Analysis Overview
SHA256
6a6990c2da4da8f8870da3e33865a1dff8f16874793b232971194c074f3b7838
Threat Level: Likely malicious
The file SolaraBootstrapper.exe was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Downloads MZ/PE file
Sets file execution options in registry
Checks computer location settings
Loads dropped DLL
Registers COM server for autorun
Checks BIOS information in registry
Themida packer
Executes dropped EXE
Enumerates connected drives
Blocklisted process makes network request
Checks installed software on the system
Checks whether UAC is enabled
Legitimate hosting services abused for malware hosting/C2
Suspicious use of NtCreateThreadExHideFromDebugger
Checks system information in the registry
Drops file in System32 directory
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Unsigned PE
Suspicious use of UnmapMainImage
Uses Task Scheduler COM API
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
System policy modification
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Suspicious behavior: MapViewOfSection
Suspicious use of FindShellTrayWindow
Modifies registry class
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-15 07:57
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 07:57
Reported
2024-06-15 08:11
Platform
win10-20240611-es
Max time kernel
810s
Max time network
812s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_6372E0472AFF76BB926C97818BC773B9 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_CBDCCBFE4F7A916411C1E69BDD97BB04 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\gauge\lib\themes.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\gauge\lib\wide-truncate.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\MicLight\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\ImageSet\InGameMenu\img_set_2x_1.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\icons\ic-more-catalog.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\Locales\hr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VoiceChat\Unmuted100.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\Locales\or.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\DeveloperFramework\slider_knob.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\DeveloperFramework\AssetPreview\Flag.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\MaterialGenerator\Materials\Marble.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\chrome_Unpacker_BeginUnzipping3708_266246809\hyph-nn.hyb | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@tootallnate\once\dist\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\wcwidth\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\disparity-colors\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\ScreenshotHud\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\nodewin\pnpm.ps1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\cacache\LICENSE.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\StudioSharedUI\close.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\StudioSharedUI\meshes.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\gauge\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\VisualElements\SmallLogoBeta.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\base64-js\base64js.min.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\read-package-json\lib\read-json.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\Trust Protection Lists\Mu\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\identity_proxy\win10\identity_helper.Sparse.Internal.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\InspectMenu\ico_alert_tilt.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\disparity-colors\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\Locales\zh-TW.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\Locales\nb.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\MaterialManager\Filter.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaDiscussions\search.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\make-fetch-happen\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\is-lambda\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\retry\example\dns.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\Debugger\Breakpoints\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\LuaChat\graphic\gr-send-on.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\tlog\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\_stream_transform.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\nodewin\yarnpkg.cmd | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Controls\XboxController\ButtonRS.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\agentkeepalive\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\lru-cache\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\base64-js\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Gear.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\corepack.cmd | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\realpath.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Emotes\EmotesRadialIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\VR\hoverPopupRight.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\AnimationEditor\Button_Dopesheet_Lightmode.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\icon_placeowner.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\unique-slug\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\RoactStudioWidgets\toggle_off_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\Emotes\Editor\Small\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\ui\InspectMenu\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\make-fetch-happen\lib\cache\entry.