Analysis Overview
SHA256
69f43617b38f34ba3a45a9bf75829568078ce6e6b86cb75c2babd2f891810e4e
Threat Level: Shows suspicious behavior
The file 7up69l.jpg was found to be: Shows suspicious behavior.
Malicious Activity Summary
Writes to the Master Boot Record (MBR)
Drops file in System32 directory
Drops file in Windows directory
Enumerates physical storage devices
Modifies registry class
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies data under HKEY_USERS
Opens file in notepad (likely ransom note)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-12 12:21
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 12:21
Reported
2024-06-12 12:32
Platform
win10v2004-20240611-en
Max time kernel
635s
Max time network
636s
Command Line
Signatures
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\devmgmt.msc | C:\Windows\system32\mmc.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\INF\c_netdriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_receiptprinter.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_firmware.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_linedisplay.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontinuousbackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_proximity.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_swcomponent.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscfsmetadataserver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_computeaccelerator.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\dc1-controller.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsreplication.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fshsm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_extension.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscopyprotection.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssecurityenhancer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\xusb22.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_ucm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsundelete.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\remoteposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontentscreener.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystemrecovery.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_diskdrive.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_camera.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_holographic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsinfrastructure.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_cashdrawer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsantivirus.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_barcodescanner.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsvirtualization.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsopenfilebackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\digitalmediadevice.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsactivitymonitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscompression.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystem.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_volume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_apo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsphysicalquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\SysWOW64\mspaint.exe | N/A |
| File created | C:\Windows\INF\c_sslaccel.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_magneticstripereader.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\PerceptionSimulationSixDof.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_mcx.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\ts_generic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsencryption.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\wsdprint.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\miradisp.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rawsilo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rdcameradriver.PNF | C:\Windows\system32\mmc.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "206" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings | C:\Windows\SysWOW64\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings | C:\Windows\SysWOW64\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings | C:\Windows\SysWOW64\explorer.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\7up69l.jpg
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa95aeab58,0x7ffa95aeab68,0x7ffa95aeab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4412 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4616 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4772 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5000 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4380 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3376 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6088 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6096 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6044 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe"
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5392 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4600 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4404 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1164 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4556 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\note.txt
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8 0x2d8
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2304 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=john+cena+midi+legit+not+converted
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3fa4855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.187.195:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.195:443 | id.google.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.204.58.216.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s-v6exp1-ds.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| SG | 142.251.43.67:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.43.251.142.in-addr.arpa | udp |
