Analysis Overview
Threat Level: Likely malicious
The file https://cheater.fun/fortnite_free_hacks_download/ was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Checks computer location settings
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Drops file in System32 directory
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
NTFS ADS
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-14 12:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-14 12:32
Reported
2024-06-14 12:40
Platform
win10v2004-20240611-en
Max time kernel
466s
Max time network
465s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk | C:\Windows\System32\svchost.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00001.jrs | C:\Windows\System32\svchost.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00002.jrs | C:\Windows\System32\svchost.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.jfm | C:\Windows\System32\svchost.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat | C:\Windows\System32\svchost.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jcp | C:\Windows\System32\svchost.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.log | C:\Windows\System32\svchost.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jtx | C:\Windows\System32\svchost.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSStmp.log | C:\Windows\System32\svchost.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk | C:\Windows\System32\svchost.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat | C:\Windows\System32\svchost.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133628423133723536" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Rev = "0" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software." | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Vid = "{65F125E5-7BE1-4810-BA9D-D271C8432CE3}" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f706806ee260aa0d7449371beb064c986830000 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software." | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WFlags = "0" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed." | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874385" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings | C:\Windows\SysWOW64\control.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307} | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Mode = "6" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupView = "0" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000010000001800000030f125b7ef471a10a5f102608c9eebac0a00000000000000 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:PID = "0" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-2000#immutable1 = "View and manage devices, printers, and print jobs" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\HotKey = "0" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" | C:\Windows\explorer.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 572841.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cheater.fun/fortnite_free_hacks_download/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa6b9c46f8,0x7ffa6b9c4708,0x7ffa6b9c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3136 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4680 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5376 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3988 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\github.software.1.0.6.7z"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=D724E06BCE22BA74EC13C312FF513ABB --mojo-platform-channel-handle=1748 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=B35DCBAACBC98EE8C051B6F5AB89CEE5 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=B35DCBAACBC98EE8C051B6F5AB89CEE5 --renderer-client-id=2 --mojo-platform-channel-handle=1776 --allow-no-sandbox-job /prefetch:1
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\github.software.1.0.6.7z"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=8C7CE7459BDBC704E1D6A5EDE897FCDB --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=8C7CE7459BDBC704E1D6A5EDE897FCDB --renderer-client-id=2 --mojo-platform-channel-handle=1672 --allow-no-sandbox-job /prefetch:1
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=F63FC6DF60478C4960BC8A1DCB0E5926 --mojo-platform-channel-handle=1828 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=4D3FA8A0DC59506834963349B7223EE7 --mojo-platform-channel-handle=2316 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=7297CBCB612E2D8BD77A61E0C24ADC57 --mojo-platform-channel-handle=2068 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=42E7CACCA182913E055D2EFB58B7BAEE --mojo-platform-channel-handle=2416 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2108,6884258318138970141,17724044501823562590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\SplitAdd.jfif" /ForceBootstrapPaint3D
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa5b9cab58,0x7ffa5b9cab68,0x7ffa5b9cab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1904 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2312 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4432 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4660 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4740 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4780 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4632 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4636 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa6b9c46f8,0x7ffa6b9c4708,0x7ffa6b9c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=what+happens+if+you+delete+system32
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa6b9c46f8,0x7ffa6b9c4708,0x7ffa6b9c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,5742763554159941783,13481220039107389087,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5736 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus+builder+legit+free+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa6b9c46f8,0x7ffa6b9c4708,0x7ffa6b9c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4c4 0x4bc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffa6b9c46f8,0x7ffa6b9c4708,0x7ffa6b9c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4648 --field-trial-handle=2040,i,3111652242940389385,16383476061931861262,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa6b9c46f8,0x7ffa6b9c4708,0x7ffa6b9c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,7422063210572814162,15664242735929351368,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cheater.fun | udp |
| US | 104.26.14.166:443 | cheater.fun | tcp |
| US | 8.8.8.8:53 | 166.14.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| NL | 23.62.61.72:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.26.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.61.62.23.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| NL | 23.62.61.104:443 | www.bing.com | tcp |
| NL | 23.62.61.104:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 104.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.161:443 | r.bing.com | tcp |
| NL | 23.62.61.161:443 | r.bing.com | tcp |
| NL | 23.62.61.160:443 | th.bing.com | tcp |
| NL | 23.62.61.160:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 161.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.138:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.113:443 | r.bing.com | tcp |
| NL | 23.62.61.57:443 | r.bing.com | tcp |
| NL | 23.62.61.57:443 | r.bing.com | tcp |
| NL | 23.62.61.113:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 113.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1v1.lol | udp |
| US | 151.101.1.195:443 | 1v1.lol | tcp |
| US | 151.101.1.195:443 | 1v1.lol | tcp |
| US | 151.101.1.195:443 | 1v1.lol | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | server.cpmstar.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 198.24.167.252:443 | server.cpmstar.com | tcp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | justplay-cdn.playtika.com | udp |
| US | 2.22.144.70:443 | justplay-cdn.playtika.com | tcp |
| US | 8.8.8.8:53 | ssl.cdne.cpmstar.com | udp |
| US | 152.199.21.117:443 | ssl.cdne.cpmstar.com | tcp |
| US | 152.199.21.117:443 | ssl.cdne.cpmstar.com | tcp |
| US | 2.22.144.70:443 | justplay-cdn.playtika.com | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.167.24.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.21.199.152.in-addr.arpa | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| US | 198.24.167.252:443 | server.cpmstar.com | tcp |
| US | 198.24.167.252:443 | server.cpmstar.com | tcp |
| US | 8.8.8.8:53 | pbs2.cpmstar.com | udp |
| US | 8.8.8.8:53 | e.serverbid.com | udp |
| US | 8.8.8.8:53 | ads.servenobid.com | udp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 198.24.171.50:443 | pbs2.cpmstar.com | tcp |
| US | 198.24.171.50:443 | pbs2.cpmstar.com | tcp |
