Malware Analysis Report

2024-10-19 08:19

Sample ID 240613-wwl2vs1gqj
Target .
SHA256 70bd92e383e9bb26f22eb5acd6bafbbda7e46272c7e4b524076c6131c5c1d555
Tags
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

70bd92e383e9bb26f22eb5acd6bafbbda7e46272c7e4b524076c6131c5c1d555

Threat Level: Likely malicious

The file . was found to be: Likely malicious.

Malicious Activity Summary


Downloads MZ/PE file

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

NTFS ADS

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 18:16

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 18:16

Reported

2024-06-13 18:17

Platform

win7-20240221-en

Max time kernel

80s

Max time network

77s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0B0CDFB1-29B1-11EF-995F-5A791E92BC44} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2292 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 108.157.52.110:443 sdk.privacy-center.org tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 108.157.52.110:443 sdk.privacy-center.org tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 api.privacy-center.org udp
US 108.157.60.88:443 api.privacy-center.org tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab2A0F.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Temp\Tar2A60.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\Cab2F31.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar3139.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 aee21e6908624d41b50b5b61f8020ee5
SHA1 a10e90fb8ecf45029ee66cf1086b3eae4c3dc8b9
SHA256 fa127ca1ffd89315723c799f3abdf4b46407084383460bd82be0a872c66481b0
SHA512 1dc6bc06adccf080fc2f5513615acd3a7e94150de4d43524b79ab874b3a9cf8aa9344034f3710c65513036d8d139a49df2fa56b3a3c4b95bbfd4f3c175fc2011

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d22eb40e82dbfb850ef6be08b9604cc0
SHA1 94a809959bb11d630f2f9751c90a3ba0884fcdf0
SHA256 318ccecd5d4d0d86ea73d49a2836131129d7be6b70255b728f2ba43ab0029387
SHA512 4e76e0f4ee10b8e9f59c2bebe5770c82b77199f914df88df3e05f7c41e5acb39d0720a9b588d51ce01559366bf342a75cc903b3b51daeb4ed8b6fa352396f291

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6bfe5784e8b8df9c0ae55234454d809d
SHA1 5e3535c294867ad5e6199ae212d96f01cf5a3601
SHA256 341c8923744c7329ea5794e74bb6648633fd3a87595f18283935f058055186f3
SHA512 a657b3d6190612ae594fe2c16b561c9ac52118f396cc76402a3d3e6bd6ba28afea3e21ddf86465b59fb222b03c8cb34b8e47d8cf212ca5934d7323558d247687

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ea18dd406b5d8429431116c06ff9f268
SHA1 b32b9048de14293241c93f596e95878926c36d05
SHA256 4b1589c709cebfb4f8a5e11321f5d7d068eba43d0ac3c01df6cfba6384efb39d
SHA512 4b731df43a15dcb6e87f7e4be96edc4fe1cb329cfd69e48cd1e859aa0b803c584eeded5ef682b86f93d37796263a0213c373b1b84d8c48725898ff813ca2955a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5c4a6037e6818cc5fa32155aefacd08c
SHA1 d3a1049fa247356eef6809fd95611b44e24552ad
SHA256 f0cd1f4dea41909e8baa37e4e806c3e25ceb72d7b3d181a0ff1d0dfa855f1cf2
SHA512 6a041d8be6eb6e1d2d677a4f768f6338ec2aeb2c92b869b2a36c6b2739404aa9afa3dd49762a960f93462245f0d8a5edf167f2839599261e512a38051695ec87

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 cd6b4f6618285086bf13a295eb3e67ca
SHA1 55ad3940a35b870700aeba0ed6dbd1d6fc83bbb1
SHA256 8092ba19ea40776bcfe3b4cb7ffde4c987ecd02e5824c276265ae20705819ac3
SHA512 3f827453b36978f55d0e30b7552fc90b18419a875e81e0f84889d0c034239241b60f80b554fc652b62cb6388523da20b06ee66d5db6aa076a4e8c3251bb64153

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e55ed7e1131e69d83e72673ef3481d2a
SHA1 d984409224265527505e9829c199de4c7bfdc486
SHA256 2a728b47dec65f7b781be2e9552b03a7088650846ddb0cceeac074e6f8117b25
SHA512 09bc538fb718b8439170defadd94730e69fa2a3decb2d357390f12de9045977a650b76aad5875c0914f240abb05ed8bcc7e95736d1945789e7f69ac9cf6027ae

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4e4bb43cf1641de231c4cda88f0d5a9e
SHA1 29113d4b082f28d5297e27f3dc39cfce3fb1f937
SHA256 e64f5e44dcba31d7d0d9e8c30ef9ab694bdc3e638b1ac633d8adc1fa12737b7e
SHA512 b9a0cff1c014ea1f9f4055808d664d45bde5d42e977c103d0ca0d6643732a0263492f043cd2708001325281188efa178f9de3e00909d0b67d6e390f096f161e1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d84edc4a27b96c82d512ed4942bc49d7
SHA1 65d122d48913f3d46972dbb074f298a3db6c2a47
SHA256 443dc2eb2ceb72d93af8c7cb54ca6703e5b1eff044eac515c964e3cdfa800411
SHA512 0e3759d5dbd2b82d330cb542d035153abde60b85aacf2e82b0bf6986a7afe91d03f421abdf6b91a20ecc0b049158a43f810c1731b199991c02f812b9bbba4190