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\content\textures\AnimationEditor\rigbuilder_blue.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man1\npm-init.1 | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e57f12a.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\4183903823\2290032291.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI11F1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI8B6C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9F36.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFDBA.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9754.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\1601268389\715946058.pri | C:\Windows\system32\taskmgr.exe | N/A |
| File opened for modification | C:\Windows\Installer\e57f126.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFE67.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC81.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2116.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\Installer\e57f126.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI127E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI90CC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFCCF.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2194.tmp | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\1A\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133629122926807259" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b\52C64B7E\@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124 = "Document Encryption" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b\52C64B7E | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1b\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\URL Protocol | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods\ = "6" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductName = "Node.js" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\0 | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeChangeNotifyPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSyncAgentPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeEnableDelegationPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | \??\c:\windows\system32\svchost.exe | N/A |
| Token: SeRestorePrivilege | N/A | \??\c:\windows\system32\svchost.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\syswow64\wevtutil.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\syswow64\wevtutil.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\wevtutil.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\SolaraBootstrapper.exe"
C:\Windows\SysWOW64\msiexec.exe
"msiexec" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 90FC727B24A6B9D4CDC9FE58BF1A81EC
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 31ABD69B2804E12C94789307F3D9F6C1
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\Windows\system32\dashost.exe
dashost.exe {4284be23-a6a3-45de-bc8f10844f82b897}
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding FB52130643AB99923DBB05F358B1C724 E Global\MSI0000
C:\Windows\syswow64\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"
C:\Windows\System32\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Admin\AppData\Local\Temp\vc_redist.x64.exe
"C:\Users\Admin\AppData\Local\Temp\vc_redist.x64.exe" /install /quiet /norestart
C:\Windows\Temp\{2BB0DDF1-E8CE-415C-8B75-E3AC40EB1347}\.cr\vc_redist.x64.exe
"C:\Windows\Temp\{2BB0DDF1-E8CE-415C-8B75-E3AC40EB1347}\.cr\vc_redist.x64.exe" -burn.clean.room="C:\Users\Admin\AppData\Local\Temp\vc_redist.x64.exe" -burn.filehandle.attached=512 -burn.filehandle.self=604 /install /quiet /norestart
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
"C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe" /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEUxMzIyQkUtNDU2QS00NTgwLTlFQkEtMEFBMkUxNzZCRjdBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4QkQ2MjZGRS01QzFBLTRFMEQtOTY5Mi0zOEUyQ0E0QkJDMkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuMy4xODcuNDEiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU2NTEyNTE4MjYiIGluc3RhbGxfdGltZV9tcz0iMjEwOSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{4E1322BE-456A-4580-9EBA-0AA2E176BF7A}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEUxMzIyQkUtNDU2QS00NTgwLTlFQkEtMEFBMkUxNzZCRjdBfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QzZCQjkyQ0YtRDY1OS00Nzk1LUE2QUYtQjdFRDBEMUZFMzU3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xNTA2My4wIiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3R4Z1VCSG9vNkFRU0EvZnlFNDhzeUVYcXgySisvcXNxbEdXeGk0dWZIWWs9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MTgxNTEwNjIiIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM2MjYyMzA0MDk1NzMzODUiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NjU4NzUxNzYxIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\MicrosoftEdge_X64_126.0.2592.56.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\MicrosoftEdge_X64_126.0.2592.56.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\MicrosoftEdge_X64_126.0.2592.56.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.57 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6477969D-4F76-4C1B-9B23-34EBA6B3BC05}\EDGEMITMP_CF810.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.56 --initial-client-data=0x210,0x214,0x218,0x1ec,0x21c,0x7ff7fa51aa40,0x7ff7fa51aa4c,0x7ff7fa51aa58
