413ec6c43d7c46861d7e14d52f8d9d8ff632e29f167c

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\StudioUIEditor\valueBoxRoundedRectangle.png

MD5 521fb651c83453bf42d7432896040e5e
SHA1 8fdbf2cc2617b5b58aaa91b94b0bf755d951cad9
SHA256 630303ec4701779eaf86cc9fbf744b625becda53badc7271cbb6ddc56e638d70
SHA512 8fa0a50e52a3c7c53735c7dd7af275ebc9c1843f55bb30ebe0587a85955a8da94ff993822d233f7ed118b1070a7d67718b55ba4a597dc49ed2bf2a3836c696f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be8bf2b313c000171c27d0bf715e5ecf
SHA1 d35b9e102b23010d1c28bd597c32819554ab9b91
SHA256 4d249edb888614445225ce37e31ec0c147983afc329459d3e044814a2c5071a7
SHA512 e9e0876bd6223a29c17e2bd27c67e5966f810d7ae147a7b2b64bfda9736f019b184cb24bee4ec9303b1a66cfd00f9f5f1f04471d301cabb250285f2bfb17f2ba

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\graphic\[email protected]

MD5 3fec0191b36b9d9448a73ff1a937a1f7
SHA1 bee7d28204245e3088689ac08da18b43eae531ba
SHA256 1a03e6f6a0de045aa588544c392d671c040b82a5598b4246af04f5a74910dc89
SHA512 a8ab2bc2d937963af36d3255c6ea09cae6ab1599996450004bb18e8b8bdfbdde728821ac1662d8a0466680679011d8f366577b143766838fe91edf08a40353ce

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\ExtraContent\textures\ui\LuaApp\graphic\shimmer_lightTheme.png

MD5 4f8f43c5d5c2895640ed4fdca39737d5
SHA1 fb46095bdfcab74d61e1171632c25f783ef495fa
SHA256 fc57f32c26087eef61b37850d60934eda1100ca8773f08e487191a74766053d1
SHA512 7aebc0f79b2b23a76fb41df8bab4411813ffb1abc5e2797810679c0eaa690e7af7561b8473405694bd967470be337417fa42e30f0318acbf171d8f31620a31aa

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\TerrainTools\checkbox_square.png

MD5 2cb16991a26dc803f43963bdc7571e3f
SHA1 12ad66a51b60eeaed199bc521800f7c763a3bc7b
SHA256 c7bae6d856f3bd9f00c122522eb3534d0d198a9473b6a379a5c3458181870646
SHA512 4c9467e5e2d83b778d0fb8b6fd97964f8d8126f07bfd50c5d68c256703f291ceaed56be057e8e2c591b2d2c49f6b7e099a2b7088d0bf5bdd901433459663b1f8

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected]

MD5 83e9b7823c0a5c4c67a603a734233dec
SHA1 2eaf04ad636bf71afdf73b004d17d366ac6d333e
SHA256 3b5e06eb1a89975def847101f700f0caa60fe0198f53e51974ef1608c6e1e067
SHA512 e8abb39a1ec340ac5c7d63137f607cd09eae0e885e4f73b84d8adad1b8f574155b92fbf2c9d3013f64ebbb6d55ead5419e7546b0f70dcde976d49e7440743b0f

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected]

MD5 55b64987636b9740ab1de7debd1f0b2f
SHA1 96f67222ce7d7748ec968e95a2f6495860f9d9c9
SHA256 f4a6bb3347ee3e603ea0b2f009bfa802103bc434ae3ff1db1f2043fa8cace8fc
SHA512 73a88a278747de3fefbaabb3ff90c1c0750c8d6c17746787f17061f4eff933620407336bf9b755f4222b0943b07d8c4d01de1815d42ea65e78e0daa7072591e9

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\Thumbstick2.png

MD5 a402aacac8be906bcc07d50669d32061
SHA1 9d75c1afbe9fc482983978cae4c553aa32625640
SHA256 62a313b6cc9ffe7dd86bc9c4fcd7b8e8d1f14a15cdf41a53fb69af4ae3416102
SHA512 d11567bcaad8bbd9e2b9f497c3215102c7e7546caf425e93791502d3d2b3f78dec13609796fcd6e1e7f5c7d794bac074d00a74001e7fe943d63463b483877546

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected]