| SG | 142.251.43.67:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.co.ck | udp |
| GB | 216.58.213.3:80 | www.google.co.ck | tcp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| GB | 216.58.213.3:443 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 159.113.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | id.google.co.ck | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | motherboard.vice.com | udp |
| US | 151.101.2.133:80 | motherboard.vice.com | tcp |
| US | 151.101.2.133:80 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 151.101.2.133:443 | motherboard.vice.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 216.58.213.3:443 | id.google.co.ck | tcp |
| GB | 216.58.213.3:443 | id.google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 216.58.213.3:443 | id.google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | motherboard.vice.com | udp |
| US | 151.101.2.133:80 | motherboard.vice.com | tcp |
| US | 151.101.2.133:80 | motherboard.vice.com | tcp |
| US | 151.101.2.133:443 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| IE | 2.18.24.24:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 24.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.vice.com | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
Files
\??\pipe\crashpad_4860_JAVLMYOPOYCPGCLA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | dc4bf0a3d575179624e2c5f58f8246d7 |
| SHA1 | 0f2fa0dd852dd819a04bb091ae870815c2976142 |
| SHA256 | 3144710c06a7782f464f177e46066756ab716efb15dad24209d90ee658087f04 |
| SHA512 | 3a7df09116da1e64e09e60245b169140d8e216da49174d3581d0ade9661c5d9a0e17ddf836ead84d7381bfb97eb633748c9aedef90a1c54ace17bd80bbfaade4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f5a92700a154b9ae0ad1cc1b0297114 |
| SHA1 | a7d77adf4199f3e9cafd5401bf5e749fbf04844a |
| SHA256 | 336e2a3045383854b4ecf42f9376343cd01e54cf37fb59caf303b4f351883b8e |
| SHA512 | 7ce204d7180f2ffd3856f4dc36a644b24f22ca57ddb7aca421e83537e22579611795381ae37d1a679333786a802adb5f9e3049c8c0f56607782b124882be32da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 43c31e1ac2db06dc7ea346920eb502d5 |
| SHA1 | 164956941c0e3d2a9f6d27154ca9df3037654bd6 |
| SHA256 | 0bb45bfbd6d76a7a309bd76f562467090b43832a7b9cc8515fc14ab8e74c8f62 |
| SHA512 | c144d8badb61b90bd2fccc944edfc69a6ca151b49c86653cac36c5054ef7473173536d14df182dc52b90d82bb23e4c5cb301875721799f77f2ae6cf92237d993 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 948fa7be6928a781084fa420d91787d8 |
| SHA1 | 80ca0737ba138f905dde0c2839c0e10ad86d6a22 |
| SHA256 | a26120675ac03c5a438272fbbce5e7c4c1d0d9776750b71beee02a8e184bb98e |
| SHA512 | 597ed639d68095c49f6f3e3cd52b603783ac1bcc32f247bbda61799f92dd842c8b8e220a58e4049f10c54e74677c73baac371f107a5135031b5b8827d40bc6a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 6a16cbefd2e29c459297b7ccc8d366ad |
| SHA1 | 40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe |
| SHA256 | 9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60 |
| SHA512 | 6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 1dc2280fab9aaa2a572aa1269947aeb0 |
| SHA1 | 79204f5f0ad7db622432c7f2a549eb6dab1c9b29 |
| SHA256 | 7207e117a8eff460cbe9f345d2275019c0b72d21372cdefa22a3d2a2b056b0c3 |
| SHA512 | 6f4e4c6337daa170f07a4e8126de74943dde613d3043418926d11b5aee4e4a0bf4d1034c87816e693de0f05616e098d66a8f8d6ee89c1e9a25a027417ffab27a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3c9b5aed8b3120cbb9fff231bac0f3eb |
| SHA1 | 96b7f04decf5c75265875be14b8737a327eb0966 |
| SHA256 | fae962ea49198b35673453538aadd605c13894473d498f2813e791ea85578866 |
| SHA512 | 45ab40ac197888de19a031caee5a12526c439ccc9b12f6bcb6c7e7e2eca020616256946220c04a6d206509645c786d58c78c9303c76fc6b7cff2fb444d75f899 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24d98ee8fe46ecfee4edf78361766bc5 |
| SHA1 | 3adffbce8cbb161a7fd4425ccd1ab276ff17b5e0 |
| SHA256 | cf714a72869764ba23d71f042b856a88888c81d9cbbdc28be19a8cfbb99aa755 |
| SHA512 | cc5ce9fb6f03306d3071de0090b03d292961f77c6815c04beccf484899c2f4b254890b89500fc2a126ca4148bb9557839034924b5f7f2496dc91167dc1a08927 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca1ea9cce1090b994aa3ba72ef86afe8 |
| SHA1 | 7bcd56b12d5ae538984995dadc4b62df0f69b409 |
| SHA256 | 882a0650dbd2a8bc3796e7447a069393d0cbcb684b04c678e0a84bb01fb040bf |
| SHA512 | 9ec9da04ff37cc5245280f28b7954ada831010655c55270ab058b43a124caf60c1d4859dc367b7ff5815208f964914afa6e3c634303cec608dd6dd0df2823489 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ffe7402c76e767fe37eb22031f6b40e2 |
| SHA1 | 0d9d70a2a86bef799675471044dcff48e4126655 |
| SHA256 | 0a57af5294093f53dc4d9dfe4db9686fe728fe2b3b9b796fe3aa5fd02eea49c5 |
| SHA512 | f0d78ad4288a50d21689a6e46bac127e385b619af9f445c37fd823a7037338f795eb73ce01e557b09cf8605a58be31405a37ad103c1dce2546f61c831251007c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 59856fad34cb09270290650d3760ae4b |
| SHA1 | 7fafc11653bb03daf14f737abcb95c73ad55da41 |
| SHA256 | 64a3ef308ac4fc6ca116943c40039e13519463a8f1fe8a25f05e65e330cbdfff |
| SHA512 | de0313c446bea65eb6e091703ea17812589ee6d4d2556fd2677ae8f0010d1d0e4385fedbda6645383f5c079c112861720fe1322b771aa2d29edc6e75a9cd75d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 95ee3d169d6453bf1d80e1f85d46e926 |
| SHA1 | cd152d8f371df5defafa80e8fe3663ed337c8329 |
| SHA256 | 4e186ccef82cb5362c8461fbf11cdad820293440ed3c0580cee81439bc604c03 |
| SHA512 | 506bb02e69bf0700d4132036ebc4b4620458eb067706c9cc073f4fe41c58078987cfdcb8defb9c919ac9b483b1ff155907a70f22eb20307cf171f79fc22eb7b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c67e553743a058e0a959f52bc248553c |
| SHA1 | dbed2cc8a773044de30200afe9d2bdd784c8a0ae |
| SHA256 | 56f1247fb5885582f32e63e154de59406b78b9b8c882517f0e564dda8046d17b |