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEUxMzIyQkUtNDU2QS00NTgwLTlFQkEtMEFBMkUxNzZCRjdBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBM0E1RDIyNS1BRDM1LTQyOEItQTM5OC02NTkxMDA2NjhBRTl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi41NiIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTY5OTg0NTY2MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU3MDAxNTgyNTUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MDc4MTMyMzc5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy82OGFkZTM1OS01NDY3LTRlZWUtODE3Ny1jNmNhMDA4NTUyNWQ_UDE9MTcxOTA0MzE2MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1qVURZWU5uTFA1ZVc3TzlMOWZDVmRMWk1FMjNrWlUlMmYzNFVOaWJkRzdtalRSdDJOSkRBaldVTWhpVjI1bndPcXZ1JTJiZ2kxV3ZQamxNYkx2THFVNWxwNFElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzMwMTg2ODAiIHRvdGFsPSIxNzMwMTg2ODAiIGRvd25sb2FkX3RpbWVfbXM9IjI5MzU5Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjA3ODI4ODY5OSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYxMDI5NzkzMzAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjY3MjAzODc5MjkiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI5MDYiIGRvd25sb2FkX3RpbWVfbXM9IjM3NzY2IiBkb3dubG9hZGVkPSIxNzMwMTg2ODAiIHRvdGFsPSIxNzMwMTg2ODAiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjYxNzEyIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.0.1905840652\363966307" -parentBuildID 20221007134813 -prefsHandle 1704 -prefMapHandle 1676 -prefsLen 20845 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4953ffc-7ee8-4179-8464-6189e94e57d9} 356 "\\.\pipe\gecko-crash-server-pipe.356" 1796 274ff6dbb58 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.1.1134063221\69258852" -parentBuildID 20221007134813 -prefsHandle 2140 -prefMapHandle 2136 -prefsLen 20926 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af5935c7-b415-40d6-bc65-8a71bdab4b4d} 356 "\\.\pipe\gecko-crash-server-pipe.356" 2152 274f4670a58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.2.894526978\1972431599" -childID 1 -isForBrowser -prefsHandle 2900 -prefMapHandle 2896 -prefsLen 21029 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6959b722-1054-4054-8ecf-b0ff52db666c} 356 "\\.\pipe\gecko-crash-server-pipe.356" 2908 274839b0258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.3.40692221\1167645777" -childID 2 -isForBrowser -prefsHandle 3432 -prefMapHandle 3428 -prefsLen 26214 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d64b38a8-9f54-4014-a1d3-062aa771632c} 356 "\\.\pipe\gecko-crash-server-pipe.356" 3444 274841ae958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.4.759975262\858715131" -childID 3 -isForBrowser -prefsHandle 4116 -prefMapHandle 4112 -prefsLen 26349 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ec68234f-b8a9-4a54-94bb-6332bbc25264} 356 "\\.\pipe\gecko-crash-server-pipe.356" 4128 274820ef658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.5.2058854741\136328520" -childID 4 -isForBrowser -prefsHandle 2660 -prefMapHandle 4800 -prefsLen 26433 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8caf4e9-fbd7-480b-a130-551a87369c49} 356 "\\.\pipe\gecko-crash-server-pipe.356" 4736 27485ea9b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.6.686419192\1221873141" -childID 5 -isForBrowser -prefsHandle 4936 -prefMapHandle 4940 -prefsLen 26433 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6a6a9039-5fbc-4514-b274-c7de131ace7c} 356 "\\.\pipe\gecko-crash-server-pipe.356" 4928 274860c7858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.7.1543362635\777720594" -childID 6 -isForBrowser -prefsHandle 5124 -prefMapHandle 5128 -prefsLen 26433 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8eb9dda8-da3d-46f1-90d2-d5d13b9d22e6} 356 "\\.\pipe\gecko-crash-server-pipe.356" 4736 274860c9658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="356.8.798545468\1326779514" -childID 7 -isForBrowser -prefsHandle 5476 -prefMapHandle 2828 -prefsLen 26433 -prefMapSize 233444 -jsInitHandle 1312 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3c9d0e8a-2aae-4c3b-915c-4213a82c1017} 356 "\\.\pipe\gecko-crash-server-pipe.356" 5464 27486ec4658 tab
\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localservice -s fdPHost
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7ODNCQ0FBNTctRkExQi00QTkxLTk3RjItQTFBQTdGMDBEMkE1fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntFNjE3NUU3Qy03QUM0LTQ1MUMtQTQ1MC00NzNBNkQ0NjNDRUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7dHhnVUJIb282QVFTQS9meUU0OHN5RVhxeDJKKy9xc3FsR1d4aTR1ZkhZaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny40MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIwIiBjb2hvcnQ9InJyZkAwLjU0Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI2LjAuMjU5Mi41NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZT0iNjM3MCIgY29ob3J0PSJycmZAMC41OSI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0ie0RDMjUxQ0M2LTU3OTQtNDVCMS05RTQwLUE5MjY4MDkzRjdDQ30iLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffebdca9758,0x7ffebdca9768,0x7ffebdca9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2120 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2880 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4396 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2612 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4644 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4504 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4356 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4740 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4696 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4308 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4368 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4948 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4960 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe
"C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --enable-features=MojoIpcz --mojo-named-platform-channel-pipe=5216.5588.6171655421269097068
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.57 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=126.0.2592.56 --initial-client-data=0x11c,0x120,0x124,0xf8,0x130,0x7ffeaf0b0148,0x7ffeaf0b0154,0x7ffeaf0b0160
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1652,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1648 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=es --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=1140,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1696 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=1956,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=1968 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --lang=es --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3260,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5000 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5484 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2988 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5816 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5712 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5740 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5452 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5660 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5668 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" -app -isInstallerLaunch
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4512,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5100 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6396 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:nLeCqx3UW0V5AAOgnB36iwKjZcnWfSjU8nfyzof-KFq_v1CCoNhaBBWzeOQ34cVlXkbsrxxRX74ddwroBZuejwaNrfBxYEYs5MgCA7dr2gaZa1zs8JZv3Q1tsSs5p2MlR9tqHaEY6iLicpQjmOrtdxa-vjObpI5W9_Bjk57T4WrshGM_iwYLy3atBuzGFZnhhENqo9j5R3qck7uLzwBx1g4h0J1W9Cvjdvz1I5U25bI+launchtime:1718438867681+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718438697411002%26placeId%3D2753915549%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D5fe0cdbe-081f-41da-8f96-4e0c7a1c4df4%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718438697411002+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4292,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4448 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4544,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4528 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6140 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:Hh-2DLy-U_50H76xKD6dMdj3gzk6pGyzF8tEj00inM1_ngdztw4_cKxLzQoq-4i26cGfQAUxrrXNtKoI-Pa0xpuSKGcPruuIROJk7ABfRap098v7JC_V6yf91gpGef3u4G1afrsNpkmdEF88qN6cdSwiZc9b-BZIhPtvkH2HoXbb2cuhQpUEOUdkFQwdlEiFr3NXozwG5STG0MSlstOCYP-Q4f5e5kdMj8Yes8chWL0+launchtime:1718438894604+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718438697411002%26placeId%3D2753915549%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D331059f6-c71e-483b-8202-648c954c31fa%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718438697411002+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4568,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4632 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4604,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4616 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4560,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4624 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4588,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4852 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4860,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4480 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6508 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6392 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:ZSUJiV2Vy8ERUESWR5eaeYi6bfbburhyrTkKNfHyusEY8lr4scmPOH94YTUsymShYdsTwuiWPTcoQl8XOWFj1vQEgcz3dVUUv8ene6vpvaxEY0UGBHSKNm5LzaI3f8NporKxAWZgP47Zu6GghdzHf-rHLKR2N-AuiS9JAgZVlYmEXyfbQ1xAcNNpFZ0apwkXsrgo9DkNDePqox6pMrUzThcolNlLBvnRKywsDUakhTQ+launchtime:1718438966689+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1718438697411002%26placeId%3D2753915549%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Da1664e7d-e984-42e8-9c4f-34e095ce31d3%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1718438697411002+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=4464 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4760,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4764 /prefetch:8
C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-2cca5ed32b534b2a\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.56\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=es --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView" --webview-exe-name=cd57e4c171d6e8f5ea8b8f824a6a7316.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=4712,i,14687843408294138367,3409678288349559318,262144 --enable-features=MojoIpcz --variations-seed-version --mojo-platform-channel-handle=4820 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5680 --field-trial-handle=1804,i,2461727312449929868,9281184052815717177,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.nodejs.org | udp |
| US | 104.20.22.46:443 | www.nodejs.org | tcp |