MD5 499333dae156bb4c9e9309a4842be4c8
SHA1 d18c4c36bdb297208589dc93715560acaf761c3a
SHA256 d35a74469f1436f114c27c730a5ec0793073bcf098db37f10158d562a3174591
SHA512 91c64173d2cdabc045c70e0538d45e1022cc74ec04989565b85f0f26fe3e788b700a0956a07a8c91d34c06fc1b7fad43bbdbb41b0c6f15b9881c3e46def8103e

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\[email protected]

MD5 e8c88cf5c5ef7ae5ddee2d0e8376b32f
SHA1 77f2a5b11436d247d1acc3bac8edffc99c496839
SHA256 9607af14604a8e8eb1dec45d3eeca01fed33140c0ccc3e6ef8ca4a1f6219b5dd
SHA512 32f5a1e907705346a56fbddfe0d8841d05415ff7abe28ae9281ba46fedf8270b982be0090b72e2e32de0ce36e21934f80eaf508fd010f7ab132d39f5305fb68f

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\Controls\XboxController\Thumbstick1.png

MD5 2cbe38df9a03133ddf11a940c09b49cd
SHA1 6fb5c191ed8ce9495c66b90aaf53662bfe199846
SHA256 0835a661199a7d8df7249e8ae925987184efcc4fb85d9efac3cc2c1495020517
SHA512 dcef5baccef9fff632456fe7bc3c4f4a403363d9103a8047a55f4bd4c413d0c5f751a2e37385fe9eba7a420dbdb77ca2ff883d47fcdd35af222191cc5bd5c7a9

C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-2f99b302154c4478\content\textures\ui\ErrorPrompt\PrimaryButton.png

MD5 81ce54dfd6605840a1bd2f9b0b3f807d
SHA1 4a3a4c05b9c14c305a8bb06c768abc4958ba2f1c
SHA256 0a6a5cafb4dee0d8c1d182ddec9f68ca0471d7fc820cf8dc2d68f27a35cd3386
SHA512 57069c8ac03dd0fdfd97e2844c19138800ff6f7d508c26e5bc400b30fe78baa0991cc39f0f86fa10cd5d12b6b11b0b09c1a770e5cb2fdca157c2c8986a09e5ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 61138cc245c4e67c0f163f385e52225d
SHA1 c583b0b179a99fb7f2981f4d93fab131160693e9
SHA256 017588036069da11ee448e908b3fc55b1b6f6bc4263ee8f3d81e982dcc4804ae
SHA512 8901cd3a46cf0a9ba8504777b423d19f804a1afee2d6918c7ea42dd641dc584f974a7080fb08f2093ff8fa8ac82bbf8d097c00267a06b2060fc5e118f93f465e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 15974f55c8264fd4299e4a0c8e1cc087
SHA1 d3c084425155461a5f2b1b90e5472b5a8ad0f432
SHA256 aa215fada253e75a5d1453ad35391731d9e86ac3075de5b2e5a44e808ecfd079
SHA512 d044438add89a20c92ee973bfb673e68466c14c419296f5818aed5ac10d916aebd6dbf575addb04cea3785a5068600968331271b9c63eeaec9e9f0ec0f1df0d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cbe67e2de9007cdb71c7ff6c71e0494a
SHA1 12d8cd84e35ada2e47d11a639dfc8c625f462b06
SHA256 8a28081b57b696d0497e78a421d4f9260290ab5fe178a22143414696e78cc53f
SHA512 e4c9575aa50fdaf1d858c4bf73a24d4e12c802bdc89741f79935c1a3e75271b786dfc566301c71329d3b17e206b1fbc64b760effe6d9fb2db73fc0792fb11452

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1711055657\manifest.json

MD5 763e003bcbb80f3c81522cb052addfa0
SHA1 fa672c6fa9ce939d607a1526ca13ec245514b43d
SHA256 e1d24c2bfb4bc07717aa5833146ed55b67c41ef17fb61ef276eff923bb1ec20f
SHA512 41062cf02794548d6df38205fb369d1aa614ac67030cd909b66a23735473f76de1a3c0bcf0895c932bf9b5c506c1d9659745ec84ec52e361881eb474e92e3fea

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\TpcdMetadata\2024.4.29.1\metadata.pb