| SHA512 | d49925dddefb191b5b2f93963307f94eae4dd9faf5b1acc19c1a62da7a0d55a5206b645fc975000b8ddc5c73ca4c226f1a2b5d5409b604efcc7926a1795d7f0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8fc1da577639163049abaed9051fdbd3 |
| SHA1 | 90e1a362f99c1b2b463846552d3eed024e06558d |
| SHA256 | df7afc6ec18337350dea5966bdb3427f687799693491301455d87caf9bb2080d |
| SHA512 | bf5cb374b9a9b6725a852af3688412daf93b19c7e25f55c49db17ce2cee2f55ac0a785f2ab39ab704b94c34821fc35725df50dd3597fe568d7db1a910c240627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a5882f1c43e898bfef02dfa4d66bf8cf |
| SHA1 | df242456ba54cc94c3b1c969c309b49dd460abb7 |
| SHA256 | 02f95087ba34ddc37c5e949dcbcdee903bb4baa666a4e9fe851adc49c39b43df |
| SHA512 | 950ce607bcc1a78e3c6e5e2fdf2e8cf073984cff6b2816607a509338f29af0adf4fe5a1b44d826b868dd91e631d8efb26397d7fe840cc6d221c2fe92a44f12de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 12dfc79a3e0a41178bcd3c0a41d03755 |
| SHA1 | f6e6ef68067ad8e0bb60c301dbf94177075a7523 |
| SHA256 | 24fb1661033dd4cdb5474f6195398ab67fc34eaf59ba4a4eba81866792b39c8e |
| SHA512 | 4e67861ecac44226ad33d45c707e6cf15baff0d797b09edab9157bebc61fda0478b54b53115eb0eb0971ed954b1f5dacadc88baf2282aea7b41e9a4a65e0e6d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c06558f549b24d72ec3a5efea1f2c3e1 |
| SHA1 | e87f083f1f43ca928a4e5bc04fc853c63b2414c2 |
| SHA256 | 777718df6defc899b4ce6f6c23d74f1f17c7fe85b640ef649ecda0e35cf2e890 |
| SHA512 | b6ca388fee69965fa9872cad4b852dc313a9484532b903b3557c319ee035e1f933fc7895622e5a6d21213f70702e957a892fabdc203ae725f18d60ac108359fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bf4827d76ec871ab6d760480b2b13759 |
| SHA1 | d8f93a35d16f29b46fada292f9083b97df9223b8 |
| SHA256 | 068492c5e8af0c3017cd92f28b6042d155278ae01f87044a68055040617ab1ca |
| SHA512 | 343aee491d322ba71db2b4344ba64c4c1c1844d3fea201402a004393892ac7e1883615b44098f444e3abe27782ce41c5e8bae805174fc8ada5c955d7fb6b2a37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20480ef611e9ab44a5d16dcdebf4a550 |
| SHA1 | 52ec4318cf1bd61b705fb90202bce5b942933874 |
| SHA256 | 3623e03249d00cc352a3d70bb7425e80fc00f4c2acca149ea1b3b3ca99ac1b64 |
| SHA512 | 1ffa05243f8f2c600e52cf57b08210c4ce5a3a11898390eea3a4ff1db9d42056f0b98f1e8f9ddc4205b36cee40d4773d2324f37c684c953d161e78264544a030 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fd357de6c270db923745711d9ed6e931 |
| SHA1 | aac7891a40af32e2a1a2f720e13efec60f8a827c |
| SHA256 | 7b9e95e91b72f79d11fb3d925a4865d29cb8327cb1ce2087b7922dd96f6273aa |
| SHA512 | 4ff9a921c52dbb4225ad92514a2818b3a23d858fcc132c94a516d34328366dc0dde9c915dc12da34465883e233a577a6b112da72eed29589959a69c74c1cfca9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 09dc871fc0a53f252dd58fda4358d5a1 |
| SHA1 | 261d57f3fe3a601493cb240012ecf666f2e3fc42 |
| SHA256 | caf48dfa3252b1b9c9b1838a0f2ac4a08d8c1efd3b111a2df79d0b852908e37f |
| SHA512 | 21e540121819d06563d20bf2946709b1b0435ab0d67bc5a12227ab4539797d4cf408a3ac525e605284e5c65d6255ff627a7f9a20447ddcc3f74aaff3ccd96d02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5afd1e.TMP
| MD5 | e1939b146c85b5863d652f445ab35938 |
| SHA1 | 5ef0371389e7375335d545685b99482326ae4b9a |
| SHA256 | 0440ce38e6af14c2fb5a23c9d30f4203d830dc3d7cd17ff8db3c8b54b0f65b6c |
| SHA512 | 4b527148128b2d375d856c8046b23c4e4977196ed6b8c54e32b804715c8b7030fef88a887ee0b47065fe6a470bb43bc70d7a6f91334441d898c74f11cda4ac22 |
C:\note.txt
| MD5 | afa6955439b8d516721231029fb9ca1b |
| SHA1 | 087a043cc123c0c0df2ffadcf8e71e3ac86bbae9 |
| SHA256 | 8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270 |
| SHA512 | 5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9a78f3836b60bb937d78af03ce1a00eb |
| SHA1 | b8a486c7357fc56c67a4cec87901af6150750127 |
| SHA256 | 65e7c347c4d67145e2c2e5ecfe388bf60d57d1cf81fb5ba3acc8c8ffe82a8502 |
| SHA512 | 7115cba06408efa39db7ebc2103bdcc8d8ef5511783dada1a0f1e51b34f3bd93087a37506be2cc96dadc978ece8f81577adec852fcbaef3ea78e70258340d972 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | f0c27286e196d0cb18681b58dfda5b37 |
| SHA1 | 9539ba7e5e8f9cc453327ca251fe59be35edc20b |
| SHA256 | 7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127 |
| SHA512 | 336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 1e2ee40c5ffe4aa418ee58f9007792a7 |
| SHA1 | f28b05c74e22d0b0ffb9552c8bbfd122a03dfe87 |
| SHA256 | ff9665f206508f2662d1b4137ad427d6eb983f8cbf86d5a28e68ac116169bb5c |
| SHA512 | 5c67234e24e394c5d02c80e26514b8480a2330cebe98fb07906c035a868714a00c8e2845c9f26d13adbe3f5de4088c913979d46ff2a0739b0adf9a35409b7672 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 882137361e714b364468b09bb8a5ab37 |
| SHA1 | 6e0d7bb4d18d847de81ec96511a0bdf2d6ce7663 |
| SHA256 | ac0c2ea45cbfa4c887ab3ae3dd8e0adbae80eda8c26c19560380db71796aa6c5 |
| SHA512 | 9445ad07a4ad54edb0428244fe887f17acce86c2896bde02e01d6d2037af852f1c49ee89a3d30a10754916f21abd8dd7e9fd16523da9f82b94ebeb0f9a40a6d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98dbd1445561a0531f93bf56c6d26055 |
| SHA1 | cea5fc160d3e53b3128b1513e706a72cae038037 |
| SHA256 | 1775c5b7bb61e7e65c89932c0b49e3329e17b0d007273489fe7e45f9200f5bd0 |
| SHA512 | 4703216eba80a7053d4dbf9bfaf2b358dd7075f275320cfc8ce5b8912158b217c78aae7bbc5fbb5e8bea963f2e691c8e031b75798bf8cbd6f366bdbb3288aeeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7bc62fbd932c4b2bf491bfc06eb791a5 |
| SHA1 | cdd5aced156828a1826affda384d43897dbe59a1 |
| SHA256 | 80442f16629fd8167d584ee896ff51c7050af88fbdff87b3a9663eb48d2beb17 |
| SHA512 | d50905e4742346df42a156591359b375f41eb4acc683cdc1efe689da61f3f1eaae32a441f394c7a9efadcd9144a50f1896b6af791e1b56c02e4f1937f47670b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f731ef60f3afc61afe5103f08759d95f |
| SHA1 | ed186e2b374e005d2ed078d0eaf74f62c92eb130 |
| SHA256 | c5a53731ad5f7971d303358cb4d31ca8ed8f55ef96cad2502160af0a7a824904 |
| SHA512 | 2374fed0dac30530ebcb2884969bbf18a2c38f7a45a0a3571b6ac5cb7f95972a9453e0d61c5235bc8b4a1f802e6ffca5d58685d2b7803eba526fb850d4946663 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b4a74bc775caf3de7fc9cde3c30ce482 |