| US | 8.8.8.8:53 | ssc.33across.com | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 159.89.246.130:443 | e.serverbid.com | tcp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| IE | 34.255.151.166:443 | ads.servenobid.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| US | 198.24.171.50:443 | pbs2.cpmstar.com | tcp |
| US | 159.89.246.130:443 | e.serverbid.com | tcp |
| IE | 34.255.151.166:443 | ads.servenobid.com | tcp |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 23.14.90.73:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.20.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.171.24.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.151.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.246.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.15.177.108.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| GB | 2.16.233.56:443 | eus.rubiconproject.com | tcp |
| GB | 23.36.248.193:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.248.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.233.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| NL | 23.62.61.113:443 | r.bing.com | tcp |
| NL | 23.62.61.113:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| NL | 104.97.15.59:443 | aefd.nelreports.net | tcp |
| NL | 104.97.15.59:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 59.15.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | feedback.smartscreen.microsoft.com | udp |
| US | 23.96.1.109:443 | feedback.smartscreen.microsoft.com | tcp |
| US | 23.96.1.109:443 | feedback.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 109.1.96.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | securityintelligencecenter-eastus.azurewebsites.net | udp |
| US | 8.8.8.8:53 | assets.onestore.ms | udp |
| GB | 2.16.233.202:443 | www.microsoft.com | tcp |
| GB | 2.16.233.202:443 | www.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| GB | 2.22.100.132:443 | assets.onestore.ms | tcp |
| GB | 2.22.100.132:443 | assets.onestore.ms | tcp |
| GB | 2.22.100.132:443 | assets.onestore.ms | tcp |
| US | 23.96.1.109:443 | securityintelligencecenter-eastus.azurewebsites.net | tcp |
| US | 23.96.1.109:443 | securityintelligencecenter-eastus.azurewebsites.net | tcp |
| US | 23.96.1.109:443 | securityintelligencecenter-eastus.azurewebsites.net | tcp |
| US | 23.96.1.109:443 | securityintelligencecenter-eastus.azurewebsites.net | tcp |
| US | 23.96.1.109:443 | securityintelligencecenter-eastus.azurewebsites.net | tcp |
| US | 23.96.1.109:443 | securityintelligencecenter-eastus.azurewebsites.net | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.233.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.100.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www-myinstants-com.webpkgcache.com | udp |
| GB | 216.58.212.225:443 | www-myinstants-com.webpkgcache.com | tcp |
| GB | 216.58.212.225:443 | www-myinstants-com.webpkgcache.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 225.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.co.ck | udp |
| GB | 216.58.213.3:80 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | udp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.co.ck | udp |
| GB | 216.58.201.110:443 | consent.google.co.ck | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.co.ck | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 216.239.34.117:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c56.gcp.gvt2.com | udp |
| US | 216.239.34.117:443 | beacons2.gvt2.com | udp |
| ES | 34.0.206.140:443 | e2c56.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 117.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.206.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.co.ck | udp |
| GB | 142.250.187.238:443 | ogs.google.co.ck | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 216.58.213.3:80 | www.google.co.ck | tcp |
| GB | 216.58.213.3:443 | www.google.co.ck | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 216.58.213.3:443 | www.google.co.ck | tcp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons5.gvt3.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | replit.com | udp |
| US | 104.18.42.150:443 | replit.com | tcp |
| US | 104.18.42.150:443 | replit.com | tcp |
| US | 8.8.8.8:53 | polyfill-fastly.io | udp |
| US | 8.8.8.8:53 | cdn.replit.com | udp |
| US | 8.8.8.8:53 | sp.replit.com | udp |
| US | 104.18.42.150:443 | cdn.replit.com | tcp |
| US | 151.101.65.91:443 | polyfill-fastly.io | tcp |
| US | 104.18.42.150:443 | cdn.replit.com | udp |
| US | 8.8.8.8:53 | 150.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | certificates.starfieldtech.com | udp |
| US | 192.124.249.31:80 | certificates.starfieldtech.com | tcp |
| US | 104.18.42.150:443 | cdn.replit.com | udp |
| US | 35.224.251.249:443 | sp.replit.com | tcp |
| US | 35.224.251.249:443 | sp.replit.com | tcp |
| US | 8.8.8.8:53 | 31.249.124.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.251.224.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | o1151714.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | app.launchdarkly.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 34.120.195.249:443 | o1151714.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | identitytoolkit.googleapis.com | udp |
| US | 151.101.194.217:443 | app.launchdarkly.com | tcp |
| US | 151.101.194.217:443 | app.launchdarkly.com | tcp |
| US | 151.101.128.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.128.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | logs.browser-intake-datadoghq.com | udp |
| US | 3.233.158.25:443 | logs.browser-intake-datadoghq.com | tcp |
| US | 3.233.158.25:443 | logs.browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | clientstream.launchdarkly.com | udp |
| US | 13.248.151.210:443 | clientstream.launchdarkly.com | tcp |
| US | 8.8.8.8:53 | 210.151.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.158.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.segment.com | udp |
| US | 8.8.8.8:53 | merchant-ui-api.stripe.com | udp |
| IE | 18.66.177.191:443 | cdn.segment.com | tcp |
| US | 198.202.176.201:443 | merchant-ui-api.stripe.com | tcp |
| IE | 18.66.177.191:443 | cdn.segment.com | tcp |
| US | 35.224.251.249:443 | sp.replit.com | tcp |
| US | 8.8.8.8:53 | 191.177.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.176.202.198.in-addr.arpa | udp |
| US | 151.101.128.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| BE | 108.177.15.156:443 | stats.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | r.stripe.com | udp |
| US | 8.8.8.8:53 | 2.73.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 54.186.23.98:443 | r.stripe.com | tcp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 8.8.8.8:53 | 98.23.186.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 35.82.1.136:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 136.1.82.35.in-addr.arpa | udp |
| US | 54.186.23.98:443 | r.stripe.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | repository-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 185.199.108.133:443 | repository-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | repository-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | repository-images.githubusercontent.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 216.239.34.117:443 | beacons2.gvt2.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3a09f853479af373691d131247040276 |
| SHA1 | 1b6f098e04da87e9cf2d3284943ec2144f36ac04 |
| SHA256 | a358de2c0eba30c70a56022c44a3775aa99ffa819cd7f42f7c45ac358b5e739f |
| SHA512 | 341cf0f363621ee02525cd398ae0d462319c6a80e05fd25d9aca44234c42a3071b51991d4cf102ac9d89561a1567cbe76dfeaad786a304bec33821ca77080016 |
\??\pipe\LOCAL\crashpad_1012_AWALHCFZYRAMBCIM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | db9081c34e133c32d02f593df88f047a |
| SHA1 | a0da007c14fd0591091924edc44bee90456700c6 |
| SHA256 | c9cd202ebb55fe8dd3e5563948bab458e947d7ba33bc0f38c6b37ce5d0bd7c3e |
| SHA512 | 12f9809958b024571891fae646208a76f3823ae333716a5cec303e15c38281db042b7acf95bc6523b6328ac9c8644794d39a0e03d9db196f156a6ee1fb4f2744 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9a5f84b109d95321c7b4f556181eb495 |
| SHA1 | 9d7373ff011f67168e20daccb32cc3e437b1c88a |
| SHA256 | 59a9b18ae0e5522e3de4da748cb45982fbcc9de9a718dbd2cec21791d63c94a7 |
| SHA512 | 4ec3122997e53ecd7a3b3029b5022db22a8b116e0fd4056605561758861ff4142b8c9128d07ff8139a5dd1d295784faf93fd766aa3bfaa9034325c9d8e3842f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f8f6adaea4ecea42e7c63f7a38be93cd |
| SHA1 | eecce1e077398aa1f4ac71076064ebe7f1e9cd00 |
| SHA256 | ae470931170b5b4a1a40e3299f44dbcf514da40cc9d7185506edbcc56548b6c2 |
| SHA512 | 9b64ca4558b5224da68dfaa25cd59b0cb16be855f1a153fcd615e692be2d4ba96a1e28339095a0a1c2a56d2a85762b24eff7dc0a653a655db9f37d6f4e715cc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a6ded35d4d4ada5886fefbf2c5e7025b |
| SHA1 | b23a8f8d0ad984a6e171f3934f871bfc244cd030 |
| SHA256 | 0551c9b946da86482a3a8bb91242b9e4d71ee7dd43bf1565eecb4d2fd0417a40 |