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 ab8622ac03ed81cebeaff85072a41af4
SHA1 ae9917b1991274f07f184c9fc643e36e14e55aed
SHA256 e1e7411612a0c29a22b5665b9aea37fe7d0844e402fd4113969f88843682386d
SHA512 62b76fa3b3d0f25be2bc26d480dba6328c6d92a05c628b8081270e79cb2714dfd6b34cb27c3e0ec9f2e94a8d162f8d02da28c4a9a3275565a0bb276a5fdbf05a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8f157cb135a01ed63b21480990b01015
SHA1 d1dacab9e170e896f9ca1b73474264ca8ecfed1f
SHA256 de1c6d1009d7ff5f287d37efc6830f6b9304e7f881366079e81102efc0b4f6fd
SHA512 17a846da81787ddd381db5c13b1e069d611a789a58e82b1c833b0563d79d738074350f8ad710978f53bcde6f942760bc4b02003090e5d0fd5104d0f9761e5071

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8e8f8bb2f611b315ffe7bd608edaa09d
SHA1 685aaf08db4599814d2c0c3e163162e3349aa136
SHA256 18d5ebc83747b0ef706ca5b5db865a502e8d63a81627c1069a1d6a38a9d90c78
SHA512 5b98fae0d857ff7f1bcf5c94525f684037e6139f6c6515f8eb0c28b7d00f69457d75f8e58fe74f3e5e02da0fe91ca588a506b55e12e40dfaaf1d0fd21ccdccf8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ff3215cc527803b8969eb46443991441
SHA1 2c0d68a54530eaaac3a9fb91055cc0b98dd43c3a
SHA256 2f3a126da7641e3d1c99951cbe53af635f4ea51360fc0e12471e9fe3fa703f49
SHA512 a87fa8554a77226d5a53d69169c8cac8f3525fe5c059f1eb22b88b65d150e4ee37fef29d8b0c514a4f851c1f2286ba8b17d46bdf5cb5e51441830616cc285bdc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 570ec9227e3bf30028ae1d1ef04340d3
SHA1 de3464686d8d6527e5cbe5dd51f8d7d700e08282
SHA256 3c8299a03ed57f635526ace1009e9286807c31c6a410ea985d9add282fa810cf
SHA512 308d16f33357761edb5c8523e071525c1b4aa6477662a7c9602130baf96c7c3c9f6ce62f8a122a69be0adfe3ba97cad0e164539a4135b07fb189714837d62aaa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4c01098b89cae13788e25a791995fa59
SHA1 331b27a305a2434e4018d5b9f26d46c0bb067120
SHA256 2ea5ea933a83cef89d0cc097b512b572f78e58af2bae16df8ccd7e316e3629ea
SHA512 ebeebcd9e51103b5a4e7934ed522ff97697b285b3d064388b700f0975725884b81127942b31e4d85e4d26c7d39454ac144018958575b86b97919cd17010895ac

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6dfdce12290b7f62a1553136a888c031
SHA1 05612e7509187343d264152abbff319c15d19770
SHA256 f5a850930a145d57f0997580563e383eb0d4d6872762f96237e431afb29e9f23
SHA512 c19bf82ca6b40f96164184e022702e7304da8979de97fc9e5e8007109e621f28151612f3a191b689045924c5e20229082340d6d7f06c0dd0a8699f9e5f400ba6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 034e76353d2ab8267a8bdf169b5b34db
SHA1 01f2eac9f22568188c81ae8f78393292fa047209
SHA256 690ec20e2aa607308dcefcc2bf793c3c4c9258c7b33a224655ff12fc2af7f147
SHA512 12a1b5a9f1385763f9bfae6b8c16b6e3b03cf14cd73b88cbc7af215c7407d712f39623dfb6ad1462c4058123a4fb43a534fa5fee593f2b8d14d0e077565954d7

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 18:16

Reported

2024-06-13 18:17

Platform

win10v2004-20240611-en

Max time kernel

65s

Max time network

68s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html

Signatures

Downloads MZ/PE file

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 367493.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4700 wrote to memory of 1572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 2516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1372 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1372 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeea1f46f8,0x7ffeea1f4708,0x7ffeea1f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7980 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7980 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3536 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9200 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8972 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x494 0x310