MD5 7b9001fd6a5786c7b7edfa104a1eca5b
SHA1 462bafeca182a3e600ba22eaa1cab15c1a70831c
SHA256 779726531d52eff63d46df72ddcd421921b2e6bb918147a18c2adc28f45e693c
SHA512 f16d79a093c55408b6c118a743c5d77057dc899f5303c55003298fd67256f58200e085d03471f421065db1d3b131393f2e3a96ca71e35c94f1ba7a0569029918

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d7803c3be35b0e4d22af505f0943c98
SHA1 c22994e1b048407504b65ee2532f944a290f3350
SHA256 d6cd362acf47c66b6e4778988a8b7bb6d4d5537d20148487e4785e19f9a5ef4d
SHA512 a84660d0e738c348f0231690684218c2564bbafc769c3a737079cea5dc12986c9a18a6831411d44c0692236a270b22bdbcb36742a8b61ef4ea071ed8c0931821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 234b54e86bdf7b8ef96a37d53135f4f1
SHA1 769ae1dadfe79006d2bbae9205e39254c2c8dcd4
SHA256 6f2840f25ccbcbd07559a3cae7f08ae2bad61f27ff662e6199768cebdc227a74
SHA512 d633fbe777159a7a64709c052ddf1a9b535c13114926e6144f85347406a74f9611a4c5ba5476b8c41b7c9bf149bb7170308bf425b3a08cbdb9db525219d1292a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c1c6804d18f58268851945d4d546011
SHA1 c59817f16895ddd1addbea3abb18513e5b6feb6f
SHA256 5984b7653dea21dc946e0ab7891d2ca6b8aa43fdb2124a9ea78b0ff678e07bc9
SHA512 cecd0d55fd813695411a8f623b59e99437070a1fe706002b5c9c2312ff1cb7ed360adf72df2018cc6a2a11f4e64e7f67aa3eebac23d749425fc0023f98f61500

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c4813edab8680f459fca414b8081280
SHA1 187247992998f1a98bad69aa7ff0ca0bba3d00bd
SHA256 2743372b1a80298fa1a1184ad493b39a58975127dbefcb9de046d82a9d50423c
SHA512 89b068e8f12949ffddf2c72bbad04d7a8b701c0a8571a1dbfb7966e3f9dc54397d0bfc618a09339d9dd7115da2351eff7ff544ab4a35e0d9f93fc02e7b193f99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d90adcc164c3e655fe615886664ad91
SHA1 ffddb130b724187c2fd7bf2ec800ee0afd931923
SHA256 0644d399d10154551284f74464846595417a56eaf87cd4910df58405e4fa1885
SHA512 fe7ead9db0d4467bb373370fa16ed6caa60c9bf1b4cb9a7f4651644194ae8f9175190ced70c85ff1a064a21e2453f353670d568ffd82cc8a928ba04fff375890

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 881730a72fc30357f860404e1b19c3e0
SHA1 5190c958e57c6aa0d5e42713f4edc675f6076bda
SHA256 91e3a2d0f42f9a4b02b14e558f6489dafcadd070e25fbf21c0efc7ecb74f66a1
SHA512 b0562960c82a7c3cc89b3f9ae3ed98d4054674be8c05aa094cdb5637f34529262116db40669fdfcad8fd0d9de34d89bd2ff6457940a8c273b74cacc00af95690

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 dd42000864cd6e75ef4e51c88c5255ca
SHA1 6aa41678c42b7481fe8a467cda380747b3a813fd
SHA256 919ea7226dcd121d1dace3455bc2a22676df6e834ee60fe69d83965a055e46cc
SHA512 12dd631ed6b8c15d6f367d27516413af659a6b622b75829595a93d6d9398a7de332e9ad81eca2295b944782459571b089ba5341d1ee16ec2bc735120f40e180a

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_2028321590\manifest.json

MD5 8062e1b9705b274fd46fcd2dd53efc81
SHA1 61912082d21780e22403555a43408c9a6cafc59a
SHA256 2f0e67d8b541936adc77ac9766c15a98e9b5de67477905b38624765e447fcd35
SHA512 98609cf9b126c7c2ad29a6ec92f617659d35251d5f6e226fff78fd9f660f7984e4c188e890495ab05ae6cf3fbe9bf712c81d814fbd94d9f62cf4ff13bbd9521a

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\PKIMetadata\13.0.0.0\crs.pb