| SHA1 | c6ed3161390e5493f71182a6cb98d51c9063775d |
| SHA256 | dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280 |
| SHA512 | 55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 69828a6327cc1e91f1b2d5a2a4cd614e |
| SHA1 | b4e4b75fe8b4484834854c83d7797968f7d6c441 |
| SHA256 | 50f8ab9688582517fe8121d58b30c72c2ba8da771f2468bdc4164cc1ea0377d7 |
| SHA512 | 7452f34d161ebe2d77124f3318112d4b02e792853349ad5c32942ea477cf7d759a204e9060b0a5822e805e2bb59779dd16a8135c1595ed58fd4ef6594e868b26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 64d2c76cb07772f41e3c93d2df701a92 |
| SHA1 | d7acdf7abb500eb21659f34464315b32e46ec71a |
| SHA256 | 89200c13caf05e914aa90d7a74bd4ec68a56f3e0c158a4348c99cbf2b894bc3d |
| SHA512 | 167892f0a8f9e8f619615a2e6d474e2b7d70ba804e6998962a0578736276a6b3bbcd8c912d22b422513e0131e54f4364c7a106b97b199478e363c84ac1db6d78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f3fbb43ce5e91a442964f3ba7491b3b0 |
| SHA1 | eb2565d33461003ce7367b1d4e8baeaf1bb51243 |
| SHA256 | 86b30c4ad72abb1dd71d93377a5cd9a5906f84951859863d164df4098f79d0b1 |
| SHA512 | deff8eccad1ed26d5024f2644267a704b029243ebbcaa0e84820a06fe4858c930f24fa7e5b913171bc610afb790ddb23aa62f97dd06e6283252f0b47b33d63e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec4fa43b639427cdae4ea248bee79c3f |
| SHA1 | 82f824dc15c806c060109828553d242c7ea8c241 |
| SHA256 | c41307026ae71aa0ebcf7b4e2f3cd22c7471dcc5f159e7a206c760f35615cd4a |
| SHA512 | 1035eab62a5fe53f6330613f836d29a2f3c4f3bf04be6159091ed448f79788e6320646d6294b79ccf1dd6e3444c7b3d3ec0a331b32c2edc4074fb0627162f42e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7f6d57f32ccb2efaa8f9994975e1e48d |
| SHA1 | 13db0eea587a0437b5d8f0b1c2042c64cff7f4a9 |
| SHA256 | aa4c8356ecc4df84ca1e99ff9d786452bec3392665f6c05756a86b3c5b59fbdc |
| SHA512 | 2c7c6640629677c92a69bc2bdb2554a6da51739f1d95ecec7e6ba8eb46d9b10f7e1bfb91f0260d6a3662719f39611fdfe8bc5838eaad0bb305409ca788885a5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a246f609442e462f2927f67d3d890094 |
| SHA1 | d23d501414e3c13ca4753f6d07aebb9da54ec01c |
| SHA256 | 9ed91943212c86a718dda94c30858b31b80a8ded89203cbbae5d9803615d8488 |
| SHA512 | 3ba6cb0fad89db4f6f5c1a3cbbe4845241b4b3a1093ceb8a3ebdbfb0ac57996d34ebac76c0e93eb7a900032308ea06b863c9a29270023854879d5eb8510c8fef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 5e7a3d52ab1ab706e22da05e1076d549 |
| SHA1 | dda8e37de040888079e278f195d74339481f5025 |
| SHA256 | 0ce72c90b1453a457ccc7fc026dbe17062258ee5a2cbd7fd1e131c5a51036a62 |
| SHA512 | becd5125632e852c5bed4bf6172b850a4da4d8ad21778279b6a1cd16242803548a274519cb09cde492289d80ac952a16131329a97f1dda04f5bb6ec15c6143fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 518bb268123ac4927eb6d4fff5dace2f |
| SHA1 | 904f30d07ce0828eeee51b553881bd8268ecca85 |
| SHA256 | 243440191e3f87ef517b84b75dde134fc7c2d55302c604da2a44065fd4981dbd |
| SHA512 | bdc5b24d1b30a2073ef6c2be5a83465f2e305ff7008eea78cf86c225a24ea5565639cf03ef744ee84b40c380ccc34402492151bd6c2a03fdba73313a1421261d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b89189da739344c70fa4fe07f27c21fc |
| SHA1 | 43c5de6519e8962d8c26e5c2e36b1ff8425336ea |
| SHA256 | f923a199e68939021e1c3f9d0a5743244943fb8c86408c63294f5b0f445a66f0 |
| SHA512 | 57baecae46692a2e6872c0378d2b18218bc5a12a8761f2b2fc4457764cca07cce983a4a3c61f7c13a2c0dd0bc9958e22314c0b0cb4b91903e635aa5435f90d90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5bebf3.TMP
| MD5 | f94798866c3c5b9504549f66873d976a |
| SHA1 | 8d4f93dc192f1e4b1f5ad6116bc680f2b43d4e90 |
| SHA256 | 7043331ba94e02a4fbf9f1060fe3539fa64708d8b239bda41c4cefe903c5685f |
| SHA512 | 4d4101c7a1d54e899552938f8d66a4c4447a00141d93816dee71f7ddefc7ba5635357392a8915d151ec8a079a520349d5c339fd7a8eb24e7c975821393dba8db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5bf2f8.TMP
| MD5 | 8f4f651e8b358791f6b51f09dac33461 |
| SHA1 | 1108d951eb624e27b77a81d859ad101bdf54e669 |
| SHA256 | 106ef8c6cd33abddbed9ba71ff258d091bee941d40be716bfdc1442e4a60feb8 |
| SHA512 | c0c1de69ced006ff232001edbf7a4c580de950265ec920ac8be0f1a1c164c6097a2d4b8df911897fb63378738d0a11c7b65d576e6611d5321c4d3d59fb8fe51f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41c454ff4df7536c7314aa2288d6a4c8 |
| SHA1 | fe97d0e73ddf4797d7cf797a88133ac8851f4a1f |
| SHA256 | 00bc85f57b250776a768786b340542333a13903eedae17def082d0d0f15a3a16 |
| SHA512 | d12c59a0dcd941edf03fdaa5ce7729c7caf0c10c3c5788cdb8f3b1a39294c84c7eb108079575a1f9c31a601f926aed2c521ae03dd3494ddcfe5310f563dc116f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c5abc082d9d9307e797b7e89a2f755f4 |
| SHA1 | 54c442690a8727f1d3453b6452198d3ec4ec13df |
| SHA256 | a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716 |
| SHA512 | ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 207bfa05353c4dc0bff0b26961f0901b |
| SHA1 | 0659f7c98f0bf2c8cc74c466c8ebc771c8e5152e |
| SHA256 | bc0e3d584c8fbc27b2f2f8e5da022debcd164ed2c00fa0b44e545de8e68f1b1c |
| SHA512 | 5678b835cfd772566415e88b492630eab37b10c7c4ab93a6f6363ec35a7a0a5211beb9758ccc69526dc4b90eb8149c3e35af13e765828d60627fcd2ff40794ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 34cea96558c1bc7b77b8d878b2787512 |
| SHA1 | 4dfa6ef5aca2b9fba18c95c48aaef0946e85e958 |
| SHA256 | 7c17b2023b5aa34d11c9d1e6541b2fa6f087ae06350e16c2f3dfe66b17aef637 |
| SHA512 | c885435fee63f09142d2ceb9bdb7118bf4e8ed86f6d940ff968f7dfbff21422f0e507358d0fbc0a82c1a119cf6a66b8bbfed87e5e063c418ac854a77ba959205 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e3cbd104db51adddc6add065d1fdab4d |
| SHA1 | 88a50365860ce45bfb6bcc419fba79bb9bc08df8 |
| SHA256 | 204cfd8049ebc97b77ca359dac7f7e0b2c694aa273de2c38441cc3c9b1fda73d |
| SHA512 | e2197906eb654a958a2adaac8f9375e904612cab2cc06b01355f3cc5bc8c7d0f37be8b43f530216eefaf374629a0cea1a8fad717e7c5e90a6cff34e7ec3d2bd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2aa32414fbb5c5d2250f60e041d89373 |
| SHA1 | 907a8174a5d18a3b65a9f1369172388c1070162f |