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7769879573194159202,12572675960849623195,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1128 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 g.bing.com udp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
BE 104.68.82.93:443 images.sftcdn.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
BE 104.68.82.93:443 images.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 204.79.197.237:445 g.bing.com tcp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com tcp
US 108.157.52.57:443 sdk.privacy-center.org tcp
US 151.101.1.91:443 sc.sftcdn.net udp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 93.82.68.104.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 57.52.157.108.in-addr.arpa udp
US 13.107.21.237:445 g.bing.com tcp
GB 142.250.187.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 98.52.157.108.in-addr.arpa udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 bat.bing.com udp
US 204.79.197.237:443 bat.bing.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 api.privacy-center.org udp
GB 142.250.187.238:443 www.adsensecustomsearchads.com udp
US 8.8.8.8:53 ampcid.google.com udp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 172.217.16.238:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 108.157.60.88:443 api.privacy-center.org tcp
GB 216.58.212.206:443 ampcid.google.com tcp
US 8.8.8.8:53 88.60.157.108.in-addr.arpa udp
US 8.8.8.8:53 206.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 desktop-goose.en.softonic.com udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 108.157.65.124:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 softonic.com udp
US 151.101.1.91:443 desktop-goose.en.softonic.com udp
US 8.8.8.8:53 bat.bing.com udp
US 199.232.213.91:443 softonic.com tcp
US 199.232.213.91:443 softonic.com tcp
US 204.79.197.237:443 bat.bing.com tcp
US 8.8.8.8:53 91.213.232.199.in-addr.arpa udp
US 8.8.8.8:53 124.65.157.108.in-addr.arpa udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
US 108.157.65.124:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 btloader.com udp
US 172.67.41.60:443 btloader.com tcp
US 108.157.43.23:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 storage.googleapis.com udp
GB 172.217.169.91:443 storage.googleapis.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 108.157.52.96:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 23.43.157.108.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 96.52.157.108.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 152.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 notix.io udp
NL 139.45.197.253:443 notix.io tcp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 e2d889349b636ab7488a89d835d22b16.safeframe.googlesyndication.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
GB 172.217.169.65:443 e2d889349b636ab7488a89d835d22b16.safeframe.googlesyndication.com tcp
IE 52.16.203.89:443 ap.lijit.com tcp
US 34.120.63.153:443 prebid.media.net tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
DE 162.19.138.118:443 id5-sync.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
US 178.128.135.204:443 brightcombid.marphezis.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
IE 79.125.42.87:443 ad.360yield.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 108.157.43.155:443 aax.amazon-adsystem.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
IE 52.213.38.247:443 id.crwdcntrl.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 142.250.200.3:443 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 216.58.212.206:443 ampcid.google.com udp
BE 108.177.15.157:443 stats.g.doubleclick.net tcp
IE 52.213.38.247:443 id.crwdcntrl.net tcp
US 178.128.135.204:443 brightcombid.marphezis.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 65.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 89.203.16.52.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 87.42.125.79.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 155.43.157.108.in-addr.arpa udp
US 8.8.8.8:53 157.15.177.108.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 247.38.213.52.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 108.177.15.157:443 stats.g.doubleclick.net udp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 178.128.135.204:443 brightcombid.marphezis.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.235.86.144:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 64.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 253.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 204.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 142.250.187.193:443 cdn.ampproject.org tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 144.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 72.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 193.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 a.disquscdn.com udp
US 199.232.194.49:445 a.disquscdn.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 23.53.112.234:443 ads.pubmatic.com tcp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 sync.richaudience.com udp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 23.200.188.27:443 contextual.media.net tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
US 8.8.8.8:53 234.112.53.23.in-addr.arpa udp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 27.188.200.23.in-addr.arpa udp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 199.232.198.49:445 a.disquscdn.com tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 2.17.251.11:443 player.aniview.com tcp
US 54.162.33.171:443 sync.srv.stackadapt.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
NL 81.17.55.122:443 ssbsync.smartadserver.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
IE 34.246.197.210:443 match.prod.bidr.io tcp
US 108.157.52.50:443 api-2-0.spot.im tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 cdn.indexww.com udp
IE 54.171.168.223:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 bttrack.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 54.161.232.244:443 cs-server-s2s.yellowblue.io tcp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 104.155.46.52.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 210.197.246.34.in-addr.arpa udp
US 8.8.8.8:53 122.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 11.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 50.52.157.108.in-addr.arpa udp
US 8.8.8.8:53 171.33.162.54.in-addr.arpa udp
US 8.8.8.8:53 223.168.171.54.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 244.232.161.54.in-addr.arpa udp
US 8.8.8.8:53 sync.aniview.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
DE 51.89.9.251:443 onetag-sys.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 104.22.51.98:443 spl.zeotap.com tcp
GB 142.250.178.2:443 cm.g.doubleclick.net tcp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 108.157.52.23:443 s.ad.smaato.net tcp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
GB 142.250.178.2:443 cm.g.doubleclick.net udp
NL 89.149.193.89:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 cdn-download.avgbrowser.com udp
US 2.17.251.12:443 cdn-download.avgbrowser.com tcp
US 2.17.251.12:443 cdn-download.avgbrowser.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 sync.search.spotxchange.com udp
BE 104.68.78.171:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.51.22.104.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 23.52.157.108.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 25.153.157.18.in-addr.arpa udp