| SHA512 | 2ef6101fd0082b09a015fc13f80994f1ae584263ff49d33d44b311c3368d3c1ddb8d4dd25aca877808500bc36ac1fdab41c5b8f5f364693c219105bdd1e1f4f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 7680465c99b9bbd9eb5e3055a95ff481 |
| SHA1 | 4f035af69ca6076226746c23e900846846dce364 |
| SHA256 | b53b1d67494e1a4c85056d2bbd233fb9241dd02d88261f72aacf17584f0731e1 |
| SHA512 | 3c78423f29234a1bc867a73f3c8ddb792869fdb388537867a8d78e68d545386c6cd92891f05221194113ddbc822532184d0763ec329db396c7d41c4f59d447d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | 7c2224075fd41741e27aab8e01cc338a |
| SHA1 | 61ab9ba861743b87f8af0c55e977aa1c653f8d73 |
| SHA256 | efaecafb3b690ff5bddf38ffb089a715f083e311ae55761697fcd3ba69b5a141 |
| SHA512 | d6dbda96d49ff4b36d6906dcf001e7ffbbd953e06a347abd5d3db8784feda2d134b875f7612611061628ba175656fcb6da378e8bd06764a287add3e64e33ce82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | dc2badd1cb60ca8a4c2f39a6ca270fc5 |
| SHA1 | 9eb46c20eac75d9b52d39b3b100588f745299eb2 |
| SHA256 | 899788e9684f0aed31d04c8c971a3af2050c2a65788afc7fc58c42baf399fedf |
| SHA512 | 8a79ec59dba6f249cc5c0676809be3f99e25b3619ef89d28146b7a25c5cccd36c887270cf545aa213c88cafc985d38d4fb296886e88fdf7f18f03604bb92973d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | b11feec4bea9ef51ecc288c1fa6b30e4 |
| SHA1 | a06c2ff174feb3d082f8525c12d35740fd96b6b7 |
| SHA256 | 9a095de0cd504c64a18fc187793319e04b8a9ebb61908481cc8c208bd6c97dd7 |
| SHA512 | 1d010718d4b224d0117e605b8f9fa0eea1c16a0dc6a57ec848e5bfdf2c08b313582e9645282c01b641ff782bef91d055d7ee9de6fa2e8523991a3488ede1485b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 1e0af426b9c4f8b9e4ffce700141ee1a |
| SHA1 | 01c7138203bdb1a7ac9f21193a14629c67db40e1 |
| SHA256 | c944a08e09883417f3ec4fa3e2a7f51e506162397a9c04f64abc457f3a74ea3b |
| SHA512 | 2ccb89b1c8fdb5f99fbd45ad06f8af074a9b934f8ede3be954c61d0b8ba85c063822a3dc1fabdc9fc6bc9f7d45b0e3ddb94d573eab4024dbc5a673369f9a341c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 9d1c8c85fd9d222966cc6925ad2579c7 |
| SHA1 | 0df4a2ad1e774034dbfce31a0bbe769253c08644 |
| SHA256 | 6bfd833c3010460edab05f80af15cb6d11809e8cfe63deffa5e78ea0201b1cbd |
| SHA512 | 43325d650502a95044caba493f051144e5fc637a8804bb563a38eaeae21a45180ad1a23376b6b9714adb41df8781473ad924e2b60ee216dad55abcaed7e45d88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | ec72dffcfc6e6aa10c49845c98092f2f |
| SHA1 | 78caccb576d9a69da14167fa5e8fdbe08b6e9114 |
| SHA256 | ce81f7b99dec3b9e50d35f7236d448f923283712f6f09ea9b2bdebfeccbb3be6 |
| SHA512 | 64b5ea32a53c5717a1b359a83f6fd5abb92d4c14df4853ab5773930e3ce05f97fbffdb3efec62c0051ffedba64efe7fd3fc539063b08baafd2917280d538fa05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | bb30ea3b46964f49ba85f475efd1fb6f |
| SHA1 | 1bb4aae7781af8b933e1dd4dee56879a3ef92d38 |
| SHA256 | 7a5bfdc2463dfde6b169ca4555ce9f5a0fb21c15c3ac807967590df27dd800e6 |
| SHA512 | bc52e8de4712d416aebf1d403d6ee8dcb6386a93dfc6727613af487f73de69db90913a9e9781660d8dec121d720ceec9c84b260c76f0f6f565ae80967eee7474 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 235f511fe1bfe8e62c182b9f606a1243 |
| SHA1 | 1c52c106f350484ae063548a7c71893943e1684e |
| SHA256 | 29a85b66d057148ed6c3c3d23a6a974230dd6de43a629fe0b5b32b7ebebe8383 |
| SHA512 | cdde77436fa151c9277511c43bad1350c4c66da4d854dd88e376d3a82a6c97860540632764fa352eb2144d2cf86cae9e13167f0132a58aefebf333a5b285324d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5790b7.TMP
| MD5 | 2c2cb7f54f5fcf25f7fac88331cf5c06 |
| SHA1 | e0a86e93543de8008c0da1ae39d36a9c2d124baf |
| SHA256 | 743722669de9692932dff23eafc01a19be4b5fc09516d7df0d188f97bd0ab6b6 |
| SHA512 | 32ffbbdbd001945c5c006406550ec38939e1d535530e18c254f2a420bfb4ffb6111ad0f13717e3e2ea10a3ace34a287fad329f4ab29e116e68d77b1fe96c929d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bdea9b3c8d38ebb925c1127d689b1c03 |
| SHA1 | 46d5f9f432ccaa9ca5826184490940f2e012036c |
| SHA256 | 03c151a2da9df80a4fa3e4d4bef60c93bd8eaec957f54c205a2de7d96244dba0 |
| SHA512 | b24eb7a0d078328ac3aecdfb84952e3cbadd3afac8606aab5a9755b5e4c3bdcd0df9e2ac7ce7b840db4580ca601594c152aa6a8cb39cd4ae1e38534304599468 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f7b695a02bde86092eb605a1c80ef953 |
| SHA1 | bb488615a0ac719655b2f93e39f3bf59d78870e5 |
| SHA256 | 6c484ddee4c626ee1f30ce4688fe69ba8881519dcfd6e08323f75aeaa89a7c99 |
| SHA512 | f271b01e19d783a47de12fd6eac5b41f12b588d900c0896322e24d3598f260768bb956b79073708d9fd991950fc7302fe32b5d573f039517753274ef44dfdc6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 556398f6af129898a4e82051c9af8abd |
| SHA1 | 30602e7ef0437caf31ccdf804cc951154132a0e6 |
| SHA256 | a884dfe661181f9feb2e26620ed65aaee5418f90d4501889b4401b45935ec491 |
| SHA512 | 8e675e5ad3a6e54535ca2933990e18f46780f4f6a8845c5626c2bfad2f5062128e28695c313dee08fe7af8333cc202f03df4ed9f730e75b81730d1d3350871a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cebcd05fd561b7e4d5379e7d80fb9468 |
| SHA1 | a0456266790ab77339deae314f327cbdc9bf2a35 |
| SHA256 | 3d7600e6954b16e74edae1de6332cc77d3c3f1ce853ceed0ce780277a3a69b2f |
| SHA512 | 0253c6066d8a85a4190dc017c43984b506f3403d9f020863d77d07e528c847439ba5f25c1c4d51677c4c826488760c7ec6be83222b10e11bbba52fe96ae7cbf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 829abb7973bb396db6d620f591148f9e |
| SHA1 | cb1a87946358bfa5114171ee07669270b20a8382 |
| SHA256 | d7f7a4fa93f91dd629c04325338b14fc22fd11f0abe227dee804f3fde3467227 |
| SHA512 | ea603797cdfea7bcb9e8dbf65401c42e4e4092ae7021c4c7de1d2905c21c44650364f3da83fb320838f6c9c948250c1e4798b7c13cde14473800b929cf0494ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\82232155-d4c1-4cc6-9560-e01d3f136aba.tmp
| MD5 | ec4549e57691f3edbcb1b9f5cb4c5643 |
| SHA1 | d96cbebc5641b29b2c1a30f409ebefb185fe9944 |
| SHA256 | 999bc849e6aea58d704a6c47b15e7fbee560d4b9bfb007f8743d1da376385694 |
| SHA512 | 72399ae3399d45ec946b410338c24c909826a743a4b3ae87da11dfd3ac4fdfeec00ea1792d6847e084ac5c07b230a40144bf65402b0766703390727889fc073f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0fa7c54e91bc743e833a4e5a0c0030e7 |
| SHA1 | 028680ad61ed8e30e83287d18721eab1683ca41e |
| SHA256 | 5ed1c2a8a64cffb0ed33cfcf3ea7b132b190f26c5b33692db7d7bb7f66e2b52e |
| SHA512 | a001ad85eb0a72f053de2e7b4131398b178cb2fd5986b71773719134e81dd9a634f69cbb10c995062c99ce571c79842193ca5b79458bda187a09fc34134fbc95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | af07ec75325e1b64fffa01b21dc853c6 |
| SHA1 | c8f05f37e6232df647372979c4ce3dd4aa1d0694 |
| SHA256 | ad32ee8b6850c31f9bd8a4801f5bddaa46f7bcf79b0f2c35c93c5f856bfb6d1e |
| SHA512 | 441cf90bbe0f0603f3c25ad44f696647dc843ff13b40ef4d7e6bee57fc009f7f5e4eaf543f01222ffcff3875418c520777cc8d54423f4fd3761248da5ed4f30a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2ff8d666b86316a183a21031128dc621 |
| SHA1 | 86cc628d5e06153a3bc87aa5234354ec2dc09372 |
| SHA256 | 89e634589875ac1e4885ac46c4b143c68d11d70a80dc59e24bd3b4fb88185d38 |
| SHA512 | 04f612b5386ba008e3e4d6d73359e903e1e6ade28606249ab4bdf9bfa5d6229508a410447619d03b9aa77accb6b93309cdfd4ec62332e47d8f890ea2b2e309be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 19563569c7ee3c30b56f664bb425569a |
| SHA1 | 2f024945cd52fa3d6de7e8c8cd659f867ef46a95 |
| SHA256 | 61adb6b93000618b84e32fc29e569355ca6cd7581d4f000d14d4c94b10bf3bdf |
| SHA512 | 6404bdcfa184faecaaf39f0a17065f3acb6e662c20a683cd61a909491bd2c9329cbc763f535885e1bbfbead849d09c44f91740907aef1c8c6ad2635b6efd2b17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | 7e31349edb2d672ad1471eeacb22d480 |
| SHA1 | 073473ae8f14482e8d0c512ac8059fe9f7fec249 |
| SHA256 | fab7b34e47ce70dc148dc87c28e4dab7ce7cc116a4507ea391ab7e7c550aafaa |
| SHA512 | 6ed50dff38bdc2d61319bbd2cb10eba20c2a1855c8e7aa085329aee87cce828f0baa1e4d7145d94413896e85ede798e4d8ddfba39fb0cd63a8e2def26ccd857f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cb0edae2d762b64564c4e8008ba39cb1 |
| SHA1 | 399a11662e7603ce76d150fd701a273b6d8aa31f |
| SHA256 | 801a894f76d4da5425efb8cdf0ae836cc29b6bb16a42357d59162a84342c64db |
| SHA512 | 06cb05869c78b11ae0aad075abc287dea12ba1d5f89ba36290a661cfd701ab3d4d28f4c236e7d58ccedac55f8a09227c37889e8b4b18bf057a58995e8f0e8e37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f512a424329a7dfbb657e7293f45da1b |
| SHA1 | 8cde6a2aec574e7d78da27d7e76342bf305781bf |
| SHA256 | 942c68e10a7675cdddefbc2b951d1ceba88c0d459f016a8b6311bdb87e9c7213 |
| SHA512 | d5021cde103cf92130943edfc562c48bee32ece961ea8c1bdda0189b1db107d83be9b64e5010eaf4596006835acfb3b904d31ade5cd58a15f13033cae883c19a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fb7d21c7c8b9c6884adf5f06f7d1515e |
| SHA1 | ab1216fd05544fb2d485f93dfa9f859a70ec698e |
| SHA256 | b416193e91f8d906e341917d4e54be19438fb6bfd8ce94171f3468008a87eceb |
| SHA512 | dfa82dc61f196e52f157ffe99ce934fdc0308beeb024cfaeedfc9c65e6d029c40fecaa637e4ce6ff1975825312c6a41a59d722f374044d99d3bbc3789c19097b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | 8f41323683bb7d3ecb4b8decba29cefa |
| SHA1 | 95cb350f4bdb10839b4c3e9f9c5b8e87bb2e31a4 |