| SHA256 | 2baa8bd8f430b353467282ef7f19a36e612a20027fba66d863879ad87b1b4bab |
| SHA512 | d83aaf0d3c1787c47aae0880a71f0babce652411879cfc50121611d28852fce57578ec8864cce522082d4348e456105433159b6b0fbaf8cdd045eb77d63bb40b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | de574167c55c8dfe8008214eabf50021 |
| SHA1 | cccc8f8bfeca84a698dc0727224a1c4b1a264646 |
| SHA256 | 68d2887cc67049f8d399433b6500c4cbf4433479265a3f7ebfcf23b558711076 |
| SHA512 | 9155bc3ec9f1f2e13279768d04805c36be8e3a8c889aded05b5c05ce43924e7e7db8e58ad6215da0ddd9c3829e7e2a4d6f73abbf82eb0e684154d470365e4f81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a05b4ba39d88384908abb9ec0b333e20 |
| SHA1 | 454c2f7115caaa1dc5c2d66a4c4227173ca1d38d |
| SHA256 | a0044035237efffc08f85add4b78b999f180b55b6d98a5acc7c14348f62f30f8 |
| SHA512 | 65bc996b6d9439e9568f88c68bb9f6f5d1825874cde71aaf04a640e567e6d6afdcbd0aa462a45e3fb4d40dd278ee744ba37c5d145a02eb715df8b36c4c6a7f72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | daaaef2367790333de5595587e2a7fa6 |
| SHA1 | 7ab1fb66a171787730d4ac0ba546b50428a64058 |
| SHA256 | f95e85502e6b1b01f37879a3c4353275235f4cad2c16a534f6fad18ecab5313d |
| SHA512 | a9697b33b0aa3e8be36390ecbf4fd9d3c59ef77225c9182bc4ee35e6d3ed8249d0271b576ad03470fcda80e0726ba444dab80cd8d8d4119526a4acf2d392b620 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f30aa38e2909b9d482749eae50a0dc09 |
| SHA1 | 0526d557d1ff082fa86f53b8846f7b99c5eec84a |
| SHA256 | 6dd85b73ce2f8c5dbd020e683e98adfd2719189045cbb0a7ab01dff60d591d26 |
| SHA512 | d15fc15bfb5d9bd2e25efb83f5221f272a7da8da53e6224610b695820ab4c00a431b5f0ac9cf275f9e6e3c8556df49fba2aeca59ffdcebf5a0d6b15f48b43098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8a76587f-5c79-4bf0-b082-eb73d6addc3d.tmp
| MD5 | 14fdb2d2d7070c4cc7af8f9508a25409 |
| SHA1 | 9ab43bf7d0166a88bb8cd237aa01e8421e42e6d8 |
| SHA256 | e8c422e6f0463121daf1ffcb072903e34a14726f112ff119300f8b72c61511e5 |
| SHA512 | c1688dfc4b84501ced3525662ad489fff867f9696aab95a4dcb6c76059858f2e9807982abcb4292af570fcd6ba110137b6a73133c130c00a314043aea9d95f94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8e80622cbcc4aac1f0a4bc6592b805be |
| SHA1 | b96c715e147422e7ac669aa3663cdf78738497ef |
| SHA256 | 1b3069bb0ba5fc48788b60d76dc38d73819bcf8c80ba03221e1a3f896d59747b |
| SHA512 | 1c84fb97e4edc6ba0a24697af3248d18b097613cc9a8452346e6dfa75981d625f65da401087df7c2fe7911f85742aa020772f831725e09bc5aee0dce40e7c82c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad40d260beb0c6e3a34e1b60502a92aa |
| SHA1 | 8d3848eeab86b1e706476cca425950cc8b6c5e9b |
| SHA256 | 55f3cddf739451f376f08826370b0846dc30399a4f3b0af8185588220a49866e |
| SHA512 | 2ba3a7f0f7725ad8f49eeed7189efde62dec9432f48a086df53839da526b424f323ab94a8446e5f7a264ba10bbdfb456887c2a061bff3cbed063bc2e29108f2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 3077d8c4d3af5bffe841acfad94523cd |
| SHA1 | 58c1521c5270237040522620cd0ab78fea7b3461 |
| SHA256 | 9b3301085c2740353b0ed150c185c292e983a91417f351566921523265473a9e |
| SHA512 | a6eb77ca45cb6147b7ae392a1c112b28c6fb9fd35903c2195d7699065963930ff7f759201c93a40acae86e5d9674271213d487dcdbf87dcb1bd3cdc51ab3aad0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d15dfaf9f2181b8f6ae4649c04546cff |
| SHA1 | 55f11648952c3561bd2c079c95a9520117f0dfd5 |
| SHA256 | de64ee66c85ee7cd26b806156c7484e4658c3dc479d9ddb40a9b99c28115e244 |
| SHA512 | 5a351597bb8c43bd5c28c810cd5e3947647c6f8706fdad0dcb1918a83d3c020b58403db7756bc6e71520ade5676f9a2bba1c9986151a4d28c4b62cc1ce8e1558 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | a3d85c7d7390339e58abc7da1998e642 |
| SHA1 | 56bae2325ee8c9fbbc0d7b58893728dca719e3a5 |
| SHA256 | 77665f3eaa0a3850664047389e49e951d65840afeb224a5d1852acc059e92041 |
| SHA512 | 0afca1af6fa036a9dde9b9e1fe9d0e51e3f80b03af58d68b8c55e65899145449eed2f8c0bc0d13bb7f4361632cf2b57e78e3885a977b374e5df27c09611aba93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\062f7c7a-38e0-4607-a1d0-0baf2f37c67b.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
| MD5 | d1c7d82bf9de7cbb3ccf16da026c0e42 |
| SHA1 | 41184de39bacadd41f9f5eaa16631e987fde044c |
| SHA256 | e220a4f56c50c34e5128697a46a47fa304e3dd77be082454642e500e9c7ecae1 |
| SHA512 | f239c3ff19ca8378cb2417056590625a285803db6a98f1ae4bf3686a6fca3d46cb47a16765c9e4fd7d190740aeb91388f5e3a4991e2bd49284da71b87d366415 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 052a0332d7b20396947d4a93d3cc56c5 |
| SHA1 | 8e8cf88fd0fd7896c405bed87930002f93a8c129 |
| SHA256 | fca8ad6b2f1a9ce1c0f6cef2e19a9da0bd7a9841f2b51c7df1245c81a492973b |
| SHA512 | 611eaadea1ec838113c7c1ee02dfc1e31fc7c3a167194bdf676d2d4fcdced6df583459ce27020493315b80685f9c4bcf6c519f8031bb7414d803f275453eddc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | c572e2ed9946189a6af97afa56ad0418 |
| SHA1 | 60bd86ac2c8a1f8e5527b131082e548efd221759 |
| SHA256 | ccfeb962d7998ccded6c48ade6ec88f8ccb1b20eb52fde7241367c2e70acaaa6 |
| SHA512 | 35b6ab3d29342dd45b0cbe1b214e3d9a4125a1c521918a05bf9f9b1fe9ad396f89eea2eaecb1fa43115ca402dbd056a4f07ae775aa62e91b220eadd79dff0f49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 329ac349af69646e6624e298cf8e4a36 |
| SHA1 | 16b652d5215214f8441f63f768235eca667f8467 |
| SHA256 | aadaae078c1669c77d09c53759063a56da579e3e3f288d896368d8ea573a97ce |
| SHA512 | 5bc228307693695af24727339ee094d0d4ef6286c577c52ff312b61712c32b6b11d2e604ebf9ea3d0743baf9b5a153888d7d790b67627fecc3fa278ccd803997 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | 62d090d9850d0a827295b7e6e276d376 |
| SHA1 | 94f319b78d684f7d1be66dd1bd60c07c94b859cf |
| SHA256 | 448bb33674d8d7105b8823f7bbd2884fbb1039aeeaa5a07f074db98781d94f3f |
| SHA512 | 1f4c7ce4f4c37e0ab916b5f7ad8a51cc7a0c8bb6e751c0e76442b7cc7d4564356104e6e87493ca51f57c63a6fa744c08646dbacaa8aa1db1c1bc4ddfd0a72fff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61e90150-7042-4051-9fac-732cd38a899e.tmp
| MD5 | 3a59509b8fac80194d95c4276d50aefa |
| SHA1 | b267256ea76bb6cb6b0d883d7d4e19bd6c7d2be7 |