MD5 981a9155cad975103b6a26acef33a866
SHA1 1965290a94d172c4def1ac7199736c26dccca33e
SHA256 971393390616fbe53c63865274a40a0b4a8e731c529664275bdc764f09a28e2d
SHA512 2d75ce25cb3a78f69f90fbd23f6e5c9f1a6ed92025f83ce0ab3e0320b64130d586fc2cd960f763e1ab2c82d35ef9650ebd7ff2a42a928a293e0e7428cc669119

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\PKIMetadata\13.0.0.0\ct_config.pb

MD5 df3d937079b894c891f9b0b741874928
SHA1 ed93fc386807b3a28fcc7988a88ae4741bfe1b15
SHA256 c7cbb0db6e924cbfccf4a6e8223e3fed4d93f5d78a3122c30213b6e38ee195f4
SHA512 5728bdd930283a4906e7e07acd3eadecb813a3154ffb41729738444bf13aab27dceb01e05a27c77bb13cc498c1d5c2d492ac653ddbfe4b14004b1c7a5bc54f1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 533d8ddb13e56e48c2eaac8788a9a2cc
SHA1 014dfc7a1a4cef31b3b9f50af1f13e7b68d53333
SHA256 f17629d986a24482ed3b7a6c61d9516b9ccb795ddc7149f2d3263307938c80d6
SHA512 29f08c92d3dc40d80bb4680d1a5076e2e2ec70d038a5a2ef9dc8b17f3047d3edfcd225532d604759549ef6f78a8923a90259d3ae83add8cd30d7d79aa54674f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe605884.TMP

MD5 79ee7ae35f0d379d8ff0b05d49386f07
SHA1 859c3153fb14ae47b959f028606edd918be57b21
SHA256 db9a709ca449607b5186c15db5b156e2f9cea4cdb1d0c431ffd60b3fe6531d8e
SHA512 4dc014a3a6c0711ead41418297a21823bb511570444cb83222df3d77e2ee6e423a22e320216a7619f8a34bf2f353cd7ad12707d96f6840c511fe410eef25a53a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000010

MD5 09e9b17fcc99a480034ae3e9bea9437c
SHA1 e9f3f96114586295595bdfdb9edc4f5debd92cd6
SHA256 854f3d8a7a84a1bff9e05a5e3bb91c76875eca57959301c426d00fbe21835ab3
SHA512 bd1927a2baa422770745656df6052b69f91dfdafaf6a28ee152187b301a8592b0568d2d36e348869444e66f4f567a4adefbad3357667ad68470e968cc4dea7bd

C:\Program Files\chrome_Unpacker_BeginUnzipping5292_1197160364\manifest.json

MD5 e2e0e30a5061d2e813d389d776cd8ffd
SHA1 90913c06260b62534b42c0e28bac3082cdacd19c
SHA256 7f8c92b4e9da2afa5a089e37797036d18e61e4f02a4885b7887c0b98d464259f
SHA512 000727f5052c846e39c62ae90032db500708e5fec5af24b8cc1f3a9d4102bc7b9be025176f01722a7c72b5e8bf85b0084cab0ebeb00fde03928c4e22869c98cd

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\CompatExceptions

MD5 108de320dc5348d3b6af1f06a4374407
SHA1 90aa226d3c9d50cf4435ecdd2b8b0086d8edeb8b
SHA256 5b462316a51c918d0bae95959bf827cb9c72bbd84ffb0e43b750aa91fbf3ba53
SHA512 70f30c45e20b7cddd0cba6476af9338975cec8e40b8b19603af5fa859a34c6eb2138957daaa263633fe65213e2186402d05d9d29ad53e8f311335555116314c2

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Staging

MD5 39bdf35ac4557a2d2a4efdeeb038723e
SHA1 9703ca8af3432b851cb5054036de32f8ba7b083f
SHA256 04441a10b0b1deee7996e298949ac3b029bd7c24257faf910fe14f9996ba12ae
SHA512 732337f7b955e6acaf1e3aaa3395bc44c80197d204bd3cbb3e201b6177af6153cc9d7b22ad0e90b36796f92b0022806c32ac763eaec733b234503890900bf284

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Other

MD5 09cedaa60eab8c7d7644d81cf792fe76
SHA1 e68e199c88ea96fcb94b720f300f7098b65d1858
SHA256 c8505ea2fe1b8f81a1225e4214ad07d8d310705be26b3000d7df8234e0d1f975
SHA512 564f8e5c85208adabb4b10763084b800022bb6d6d74874102e2f49cc8f17899ce18570af1f462aa592a911e49086a2d1c2d750b601eedd2f61d1731689a0a403