US 8.8.8.8:53 89.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 171.78.68.104.in-addr.arpa udp
US 8.8.8.8:53 12.251.17.2.in-addr.arpa udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 23.200.189.62:443 eus.rubiconproject.com tcp
US 23.200.189.62:443 eus.rubiconproject.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 a.disquscdn.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 62.189.200.23.in-addr.arpa udp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 www.patreon.com udp
US 104.16.24.14:443 www.patreon.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
US 8.8.8.8:53 connect.facebook.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 c5.patreon.com udp
US 8.8.8.8:53 c13.patreon.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 appleid.cdn-apple.com udp
US 8.8.8.8:53 accounts.google.com udp
US 172.66.40.196:443 transcend-cdn.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
BE 104.68.84.171:443 appleid.cdn-apple.com tcp
GB 142.250.200.14:443 apis.google.com tcp
US 104.16.24.14:443 c13.patreon.com tcp
US 8.8.8.8:53 c10.patreonusercontent.com udp
US 8.8.8.8:53 14.24.16.104.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 196.40.66.172.in-addr.arpa udp
US 8.8.8.8:53 3be0c8061dc7921617dbf9e9fdcb7e9f.safeframe.googlesyndication.com udp
US 8.8.8.8:53 b-code.liadm.com udp
US 108.157.52.26:443 b-code.liadm.com tcp
US 172.66.40.196:443 transcend-cdn.com tcp
US 8.8.8.8:53 cdn.sprig.com udp
US 8.8.8.8:53 8876029.fls.doubleclick.net udp
GB 216.58.204.70:443 8876029.fls.doubleclick.net tcp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 12325200.fls.doubleclick.net udp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
GB 216.58.204.70:443 12325200.fls.doubleclick.net tcp
GB 216.58.204.70:443 12325200.fls.doubleclick.net tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 171.84.68.104.in-addr.arpa udp
US 8.8.8.8:53 26.52.157.108.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
GB 216.58.204.70:443 12325200.fls.doubleclick.net udp
US 8.8.8.8:53 js.adscale.de udp
GB 216.58.204.70:443 12325200.fls.doubleclick.net udp
US 8.8.8.8:53 o83571.ingest.sentry.io udp
US 108.157.60.69:443 js.adscale.de tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
US 34.120.195.249:443 o83571.ingest.sentry.io tcp
US 108.157.60.69:443 js.adscale.de tcp
US 8.8.8.8:53 wct.softonic.com udp
US 104.26.2.63:443 wct.softonic.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 108.157.60.128:443 cdn.sprig.com tcp
US 8.8.8.8:53 ih.adscale.de udp
DE 3.120.11.225:443 ih.adscale.de tcp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 69.60.157.108.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 63.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 128.60.157.108.in-addr.arpa udp
US 8.8.8.8:53 225.11.120.3.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.235.86.144:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 cd.connatix.com udp
US 104.26.2.63:443 wct.softonic.com tcp
US 172.64.146.152:443 cd.connatix.com tcp
US 8.8.8.8:53 cds.connatix.com udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 152.146.64.172.in-addr.arpa udp
US 104.18.69.106:443 c10.patreonusercontent.com tcp
US 104.18.69.106:443 c10.patreonusercontent.com tcp
US 104.18.69.106:443 c10.patreonusercontent.com tcp
US 104.18.69.106:443 c10.patreonusercontent.com tcp
US 104.18.69.106:443 c10.patreonusercontent.com tcp
US 8.8.8.8:53 106.69.18.104.in-addr.arpa udp
US 8.8.8.8:53 capi.connatix.com udp
US 8.8.8.8:53 ins.connatix.com udp
US 8.8.8.8:53 vid.connatix.com udp
US 8.8.8.8:53 lit.connatix.com udp
US 8.8.8.8:53 prs.sftcdn.net udp
US 8.8.8.8:53 32.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 cdn.siftscience.com udp
US 34.96.67.224:443 cdn.siftscience.com tcp
US 52.86.181.185:443 api.sprig.com tcp
US 8.8.8.8:53 articles-img.sftcdn.net udp
NL 23.62.61.147:443 articles-img.sftcdn.net tcp
NL 23.62.61.147:443 articles-img.sftcdn.net tcp
NL 23.62.61.147:443 articles-img.sftcdn.net tcp
US 8.8.8.8:53 hexagon-analytics.com udp
US 34.102.232.42:443 hexagon-analytics.com tcp
US 8.8.8.8:53 224.67.96.34.in-addr.arpa udp
US 8.8.8.8:53 185.181.86.52.in-addr.arpa udp
US 8.8.8.8:53 147.61.62.23.in-addr.arpa udp
DE 162.55.233.29:443 sync.richaudience.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 8.8.8.8:53 42.232.102.34.in-addr.arpa udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
NL 81.17.55.122:443 ssbsync-global.smartadserver.com tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 89.149.192.245:443 ssbsync-global.smartadserver.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
GB 142.250.187.202:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 push-sdk.com udp
DE 157.90.33.72:443 push-sdk.com tcp
US 8.8.8.8:53 245.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.187.202:443 imasdk.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
IE 34.246.197.210:443 match.prod.bidr.io tcp
US 54.162.33.171:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 uidsync.net udp
DE 23.88.8.123:443 uidsync.net tcp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
DE 23.88.8.123:443 uidsync.net tcp
US 8.8.8.8:53 telemetry.transcend.io udp
DE 23.88.8.123:443 uidsync.net tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 csi.gstatic.com udp
US 8.8.8.8:53 123.8.88.23.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 108.157.52.111:443 telemetry.transcend.io tcp
US 8.8.8.8:53 111.52.157.108.in-addr.arpa udp
US 173.194.204.120:443 csi.gstatic.com tcp
US 173.194.204.120:443 csi.gstatic.com tcp
US 173.194.204.120:443 csi.gstatic.com tcp
US 173.194.204.120:443 csi.gstatic.com tcp
US 173.194.204.120:443 csi.gstatic.com tcp
US 173.194.204.120:443 csi.gstatic.com tcp
US 173.194.204.120:443 csi.gstatic.com udp
US 8.8.8.8:53 120.204.194.173.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 81fd23ded0bee7e369f5a3ad2c1177f8.safeframe.googlesyndication.com udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
DE 37.252.171.53:443 ib.adnxs.com tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
DE 141.95.98.64:443 lb.eu-1-id5-sync.com tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.246.197.210:443 match.prod.bidr.io tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
NL 81.17.55.122:443 ssbsync-global.smartadserver.com tcp
US 54.162.33.171:443 sync.srv.stackadapt.com tcp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 89.149.193.89:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 match.sharethrough.com udp
NL 35.214.233.248:443 csync.loopme.me tcp
DE 18.158.126.136:443 match.sharethrough.com tcp
DE 18.157.153.25:443 rtb.mfadsrvr.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 89.149.193.89:443 rtb-csync.smartadserver.com tcp
NL 35.214.233.248:443 csync.loopme.me tcp
NL 89.149.193.89:443 rtb-csync.smartadserver.com tcp
NL 89.149.193.89:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 136.126.158.18.in-addr.arpa udp
US 8.8.8.8:53 248.233.214.35.in-addr.arpa udp
NL 178.250.1.11:443 dnacdn.net tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 101.210.23.2.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 56067634f68231081c4bd5bdbfcc202f
SHA1 5582776da6ffc75bb0973840fc3d15598bc09eb1
SHA256 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4
SHA512 c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784