| SHA256 | e17f650d329fe2f3e81321801548d025e42b995a0e2ba4c1a1cc31b8fca50be5 |
| SHA512 | 949f18f20ddeb0f42c81a55c22dc79f5d8fbbaa098dc183b5f96b0cd3f14f263a38b6186f3aa9bdb9ee7741cb0156ece28e1d146301a6007b427c6e0ca73b421 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | ce7501896d2c4d18f5924dbb81cdbba3 |
| SHA1 | d13722100c039ed00d7405ae8e9d96170eee309a |
| SHA256 | 9bfa83ebf55798063251737faac0b2833fdc2be9d95757bc716f216c62a905bb |
| SHA512 | 1480dbc0a89a29276288d01a967be16b0562a1b56a2f5903d75f98ebd7e3d1e16f021e2989d07463996c97709dfd18dbbfdca9c2e35f70e0c4bca0b56eb292ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 032bb22b1e61f5d73a5c750aa612aac9 |
| SHA1 | 1198999f9e6a3c3a2c12d1ba13fcea12d684aac0 |
| SHA256 | 17114337cd38e72faabe58a8eb89a47c7106eb411e571e06048ab8d5befdf191 |
| SHA512 | 642909034bb25ee32504bea1709e4533d4aa62417d9903ee9d8340d7a3e0ed1883d4c760dd389eb75ff8fafa946b40bba43b764ce49b7305ef5aa243c327e465 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | 2c63354fbc678577989372a90456e4e0 |
| SHA1 | 3bcaea0156fa48b2d55142bb319919c22f3eda83 |
| SHA256 | 5b79e2d8b42cb3f34ad7ea6d6ef441e45d8a5036637ebada9043f095223c37cc |
| SHA512 | 7a94ffa4847798908479480cf05385e7be3f23da290530e0f0f49f6167af095591c8b57e3ee63f2946d7a3df2e8484bff96d78219948b32d48c49dd439c906a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362668758631338
| MD5 | ed264318863f5ab62a02bfea925625c6 |
| SHA1 | 727faa1be5566c09d928160663575c6826b86d0f |
| SHA256 | 46502127e26f801d90fecfae430251de177b429144b7cf24faff1b7d625445c9 |
| SHA512 | 3e2d87bfaf27d8cec4d90cddedaccb23f7fd9972b7d2b075b96e913bd591bf848bfc8b2de47073a3d7108fe153958ce652d39a1bd93012858eee02670f66b707 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | e70858eeb29efa951ac8acb3674ed2f7 |
| SHA1 | bb29b4d618e791ab2f2eac893ea663453a07cc92 |
| SHA256 | 92f759b77b9f4eafd8924375283c1b1980eb0dbfab9bef4f4f428deee0cec8bd |
| SHA512 | 9ab21892d71616222a706220ff9c40a8d9d4f7218030b9c69bf70e891c41741b01b1f009e5a6527cb220709cee759bc7a79cec2cf42ceb3db6dd8af0ca4cfbda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 47401c5958b23b758ea03344633c4e45 |
| SHA1 | d5b255d80607472bafdf8debd2b2ae772f089986 |
| SHA256 | c503ac260aa0064dc01cfdc440d4b97592d43314e5e62cb789d7c20cc7bdc1c3 |
| SHA512 | 6b86f05c8da62da30c65a0ab6dc07a29b49e3037cddcf4dec5381e50e5adb91b3580627dbcdef5f671a2c16edb60de8847b0dd96b67ee08160489e9ba3150c69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | b8c81a4de2e90e0f1045198dc31f4337 |
| SHA1 | 39d117c74a5ff9731cc553501acaef7e5d354d6f |
| SHA256 | 6190535d0114c15705edca8aa6f52df921ed2d02b8ec4bc5328c782ad03edfb2 |
| SHA512 | 97a756a45ec40e74e753fdb626cb7f88ac46b04aa7dcc33fd1b6b5222f3657ab3c602e7be710571ed4268b23172db7214f4aa414dfc2ec99589582de47933373 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 965bf8bb6a1738fac7018fef0ac54e5c |
| SHA1 | bb07c93dfbaef2da6d5252537abcbfc26ed63d1a |
| SHA256 | cc26900b502061b689ebe74ceabade45234c5611c42a42a63ec00882288e51a0 |
| SHA512 | f25249c34089bc7822cc9db589fd39346922a4721fc1b81acb867be909918b2b90456102b397056598df8f89b6d273477368f1bb0ecd1267bf8d0233cf13c5ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | af31863518a47f873e1cf9f792ce23e2 |
| SHA1 | 48ea66981c56eb3a61c589479409f9efc1c82c08 |
| SHA256 | 76cdc56eccba3ae5f5875cb10f0eb496deb907029d12b7cec7deb6163ad1b908 |
| SHA512 | b0272b92b50397359fcc6278a8c30cc2c85057128f4df13147a32195c40e62e40c7631addc825909e27b2945423709806ad64b278faf06371e5ad047b2246f01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | f2ab0363d0a688b530842cc8c70b9ed4 |
| SHA1 | 5783005a79157d3b59c8617f9bfc9a48eea9a60e |
| SHA256 | f8e7b5befe07bb4db73f44ce2a934054574e40660e5e4b4a83bf2c02958de5a4 |
| SHA512 | 28c24aec381f56a4c52999ee7d90a69a44c48b78148a745448e6c28b93fec20958b8624e33807db0a96dc7b0c150b7d558320a343ff2f79a4714f0143182f70d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ddf7a0085fb37c764e5b8d20f9bca702 |
| SHA1 | 6c8f44560522567292b7aacc88210868e879e833 |
| SHA256 | 9308b7113d937cf4969736f33a0dc50e70f6ca39f5a381bd30cb4dfe65e6995d |
| SHA512 | 3af61acf57d4063acf22b19b7085ee9816d619fe0338d17d355110654a480b59fe59c00a96e1cabd9636b7a9c3eaadb6be3b171a472a53fcfb5281a4e3543942 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b81be16de0a69c5431807fe59b86e763 |
| SHA1 | da6a69e4a0d2282353f68c8dd42e20524d15744d |
| SHA256 | 50c5d081db7409cd3d8152b141983bc475a3fc416eaee7b390bc426aadae69eb |
| SHA512 | 38b04b55db0ec0c8d27396f5898660cb24c43d1393acb02b57fb4b9f81ca03cbb5fcc97c5a97cd89e8c05c8adb1d171728fd9cbb11e1bbb4c035cc424f5f86d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 56bf131b76a6aaef07af2a1efdc914bf |
| SHA1 | 2749ac6699cd06d66d09c5cb2c23764caf46966a |
| SHA256 | 9ef297b33abd482e3331838c7c8fd9a3c104530850f1f392bab836d39c35b2c5 |
| SHA512 | 34883a08d26b4e8797e947e1ca01d8911a4a7a05afde421d69b7614256b10471dac5ad1149009c05e530743b13739c0e930adafa439433318a3413884eaa4a4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6c69c99cd667ed711d0ec3c1d03382b8 |
| SHA1 | 1a66f4b4ad996f8476303780676a04c4da9abbf4 |
| SHA256 | cebc548174880a2c1f4afac6be8d625fb9c12b31cf3eb782c27cada368b7393e |
| SHA512 | 60e2ccaa37e0f3912b5d940eed255b1ad8bc0199cecec4a1a016986b3ee9fa87c1526e1e3064eb55b77b7ba2a51588674dd6a386b2cf18d2ed6e940ca0285d94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1823aee4a1b58c01a66b69d0634e86ad |
| SHA1 | 19fe5890c20f0133400e407af595f501469d8bb6 |
| SHA256 | 95d4b9b6ee719f1227f16183eeb10c6367bf67164477a1aecec440a4ce675b08 |
| SHA512 | ec625f246cec2a0b18ce27a015a71bf58696260a2f31b51b8919e7ccba8b4f5723b1342ed5bd40de13c6cc5e95fd95ff60ecda2fe65cd77b766f6bf88fd8085c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6d7d331d196ed94d40484ed0c8f3fc4a |
| SHA1 | cce35853c41c79ab48f0c35c283112b05724a9df |
| SHA256 | bc5b9ac2e1ed4d55acdba987e70b7017b291c82a669970901d519398a316f604 |