| US | 8.8.8.8:53 | nodejs.org | udp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 8.8.8.8:53 | 46.22.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| US | 8.8.8.8:53 | aka.ms | udp |
| GB | 92.123.242.18:443 | aka.ms | tcp |
| US | 8.8.8.8:53 | download.visualstudio.microsoft.com | udp |
| FR | 68.232.34.200:443 | download.visualstudio.microsoft.com | tcp |
| US | 8.8.8.8:53 | 18.242.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.34.232.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| SE | 184.31.15.121:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.193.132.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 13.67.191.143:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 143.191.67.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| SE | 184.31.15.50:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 50.15.31.184.in-addr.arpa | udp |
| SE | 184.31.15.50:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 171.117.168.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:52540 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 34.117.188.166:443 | spocs.getpocket.com | tcp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 44.232.194.163:443 | shavar.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.120.5.221:443 | prod.pocket.prod.cloudops.mozgcp.net | tcp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 163.194.232.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| N/A | 127.0.0.1:52547 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| N/A | 239.255.255.250:3702 | udp | |
| N/A | 239.255.255.250:3702 | udp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| DE | 128.116.123.3:443 | www.roblox.com | tcp |
| DE | 128.116.123.3:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | 102.175.234.205.in-addr.arpa | udp |
| DE | 128.116.123.3:443 | www.roblox.com | udp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| GB | 18.244.155.10:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.123.3:443 | apis.roblox.com | tcp |
| DE | 128.116.123.3:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| BE | 23.14.90.98:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 205.234.175.102:443 | images.rbxcdn.com | tcp |
| DE | 128.116.123.3:443 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| GB | 18.244.155.10:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.90.14.23.in-addr.arpa | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | www.meta.com | udp |
| GB | 163.70.147.22:443 | www.meta.com | tcp |
| GB | 163.70.147.22:443 | www.meta.com | tcp |
| GB | 163.70.147.22:443 | www.meta.com | udp |
| US | 8.8.8.8:53 | 22.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent-lhr6-2.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent-lhr6-2.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 18.244.155.10:443 | roblox-api.arkoselabs.com | udp |
| US | 205.234.175.102:443 | images.rbxcdn.com | udp |
| US | 205.234.175.102:443 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| SE | 184.31.15.65:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| DE | 128.116.123.4:443 | lms.roblox.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | 65.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0cfly.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-central-1b-lms.rbx.com | udp |
| DE | 35.157.243.125:443 | aws-eu-central-1b-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 3.135.120.9:443 | aws-us-east-2c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | aws-us-east-1c-lms.rbx.com | udp |
| US | 52.9.83.230:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| GB | 18.169.60.253:443 | aws-eu-west-2a-lms.rbx.com | tcp |
| US | 3.132.183.229:443 | aws-us-east-2a-lms.rbx.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 34.205.21.180:443 | aws-us-east-1c-lms.rbx.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 52.9.83.230:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 34.205.21.180:443 | aws-us-east-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | 4.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.60.169.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.243.157.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.120.135.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.183.132.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.21.205.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.83.9.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.45.116.128.in-addr.arpa | udp |
| DE | 128.116.123.4:443 | lms.roblox.com | udp |
| DE | 128.116.123.4:443 | lms.roblox.com | tcp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 20.42.65.91:443 | browser.events.data.msn.com | tcp |
| US | 20.42.65.91:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| SE | 2.21.96.104:443 | assets.msn.com | tcp |
| SE | 2.21.96.104:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 104.96.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.65.42.20.in-addr.arpa | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | kit-pro.fontawesome.com | udp |
| US | 8.8.8.8:53 | kit-pro.fontawesome.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.40.68:443 | kit-pro.fontawesome.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 20.42.65.91:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| DE | 128.116.123.3:443 | presence.roblox.com | tcp |
| GB | 18.169.60.253:443 | aws-eu-west-2a-lms.rbx.com | tcp |
| DE | 35.157.243.125:443 | aws-eu-central-1b-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 34.205.21.180:443 | aws-us-east-1c-lms.rbx.com | tcp |