| SHA256 | c8b731ae3961dd30885a72f256d10eaa6e53bd021e8350e8627d207332c43f18 |
| SHA512 | ad881da39c9d5d49bdf434cc41195786e78d4f5a3dbc2bdd2241f9825c750c5df7a0b7e878c608fe76f829e74254503e8676a6ae2767af9f9cebd599a78f4368 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c4d40af80cb8b69fc68ebf2ca9aaee8e |
| SHA1 | 863dc873cde4af753b29b19fe40f01435553148e |
| SHA256 | 80b567982bdc4e0ef6742321b94032291881b48443d203a66adfa8bcb048c473 |
| SHA512 | f4ee273a76526b90c2d52b46a7e30b168f1af839563c59933e0eac80756c15803aa779c8a07692abeecddf414060dee651d503a64b151af39afd773536694668 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f9e4544a01af742d9ae0446cf5c37c56 |
| SHA1 | 3755fb89be7fc40f9983029fd8f508b50d69641d |
| SHA256 | 13faf6de97cd84b0b91b35c5b739c8913342215e887857a14b02a5ff52864097 |
| SHA512 | f5ae804f4cda13c7ccae9a390341a0c1259a419190d4d4c61956d662ed711e275fe808d7f59fca07ccba0e40da03e45636126fbc759a4543ec79571ee9aac26c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 830aa0417c61f56ac0a8478b2fb634f6 |
| SHA1 | 2a88352217dc53f2ce3bc3e2f4fc471bd69466c4 |
| SHA256 | 74250a1ddcc92c3922fca05c8ae2de8083f4b0f24c14cc43ad0388c5fa65db2b |
| SHA512 | ab693f0bb2fc2331d322c279f41854af4be2c9d5b38ed8792c6248a30f84eb769f05bde3dc4ab7bed880b08016fee3de23ef302cc71c06d970da4d8c3ae41dd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 85e6033d02a4132211194448e31a9f48 |
| SHA1 | d453376cc3153574e7357571014a508553ab6449 |
| SHA256 | 499e438a6d530dbc8400d83adb1970aa8bc6c1882f6d6e6bcfca52d69c26ffe5 |
| SHA512 | 7f4303e9d0ea61ddc94acee8c43b013db248bbb1ccbf5394e58b7490f9e4fb668f73be63546d230fb0f9a024928108d13a5686311b2c747e606c53f3b2769d04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\0a786e07-4128-45fb-a2c8-93c9a5462f6d.tmp
| MD5 | 5b9caa4c92446d19023c53d3e96b8740 |
| SHA1 | c3e9df11677d5048341d261fc738f62dfc7909ec |
| SHA256 | 9af5c72cafc543922062d7518b59ca1d8b444e601cd756cf9510e528a1332210 |
| SHA512 | 7a7bc269bd615a83d85b1b66e63d73f6ee880b622fdda871fc9ccea57246799ff65133d97f3b4345a7eab625ba7b5cf28d0fb2cb9c56cb8396e70b2085f5725b |
C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\IconCacheRdr65536.dat
| MD5 | 0ca92e00a9ce4375a3638046691b4bc9 |
| SHA1 | 5a157e36bc4f2d9e92603360272114bdc0c05a6f |
| SHA256 | d4438f7c878c75f83cb468efcf7c34f76c7db8e04a90a40314785addf2227151 |
| SHA512 | bf22570e1899f239c117a4e3bd1f46f6e656ee3615490c45157c8dfc18bc3021f6b7a75afba908c2c31850c4f5db7fb56e08059eeb36552720a7aa5d9f7c23c7 |
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_storei
| MD5 | deafc4325435b1796d26a9126fecaca9 |
| SHA1 | 4286fe12ea3ec4ebcf94e0a32b25eafb866280c0 |
| SHA256 | 02df8042ce19bc97513bad8b22b345b971c61dbcf89d024d6f9706b83d006d14 |
| SHA512 | ddaafa1f436ae6c0a6defa8159ca45f34387afb17025571bc078c92a174cba056f86c850288e3817deb46a3b921adb210e10c07bec9d66023da54354d99c1122 |
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store
| MD5 | d593e23a480b5346476109577eae3957 |
| SHA1 | 3a047467c595ec5efdb9bf03d78f5eb105a4a82c |
| SHA256 | 07c6cd89f2d3e7041a128cfb2b27092bbbed8a68ae00663212d51be6f765df75 |
| SHA512 | 604b33b865c37bb4acf017a8235c82d3e79aeddd6473cf8240ce9b976cf094a3239a4df18eb07de3e8eeabafd11a531a2bd23a3469ed2c76875a93d054725af0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2c342b676cfafd74ad356e6715be700f |
| SHA1 | ce06abccc183beaa455d4d1c2a89c93ac8e2ab4a |
| SHA256 | 9d20ce535c05070287cebebf4945fc2f8f99e7b6489f29e69bf16a6f122b3570 |
| SHA512 | bd9aae5b1be6ccbc62427a4baa1b1173d708c67b516ed0998b611b462459313af1f88db5782c7d3e9b879b32f30dffbbfde382ac97266128350e74f1a658f9fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | ea72a4e3b1d503709bf4894acc0d993b |
| SHA1 | 5dc1085aa6602623ba36d129cd14eaa2153eebb8 |
| SHA256 | a748205e9bd601df0b0beea943a4f3c9cf1ba5cddc17a7b8d72119057b0407e7 |
| SHA512 | 72b1bb7d1739515be17253714ab74a3b8f8850b72dc5d391bea2caada0ed2bace4c5fe799ef4914f68ed2e817b74ba3d3aa1f31e1bfaef1618c23d02c7f1aa18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\461d6109890ece5d_0
| MD5 | 3b4566ad073b52d3698a67d44d940044 |
| SHA1 | 9241c62c52f4ed6b39c3fa251b8089e43ac92ef8 |
| SHA256 | b1e8c1ce63b7ab8d3e7eda87559fb8d7d0380e40194588c7c2cf269ce1ad9f77 |
| SHA512 | dd8f02a4b04072329c52107745a13eda0277cd3a08e66b8a92cf146b5ed828e01d1fef39a9bab1a0077ce15c73d9925fdbf34b2df166aca31ff28530684b12be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\05db63df760449db_0
| MD5 | 84ecb2df79e4eee97ab35bdd9de38aeb |
| SHA1 | b50960296c78c9b0000dbdad3e122c30f425a850 |
| SHA256 | 7af67ae209e1c99e17f0173344feebee23adc2bb81eabf11a5c07e3ecbb40a0d |
| SHA512 | 166d9d6af683ca183af014321ab09893d184aba28779a2b2d076d5fe6eb9e821adb9a494885658eb445c645a58b15124023c4c8e062aa55848132bc9e8fe4923 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | c33edec7b9061b265f181ddd8cdeb328 |
| SHA1 | 2bc1fb1e4895a1055297839ccc85a2f46f8d5f82 |
| SHA256 | 17ea36e2472d22df9fa5eb0e47d063075f8d527c478b22fe4120a183e9c4c9af |
| SHA512 | 30780f28d58398e4456259a2d05a74f32425804b3ea2a072ee8e4d2c1987e61596d80d5705d50b5b0f0533f674bd23d38c3dfeec74cc9de5d5da1055f4b63f33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b760edfd9c6831b984a76478b2c3e2ea |
| SHA1 | 5c8150ac336d96da944a47dc9ec6b9d57e29dce9 |
| SHA256 | b326e4e11a28dd1eb9796f7230a05bffb9574525af1891f43e0a75e28aa8a94e |
| SHA512 | d24215204f85e7e810962906b5f25d5d54f89a0c7b9b81f966f2f485c72c2868c9773932986718e5e954f5be84ef4391f1b81bd530be56609c5904a9fd67ab1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 74a2a2eae5017a336954d4bd7d7b81d4 |
| SHA1 | d1ccbf04eefe1fde294750ac0e8e341b891e6130 |
| SHA256 | 9414acbeb642918a7080b56c90fa2e47522f60c7e1c68f2fca55f71c58c47b07 |
| SHA512 | 0b29c63f094561401f40f5834b589373298a95d019cc9d35baa783be546653269ebdfe016a334f18547376d7a2394abeebf5c5f73b311f02b119cad7819151e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | daace47c9d67836b55c3c2116f031fb8 |
| SHA1 | 5b8df914452cf3a1878636ada3c28fb5f50eb186 |
| SHA256 | 3bb2f4ac5692de4d5352f19007ea15fedcec54b09d0b0710f67b7a96adf5e93a |
| SHA512 | 47e6d916afb90381b4bacf42b7cf3caca093eec1897d8d03418a066aff8695f8d6a75170c7c5e45a23915a5697cb896758cbe0d441d993eb905e181215f7f058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 2fa413749c8fc80fd915111a499ea6b0 |
| SHA1 | cf9dacf2451cfa462d573c454c24b9b209b31faa |
| SHA256 | 411ccb79eca67e7f61ee68ff2d0160771ed049590c35a747d2e6341eae05099b |
| SHA512 | e4de0203a3680d9d694b76379e5c82549739ff51bf783624ac73bf4b622c69d08c0473de7f7d85a33c80354bc507d5ddc87cc8b0643e22cc661c4537711a705b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 76e2533d5c0f986355fe79efb4f5e4c3 |
| SHA1 | 1f26c931a1b019c96159c055b72e400ffd34cb2f |
| SHA256 | 91c7483f7086c4019bee8005e6e32b15eea1d4c4e596c13bfbfb616d0f4f6a42 |
| SHA512 | 07f9f9ad2bc1ad100135494c6d3662d3e169df0d949ecff246298b1e5b6f9ffa87c75cfba323f9d6d7ad0317dc19f95da6dc22df16cca3130f035dfb2145e764 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | cf989be758e8dab43e0a5bc0798c71e0 |
| SHA1 | 97537516ffd3621ffdd0219ede2a0771a9d1e01d |
| SHA256 | beeca69af7bea038faf8f688bf2f10fda22dee6d9d9429306d379a7a4be0c615 |
| SHA512 | f8a88edb6bcd029ad02cba25cae57fdf9bbc7fa17c26e7d03f09040eb0559bc27bd4db11025706190ae548363a1d3b3f95519b9740e562bb9531c4d51e3ca2b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | bbc7e5859c0d0757b3b1b15e1b11929d |
| SHA1 | 59df2c56b3c79ac1de9b400ddf3c5a693fa76c2d |
| SHA256 | 851c67fbabfda5b3151a6f73f283f7f0634cd1163719135a8de25c0518234fc2 |
| SHA512 | f1fecb77f4cdfe7165cc1f2da042048fd94033ca4e648e50ebc4171c806c3c174666bb321c6dda53f2f175dc310ad2459e8f01778acaee6e7c7606497c0a1dea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d202d4dc8f8d7e09d5abad18cb51b444 |
| SHA1 | e8cb9f45123d4360613e10cb8885379eef911182 |
| SHA256 | d3bc24beecc35d00429d9f1e8929bb12e471f3a6844ead7174a0187765e027bc |
| SHA512 | 7dbb7fd69d65a81989d93da2e375e37cee59198987cd0b1a4f8dd41e93c22c31e7957e48338d8a6185d0c824aeccde6e0966f4058999bde9957010b77c2333cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f5f82ec5851637007728baeddb5f32f3 |
| SHA1 | 4dee71ce3c2a938757a08a636b250b993b502a62 |
| SHA256 | 5e5bb11832e0e3cb23331ccb96cda4e6b9c53dd8472f8c1c0a0e76d53fb70790 |
| SHA512 | 3a4240a29fbaa94dd1750ac2f071935e065b149304bb25c42a9765ef0f28ed7d2069fabdadb34118644418c93849db7f6a2c3f1a42e49123bfe63caa5fb0c5b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cb368cba1bf705c31f147b9a7bae4196 |
| SHA1 | 7a3e38a899225405fedd8603626e8ae489384b4a |
| SHA256 | 87b6bed09d9be6e29c1b1a24c3555da7dbafaa1db612ae5da3944fe70e998e6f |
| SHA512 | 395b02bc70d5db795390f8ee7709af7c1c72aa1f7631b8f8719b986c7b4e967169b18b2fec2d4b3d76bea4447587f0f50e5202f7c711b97ca2abd9484b643265 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d41bacb9044bb8aa7bbf1d212d280c30 |
| SHA1 | 2c0bbb2a19aad5ca83da5771edf6548882af326e |
| SHA256 | c8b1b360405851d68874c9f3a57cffe42cb43bdeeae2954b638187c20a182e8d |
| SHA512 | 8e7c960a3ea8a658bb1c07be83aa2f9702183527839d1d35f2c14b5b3a593c054787cb06dafa47ae6216a0839de0ad8c024b04aa2ffe592873dc3423970ccc6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0c9e57af78b08e2f3cdfa004f4fc19c9 |