\??\pipe\LOCAL\crashpad_4700_HIAZNNXANUUDFDWP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 81e892ca5c5683efdf9135fe0f2adb15
SHA1 39159b30226d98a465ece1da28dc87088b20ecad
SHA256 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17
SHA512 c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d21c22a6d5dc7335c0245fa119e20a9b
SHA1 a0d2a3e9bcfa13acdaf9211748b540726742d14d
SHA256 f0bad64d0806624f4d6e22ff74c940afc70f3f454ce853b7a3325b4139e904dc
SHA512 cbc491b408ca6fdf7f0fa95bdfeaf1540770330a78a23cc9f679b60931b63c654b166b4b285cecbf9280095d782096091801dee76a744e009ee0dd39d7a1fa34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f2561afc763564f9adb408d62fa9ca78
SHA1 b157595f4df1c75be0e4a0ed8f61be366a38662d
SHA256 3cb98b9b08f87a248df1d3d28b349e0f0e4b8f5982771bbf88c6364f63a8f623
SHA512 1ce8bd2ae5b31f75bf15bcc22223c61d578edbd4213d9c59963a491f97ffeb40302b0accd0d82a3b5739aab133d68887a6afebd7d1cff0a53f257e92cbbc1594

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 58d8619c72a98019e7f445151bf655d2
SHA1 5b19790b871c31ba80c9bbb5950bd47b6c22261d
SHA256 7679ae2fe1533c87d928f2df3a5e5b89eb6af4f927b869f2a45e23bbd235b686
SHA512 0b74228acfe5cac8f4b050eb0e1c7158c2549e8a635ac7d4e5d90577c11db909bb7eff5614aa0af81cbcae5344b738561bc878e677a2043ae20a8d803d3928e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f4c5bda8b44a7b3170966bf71449d5f7
SHA1 f0d2a6a606098b8749ce4ea5271e6ea000dd67b5
SHA256 26e69911ef0ca6a403a30b4c36708ad9611b005beb5b44d6e107874cee20028b
SHA512 5d0e8bac679da0527f6eae49128ef7179d31f95758b9a0e28cc8ad1f9af2d986bb933276ef637e2b3f688012b2b5073af029f3e91f4500b55edcb8bde55ede1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b55f5b6926636b013759a1a9b78abdd7
SHA1 2461c9ef94cd0d5f46fd3e43ab2fc30c7c7e8764
SHA256 74fa022cb8f9ea98def40e87ec17995cb5640bd3f6be26f1253259663096c112
SHA512 e3cde87eca66cf7d17f59fa63e37f7b4cd2ca7153289a42d07eddcf4a25245676425f319d38836f9b191df8de5dcb8c87e5a87adf07aea4b91f4dc7c20dcaa1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579376.TMP

MD5 e57c81a0ed47ccef516736cc14589dc0
SHA1 bbd29be04b92c2761bec15036674ddb02fdd52cc
SHA256 ea6e6a8006be733c3127396ca04542048e7f5a73c99f195d48e14d976108aa20
SHA512 8035ab7ebb3441304ef7c553baf8163f4737bf5250547b2bf60b85de30320ed484b28bee4f33d4b0122bc34ab36f365c2760354906be9f13b20290deb5017752

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\Downloads\Unconfirmed 367493.crdownload