| US | 3.135.120.9:443 | aws-us-east-2c-lms.rbx.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 3.132.183.229:443 | aws-us-east-2a-lms.rbx.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| US | 52.9.83.230:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.64.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | 176.64.101.151.in-addr.arpa | udp |
| DE | 128.116.123.4:443 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | followings.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1c-lms.rbx.com | udp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2b-lms.rbx.com | udp |
| JP | 54.248.200.32:443 | aws-ap-northeast-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | lax4-128-116-63-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| GB | 13.43.103.250:443 | aws-eu-west-2b-lms.rbx.com | tcp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| JP | 54.248.200.32:443 | aws-ap-northeast-1c-lms.rbx.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| JP | 52.196.248.242:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 54.212.189.199:443 | aws-us-west-2a-lms.rbx.com | tcp |
| JP | 52.196.248.242:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 54.212.189.199:443 | aws-us-west-2a-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | 250.103.43.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.200.248.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.50.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.63.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.248.196.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.189.212.54.in-addr.arpa | udp |
| DE | 128.116.123.4:443 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | 3.115.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 151.101.128.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | 176.128.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 52.27.240.74:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 74.240.27.52.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:55539 | tcp | |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| DE | 128.116.123.3:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 205.234.175.102:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:9911 | tcp | |
| N/A | 127.0.0.1:9911 | tcp | |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 205.234.175.102:443 | setup.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | setup.rbxcdn.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 204.79.197.239:443 | tcp | |
| US | 8.8.8.8:53 | 239.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.19.161:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| N/A | 127.0.0.1:56266 | tcp | |
| N/A | 127.0.0.1:56270 | tcp | |
| N/A | 127.0.0.1:56273 | tcp | |
| N/A | 127.0.0.1:56276 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 204.79.197.239:443 | tcp | |
| DE | 128.116.123.3:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| SE | 184.31.15.64:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.242.17.235:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 64.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.17.242.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| US | 8.8.8.8:53 | aws-eu-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-central-1b-lms.rbx.com | udp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | aws-us-east-1c-lms.rbx.com | udp |
| US | 128.116.63.3:443 | lax4-128-116-63-3.roblox.com | tcp |
| GB | 13.43.103.250:443 | aws-eu-west-2b-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| US | 52.9.83.230:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 54.212.189.199:443 | aws-us-west-2a-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | aws-us-east-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| JP | 54.178.237.198:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 198.237.178.54.in-addr.arpa | udp |
| DE | 128.116.123.3:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 205.234.175.102:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | catalog.roblox.com | udp |
| SE | 184.31.15.64:443 | tr.rbxcdn.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| DE | 128.116.123.3:443 | catalog.roblox.com | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 44.242.17.235:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-west-2b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-central-1b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 18.244.155.22:443 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| DE | 128.116.123.3:443 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 151.101.128.176:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | 22.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | users.roblox.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| DE | 128.116.123.3:443 | users.roblox.com | tcp |
| DE | 128.116.123.3:443 | users.roblox.com | tcp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 151.101.128.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | accountinformation.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 44.242.17.235:443 | m.stripe.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| N/A | 127.0.0.1:58298 | tcp |
Files
memory/788-0-0x00000000738FE000-0x00000000738FF000-memory.dmp
memory/788-1-0x0000000000220000-0x00000000002EE000-memory.dmp
memory/788-2-0x0000000004F80000-0x000000000547E000-memory.dmp
memory/788-3-0x00000000738F0000-0x0000000073FDE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi
| MD5 | 0e4e9aa41d24221b29b19ba96c1a64d0 |
| SHA1 | 231ade3d5a586c0eb4441c8dbfe9007dc26b2872 |