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Social

MD5 318801ce3611c0d25c65b809dd9b5b3c
SHA1 b9d07f2aa9da1d83180dc24459093e20fe9cf1d8
SHA256 2458da5d79b393459520e1319937cfc39caadbc2294f175659fae5df804e1d03
SHA512 7daff0253da90f35bf00141b53d39c7cadacf451a7ecf1667c4ca6e8aed59a0c4a6b44ddc2afffa690e12c2134eddb9f46f72e4317ce99c307d9e524a5fd1103

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Fingerprinting

MD5 3852430540e0356d1ba68f31be011533
SHA1 d3f622450bcf0ced36d9d9c0aad630ebccfcb7ff
SHA256 f1f413704c32a28a31a646f60cad36cc2da793e143f70eee72ae56f736df8054
SHA512 7a4faa493c141ea88d6cd933dfc0b50ef6d25983323db2b931c7512e039859d60c4935e56b771264ca72b45c035b1962ad8680d616eaaf04fbc5a6e0b674e435

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Cryptomining

MD5 4ec1eda0e8a06238ff5bf88569964d59
SHA1 a2e78944fcac34d89385487ccbbfa4d8f078d612
SHA256 696e930706b5d391eb8778f73b0627ffc2be7f6c9a3e7659170d9d37fc4a97b5
SHA512 c9b1ed7b61f26d94d7f5eded2d42d40f3e4300eee2319fe28e04b25cdb6dd92daf67828bff453bf5fc8d7b6ceb58cab319fc0daac9b0050e27a89efe74d2734e

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Content

MD5 7b0b4a9aafc18cf64f4d4daf365d2d8d
SHA1 e9ed1ecbec6cccfefe00f9718c93db3d66851494
SHA256 0b55eb3f97535752d3c1ef6cebe614b9b67dddfcfd3c709b84c6ecad6d105d43
SHA512 a579069b026ed2aaef0bd18c3573c77bfb5e0e989c37c64243b12ee4e59635aaa9d9c9746f82dcc16ca85f091ec4372c63e294c25e48dfffbed299567149c4e2

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Analytics

MD5 01f1f3c305218510ccd9aaa42aee9850
SHA1 fbf3e681409d9fb4d36cba1f865b5995de79118c
SHA256 62d7286cd7f74bdfda830ee5a48bce735ee3661bda8ceac9903b5627cbd0b620
SHA512 e5b665e981f702a4a211d0569bb0bc42e3c29b76b3f75aaf8dc173f16f18f7c443f5cf0ccf1550df3aa2b151e607969c2c90ab1a6e7a910dfeb83854cea4e690

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Sigma\Advertising

MD5 326ddffc1f869b14073a979c0a34d34d
SHA1 df08e9d94ad0fad7cc7d2d815ee7d8b82ec26e63
SHA256 d4201efd37aec4552e7aa560a943b4a8d10d08af19895e6a70991577609146fb
SHA512 3822e64ca9cf23e50484afcc2222594b4b2c7cd8c4e411f557abea851ae7cbd57f10424c0c9d8b0b6a5435d6f28f3b124c5bc457a239f0a2f0caf433b01da83f

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\Other

MD5 cd0395742b85e2b669eaec1d5f15b65b
SHA1 43c81d1c62fc7ff94f9364639c9a46a0747d122e
SHA256 2b4a47b82cbe70e34407c7df126a24007aff8b45d5716db384d27cc1f3b30707
SHA512 4df2ce734e2f7bc5f02bb7845ea801b57dcf649565dd94b1b71f578b453ba0a17c61ccee73e7cff8f23cdd6aa37e55be5cb15f4767ff88a9a06de3623604fbf0

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\Social

MD5 4c817c4cb035841975c6738aa05742d9
SHA1 1d89da38b339cd9a1aadfc824ed8667018817d4e
SHA256 4358939a5a0b4d51335bf8f4adb43de2114b54f3596f9e9aacbdb3e52bef67e6
SHA512 fa8e1e8aa00bf83f16643bf6a22c63649402efe70f13cd289f51a6c1172f504fedd7b63fc595fb867ecb9d235b8a0ea032b03d861ebb145f0f6a7d5629df8486