| SHA1 | b1d7cada837cf6d6673dc450457c9fcd5e76af05 |
| SHA256 | d96c83095f98234bfd23f59403ae4fe1630370766f44e8cb08df8dd8c1d15fbe |
| SHA512 | d82d559da918d19c0c4fca4f7c5b9c54fb8ecfd7bda82abf619e9b84b09b21b337cef45f3b1e1d84040ed24d99a5d73aa8afdf44b19abe3a84c3e8fff752c581 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 280ca26b23315134f92849403a4b2f9a |
| SHA1 | a6d4072942f3da22f4764e583d84b5313f64000b |
| SHA256 | aa55d4a24a2e747cb8e2fcadf1171f4ff87ed54534ffa185f872009bf620b84d |
| SHA512 | 03e4f88aed81f9a003f4357eb5e028d5d6eff7c9d8cfa1aa71e1a222f4ac57b76c618f8d2c6352e97913294d6539eb8b2f4ae5c77101a3c12a740d8c26c521f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000f
| MD5 | 913728da90cf90d8e78af59c60b47c3d |
| SHA1 | f42f2a545d4fcaf4f76d0f060f52e33a47df7f1e |
| SHA256 | b0b478f9aa6aaf8d5811e296047ae1f8ee07f4c4998fe9d7b960755ea1fafb82 |
| SHA512 | 3af86e053dd56aef03e6f967a49b1a0d492616a71e2e49090e0c8e5cbe58ff37ccc55e91f06bf34096059a49f3de84b0bca587f3f17c366f97c0f7a0fd17c974 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | c1526c434db5dae1b5822225baefcc29 |
| SHA1 | c36e9bcfd8d99a4db82daab8169986e320a21608 |
| SHA256 | 78f4e18a27a50b0159dba8dc019088de1045f7762c8d927c5d48e07f6111efc4 |
| SHA512 | f75a4f4501b3f2614829649ac3e808297d937cd4d70dbe57049ceeeeb1c36f9006986f38bc6fc8fd0013aaecacb86533c88cc1cab533e72435e016c35ce28f1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7486dc2ca9546c1bc2bf87b9fbfdb6b7 |
| SHA1 | 1cc5ba27977b0d3c6b940beb90e74a214b234f77 |
| SHA256 | bba2d86accb572e633acae4ddb76da3993462181be317966d5e8934aceb9a34d |
| SHA512 | cc521d11cb8f46650183419f165ead496b00cd2030d61df1a6717c6e31bb1096bb3f25ec095b4feac4bbafecb86f3c77f72c0650614b23cab547382ea92f651b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063
| MD5 | eb63aad3cfbfc8e4570b89c9f2f651c7 |
| SHA1 | c4ae7ad4c021508f7721b16e82efd60826b1e96a |
| SHA256 | dd2ae4d6b1cbf32b75433ea22afa1022f8aba05f521447bfd9b186694a022467 |
| SHA512 | df0ee255da8abac46386a70ae562d30d7e898bf7070e9082ded20546cac552ef951b77b5fb8b12f907828c65409f6450258791eaa1e0739c89810cfc3ad07db4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fefc593b3d642bf3a7f776fca93a2450 |
| SHA1 | 9386675da1dc32977e5868a5814094c8518b9f4e |
| SHA256 | 863c2cbe61ef2bee7b652d3b60180d66a6713bd268a3837406944144539dd8b1 |
| SHA512 | 364317fd1cff95c771d4269a614cf4871cebfda130389e7ee874316045a6f3339b33e25ab7d7075c015b64d18bc8d18bd2e27a0259feece78fdd9eaf67bf51a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061
| MD5 | 635efe262aec3acfb8be08b7baf97a3d |
| SHA1 | 232b8fe0965aea5c65605b78c3ba286cefb2f43f |
| SHA256 | 8a4492d1d9ca694d384d89fa61cf1df2b04583c64762783313029ae405cbfa06 |
| SHA512 | d4b21b43b67697f1c391147691d8229d429082c389411167386f5c94e3a798f26c2457adf6d06caec446106e0f0aa16d895bfc4e8a1ff9e9c21a51173a923e3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e
| MD5 | a9ee0092a50e4443e7cd01cefdc6d95e |
| SHA1 | 18614eadee202eae00c3f22267d18cf648446b93 |
| SHA256 | 78c268c35b00d23224cb9ad9ee70426c943d41d4635d558756ef83f985e7cc9b |
| SHA512 | d4db3c81cd081d582017bb678ecc7edac4641c840300b802c88d433a9f79fb709176bb8c11af35d55562ac0a82b25763477e3a6b2784456a5f4b8be625d165a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f
| MD5 | 57a09a381255b716f97d35162e6d03cf |
| SHA1 | 2c3896bd47340403f67d2fd834ed396609806b58 |
| SHA256 | 91762de21a32bf7714921e215cf564232ea09afc529b620584de7e16dadfeaf0 |
| SHA512 | b10bbbc4c552f31aa18458d0eeef6ddc656d7e9b9d99290e764e4a60c0f26f118969bfc0050cf3b710c7cf75486739499c7b9ea9fefe792a20192a67bccfba26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | 5d0e354e98734f75eee79829eb7b9039 |
| SHA1 | 86ffc126d8b7473568a4bb04d49021959a892b3a |
| SHA256 | 1cf8ae1c13406a2b4fc81dae6e30f6ea6a8a72566222d2ffe9e85b7e3676b97e |
| SHA512 | 4475f576a2cdaac1ebdec9e0a94f3098e2bc84b9a2a1da004c67e73597dd61acfbb88c94d0d39a655732c77565b7cc06880c78a97307cb3aac5abf16dd14ec79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060
| MD5 | 2923c306256864061a11e426841fc44a |
| SHA1 | d9bb657845d502acd69a15a66f9e667ce9b68351 |
| SHA256 | 5bc3f12e012e1a39ac69afba923768b758089461ccea0b8391f682d91c0ed2fa |
| SHA512 | f2614f699ac296ee1f81e32955c97d2c13177714dbd424e7f5f7de0d8869dd799d13c64929386ac9c942325456d26c4876a09341d17d7c9af4f80695d259cfea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062
| MD5 | 77e89b1c954303a8aa65ae10e18c1b51 |
| SHA1 | e2b15a0d930dcc11f0b38c95b1e68d1ca8334d73 |
| SHA256 | 069a7cc0309c5d6fc99259d5d5a8e41926996bbae11dc8631a7303a0c2d8c953 |
| SHA512 | 5780d3532af970f3942eecf731a43f04b0d2bdb9c0f1a262dbd1c3980bcc82fe6d2126236ad33c48ea5434d376de2214d84a9a2ccec46a0671886fe0aa5e5597 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
| MD5 | 0f3de113dc536643a187f641efae47f4 |
| SHA1 | 729e48891d13fb7581697f5fee8175f60519615e |
| SHA256 | 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8 |
| SHA512 | 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2504af4177af1958_0
| MD5 | a4bb1b6deda8fd58f7fe4879e5f0b9e6 |
| SHA1 | 38584ab458baaef02cd9f0bd27969e33e313f743 |
| SHA256 | d9aca3d49b7e8e3a92401cf10de6239488046d68e15b76b6dd8a3a35bc3341a6 |
| SHA512 | dc4886dad59bc5f32780b3dadba731c85797d29705d86585704e433b7dd84b86ae70a9c47fa2114432b6c6a1bb4060475dd2fa070116fdb86f8483a03340a83a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c17f374ade37510f25381bfac39fbb79 |
| SHA1 | 703dc44aebccff4d9d1bda0a786dafb787379426 |
| SHA256 | f95133b48209c6b17345a70d92151909b9ba72c02c6dbad303319ff1fc3aeee2 |
| SHA512 | 825b5766985cb6a5a778672d37eb069fa023c8184ce813873acf577b6e6750f5519f99dd0c4879d8fcc474c039b34a3b809cd403c46fa8508dc420b9d947c99b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bdddce62a0393b4df7d1c564d1c4d7d0 |
| SHA1 | 540255421b67645f52d8fbc4032630be327f9533 |
| SHA256 | 7aa7e2d368dafcfa10ffb201885697afdca2efa0a550392b016959f84f567e5d |
| SHA512 | 3ed06f04be89d208e4c7e0a7f257af06427776a93b77995183b0c2359132f6105774f6203201346ca544c24341c2c175221bb8f90a1871a105477e64420060c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 616537995c0f33232fe76b573d9ee9d2 |
| SHA1 | d32d0254366c1889b4d5961f988d4b1a2e19af50 |
| SHA256 | e6e17c1e248b0a7c25bcd773db8147be3031d284b24373a7dcf11b84f4aad8a6 |
| SHA512 | a521400490ea16ca4dc5092e377a5e438ff383c403892d46480406cfa649b1bdb84f4a19e473b988570cedf651b665f9c899a6724ab0644461b815f8b85cfa19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 337a47fc79665fdf51745771af7a32c4 |
| SHA1 | e1d46c08acef5183e8c62daa1ebc9b1fe9253183 |
| SHA256 | e65e7d3dab19fc742fc53a63ec0c743542e6827d7391f6ac3b27262693cef3cd |
| SHA512 | c8e90dc60793c10f53df83077bf3e853c57db3b5b652a850d923af94875c4805d37e255008d970825c65a127d50d61d27e96fa43a583c4c3a36db80103f2db51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aaa8107def98c430_0
| MD5 | 204b729e997f683a30112039f83b104c |
| SHA1 | abf9d8ad3c9d45b62870dea8c55878e5d3f8d26d |
| SHA256 | 368587c523a83799f8f511e9c9a46ccf4f91ede9c9b7e1c17ccf3adb96c8f99e |
| SHA512 | 7b4f4903e8fbd6fa66cd68ccb73b1e05e3b0bb7f79d5560390152576cbb74e3cca7d2ca74c3787b58166360946660cb04e8790f65f74d2e9c57a5ec9ad47728f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f8ad7366468e018_0
| MD5 | 4854e32ff960e691761b6f1b9e01b11a |
| SHA1 | 13b7f472926273ea78e8ea55f85c7dacf7f2b6b9 |
| SHA256 | aed388cea9a3c2b60022b937506fcceb7e413c566d8ee352e854fac732949993 |
| SHA512 | 700a33d250ec7bcac4d9dbf58ae2884e0db921ba16d17b68ef718773c71e3b8ab66ed19378a613e9a567f05c764c9763875cd0fe6e4f1e8ae0c94e78d31500d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa51448666d72d26_0
| MD5 | d2887e121de26132c0fc70f3d3e32e21 |
| SHA1 | f81cde8c14ed68d7693d26f28ba261fc84427420 |
| SHA256 | d70be377f827c972698311b4d33b971c479aa072233409f674098bba34bd95aa |
| SHA512 | bcf33284659498da1c6ed37c8498d6571ec6b82128fca0ecc55f55504349e157038a147f475ab575b53de0d941bdc395747c36a557b3f387b442f35b08af3fb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6dcbd1da81145c80_0
| MD5 | da8e46281e2d7c30be437b8ee9fbe206 |
| SHA1 | 06c4e6c6671462431b81e1740bdc88413454990a |
| SHA256 | 5c41fd3d25b9006f2f9376d54d50341cd943ca1108fbce901f4cb150422629a8 |
| SHA512 | 71ee960009dca898b76a9969d12365c66711ff82130e4f036e54bd49938f98f69cee88947544353146273025be9399cdc42d6b2c44598a22aeede48a46f9a871 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e010ce960e47a54a_0
| MD5 | 2b739d8812470935dee0ad5ebd41f96f |
| SHA1 | 0882d79b698e644e1a4949c0733b4e830d13497d |
| SHA256 | c50bfe6d035a8efe48c0951023b79cfd529f47a6e5516fe4b8edfff626707ea2 |
| SHA512 | 08017645737588cab13f674342cf34b81f143680c9f85547af32d2ef77d7a304011bdd3d370cff49e7510f569a3af2a1701c0810578464c207953a3521d09281 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6f46b6bbbe889395_0
| MD5 | a2bbb45cc5355872cc415683ad70aa0d |
| SHA1 | db23b0ab358d77dec39078601e334dbda25f30fb |
| SHA256 | 789a967ea7e889563ec44dcec77b2a8989d9294ff9e8cca446dff310155d56ab |