| SHA512 | cb8218085744df2695cf82ce92a67931437bfc42f74e91207184c0c81dffb2a581c2dbaa4f454e17affa0a526ee41e7e40d70dfc0faf391506632dcb43320fe4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 841bdf42a37aba49365912b34197eeff |
| SHA1 | b58cdb5aa881eb6983de2a38f273cd9720ba2b30 |
| SHA256 | 4e9733131749c2d3c60a1b4d2113751ad2dac12dfe9dffc67dad0d810d1eb17a |
| SHA512 | b792da4a232f5ada644f9703836b06640d997496150fdaa061b2c5aac671e054a63b3ebdcf0cc8654d4426e47fd1340a1731b4cb07ad545d153930b77ec369fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e2558e4acc5347d2a7460cb1e0c29434 |
| SHA1 | 3d8e82f797a10e7a01236fd88109da18a32ddd4f |
| SHA256 | 15adcdbe28a59aaedf2444ff007a95b3e46e394db1c531f2c53a830c4f5b7112 |
| SHA512 | 2c0a4c337de568a80f3d1d3c086039843c9af76503458f4d680e8e97cac60e8e8a0b409e1371375e57be3691ca74570cea17db6ba82fbc15aba9e1d16f5afae3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 24013edaedf0c9a66bf29843e2a60eb0 |
| SHA1 | 0ac69f690487b7b0acd04848f01e7acc001d009c |
| SHA256 | 56d8fa4af05cac7a5a965053af29f5bea36e5918b2c3a528147a77ebf15dcbbc |
| SHA512 | 93c335a7f1bf2cea4095882fa331cc671b6e7301fc8a301a1ae2d340232446a132c721484e3f695731af94f8c951a526c49382998b008714a7fea88de2a6eb98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 29ae809fac29912460f3b9f77526bd69 |
| SHA1 | 753855b64e0b531ddc2bfc9c76dd153ce9e4b83d |
| SHA256 | 0ac45e4e5034899c28485c7baf6e5a43187d0b51c98ba4e06665b229ea08e189 |
| SHA512 | 429094ec1aef0f3ed1359bd6421b09c57752add6537a21ae3c75794293610f5e2cedac003ddcb71053cb0f545d63a0f0a82a1c2dadf9bbee3cf03ad1698d6edb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 739dd056682d6afa781490bd563f3d13 |
| SHA1 | 8c97b4bf1ccd5c4bd0f0b4b91f7de8dc31d10d13 |
| SHA256 | 4f41ea0044b0c4ee2b743166f4984393fd18ec0b2e0c7a7a2e341a4c433a8ade |
| SHA512 | 6f8e663ffd0e4084fe740d7c580c947067928dca191ebebdc53a2e970ec1816d1a0d00a8ed83a92a5e786489591377265701b28170d74b876a1bca2459f95df9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9221e4be55585a90eb51b6d3f5bfca22 |
| SHA1 | 35ca844cb117c17cfc650a2c3e140c3a4c34dcd2 |
| SHA256 | dcb0a241e8a5fabdc6d5dbfe09cbfa1cf27eeea8cec5edd2a21f0f6973f13dc7 |
| SHA512 | d62787a2a7dfb3659fdbf5364489fb05dbf45ddd1ebac4bb5b078742d09fee977e41edfc78c931d60750a56342b76bc6f421f49c692c3c552cea288ec48855f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8cc7e95bf96faeb24cd1097896258b01 |
| SHA1 | 70f22a7d8dbb5bb9d2dbc24988b1f67e495597ce |
| SHA256 | 494bb4274c1cc8b55cc143f746d5dc29baa9d4de8d02fcecfd04114edf1f3ed4 |
| SHA512 | 62b2c4f4e38c947f318628b442c3a8ef2c99cffaaf11d1b093c11408d912e8b1806d29a69a1e0237ae8c79315e28d6b28b620511fac82c102d6e9c38c0f117bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4a04f92f510369b49f2001d8ec7d7a09 |
| SHA1 | 14fbd5ed390c34d07ad60cb6a44051935fb00312 |
| SHA256 | 5cf1a40665a0dbc9e1f05c98f78a59df9240946ddf70a891df365fe324ad1235 |
| SHA512 | 9ba2fbee44d1620e37face4588f756bd7f8db7ac0b4dcaece58e4c484d70de5902bd7585c878624d42d1a496ac65329799f1b4d4226c58f9fb2d2628c6c90364 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dd90c9adb9d6480dfa88367ef9a0ab5 |
| SHA1 | 0f751903d5e69e6841818025ceb1ff06717baf0b |
| SHA256 | 3463fb68cd984a3b25d5a6bd04778b244bf530dfb28b3952c343ad374336f896 |
| SHA512 | 089daadbed965585751110dbdf43c2b1eb3b71176f7852a2de075ab0b21d55831b3631c78c5c6e7f12b278de74da2cdbd3c6ca9c2f9f70cf4905123758afc6eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1da672f688f91d28ad243edc544ec62b |
| SHA1 | 6d0c9ab0f9e022c02924dae37e8149c46bdd49c6 |
| SHA256 | 34cd3dc3982029f1993c6392f7fe221dfa1c311a6b5659ea92c91c76cac01af3 |
| SHA512 | 81b5f5ba4a4bbb010c25073d36a4cac384553f78bf8c091205f19e403cf84f56c6a5ac3e2885fc3c0beb263de44b869ccd4caa839d08d618b9ff438ba71cf485 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9f4cd2b4626accafc67fd103a7074cac |
| SHA1 | 0f90218cd94eab7dcfb13aa8d706f3d06e8cb3b3 |
| SHA256 | 8c2fb59011d1a88fbca3eb65766b99d941b6f71286f83564789e7f829c6b32b4 |
| SHA512 | b4054da984b86330e0d9e087a05f2002df098ae3d093b2f385ab5fce77b8155f3980f4ea630989bb3813831eb32b09ba1a19841d07368ad0db562170ebb32e8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fb93cf2e4ff95279b3ab0c1ca88cd6f6 |
| SHA1 | aa80a5fac8710e4237f5385e04058b597f8820eb |
| SHA256 | 89aee16537a847309311db23a553520994f643159df06651ed95234cebefedbe |
| SHA512 | 47443c7e7b49ec6d50174483e08ebc5e4423d4a35130c30edcf2b6c4e30d53fd128f66f0c3aa5a8a05bbdd45828a7cce5f7529615d6f2b30fcb10da457398a31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 78362a7ccd4b3c7df819f85643cfad11 |
| SHA1 | 2877bcbd3310b698178ac5b9475ca7f138690b31 |
| SHA256 | 3fbb81bb7f92f1a100458cf800607e56e2c688794f358831b9cc1dfab2d019f2 |
| SHA512 | 80388e6c5ae6a16a6c812ca73761399b1945aa35a1faa74baf72b93a897dae91e2f16e36f1f638da2baa6d32be1ef3613267464a4caa86e7ae04647d76c02b86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 0a675ed3d69aba796d88621f05b901b2 |
| SHA1 | 7d43ebb4e244f99e4b3ef732ea98e05fa7cad94e |
| SHA256 | f80bc038e11feb614530e9733a368d1806a6756fa1e8dedd50c71a206f3a9de9 |
| SHA512 | af15737ff6407fac3ae11f90b8d49444b77c729724fe975820012f254263a49fca11627c55a11fcd33a6fdf00d8a9ef40da606ba11e1f454dc3df3006d6bd6c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9292203348281d77b0b74c62f089d872 |
| SHA1 | 3ac9c5daf8d430ebc0bb28b5b47848833579a255 |
| SHA256 | 6ca4ce04afa7e5d5a280ec02d480059728e9e4fb9994163bfc49f63f547675e4 |
| SHA512 | 1bfb77e956edd23ec0cd56ba51966d846320d7aa9646a2dec7ce30dcef14166dd1d9427c3db1787298b26ba997c8434df333fda6747c1e60bd7d5785f34d309b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9591e56a5b42ad0f6eeea4d0d07d0fb0 |
| SHA1 | 693cde84f50f19e4b7f791b370040f405a73b755 |
| SHA256 | 3f8c88238d2e8fa8b0e4a76d21d6fe1db914d1ef095f82dcd718c305f40bd2ff |
| SHA512 | 00783c51ab3924c25876618d1593bb55480d873f00a9bfcb3ca4dff2fdfe793bef9af9b95df9afa721b654daf9af7452144dbd9a768b2695d94c19e5be662f10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c6a26c3351351ab879d8837a76fe8741 |
| SHA1 | 20564f16821179c60c49b33cca10a4190b412bc7 |