| SHA256 | 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d |
| SHA512 | e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913 |
C:\Windows\Installer\MSIFCCF.tmp
| MD5 | 9fe9b0ecaea0324ad99036a91db03ebb |
| SHA1 | 144068c64ec06fc08eadfcca0a014a44b95bb908 |
| SHA256 | e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9 |
| SHA512 | 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176 |
C:\Windows\Installer\MSIFE67.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Windows\Installer\MSI11F1.tmp
| MD5 | 7a86ce1a899262dd3c1df656bff3fb2c |
| SHA1 | 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541 |
| SHA256 | b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c |
| SHA512 | 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec |
memory/788-226-0x00000000738FE000-0x00000000738FF000-memory.dmp
C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE
| MD5 | b020de8f88eacc104c21d6e6cacc636d |
| SHA1 | 20b35e641e3a5ea25f012e13d69fab37e3d68d6b |
| SHA256 | 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706 |
| SHA512 | 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38 |
memory/788-575-0x00000000738F0000-0x0000000073FDE000-memory.dmp
C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE
| MD5 | d2cf52aa43e18fdc87562d4c1303f46a |
| SHA1 | 58fb4a65fffb438630351e7cafd322579817e5e1 |
| SHA256 | 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0 |
| SHA512 | 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16 |
C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE
| MD5 | 7428aa9f83c500c4a434f8848ee23851 |
| SHA1 | 166b3e1c1b7d7cb7b070108876492529f546219f |
| SHA256 | 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7 |
| SHA512 | c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce |
C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license
| MD5 | 5ad87d95c13094fa67f25442ff521efd |
| SHA1 | 01f1438a98e1b796e05a74131e6bb9d66c9e8542 |
| SHA256 | 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec |
| SHA512 | 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE
| MD5 | d7c8fab641cd22d2cd30d2999cc77040 |
| SHA1 | d293601583b1454ad5415260e4378217d569538e |
| SHA256 | 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be |
| SHA512 | 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js
| MD5 | bc0c0eeede037aa152345ab1f9774e92 |
| SHA1 | 56e0f71900f0ef8294e46757ec14c0c11ed31d4e |
| SHA256 | 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5 |
| SHA512 | 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts
| MD5 | f0bd53316e08991d94586331f9c11d97 |
| SHA1 | f5a7a6dc0da46c3e077764cfb3e928c4a75d383e |
| SHA256 | dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef |
| SHA512 | fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE
| MD5 | 072ac9ab0c4667f8f876becedfe10ee0 |
| SHA1 | 0227492dcdc7fb8de1d14f9d3421c333230cf8fe |
| SHA256 | 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013 |
| SHA512 | f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013 |
C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md
| MD5 | 2916d8b51a5cc0a350d64389bc07aef6 |
| SHA1 | c9d5ac416c1dd7945651bee712dbed4d158d09e1 |
| SHA256 | 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04 |
| SHA512 | 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json
| MD5 | d116a360376e31950428ed26eae9ffd4 |
| SHA1 | 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b |
| SHA256 | c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5 |
| SHA512 | 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a |
C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE
| MD5 | 1d7c74bcd1904d125f6aff37749dc069 |
| SHA1 | 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab |
| SHA256 | 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9 |
| SHA512 | b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778 |
C:\Users\Admin\Desktop\UnprotectFormat.mp3
| MD5 | c346decfc505e7cf3539d26b62ec50ee |
| SHA1 | 62486dcfa48acbf130f3e19f608b2704eb7160a7 |
| SHA256 | a6c23827b58e8e5ead562c683d8570c8473f7d5e60385e8e0c5b32877eb4eb3a |
| SHA512 | d7bf48e5692f46b4758e41a13ecf93cbe822ad0c15e1e7caf0a130a2b2d1010dcc08d6212d8b936451cc43cb43ce3ce0fbc26b89b75cdfdb887e3855e961129d |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md
| MD5 | e9dc66f98e5f7ff720bf603fff36ebc5 |
| SHA1 | f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b |
| SHA256 | b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79 |
| SHA512 | 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | 1d51e18a7247f47245b0751f16119498 |
| SHA1 | 78f5d95dd07c0fcee43c6d4feab12d802d194d95 |
| SHA256 | 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f |
| SHA512 | 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76 |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | d3bc164e23e694c644e0b1ce3e3f9910 |
| SHA1 | 1849f8b1326111b5d4d93febc2bafb3856e601bb |
| SHA256 | 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4 |
| SHA512 | 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url
| MD5 | db7dbbc86e432573e54dedbcc02cb4a1 |
| SHA1 | cff9cfb98cff2d86b35dc680b405e8036bbbda47 |
| SHA256 | 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9 |
| SHA512 | 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec |
C:\Config.Msi\e57f129.rbs
| MD5 | 51013dadfb10bd6af441e179f8141884 |
| SHA1 | cb8a0c2ba9a342cb90830a93aa4ebcf42efd9b9e |
| SHA256 | 5fdf290328301b5e4872744da15e37000f797f03ebc2bd7d84fdd1e39ad61dc6 |
| SHA512 | 173579e5abcf6d68651b636b140d0f5d64d94dcf5bb5c8233e8d941d9502376f45e0af610fa2605062e2317da4d96e4d8c4988d43882672298b7dc7479b44873 |