| SHA512 | 2b9d5187a4e49aafee3d037c95038701e1fe623dd59a5b660688b0cec8782e7cdf0b888f35e48e44a09076196fbc463a2b85c63e8d9b6173f98e0a35b3c8458f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f6c2ce1fbd0acc4_0
| MD5 | 9ecd560af9f2d66e78469a275ba4e6df |
| SHA1 | b2f997229992d6bc1b37f3a8dbdff4a76e6fb508 |
| SHA256 | 06ca7ed58b497628e886563daceaa4b12ac0c6f90a50116c666a6517adbd3af2 |
| SHA512 | 1d965e4706bbd05b45626e3becb2d71aaa1310f9e8a69ef77a4cf2b218ea2312376b6dcebd382a833a4d3173f4cf5086db219b084b1b0aac3a848839ff275f20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4cb94e6be9b02eaa_0
| MD5 | 5247109df0707bb88191d47844629174 |
| SHA1 | 344581886d3c94ccae5081044129e2896864d98b |
| SHA256 | 353ccddcb5423ed9148fe64622d589f46d8a9e7b118d1a35a85fa46fdb82db85 |
| SHA512 | 22a6ced1fa1e019e85738e9505d25eb0bc567cd7e79d5d81cfc3b5ff353bfa7a37d61e0716d72845d7343d6096378bf229914714089bc3ce65ffca05b0bf91d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd9104cced1b007a_0
| MD5 | db5565c1650cdcab552277153b39458b |
| SHA1 | f23156cbaa4ba03b4bd87d9aa28820bf36c191f7 |
| SHA256 | d3d49d48e1416623f612b9090d1a96f04106baf055f20ca5195c63b2cc16ef41 |
| SHA512 | c204dccf1d23d5f59b9c6716f4d5b123644f265b6941cc462ff17c63e1a32c91fa6bf4c30ed3e872abc8b57067065ab47b77c4676920e2405e31f5256a7e2e5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a3bf2fe6b9683f109219d2eda458417 |
| SHA1 | f4a6729619997e2385076e3743352e0bab0fbc5d |
| SHA256 | 0936c9b8c9ff04dd7c76e584c6b2fc026b1e844eb95b5f5957d1a364169bbc85 |
| SHA512 | 6f2f1d730c142b38668b82b94955eb906d3a88799ae4fabf7cf789ddc06b1af8085f895a18768c052f8b595404bc4adfa37f39f3ae00a2527c5d3efcf2401381 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7c123a015ba6d9daa1ec965c83093da4 |
| SHA1 | 80d2dec90df657dba9a94ed927c6a8260c37b63e |
| SHA256 | 97325c76e529341b5983948a16e8b4745b49157ff207c3b80c5b473a2a38ce3f |
| SHA512 | 40835cf4bf2b0a573e44b9788c2d6fcb29a2b23e07ebe42a69d311d036da06c9f5046880771f55f82be6eab08fc859a0e8c2899303cf6781b2ae22696510248b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5a1d7c1aafc0396be76f78a4430e6dbc |
| SHA1 | 6cafe8c4bf2032063839836f5d48ed28fe3b983b |
| SHA256 | 016d88f6f9a34e1af45adee74668b1200a8de4e846c4215c1ee2cf47dfa093f2 |
| SHA512 | ba85ff040c0e71c289e470ec7207e57ea156a6e9b95cf4cde3295c693bd9f6cb890ebdc000d4df02144b7149f204e57cb292afb7f6040144d1642014ee55cdb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 44ca8633794935b9788e8044cebdd769 |
| SHA1 | 0325c58cbf75029a3a2c827e2ec8e08416222f2e |
| SHA256 | c4024bec5dd0fd94ac0420ebe7930ca0461764d86d96ffb6d9311f1a40175d0e |
| SHA512 | 6ca64f46d8d7612615c5e1c313452956338db6b26b0b0813548e570d72f8b9562520847112549a37dceb529a2d8804dd4898b43e7b7a3e0646945f5e9180d705 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ZA0KH6BJ25WTRFC6V6PL.temp
| MD5 | 590d29c865e34752d7a12a0196f4c198 |
| SHA1 | 0e3006a2bd2f47998630e79cb7a29e5604bd0cce |
| SHA256 | 724fb873d52e8c363c9253cc3593651002000a7555573bd294400baf82ecf117 |
| SHA512 | ee720d1bbe6b48c9ccf3c7e7288ed581863ab2d43f37a49b71e18589f17f654d90f7782a0760ad343cd65d97b7b7cd72d08c5790f1fc7d32fd44867bc7eb3f50 |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | caa0cfab15994cb33cc0c937a37cff16 |
| SHA1 | 4917075a0db734fdf9894a9371e868c8ebe6c3b0 |
| SHA256 | 5640b74608d50db80e6dcb5ab79d20df0684326c4d9bbbf174d05ac18b486091 |
| SHA512 | ee50bdf6052d307f140dd2b82a2629c82c0e92503c754d4bfa32d940f2490fed88e538ae64c7461d1f128d3db7490876df0edaf13f30152da7e13bf090cae6b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 88d4bc99da9c714f57c307b9b3ff0a2d |
| SHA1 | 0564612a49294fbec148456e935d23d51991e98c |
| SHA256 | ec5d8f1c94d181bf3087bfbcec6a8b9fa416910c2dac9cfa745fae8fab97cbf8 |
| SHA512 | f21c766c492d2943b955e06bfecbbece591b1631a61588aa85e630351560c323a0bf3a6df53815da65425019067886d6bc6b9c3cd4101290d2819c45e000ae49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 03cdf7dc62c648ea37526dc3de6e98c0 |
| SHA1 | 450204a01690d872b86c05c0cb17c3c18f230223 |
| SHA256 | 7cc86dfccaa91e57493c5b3cc5f38a8eba1fa60a6426d36e1b583c645c2a1da8 |
| SHA512 | a78e44b1d416bfcdaa02ee636d6fa2544e9d50a565dfa0c84e01acaf72184f68c49bfffa8b2eb2d6203789c7682ca491a1e60ab7c7595cc1ae17c41d44deea77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4518d82b2b3d43beb98a05ca2b0f1568 |
| SHA1 | 92f54f80374a4db25e11f5ce0e5ba3a2e8f096ad |
| SHA256 | 1bbb11a3cafc25f4b144857bad357d9f41fe74996a4f6adfa4197d014adab17e |
| SHA512 | 0ac6ce488b6c70540e20780e04b6337204f7bb46c702cad92038475750b8bfa3f086df09f9162681630fde2df6d29f0e3ee9bb2152b7fba477f1c3e8171c97ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 252c99e3b29635a6554bca97be43ea3d |
| SHA1 | bdbe41446162ef4b97b39a5cc236d836540be153 |
| SHA256 | f8a5f3da6050cd50cd1a3d10713713bfa86b60d1b98d5770e390db4728af9916 |
| SHA512 | 43332a9ff8f840159ed792daeb5b5c14d6a83a51dc552844c33ae47c3fdc2ebaede8c9c65116662f42bc9836f6c390fb672ccb6460330deaeb192041232a4360 |
memory/4560-2590-0x00000223D4C60000-0x00000223D4C70000-memory.dmp
memory/4560-2594-0x00000223D4CA0000-0x00000223D4CB0000-memory.dmp
memory/4560-2601-0x00000223DCF60000-0x00000223DCF61000-memory.dmp
memory/4560-2603-0x00000223DCFE0000-0x00000223DCFE1000-memory.dmp
memory/4560-2605-0x00000223DCFE0000-0x00000223DCFE1000-memory.dmp
memory/4560-2607-0x00000223DD070000-0x00000223DD071000-memory.dmp
memory/4560-2606-0x00000223DD070000-0x00000223DD071000-memory.dmp
memory/4560-2608-0x00000223DD080000-0x00000223DD081000-memory.dmp
memory/4560-2609-0x00000223DD080000-0x00000223DD081000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 77b8e7eec7c7641debe57c157f6a3516 |
| SHA1 | 206adccb06bdf8d856e928d97f3a84bced012996 |
| SHA256 | 1a6104035c20ea0ce6f138e2a02064e80383ede65db617e36048186336c4d3b7 |
| SHA512 | bc5c816f5f91e193cd34ac76dd3dd0bd5771f9cd66767f9ba0108f13d4720dbaaba2dd64b4fe5195bdb768342b1d9e5aa4245c33c535413531725abe89e6a8c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b35d09b998fcdc0fc365c2eccd6c41df |
| SHA1 | 259ed96343410b875aa3e686b02546f8943ce1cb |
| SHA256 | b56968c3f491770533b37423730c02dc90ebb5954ee246e025a2769092aedbd0 |
| SHA512 | 1d0dfb49115d9e21f2adf90bdd7221dc0cb526b37e8194682ad727eb88db809168e9f1ef75ffd028c1f5db4562f2a087cd2b002e1cd6413b2e53980d198ad715 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bd66515db91548cc5e0030c4f75919d1 |
| SHA1 | 945af36d031b6964faa3dc2c0acd568dfb6aff8d |
| SHA256 | 2196d7f80ea29eef356766af887b7f548ebb61e6852f4b707119cccd316e0c6c |
| SHA512 | 3bae39dd03bd3edbb7756f85dc45bf2a941acda6a82f7036eff187b32e972794f512b0ab1882f7466414b71b116f2b3e4ba982da85b6c47f29b9f1b9f5553d63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 0ab134ae5b0a5809920cc1b9a98766bc |
| SHA1 | 7fbacc25cad1cac1ef853c565a40e88b00dfcbd7 |
| SHA256 | 4ff8719a19b5bb451aacd1528ae444188a9618a8a1edd02ace0d8c4dd6ecbd2c |
| SHA512 | 3013cd0585576954f701b139a112f716f3ec9a298092f4bc4f6aadc8717dfba5f4c116bf2af769db4cce8a1ae871696e660c321878d6f81f7b7e8c8f1473cbe8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a1a5abffb2fc335e4399f20fa49f4f50 |
| SHA1 | 0eb78de4aeb7db0e4d76e3aa50b7db49fffdcf77 |
| SHA256 | 2685030be8e4fdd61817af15cede1df6f70a1f3e85bd7e0bb3e076db7275b503 |
| SHA512 | 0abe99afc14f23d9466876fe656ab179b47235fa6e1359475d6ddde28f4ee7dc9bf1e260aa03d10af3d45d7f4496d91f5f9dccc81e8c84fe56642015507da4be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 86dc9b45d16a602ae108e3d657e8a98e |
| SHA1 | 7ce0b756d2cb2d8e831361536466755510bb531f |
| SHA256 | d60af7af0c519467fa696956ac830810d91c34aaca0feecc8c8f2ab9c9142cff |
| SHA512 | 5460380215ec4d88cb57e4692e515aba50fbdc5812d6490b7e026cabcc4772cccb6c82c87c1f16032633b158311625eb7388fb5e09ac48bae1a4a0af42009852 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 357b4145c3264fe69f8c412e823adeed |
| SHA1 | 5fcaf1043bb72dbc719ce56a173b3da59db7ebc9 |
| SHA256 | 4bf695f9d9be4d4e815594d2b7443042ec14e4dcbaa6d35031cc0420b8009410 |
| SHA512 | 974c8b0220e6490324f5eda5590d4a895d7d67b87414ca1124dd01ac92e3bec033623bec67b4441fd6b69bb9034d4ee8210ee0f92fdf0a8efb6546e62ef8f7fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 47b6e3b9a667b9dbc766575634849645 |
| SHA1 | 54c7e7189111bf33c933817d0a97cefe61fe9a6d |
| SHA256 | 302ed4f6c8ac4312d71205603c4c28dd2976fafe4c05533c0a08ab3bdb531aa3 |
| SHA512 | a12b74ff45f6f9e6abf459863c299e1fafe61dcf2bea8a7331ed9547de14ed29e2deba69b104c6960db93b458f83ba6a4ba454c5514105e7ffb96da96e26e612 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | b23078951d91c38ad508e190a81517a4 |
| SHA1 | 8dec45198f7dde8f6f30155817b7b03ef6eb570c |
| SHA256 | 8f951f1e047ce385bb4a999785def042031f72f3039ea096c677393bfa918749 |
| SHA512 | 18da7c34c40298ebaefc6ced9b0b4769181addc85f192f258c70ac98b0275119a4e6f1aa938ed779fb73c9037036224a8b07dea403b9a5071996f2e3fa759e0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | 1ec8fb7f6fd9050ab7c803cab2b0b48f |
| SHA1 | 6b831a02f8daed957b82c310cf867aa3e77b9816 |
| SHA256 | 4345ede1557a49c9322e84fcfe2a20821e47003c2b3c214de6ba6d5d42bac73f |