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\Fingerprinting

MD5 b46196ad79c9ef6ddacc36b790350ca9
SHA1 3df9069231c232fe8571a4772eb832fbbe376c23
SHA256 a918dd0015bcd511782ea6f00eed35f77456944981de7fd268471f1d62c7eaa3
SHA512 61d6da8ee2ca07edc5d230bdcbc5302a2c6e3a9823e95ccfd3896d2e09a0027fece76f2c1ea54e8a8c4fa0e3cf885b35f3ff2e6208bf1d2a2757f2cbcdf01039

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\Cryptomining

MD5 16779f9f388a6dbefdcaa33c25db08f6
SHA1 d0bfd4788f04251f4f2ac42be198fb717e0046ae
SHA256 75ad2a4d85c1314632e3ac0679169ba92ef0a0f612f73a80fdd0bc186095b639
SHA512 abd55eff87b4445694b3119176007f71cf71c277f20ea6c4dcadfb027fdce78f7afbcf7a397bd61bd2fa4bc452e03087a9e0e8b9cc5092ec2a631c1ebb00ee25

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\Content

MD5 97ea4c3bfaadcb4b176e18f536d8b925
SHA1 61f2eae05bf91d437da7a46a85cbaa13d5a7c7af
SHA256 72ec1479e9cc7f90cf969178451717966c844889b715dff05d745915904b9554
SHA512 5a82729fd2dce487d5f6ac0c34c077228bee5db55bf871d300fcbbd2333b1ee988d5f20ef4d8915d601bd9774e6fa782c8580edca24a100363c0cdce06e5503f

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Trust Protection Lists\1.0.0.26\Mu\Advertising

MD5 131857baba78228374284295fcab3d66
SHA1 180e53e0f9f08745f28207d1f7b394455cf41543
SHA256 b1666e1b3d0b31e147dc047e0e1c528939a53b419c6be4c8278ee30a0a2dbd49
SHA512 c84c3794af8a3a80bb8415f18d003db502e8cb1d04b555f1a7eef8977c9f24e188ae28fc4d3223b52eab4046342b2f8fd0d7461130f3636609214a7b57f49cb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87bf962e9056d0c8cb71c9ee30657b35
SHA1 3e4384d98eaa38f9790d916f26f44b60e29069a9
SHA256 d7431ffaf553a82162eaa0aa09d5871c9d3c593a4b58ec5fb21188ca1ea5e83d
SHA512 d8845c475809284686d50d39fe9e31c8012b68776122b3b135d9caced25828f6852131405686778aa51c15505ba79e4c3acca9ec82accdf69f916ccb6493cf95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cd2795f7ecc0b285d52c1785758ac629
SHA1 6b03379e726a436577ac4702c0c3dab1749e0859
SHA256 dfa1d1e17852ced8068cd8e236519142ebd069fe15e7bae0a01dad4743463434
SHA512 4f0e4a0ecec4a6474472aefb839d9bcd7b2dc7c1330bca3f2ff6e21c0f28ae93ffacb4440333214304b4b021f7f49a854daea8f9ab189b294da3922a9d6bb4d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4aff1487769c108e31449229927ce942
SHA1 f901448b12f9300b00002ac038a2ede663958596
SHA256 01d1ddff99b9ecbd5c0cd307710d8d21a6ae4416416b33a0610e129f2c836217
SHA512 212fb06342013d1814a7d447b08c06868ddcc18596abacae1b9cc102a05215d4f44b0ff23fe1c444f3c1b700be66411e9038fde8a479ca879a7aa77800814965

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7745fc2248d515cacfb3d8171d6c92cc
SHA1 ca899a5f549682e73d3249e7e0c850f792aa1a2d
SHA256 794aeaa6472a41d78ff7dda6997842753cffcdcbbdacdd877bb706fb59994b91
SHA512 71b40f0b07c41fce200815996db2c416ed3a50419f4cd5c74d6e946314057c6d5575eef41712c99112e4578880ff04bf26a0b0822a1d07d10eae6f79dad5bb99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 12aa8d99790dd19f963103674dfec5ba
SHA1 2ca1c442bf219385b77faa6c7aa99992ac9c5668
SHA256 dd2b83cb42b6dd582cfc577d7ade5e8f73f99992318a0a0f20062232ee88c88a
SHA512 9bd3ab4ad0947eb790fb2caea3ce012672ec5ad4e79db1b8bbaa991c267b64ebae21d2007494698e5ea11de4e2547381573432ac2ca2fad17c4d1e1043e5e396