MD5 e126e85516c400f91c7faec6de177490
SHA1 364d5712f99012549c4c0425bebc0c6cd6bba218
SHA256 9742eb6f940a9bdc5a2f4323a0407ed7fc0903620a2fa3a3999a803b208ffd07
SHA512 028e8b84b732750739a9eae771ea8706006377bf184c333ebae26ad9244e00aac769c6cde077bfe63b5e53ea7ef7fce4390e930982dc50b9cd049c0989c11f5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f9f79789748874bd1ab4b27fc819b909
SHA1 f814fb76d7e8b6e6abb653ebbce0349f0d21724d
SHA256 a7ab1293f3017afb389d04057e469423b1c86750113c088950668d8c840a4be4
SHA512 e6a1ef7676822908433da05f1bb5f27c3aa304ce9d1074418a8d561c56851a3f41c23041ae346dff3089a3a995ad3dfa1406e43df0fadcb0c1b161e0fb899a2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 bd17d16b6e95e4eb8911300c70d546f7
SHA1 847036a00e4e390b67f5c22bf7b531179be344d7
SHA256 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352
SHA512 f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 19c73397068ded824edd2c5b13d0a9da
SHA1 7f0f149b66309aaba41974d524ca69390a34e4f2
SHA256 8c93e33fb098c30a82d774c6a9db9aa92ea0e34586e907ed7d9d2935582c6100
SHA512 8795cd26570fe65181d49676dd9cc9a8012bc22c3e505ac8ed8c1bea68ac7db7f77d6bade360a403a8d79cc4126ac18c2c10e3b83a163e3b42f2e3f60c32426e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 2155f385101771026a23f3dc2808c97e
SHA1 550ba8b46e714011059de97b0f672f0349dcf8de
SHA256 4641db11da9224b6da70ab3719915060084de315ad9037ca51c566d7d161dcd1
SHA512 653fa69902507e82f884910143a60305e2b3c6e4d7ef411273c4ca2a67cb144ef9a367963bdefb1f45e21af4193393bfcc16ea599289b6f45c923884b3fe39f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 f18d4246fc5423e9031f844d080da486
SHA1 74cece4848c3bbd8713725d352fcf9539958e636
SHA256 955ea2967b4b2e13a1877aaa86aeac46b3471b34ba482fc9d901731524399226
SHA512 df615f5bae69cb0b1364b7d2d93553c45760da6fbac10bc86d479cacf8a7bf4a99b3a9b6b419508d437837024c0f3bdc39026a5b04badf24fee82143671e044c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 5990217fae1c446bb6bd6946fdd52a0b
SHA1 8cf2b3e3ac051185d7306c253a1b4e80ed7e0a52
SHA256 5378ba25fb8919f2c019ce5ed2f815d40b150329f85dca1c7aade2a824a08a8b
SHA512 d273eeaee674df43397f2805a1d51b25fdf0b3ff9be4dcf2e04f8135f120d0da643bdeb83659b49ffebe30b7883c0011436aeb8c628d859912451d13db0d3e77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 46c32c378c6f9acf8aa4287389e25b8a
SHA1 589025b6aeaf674e57025484f6e1c730efab22b1
SHA256 c0465d1a1a38789ad088b9f64d23cef95e7a61c84bfdec770053b419f4509ede
SHA512 37f6e682cb4f5eda791d9ff0c4967a5ef373fd60bdab4853b6b26b59e2a2b36b8b9ff557d3f8579c2682422217b6328275f06c30f5e6f7c39fcc04f28e0d673f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 92356d0513ca1b8d064a32ed5c03f331
SHA1 9d115a0eef9a38663c9df6c8f3fae605edb37114
SHA256 0033a94154e5b25943ce930a90d066f29c49e174e1feaf241d56c1be3514514a
SHA512 631d8da4b0df3143a2910ea82355718fb8c926600b3bdabaf19953f5209ec26df7710bb5cb64d420a40a635f93fdc90ae7c9e8b00f80bbeae4eaa9a620526013

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 42d9fcc7172456834d9e05605cfb999f
SHA1 d1df0982a953011482b7cc5e97803a5fae290ba7
SHA256 5029f1471e648ecdf5518199b5d7a6fdcf2dab7b9ba8367331b0836de3064575
SHA512 5fc471dfd6cf0516739b40db211b4f1e0d3e27e7b53eb1e0c8d34f7ddf5d09ff520bd4c3b7baca993857fd462f184621391fed363a548bc7b50eee3b7ef6ade8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 60140bc834da90837a9a4d1530484677
SHA1 d99868b0693b332681b4db7927f3f11b3ed37607
SHA256 29c0ba2fb11f5bbedff938e0d0a97da59f725cd153bc0c04f052419e779f134e
SHA512 448ddc49ab5128dfc0dc91ebe388d447e748848cd2f7dc15fe1fd0380a5436cc9872c32606d9d161d3648b20bff5eda0e48e8fb77c9293f3c0924ae89589eb37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 c52f3521639f61d058b371c90f7340a0
SHA1 26cda00aa74d363215fe8e5de80878cf767d9747
SHA256 98dadb40ba05b9079b6c7cfdcdce83a11764b15cee748e1d6b06ef13e94f1736
SHA512 ead5c9d264cb85f32a1e4e7ca84df51b2d8fcad89abe35b8a9e461cab914224e5ee9c3b0cbcaf720ffaf43566b9d9c958667024e0e6988f948640fd782ff3f23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 30ff74ce0c649d32c9bbbd04237f0346
SHA1 e81456771bac1d93ef96e2f762632e5e29df0c97
SHA256 a6de697319623e1c287bdf0cb4360bf8533733be7b9cf3a4b4dd7a7ed79dc9da
SHA512 06dfd40b28e2ad5041036afdf3316cfac6abed367f5282fd3534ddd8b0b7a58bbc9f0f466111ae5e3e3d6d106a6c39a9382f952ff8ab3c1cb71763c6ee3c9583