| SHA512 | d4ef769640f071121d07f8942533c7cfbaf4e4a29476d8977fb31d462e986246278fd599b2cb4344713f5ade2b89faed5c728093e31848c9e428601f0ea2f871 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | b61b5eac4fb168036c99caf0190ec8d3 |
| SHA1 | 8440a8168362eb742ea3f700bb2b79f7b0b17719 |
| SHA256 | 3c495df6db16ed46f0f8a9aff100fa9b26e1434016c41b319f0c1009b7ab2e1f |
| SHA512 | cbccd3aa5a1bdfddba5cc38956b5523a422a1151cdd0680336ab94f07aabecd1695062a0953c32c8209949ea6a4859c625c6deffe5108e8d5e48290017e51874 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 4bc7fdb1eed64d29f27a427feea007b5 |
| SHA1 | 62b5f0e1731484517796e3d512c5529d0af2666b |
| SHA256 | 05282cd78e71a5d9d14cc9676e20900a1d802016b721a48febec7b64e63775f6 |
| SHA512 | 9900aecac98f2ca3d642a153dd5a53131b23ceec71dd9d3c59e83db24796a0db854f49629449a5c9fe4b7ca3afcdd294086f6b1ba724955551b622bc50e3ba1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 4b9d6adcec4cd72d94fa6875394d8167 |
| SHA1 | ea5ed417b6b5c61bf4181b28c0e2298039447adc |
| SHA256 | 1478f3842dec33cdf82627e9d06d468cbcd33d9af6c9309715012387a35cc606 |
| SHA512 | 2be25e8df010b409ba6ec223530169b6502e95057da674e1456b870e5b42b63ad402def45c96bb982c9acc7202547cb3602f68920ee096db93e9f535efd53a03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 082ea42c1aae3b695989f4b6f6eb0dc7 |
| SHA1 | 1918fc9585b161ce79c29ff6d2fec39e526a3aa2 |
| SHA256 | d87bcc1cb0e666b8812da126e6e308529997c88176123920942b43efade7bc77 |
| SHA512 | e6c7b496139c95c43e9af3fbd3b6b4a90a206506a3f823c7003fc42585a404e0323ef85ed6233ac208c066ec528857a8609c36ec6c749cec0702149de2c6f69b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | 4f462ea90211a0170c0fac3187824858 |
| SHA1 | f90cc1b6f82e5f07739bd91b2b363e83716c826a |
| SHA256 | c61a598483428c78349280e539bab7ae8c19ffdbe31b1c7cbd98c3a4e4a129b7 |
| SHA512 | f02a268d985f856d97df4eec61e9e16bcaa53a3bb068499723c996813afb6c93e7e980489126b21f720b580a69356001fc0c20e1337ad1f53c91071de0211776 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
| MD5 | 16b3e65ca3008ba39d4884ff3f75d105 |
| SHA1 | f1beca4a8b222f9309c6a5597f8281847b420ab8 |
| SHA256 | 7db166ccfc6c510634142ce6e48081fb3215768eb6b47a05ed8d9ab2953746ce |
| SHA512 | d1f9659455b0f6e873ea02f6998093ffdc0fd81306e06944fe18d564f7655ad718010512500a672f3f13ae48b59de44265d4c3c21be198d26f63d59332560664 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8fc2c23a-5210-46fc-9f37-feb8a102f75b.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | db293dc7b842e24479369730067d5ab0 |
| SHA1 | c89de4e71f5928469ba742d009930946f4a82a97 |
| SHA256 | 660bfc94766c8d42d83d1258f26c62809b6a1437eba4f593b7449d3a28609ca7 |
| SHA512 | db5e5fce511d23a2533625d414f4ab86ea978723aae0cc90866da085874bfd2c4173031e405629b1610d133d59c8877be961ab0243bd51e172e131be9082bcc4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dc5663a5d077c2dc55c04f702074fa25 |
| SHA1 | c1d1a7d4045188a3b24107c283c090ff9290759e |
| SHA256 | 6564d554b4a803a039c35634e64bcdb95f6a24d353dcd4d544de6324b306b9c3 |
| SHA512 | d9c8fbaa13715010a046ab336554aa9d7e9b0514a4d9cdb0629c985066d3fec68bf28f3d28955f36caa27b8d3a27b116f1ad6ff6100c85746124eb6d2bc3dbb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0085f3d84e1dcc5303c09b79ce06d04e |
| SHA1 | 30362042e2bf6d6f0e1d235e152f2d1c170ca9ca |
| SHA256 | 47d68f2d7ee6ae833a8a5b39f43a382fb5ee6608bc62ac001f476d0c324b3b48 |
| SHA512 | 94fbfe484f03ec24241f70abfc71a0d14e54646adfaa04e533f9be9de2075a32a0949aec0b71094020dd686a1330837f60be368352a52f61666b36ff73ed56ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ac638d5708ad1680b3b08e407dc445c |
| SHA1 | 929bce74086d4b659bcb317c6809fa64457110b2 |
| SHA256 | 08b3bb27db093614b51d6811422636a66b0877128454d5ea54de78aebccaf761 |
| SHA512 | 151867f9d1fb5d168e73443cf757442dc55e56695ef75b6ce22b403f6088ec55518749cb08cdca18aa9614de1174e8ee2ad4a53ac3136edbf5d98292346dea64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 61eef21f98e26b5ed6459b9f346103a3 |
| SHA1 | 9d444789e361500a39ba6922c66671a0f04ab4aa |
| SHA256 | 1d0edcbdd3fa87114b100258f39c1f8246d5eb140237e111999ec1cba33c1305 |
| SHA512 | 0e8dbac1bfe80c3191d2d9c0f9b31dd7ae5d00d39ba4747033d119619660e76085cfc230b60e3221b1842d0b943166849d1bce110a6db36c3f4649778a07c069 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8995269e9e2224a1dd2729e9fac445d1 |
| SHA1 | 12f7ddecc3bcc3b5352a3056f90c4c2ff471c4b2 |
| SHA256 | 68ed77565ee5c4ea0fbec55f2f2a536e78d5d6529e9f374dcf31ff1e88db96ee |
| SHA512 | 011c87f049874f74e6e0ea4188e5b5b13c2efef08eb665cb96d9a2c6cde25c73bfc2febd33050c066062d2a2d6ad78097664b59b03c1b9b087669543ba6d4d8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 971c5227afb13d2f71e6525bc4c00da6 |
| SHA1 | b569b91e46668f43df5844bb9f6fc36635813a97 |
| SHA256 | 96742f461ea7d473bf322f1a3d787726b9955cda13f87ce0b605cb0176c699bd |
| SHA512 | 64d9c2f3fdf521175e60aa7aea032c9e0e43f03d7b1d3126f2acb5d349a3d38ce3a20a80c99e21bd3b5b2898737ca8e3b6e2c5b8fc7595e34890e80bc17d51da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 3359417b435cfa2c209fcc186a89f22d |
| SHA1 | 4488ca3cdb8982cf07d5f377b2ae5491d1ea69a8 |
| SHA256 | dcc297d458d03d59dfd1ec18c79ceb11b3ad642163a46f43778b37f53ce3f29c |
| SHA512 | adccb6b38767a8bacf47b8c3e7e086dfeb99475704dedee7ba724bf4c0b7ded698931f72c06ba96378ed7693e48f5ce7267d8355279817472e937a2fad97b834 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 476c893c557de680d4162e9caa083cd1 |
| SHA1 | 71013aba5bce7ec50016c4cb55e54ec9ec7a665e |
| SHA256 | d4d36826bf15b3458d2e1fc57d4027d1d9a7a2d2aef2c8a8bf5c658bbc8eab97 |
| SHA512 | 6303e0031efce7ffa54f1336da6e73afbffaaa9fe169850ed9acc35fbf046f517d19cefa1fcc390698db411551aa6b19bff15a6ff953b056586102a470525e62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | caa3ee731ad672b3bed581a10f244d0c |
| SHA1 | 71c8827f7c46ad130bf97d8fc5f64f6297a05441 |
| SHA256 | f7aeb88834b8775cb861573c08390582d2e313bcb170b32fbfcb2a994467d854 |
| SHA512 | b5977e71666c6263c9f77695eb2d033d8d5f141c41eaf933de0dea6495e7577883b3cb40274011d5b636e609d30fcea8a9b0fb2cbdf2d7d45c72455c792be019 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073
| MD5 | f0c27286e196d0cb18681b58dfda5b37 |
| SHA1 | 9539ba7e5e8f9cc453327ca251fe59be35edc20b |
| SHA256 | 7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127 |
| SHA512 | 336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a24047ceef5a770b256532b1b9aca45b |
| SHA1 | d4a9c817f7bd5cea72a3ac74a7d17b6667d90cf3 |
| SHA256 | 23396f8c8bc0d878ab88275224f0dc7c3cf03506c5dbd0dd294684006e48df78 |
| SHA512 | 1d1a473d0879205daf30e9ae4ce4aeb4ed0f99d92d1143922c9fa46d7586562445cc4c01d9d9a2b7db4793c3b1838e7918b75246205a5450e3fc9bd920967726 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2fb7be9f9b9b3473f5edc3ec61c12cd2 |
| SHA1 | 33d3d238370bbf24d4f996f7a89ffca41a540861 |
| SHA256 | d6055a01806fc3fa85fbfa1958d9155ea78586b27d98b66259a72af80be4dc16 |
| SHA512 | a08c2091fb00192084cf85ea2958a3a5fe3a5d24cad20af9ba97ef5a9aca5a5b4a62b96c7da227abf70e07f4c8030ee92252ed246d03f6d1fc16d9dae6fe9206 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a302ee6d9fae20c4c20198ad9c57a1ab |
| SHA1 | 27dcc78b71d32cbd84ded1711daa2044a9fa966f |
| SHA256 | 642549b6fe04866965d7bee293a597e8b0fd68d8136f7446e15db0457fc2f36a |
| SHA512 | 24ac1f62c4013bdde3b0e281d0b6cfb6b71f75a681d20500573500b55e0d4ba7b32313d3293f8821ba7d23cc198140ccf0848ca0b89f292a89c33555b7960548 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076
| MD5 | 9ff4da74c349762b8cde81a747d4a6ff |
| SHA1 | 5826dafed03c2179ef520fa1e22a19ec1b622813 |
| SHA256 | ad269160daedca08d8ceaa1fc83cbde449516d18cbe431606ae406c58f70dec2 |
| SHA512 | 4713bb491fd55dca51bd3c0f960a2bf7fdc0e16332785d9a0d58b34f17e20d6ee582f0c0c0cdf921894730de25fc901bba899859476f076e9a1e3e0c0fd16d49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a2cb85de6bd4c00ed079c022eb1def7d |
| SHA1 | f5c0f76fd173ae2f2575d9e563161c66d92adb28 |
| SHA256 | 786e309255bfc8b38538330f4a4d1b98749c9a62343e3630bb7825df7cc98d9b |
| SHA512 | 215befac2522827064031cebeb42cf6f42a12c9ad77d78922aa7d731d4e59b79735bb861fcd9633f0773808a1c65f1ace13c53eed9629de9d59c828651d58c40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e6edbe300316827fe200a56bdc417d4c |
| SHA1 | 947113decd04b2295a108beccef2a6b2163d3a85 |
| SHA256 | 1baa00972c5ecd303ff84e2cfd3c06c0b92f47b7027f24dc697e686b52f73db9 |
| SHA512 | bb693a969d14b45454ccd9cc5a4889c2f89ffdf4571d3eea9080edd1e6218bb3720abc9c57379eb076fb24d9a67293a4425a4922638301c7f17a8114a664f517 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6c6391aac86a9b0ad295351feecf1885 |
| SHA1 | 1dd2abf598b2308b7430e6e173626b896a388ddb |
| SHA256 | 15d756e05360ebc58d9841ac3c970d20b66893342ef1459149cc8f0ec9e7dbf9 |
| SHA512 | fcde18c20c6a6c86eb8f13a601e33da711bcf1d801350475f4688ff7a2e976a73cf1d8db7ffd136a62c58f2374dfc16c97e8175054c8a50a53256e54e58bd88b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8cfb84811aee61968133ab1bc9017a61 |
| SHA1 | 4a67993c4b3f3e475cfb946bb4fc27ed2c4031b8 |
| SHA256 | 4764c7366e096f74145a18f408b3338671e92afccb4c20863194d4a6c5a03c32 |