C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State

MD5 07fc32271ca6d4d757bf31bb44b42831
SHA1 b6daed9123bd55e81f4a8f7fe2cb92dafad60ebb
SHA256 994dc9234c1d00d7b1668a46946a485fbab616ecd0fe74c6edecbeb4bfe6bea0
SHA512 73caaf347f98517c954892e77e94a909d227763c569786ec7eea79cd06c94db150639e17765a0b09b91186c9b25e86b409cdc007ed679d1e196dc8adadf07e40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 33373d9360cbb1641c863c6c543bc81c
SHA1 079e5227dc2b89abc0650a2e6c739569044d5039
SHA256 3c2ff3ce16aac6cf388d983130fd0e368694716dce3f3c47cc7167c706fec1bc
SHA512 45d272a9fafd8c214703b9d3af863d6ce4820f2b721de8f5529976dce9953ebbf5a78116e9894ff95b12fbed6c67b4db437f1bb8c2be089c9cc247c737b36db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cda0264fb6481582bacd29d32293b94c
SHA1 e7e8a1a774e4d1031e824d98e714065e1f42e7c5
SHA256 e6b287c9bd996d9d6ab01e18b61ecf9809dbacaed0817c689cb5d1edf218b05f
SHA512 b4b8e258f288adadbd44336a5b5de11ec535ead39d099f5333873a85db87a41e95edade2f669325b4a7fd67dc856800a5ff0500f54b5b3c618f03c8ab2d3e6ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5c097562228750bd038912c9a1fcc5d6
SHA1 4b2c2d7dd364cee8d0fa4908b847c0b3cde152a4
SHA256 33deb01782e134094b16ab73565dcae8b0ec6a9f16a7efb78a7f682f417b0653
SHA512 d7526f8fdcba8b5665617f892c6d01b02585c74252e3d66f2df64ad2e034d04d52862b3bb2b10ccd9b2b9cb8f34924f52c7ff19bc5fad793b8b1fd896fa20175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8e3ec8eea9d3e449f59e4eb25dfa367c
SHA1 edf994f4e021cf47998e7377e91d2e7091313fb2
SHA256 0612675dd2570c95f9bc0e828c2c0a87a9cd74512f4ad6b24b9d1fec0d6f3f8e
SHA512 d92fdff90c9b447c11fdac08585b49a56a9aac2233ae7ff7207b6549e65bd242258c41ae1c9d716f73ee27e0fbb42c573cf064e0d8d1b6942cf4c03363e4afdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e5553fe664448bcf99e2a6ae3c473603
SHA1 f5ed46023f97e684c65f8eb38499975e563813cf
SHA256 37df35e705e1695013867e960ebf60e508b4e92e6ec35e9270782ef8782141ab
SHA512 1b399528b1a34e4a034c69e68f0fee9a6fc1e63fa123f42a04c4038625033fec5cf3a4c9738251d29506575acce059467452920319492429b97c1918860b6dcf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b7a341bda87308e49d58395e4b6ba93
SHA1 61c135ee6603ee5a4a77ae907eaa6af184349501
SHA256 f525bd8d0caea3a214c0d57dd597517a61de9251ae46c85c6b29e6095d108b36
SHA512 0fdc2588fc51907e05922cb384d463571874efea7bd9879e5e87c5fefc4f14ac318971dd054361dc02d4131d5d00e1c4113c8304779872072626c1bc53826cb0

C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\5MIHM5LV\microsoft.windows[1].xml

MD5 84209e171da10686915fe7efcd51552d
SHA1 6bf96e86a533a68eba4d703833de374e18ce6113
SHA256 04d6050009ea3c99cc718ad1c07c5d15268b459fcfb63fcb990bc9761738907b
SHA512 48d2524000911cfb68ef866dedac78ee430d79aa3f4b68399f645dc2066841e6962e11a3362cbcec46680357dcd3e58cfef9994450fed1d8af04df44f76b0dfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 871239c38a5c36c5b3eba39939001c93
SHA1 1f6c1e64c2dd38ecc24c28b7eb7b8d9fbc9ba17d
SHA256 63f169ff83e2c20b83f11673883effb2620b09926a1814dff73e3a9f4fe65b54
SHA512 9c5d72ec1431ae34a22c28f1afe19ef8258b003000a8999120e10ee37d1c6560297373b5f0e6213a93995ce7e66144a61f48cd83929a561305107c57e5795582