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d

MD5 99916ce0720ed460e59d3fbd24d55be2
SHA1 d6bb9106eb65e3b84bfe03d872c931fb27f5a3db
SHA256 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf
SHA512 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 b6bccb44eee52c305e15fc4ffd07f25c
SHA1 42253c60ddfbd6a2042c67ab33669d8f71ca53f7
SHA256 f6600fa5a55813db44f67fca9454794b9cad4350e3df34046d8f26fcfdc71558
SHA512 c9e1b9c1c2357f7624e78af8c27631c02fd67a2f744126d6a5f1cada9cb74f2020eb633cbb81897736af1f1b676b26fd2174eea9ee1526e9971d4255d2257213

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f36e5532d785f9605ef541b976163a69
SHA1 abb7183085811d43faa1b04a77d6ea1759ad704b
SHA256 a125951ea2180e45df66d9c7932c5140b6420a7f9c6edc58cf8b3e797d129b44
SHA512 1369f8b5cfb8b6192808026ee4bf434447e8d6bbd300d7fee6c000f1d29f2da8e1b9f896d6649bf1eb8878dc0abb505e2ced4eacd60ede4ca44d38b0c1cbe722

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 94bb459e4870682c0d6e753d8c78be2a
SHA1 99d96cd4d0164d7ff49a73505eb3a6896a9874ce
SHA256 c6eb424d7bcca76a75dfcf59be35c1eb28b660359ec582709348bcfc476a6ec2
SHA512 6f8544cfc142e14548811e96e2ec5b8af32d84f7012c1c6e716a76a4785447352ef847037fd19baac64e2214e7127273408c4f70e4c7bb0fad295184dd8c1e0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.patreon.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 dace61eaaa55a7d9d27b8932bf1cc986
SHA1 8fb9a5d09f6977d5793a6c90b8314c96a23b374a
SHA256 1f3f5cb67bdc77cae9cbf2cf8643df1898723bc32f9508278ae0247069464bce
SHA512 2ccc57c3fe32b274d3cc102221310089e33ea798d0330208e71bc127f2282bf332c2fb32b535ce8bacf963a0e628194b1dc41897b94d6b46226f9e83d6b4229b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 1bb95f13058c4777fd67eda0391db26e
SHA1 741ead07b0a544972865db72f5fbe3dffd47f630
SHA256 526eb3bc623675ebf2484aeb597d3b4da9ce3d3aa7adddb7f60607f85d557b38
SHA512 ada0704437a965adc5fb2530fefc53be57ccba25a3b480e1ac1751c02855c3d91a1c651c3b96a471b263ebcbc78a6283d7440d253db26636320cf365d8ff7a51

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7ac6aa68a7082f585d7bba27e8a90c04
SHA1 f88ec5055795e6021774a1e17e1a4cb77f8a4906
SHA256 444b1a5839349f69151bd25b5a81b4c8e1b120d55bc101750a6633ad17b1cd4c
SHA512 cf94c83d2509b500237d5d192991607915f9a83e3667dcad490d5faf7f997fc94a0565ac931176b96e4d42230118632a2e66e4e36fd9bd8bd1961b262eedf046

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e2b72cebf04404409142a0097654d211
SHA1 eac31162b958e9da01cba70a2ae7f7c94b5d5a7e
SHA256 55a682f9a167891f106fa65506f4dc1694f8962fc441c5d2118c181d2acc1b7e
SHA512 fd9f4eca1375dec5db0163b17d74d0af640497d23be8bde3069d4aaadf5b550eeb838532a89545bebd2d21b878a4e5fe43c04cfd3a84236819c2d7df22b55759