| SHA512 | 168ef865fd1bc051e5cddc698e200cd0de272106969cd5f80b77dd6e841a9bab668f524d8dc4d63d810c1e7f5bfb39e40ec01a6e7071914aac48c6120b84d273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b300b3e0e6eff2126ffa8b7bf43cc45 |
| SHA1 | ab88159f43321c7170582c236aeebb8790ce151f |
| SHA256 | 2aea4158e151e70441ab4749dd4223e20cfa61d5487b02258a4b102b8f2b33ff |
| SHA512 | 8a8e1eb817ba170802ccb4b9ef29d14b1dd62331b238d2b1d133ccce681aaa986a04e71632d50e2b55e19df5e58febfaf3071f0488305756e84ed25f85aa3173 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d4ca96b148d245d092437e22c8148637 |
| SHA1 | 30a2e88d0b7f45ee231e7579c76911c7e1b1c5b4 |
| SHA256 | eb7f1aa70ab82aea6c8c9fd249ef0553beaeadea7e1012ec396d249811eaf735 |
| SHA512 | 08bad80488e919d1cd3bc2212dd87a6289bdd8499b2316c5fc7fecde8efda6782d46585f6e5293e5f9da22cfafd70d742006f8e37b7d9bf2c4e35f12f6436b8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 62e9c950edd7681d01866f0b7756305d |
| SHA1 | 01cebc3b5788860d0ebbf10a72cadb946d33476a |
| SHA256 | 5f5bc0bd2eb685c4cb270b8c869298ef189e74454882ff7276004a93506ffda0 |
| SHA512 | b5a5c1ff0fac2289cb35ea71e5e6ffca2283671e89b810496e094accddc925eabc4c51731474375e83c307b90fd67dcd197c881229f8226ef48bd429b5a0449f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c50df48f7c1b2df4b710fac6523d665a |
| SHA1 | 4b9891b87222bc45c88dd79289964e91ec972a1e |
| SHA256 | ac9431faf865181e7049af7af910a1c8f9610b15b9823b1a89c8cdf17a505f88 |
| SHA512 | 2efc7a5d9e05aea2755229446ec0c116f2e5511569b4bcc7fbfb42f90b0c0128c452a88f3fff4beced88b5d62dc1e30aafa9e53be0c2d21e492ebf97a6364b03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 784d2119cbb25cd6feb76b65f29755d4 |
| SHA1 | d875de0d65f63b97fda786dffc1b0755d11f1c68 |
| SHA256 | 8cec364e3cf02a19fedd3d21a264c0485b522a21fadd010a6cb92e07b2e502c5 |
| SHA512 | 37d23858efa5388aefc48cb38ce47e4caf062e1d0b26f8504ff4b52b1c6cb8cb4578f02bcbb726c06be483f42fd66cc17a3c0656b128c3f4c80a969e83b0742a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 78fec316914620f1beb7e04906f142a0 |
| SHA1 | bfce35e36c7dddc720f0d3bbc47b10770dc20612 |
| SHA256 | ae000bc4fe073597a1604145bd71aa76f9d7e873d00ea7048778c61e3da49311 |
| SHA512 | 743e1449c23e78f5c87ae428ca289e8e9635a0dcc2e26e44fb5adf88ed0f48ab351f819a5d28781475e2f099143a8e7b8d0cc9c4f5a32c101d5d5be7a7baf32b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7d472556f93b08f0402126e43ffe8890 |
| SHA1 | c7c58703077c71ff55f03dea16f72444ced3a063 |
| SHA256 | d0dae669adbc38daec23f84fa04d4c98d169a5ca898474e832095d5f1664cd60 |
| SHA512 | 5156afc82314006fa595b822f68872d546d55a36b45d7f6154c573fe97a5f8f90c9eb1a42506046301c592f1485b59632809d0fd2dbec6a14faa5136210be915 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 093b0fc77a4920fb14ecbcd09e76f354 |
| SHA1 | dbdd01eecc94922521a120ba5d5c72f4e88820c9 |
| SHA256 | b2857a1dcb0af8af6c5e1ec60d0f05a0bacd5617d248ae83c42fc56b44235903 |
| SHA512 | 4d1b385428094293d2364e460101134be25b0e987f6aba94d6ecd62572f44876d66aa3641554b97ab4c77753f99669c52e963930a6bde2f1da6b90d734cda1f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_replit.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_replit.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a3
| MD5 | 893712ffc7320272530f30705f9d144f |
| SHA1 | f070ee1f67b2fd5092f5eec48bcb43427f402390 |
| SHA256 | 7058b192882bceb788596dc147287701d8e7b4d53ae7a353b5938c81864c3dd3 |
| SHA512 | 6876655cfb025c83b67b4c9adc6e0b01fb3a92de491c2fb079eaad83710ed621bfacbaa97be5783e65c8b69817229b3e8fd5873301b6981a97c19c5ed7f7b811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4
| MD5 | e2464a3508ef58fb5a930a12db036036 |
| SHA1 | 52e50754c6c6ffc43d14d530af1ed816b51edff0 |
| SHA256 | ca75bb66e8ddfc1a9b6967e678c6d0f299d36634d3c0138525522b4e07e13a6c |
| SHA512 | 89fe3d5e7442ff7fb96d937a4dae5441fcce42633334fd2603b4979cddaac9dc66244f67a43984300949a81608853bc8a1bd04a4f98c47b68b1c82c090c16111 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae
| MD5 | 99916ce0720ed460e59d3fbd24d55be2 |
| SHA1 | d6bb9106eb65e3b84bfe03d872c931fb27f5a3db |
| SHA256 | 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf |
| SHA512 | 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b20391ced09ad6a9f069dc5e8eeb345a |
| SHA1 | 1470cd903b2a36055855e958596d0a21fca2e7b2 |
| SHA256 | ddacb40a1be85d6b63d6770d05d09b05f102ca765171f5a60d9f7c1b01f4b3d8 |
| SHA512 | d2ef09094fe7ad33be1944387c982ca1543b22586d479f6c716cc75aac767436de43c5424dfe08ad47fa4ffe82ca36f98bec0087477b32d848cc46fa4379fdc0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be97c8098f9b0cb02f1d6e451eaf2f8b |
| SHA1 | fff388eb9005fb8617c280ce2f06b1d48c999d74 |
| SHA256 | 2213fec751eb54c5f94f5b7099afa1ecaa31c3276f3c5b780a588ecd1d82e5ab |
| SHA512 | 3f20c1fff83c50912c20acb34aee19941dc1188538a225eb01848fdc02380d887de6ba6f870f4c07c22d1fa17a50a6fc30605816aeb5fcfe8bb3be929ec37543 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 87769c98012a79e0ef65f663e5f706d3 |
| SHA1 | a25b91d69ba267faec4dd3e970784ebed51c11bc |
| SHA256 | a49cf7dcd6183cfd3d2e2e92a85abc76f1281cb62f11a71960ea19bff0d277c7 |
| SHA512 | 68664cd5cd23148fe7df2bb201ed1a3b3624c101cb70490a8140b7f968ed1c120574877c95304d0c5d6558989333806e51fd3d16bf9137f4f60163cb94e56f68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3629f3924429341653249c2f5aa7e4e8 |
| SHA1 | 9544cecb586c0da597ed210389a2106967f45134 |
| SHA256 | 3457fb33ca3dd13251a0efb4de50db80ee6792298808d472a383781ae1abff46 |
| SHA512 | 87ab96cbea9d38146ac1e550be6d7157c0a5d0a521c357b3b6275c30b7fa327f914f214ddab996c6d1536fdd14d436051a9a4c7fd25183dc16c4b8a8603325b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 874e839601cd7e03562c143489f2855b |
| SHA1 | b9507c30b73c8eb1eb61ab95b59a88716e5ce978 |
| SHA256 | fb2c18a9996fa3bcf1c6b8a2bffe88b093e7a4d933aa7ecf2927ed5ceaf8d5e4 |
| SHA512 | 3b3d325071c80940b6dab38418ccb664261d04a34ee82f53d2263a6569b0ed5410ef922d8eb881d71440f047056895be2a2d673c1aa01f0d8ff125af2a9fa181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5e3e4f.TMP
| MD5 | 351a175b1a3582f33ff3c871dd480e8c |
| SHA1 | d2e0d90f9f70a62185c28b45284b66991564e9f7 |
| SHA256 | 7884e9e3764840999a3d4bb4d65e00c7570e400b2c1cf2b8bf92b751890d9c3c |
| SHA512 | f79fb0c7475d2f5bfd67981b2b76b8fb5f59d18ea4e67eef80007445250ca4c852ec444449a9075943bd899e8878ae6a8bc87a6521944fcdf716b1cb58d46360 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\71a59487-ae02-4c96-b5d8-666851f42062\index-dir\the-real-index
| MD5 | 9067ba0fcaefb734acd48bd9f4c9302a |
| SHA1 | 143e96fc9411caeaf79179b3a257cda87c4effbf |
| SHA256 | 29a5494bfce06295b50c4bda923a8326d3b3317e08539779825dc9e7f32e7739 |
| SHA512 | 0bcf6f28c1bec6c2e3eed9c93466075eb19ee8e16082f37ad302228b101990f04503a03473723ea9970b50976aec96a412b4e6e19e2754a1321c3f55d054cc0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\71a59487-ae02-4c96-b5d8-666851f42062\index-dir\the-real-index~RFe5e3e9d.TMP
| MD5 | 6e55190265820e4068504246f74b4126 |
| SHA1 | accb14539fee7db493084c20ad1dc04731e146c9 |
| SHA256 | 30ca217556c16e8258c26e1d450293e6d8dbc91dbd751e71da8e14513084edd4 |
| SHA512 | 870086173613ad8c7f515728ce07299333011870c784e6debb199c9e28c70df2efe4034a15d25d41167ace9e245cd6d786bb00f95e73f9f8d5778446fa6ba2e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\index.txt
| MD5 | 3d429ae89f93a221912232e3b2ee1895 |
| SHA1 | f43d45decce0371d87fd873a03701a936dac4529 |
| SHA256 | 3ce98cd6982514c907f35ea3da4c2813d38da0612592359f73169972c1d805fa |
| SHA512 | 767f977543594f0c482cb22b57097659887f1830c9676f2f0ab77073f60e1a0888616cc80b0c1b849b28af1277abd2c57c02bf172f617114fd1fbeb23a256882 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c88326c16da025a4095d66138d90a725ead722eb\index.txt~RFe5e3edc.TMP
| MD5 | 038ab89554ec8ac5e3e0e79fb5e57a48 |
| SHA1 | b250b9c0c3bbdc35bc99c6a568dbd9b548f72de3 |
| SHA256 | f2975de39826be57bba66b2f2f9a1a09050bd11d82fb923bca7a0f0b47410e17 |
| SHA512 | 815519231b0ad8633127a74889fc5e055dcdaa219e613c7cb4706f7b0144c32de64887af68abdd63ff6717e0a1066c9022da6ad6db93df95aa337aa05ae0322c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6e3876169399dd1579a35fa20dba4eac |
| SHA1 | 67e935140ade59b95089b5157f6e7b64da6e4494 |
| SHA256 | fb3bb53709c9073eaa696614b7f950c65d9eae97c13bb0043b11a81ba521bc2e |
| SHA512 | 8db759095d15da0b9e9beb0273d63d9d29728e40ab2758ad6f214c4f5971cf2819af9746d7cdf503a2dae0b665d765461c208cbc213c93fce33b3c837560b6dd |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 65f870aaaab45de13f630af8eb324547 |
| SHA1 | 3cd21cb5162b6a21ee95a148b2abaaa5fe4be6ab |
| SHA256 | be39959af5c3eebafac43d5a25fc2bff96ac39506cb9f009ee1bdfdc722b6590 |
| SHA512 | 906adba09f7fb1f6cfc59a966e5ae93e87ef46ad2ec8681b419eac14a97a3d8da11552e9343203b482b86056029f958d40f7dd761ac0fc4da10810ffbcb28e6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 756bedf46049741047282fb92d722834 |
| SHA1 | 82c0b36cc4f37527e29a48b02dcb8b5046debd75 |
| SHA256 | 799b3cfc542cd4e0025fa3ed19eea1b47079d3c3eb8b22ddbe92f1edb3831f86 |
| SHA512 | e8aea7330934ed64d25f33df55a0eb3d8cac1d65d1f16b18e79b451f5fe6645b1e4d01cc5caf1210ca135b2de13ee1cc6ea813a1851c8ed59c6665428a1048b9 |