| SHA256 | 06fcba8ec557f272ab14dd519bccddc6c4417f21cf8faeb14315aa85ef6f6c38 |
| SHA512 | 32657d6bd73c494f42db8f052159b531ea7a30c8471e08ef407af387447da0f2a254de89e9f775f25eef3cb5a3498a7a95b68a6a7c75b600ff16d57276fa922e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | 1bad7ff6869e4a965383cc7dbf8369e4 |
| SHA1 | efe8229a1143a31738f704d1361c955499b075ab |
| SHA256 | 8e0ca837a485117f666387e1fdbfb86f5b0ac98894b7895d5f61397657bdea9b |
| SHA512 | 2e9b9b44ce7938edcaa847542317dab34214635fb5d33ddd18e02083c324ed69b51066200b5e150163ec46d1133a1305a31c3d6a432f2bfac98c514bdc1b5fb5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 30666277e5eb1395ebea2da46f2d163c |
| SHA1 | 7ae1dfa5ec7adad2651bba2b47ae6624567c2869 |
| SHA256 | a9e53408b94da7425542d41f368c46e558c9aafd387711099025a54562ec0c91 |
| SHA512 | 99bf703b3bad571f7d9cd3482499347fafb7540b6154423305125c21ad30f828d0dc5b25bc7ec684b2293d3d9ca41af3698dc50876c8c869b453494ea036fd9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362669017945229
| MD5 | 25b8279276e3e8eeedc0b0e0a48605da |
| SHA1 | 666d4fb4c2a7f2cb985a887f8c21fa0ed0b92828 |
| SHA256 | 9a9797097146c7cd95f73000d63fac7abc0bfa98fb256936f7a7c3e35581cd10 |
| SHA512 | 7405c9e1f594b7759f255e764431a70ab9464c9872c8e589f3ef4488efe84c7603b1887797ea09da9270adf957292adefd8b768221d80ca6361f46c061cfb019 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8aadcc1b43c3fc11314941d19e93f9b8 |
| SHA1 | 92ec8ed04618e76f5841ada52a95b512ffd31d33 |
| SHA256 | 5ed0a4d548209772f313e99be095c4858a152066f248d4bf06322b1d7b029581 |
| SHA512 | 44ac43ec7b2d0378ec3cd67ca375de76d64b6c832d093631f7e28ea87cdb3322d9f269e9ea65c0c4690762e5e6977ca9587be1fe45378afbc5c65c49ff8f984a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 654ef782c0c30e69557ea4b2afc837cc |
| SHA1 | 150b806ab8106874bd5a915acbb48ce68b245afe |
| SHA256 | 5e6634441deb4cc3206dec61b6c2a2dddd4c2b6e88c2122c124a66f8df1ae04f |
| SHA512 | 7010e3afb3e7083a63fd81b9d671e09dc5ac978e17c59c861d08a126fc7950a22a817b760bcbd394234406f69c87f1abf29852980c1d18986a6fbc190b0ac730 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 14962f766004de2533f6e368f7ca3d26 |
| SHA1 | 5cf8f1471431b31e4f14e9ca16921721d581f00b |
| SHA256 | aa77d3fc88108ca9820e533d89851809738686d85562e6ae98fe62be1f95ec9c |
| SHA512 | 66ca833f8545a442971c9d2f377b25b3e962e478cb2ebb059314015feb2fade4779aa44ef289d0e2bfadff760c922e9b30144147fb50d9766d6ba2c413104f90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aff1d725ede5104cf0ae010482faee8d |
| SHA1 | 4be943b83bca6fe88795fcab0cc6cf8e0b751986 |
| SHA256 | 6dc32c6b9d8d7433c5f2157205603ced25ac7e3e2cf4ff933fde82e6ecb8126f |
| SHA512 | 1a403bae54775ca3f06b2e27016a37642e12d4e3f24b7a8022945bba864490f62ca05a0a169e788acfa5efca6aa4d53139126bafbd9d4c9cf71ae7d78b9eda74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0e5702fdc25e33fa16108944410f4f68 |
| SHA1 | 2c6ba32cbc0367b84911666f6c41311f5d4ed5d7 |
| SHA256 | 72f677856ba3c26ea0024bbac46ddd19d92e68f038db0da1f18dae51cc905b23 |
| SHA512 | 721fde12cb674360d6e89d036327f96220eb9aac58487f190c36bdc4260d5c3e278bdcdf4a8b8ebfd89c2c1d69c7625617dea81afa1716ea093a07e45aa5b695 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | bd1ee48ae8ffe7ff489fcf549e94ed19 |
| SHA1 | cad5d5cb1e6605431b621fd324a746355ca3dd0a |
| SHA256 | ad9356da23fde913d22aa1fcae1a5e1c7a24c5ed02842e119be4409670fb86aa |
| SHA512 | 5ed289c4d9c16be3f62bdd06627639fc9ff653ba5da56daeee413294988f67bdb93a8cf358371fd61c5645addd0dbfdf59a4ef2b63269449b364de0decce08a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b298effbaca8714c1ec498c9c2ee5ecc |
| SHA1 | 6347b44f4de7802c6ad95aa6b0e8384352b326dc |
| SHA256 | dabe5a6be34d6f55babcfb73c8306dddcece2ada2e61c8a7b97f675edc6308ce |
| SHA512 | 495e1d8588f2c444bb0c9df1b9a30350249fe68e4b6be85835cd30453861ebd90399f41fb43d34063c04e8fbdde7f5e8bd179b4bf4884b22934cd1dac2fd8dfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2ef7c02598ec79dd1090c56aab0f1176 |
| SHA1 | 1c9934614f1aaa592573bfddbf2a1a802e77a943 |
| SHA256 | eb31ee141d70105d2386dc444f5ff674018f57cbc02a8667bb29ca0ed2a94a54 |
| SHA512 | 740974f4fcde8e29aabeccc2d728f86f7e03d7de1981bf079694e4ed7f067aa1244153fa2cadb26cab36c647248f278bfe3e7e813e589e75f46e8683901a990d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f5ddcc2e28feeb37d4e9931ea1e9ae55 |
| SHA1 | 607c21b56cb903c808aca07855fe1cfbeb95175f |
| SHA256 | b64c501d0cf78b5bbaa684a662ad84a17e49e21a44d839f5b6fa4f8c920c4ed7 |
| SHA512 | 8a8ff9b2381dad91bc2e6f317e17f5ba8e90f96520e8ee538a388519495cb083042522d7c7c74a5339745fc3c09d48451320736bd60072abe225a40a86f23214 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c128d7e10c234c5b13cb905911a945a6 |
| SHA1 | 18bac1063a9ec8b5adde840a794b7774c7bb226e |
| SHA256 | cf7c9bfaa60e490fd57ce078111d476b309a6918cccc5fd0c7c978ebb4864d4e |
| SHA512 | 08cc07f2be4222554828235fffdc84d3d4adcda50a43677c6e769dcae071b5a11900fbdd107d1f10670d1f784d0e76d1c66eebba62874d3e52bcd53154564f3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 1fc15b901524b92722f9ff863f892a2b |
| SHA1 | cfd0a92d2c92614684524739630a35750c0103ec |
| SHA256 | da9a1e371b04099955c3a322baee3aeee1962c8b8dabe559703a7c2699968ef4 |
| SHA512 | 5cdc691e1be0d28c30819c0245b292d914f0a5beaed3f4fc42ac67ba22834808d66a0bfc663d625274631957c9b7760ada4088309b5941786c794edad1329c75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 88c897dc4ebe210d962f9e2b0ceabe24 |
| SHA1 | 2942b41f1fbe4c981e36560dc0768ac950658462 |
| SHA256 | 6a5e7dd0324568a58255f2d6a0153af0bdb97de90fc0bdfd6bb6c93cab3d0fc2 |
| SHA512 | 61954393d3777d4f1ba78940858240341f0b227b3fbd44851bceeb3c2a55867c6b60d3b6da92a867c112c97d7ffaf6eb0b3b7b86b59504f9f0df9258018f3823 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 25612e0a1bf5deae9e490e560ba0e57b |
| SHA1 | 602eaefccbc23937a940e668da991a8fbfad5d9c |
| SHA256 | 027c9b2b27f337b62d633741304a40f71cd48456ebdeeb173ebe8e29ffe1f2cf |
| SHA512 | 72f568b2d25acb05b74a6491d1ae33b6c699f845fde31ce6d0a29e3239ee0c7501091a09da856956b472882a1f79adfe967f337d9f53e04de5171a87cd8f2654 |