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 f3a88ccf0ed09bce753f2165d6185415
SHA1 262a7c8dfbfb47c95019295f96f64e5e5d265e68
SHA256 b4c82b5ee32e24af3ee0fd5591b385a4523de67d960f061d0e3986b87cdfb1fc
SHA512 46a411171e3f1da9230e0508281ffce342977c28b4ae1b170c8241b649f7453231306f89c399ac9e1007f9ce2e8b764fcd2a47647fef20b79c1690121fc0916c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 ec9c7b59e7eef86599f33d632b58978e
SHA1 f35003ce7b7cecd4043443010a9ef8a594510d08
SHA256 2408da66dc7f2f50c1b5a8617239c4a313ccfaccef54a17996f9196d70882e10
SHA512 a254f4253f4e30445f11b206741e238ec5973708e4bba2435f8f09f8c0ef513240f1ba2fd082082a389e74b789fc40bfe523c9ee58647270f0141e5ab0481f0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 50b1f14f193f35811ec58f91f5c4f7da
SHA1 1e6e1b7e2deb3ab4ef7860b874a8961d3b1b6035
SHA256 2fdc887f54eef402d7da4c93776e26802bacc86bc1bff54a10ec2b0bb1decf76
SHA512 bf47d250c61f66a3a3e91d3b1629eda25058e4e2adf341e410b75c3121ab9cd3455cadc991248afebbed56ddf18e5483db7f089823c780e05ad5f8624e54792b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 a3e87450db1309155a4d830bb7095f1e
SHA1 eeb9e7f2c991847c371ca6caa661ddf911fe6ad4
SHA256 9d956815ed5d48df74721d374c7c22197fbe58d595e51104d8fdd35d280cadeb
SHA512 3b57e900cc9fcabdac2fae6aafa9d34f8d6c5e914c7ab7800c586c6f9f82f29a9896bc90a8bf900ce20747ba30fdfeaea9bbb577075a7b4a4c1d3848f7bfabd5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 b49acf5d39985984fc16e0eb85c7d8ef
SHA1 3388d723f151cf5a3ec918ce83d425d3e1e77b55
SHA256 122e5b62a149725711295d81dfe5d549fdfc295f3fbec7aaeca8808b7a8d4347
SHA512 eb8500e313e0b8637128f3bcbeffccd458bf624a539721fb8e8831d4ce36f536be3e4073a68e1840858dabec9f7711193aecdb3c7f81eef069a3e58f398ad7bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 b20aa323cc40714a5c7f6c136ed7e6d5
SHA1 338423d25893565290866c3f8f79bbfbc0b7f7df
SHA256 73189d896573869befb24659e53ca2cf9171d2600dc1ead051f59a9acbd18dae
SHA512 0ffd6b31ff5740064786ffe6a2be12834d621971df806def5b0684b757a9d994530078209a8ad222c780febde9172a7d451012ce9d171a30dd44c214878ca3f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 9519cff03f3481635ee3eea90c2eb56a
SHA1 c9d9e82a8aa9864cf76bcfaff770582b8c7f9fff
SHA256 32415d1c70e7a363ddfdffdf57dec75bebebdd76b359edd1667815b5530d67a2
SHA512 93cf77d41440e857a32fcccb929a1bc972b08fb40deb5b7b85825011ac977fb7b708348a2480da9a2a8198e31059e80c18983070792292239ff44b0ebfce8a02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 23dcc3773915438f381674692b8f328c
SHA1 b9de92da2b7f1a79c289a620ff5efd91bd6e39a6
SHA256 2ed7de2f938f78b7467dfee6287921ca9977542a0181506180b2cac931b905df
SHA512 28aa713501b43b23586601bfd51a9b569f1014acaae1800a0103de5e26ab5ad721aabc197a15811a92157dc2f709bde8265c4e83bf596ff4fd68c0b9a6df8a75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f0021e6c1f19b93_0

MD5 14d3aac3dbe58cba14df373d8ac8dec9
SHA1 176e8643cea0038f7a2d94648977d04809edb06a
SHA256 9534a3a1bd5173d979f74d2097f7cfa09cf9f64816d86c46302ed02977dd813a
SHA512 a703b247f3b9dff1c00ce7b28cc3c90aa33c64a6c0d7ae049123c749373e48dddf3216555aebc92ecebed8bbfe90334021de1d0a3f4137d133cc9908e5cef725

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b6e7d76e3b07b95_0

MD5 a80485415c9672907c7fa5b73487fb2d
SHA1 9a38239e1acca433f0c9598e1631710bf107b58c
SHA256 851d5b7d6f744cbf34cb93b4b94b391559be6d4e03e2a1ac0e3017909bd4e5a8
SHA512 3401216fa258e96c8264e9d108d097a5fd3f1867a430e2aef7bddb1d7ebd6b3df9973e6967914fd08272a000596e1e3a2d6ccaa82e1552e06a4f0346e387a302

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bde96c0685c92d67_0

MD5 1aa5ca8733e1b50282ffb3b53dd0745f
SHA1 346aa66242dff125478940862b502f7617b7f22d
SHA256 62dee4607662727ce1dc110e20992fbf4d12875833eab9c5367b241fb149cbbe
SHA512 dd2e04e7b67b320a01280c79d87aa2742bec40ce4cfa268782062c370e786d71e4c38d54ad33780b46317e0419afe247159883a34e7c3c07705bc82e865d6f9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca2410793d2f35d26ca4cd258ee6c800
SHA1 0bb68fd54bb22cdd60200cb7fc6e191d17cf2497
SHA256 ef7b436bfa109976d334e3ab9a643852b888e34743db1096833546b009ac5f34
SHA512 7707ceae9db835de04c278c0a576d199a0f166d7edd5bb2355cc5920987d11d59a1e423dedb5bb8f09f82845737dde86b55416e8adae704b0d2afc23f78da8e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3611c87f7760026ccd44f51a752b5063
SHA1 48fdb568a08474b45a61969b4156ed20b3f7b5e4
SHA256 bba7bac6c1dfe006a2176e00122b25572ebe9d06b122252fd494f708b8cc6b55
SHA512 d27e6ba843d187d470672450c332bc77d3d5415d29e84b845aca6e81339bdc44baa120c8db13166b8b8ed1e4aa4054646d8ee2eb15cf103727fb04c63d416ebd