C:\Users\Admin\AppData\Local\Temp\vc_redist.x64.exe
| MD5 | e091e9e5ede4161b45b880ccd6e140b0 |
| SHA1 | 1a18b960482c2a242df0e891de9e3a125e439122 |
| SHA256 | cee28f29f904524b7f645bcec3dfdfe38f8269b001144cd909f5d9232890d33b |
| SHA512 | fa8627055bbeb641f634b56059e7b5173e7c64faaa663e050c20d01d708a64877e71cd0b974282c70cb448e877313b1cf0519cf6128c733129b045f2b961a09b |
C:\Windows\Temp\{2BB0DDF1-E8CE-415C-8B75-E3AC40EB1347}\.cr\vc_redist.x64.exe
| MD5 | cb264f7d256b42a54b2129b7a02c1ce3 |
| SHA1 | d71459e24185f70b0c8647758663b1116a898412 |
| SHA256 | d6aaee30c9b7edeac6939f78f4a55683c6358d9cc03dac487880d01f18700e83 |
| SHA512 | 4f623f5d21bc216f3dd040e6d0c663a8ea37efe5d0ce5f4aeb1ef5c1f7c873e19d1abc979d3e40d4dc70e2e4f0fc9a1b114b17d9eb852ea9a41d0f84356cd7cb |
\Windows\Temp\{61FED38F-B60B-44CE-B729-70B4CF6CC4FF}\.ba\wixstdba.dll
| MD5 | eab9caf4277829abdf6223ec1efa0edd |
| SHA1 | 74862ecf349a9bedd32699f2a7a4e00b4727543d |
| SHA256 | a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041 |
| SHA512 | 45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2 |
C:\Windows\Temp\{61FED38F-B60B-44CE-B729-70B4CF6CC4FF}\.ba\logo.png
| MD5 | d6bd210f227442b3362493d046cea233 |
| SHA1 | ff286ac8370fc655aea0ef35e9cf0bfcb6d698de |
| SHA256 | 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef |
| SHA512 | 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b |
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
| MD5 | db7fb67fcec9f1c442de25f3ad59f50c |
| SHA1 | b600aa26d1cded59760304c6d77f4ff75722eabd |
| SHA256 | c227208854734bbd38c9f74f39034111733da5c7ce71515b1610aedd79417f9f |
| SHA512 | c14ec7d252a6f201dfea476d302fbc5140713cb4ea7bc8d4e610bfd806b3fa3c141153e2e9b8cb36255fba1fab4d4400ed83f5f5c1228d77d77bace41d5de7fe |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdate.exe
| MD5 | e3f7c1c2e2013558284331586ba2bbb2 |
| SHA1 | 6ebf0601e1c667f8d0b681b0321a73e8f4e91fa3 |
| SHA256 | d19616ac12d3d536c8fbf034513a4977c88ef2d1676d358a2358fa051c8a42ba |
| SHA512 | 7d4fd7ad06b05d79211144cbaa0047bdb4910212565b79f292a6bea652735dacf69435b24c73bc679cbdad4207f6352726eb297a1e7af4f7eef14dbc8a2ca42d |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdate.dll
| MD5 | 1125e435063e7c722c0079fdf0a5b751 |
| SHA1 | 9b1c36d2b7df507a027314ece2ef96f5b775c422 |
| SHA256 | 7d8d1756343598bc651d62a0e81835820e0d6cf7a995503bb6b129b4bcc37df4 |
| SHA512 | 153f096af5c874c00a3c38602fab590eccf885f642040007b67799ef39d919d7cb261fba43a9ffbd68c8824eddea219505d49e05b3dcc70f00e6016a1fbd12b9 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_es.dll
| MD5 | dd3dd031e05a54c4bbf6660dd8053608 |
| SHA1 | f32870bb0f7f522fd536c4ffae8c39c9d2f266f1 |
| SHA256 | 2d71da96f961fafe269241c27290917bf54a3c7fc5ced2de0c4b33e4b0386dab |
| SHA512 | 7b0bb0ae619baea45cddab042d10d7e4b394c70a29c01632585fec7ff9aaa54a50a8fbc894f02af5e2130cff11c4573cf41ab6b5fc4c29392b69e72212c41c2d |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_af.dll
| MD5 | 3a8fa737407a1b3671d6c0f6adaabd8a |
| SHA1 | b705b27c99349a90d7a379d64fd38679eed6ec30 |
| SHA256 | 5995a5ae09cb7da69b5a6f8ea1a60406d8ebc2201b627417b578ebe903d22276 |
| SHA512 | 9872f32a727b248d3edafe303e5290e1bae0c270a988500424221970c0041268c1626ebb94712a0b8ba0f21d2f29d833ab9dbc4db884f7f9af5a5063f94d71b5 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_am.dll
| MD5 | 86465afa3ac4958849be859307547f57 |
| SHA1 | 9bbde5e4df719b5a7d815dd1704ab8215602f609 |
| SHA256 | 921fce73f4fc7b47749d250f5ab885141bd5ddec2ad057b049e470cffa4a6b20 |
| SHA512 | 13e178e317280cbd585261aa22a840ea2203d4ef5c845f4fd6d5b4fbf216d45aae55153aed43c1fe4284d45391c72e580e612347b2903effece8a2252a13b90e |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 687ccc0cc0a4c1de97e7f342e7a03baa |
| SHA1 | 90e600e88b4c9e5bb5514a4e90985a981884f323 |
| SHA256 | ecbab53f1a62d0459d6ca81f6c004651c09562f8e037b560dcb0890a2c51360d |
| SHA512 | 4da91ee55de7abb6ce59203edd9ae7e6fcacd5528ac26d9e0bfbd12169db74758a9bc3fde437e3c1d10afc95d74b04b0e94586472b0a0bb15b738f5e6ec41d8d |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | a177a23ca2ed6147d379d023725aff99 |
| SHA1 | 1a789e5ef7bf9f15f2ccbac5f9cf3750ee41f301 |
| SHA256 | 9c584238ea9189afd6b11cf71604b1c2762ac815d6ca8994788de7e076b21318 |
| SHA512 | c508ffd3e2cc953d857a2128e29dfdfe0f9e729da38c9cc3022c4376342aec946c6e79176e7885f6637008573c85339bdc8a9e261b3811887ecf5a7dd78383c3 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | 4f840a334c7f6d2a6cba74f201e83a7f |
| SHA1 | cb032c7b1293190f8f1cd466f6ded4bbe71c47a1 |
| SHA256 | 2ff44aa5f48a3e5b3ca3c5a3904be23d29a282b467e30d6f52494df3dc1d612d |
| SHA512 | 575c20fcdbebb16bcd17a137a656769d355a81817e7fa3743981976998e00bdf3ce42bbfa046c42a835e9e9e7a10ef6f8d7b306de9940fa332817cb2885db833 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_ar.dll
| MD5 | 819e3c9e056c95b894f1863208d628a2 |
| SHA1 | 596993f5d21cfd92f29e2ea5b0a870dc2ac19917 |
| SHA256 | 588adf8e9a300e39b51f7404356c4ae863dee1f404664933585f8d9f2467d494 |
| SHA512 | 3a7e67248895ac2cbb1874514bffe62a23cdfff2c3674d21589f528ec283ccf3cc2e3abfea0d81f49046c7ba920f3e64cda100c5a20be69b91ce05095b50c06b |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_as.dll
| MD5 | d1aa2764e05f7c8c88a17bb0cd25b537 |
| SHA1 | 2bee78f103faffe3e25ca20c915cc6b46e2134e4 |
| SHA256 | 3dd5aab43eeaa6202adc115f40fc1feb5332128388c2d8e62176fdea20035097 |
| SHA512 | 80762e4611b8ac451490e5238c0650be048bf315526ed405d9c5837e5002bd6a9526f335a06c6baa009cba671ecb0613c76dce23086e13333f332480cbd9ced0 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_bg.dll
| MD5 | c30674009659b56bdb6a60f8629f0eb2 |
| SHA1 | 4b6fc6ea93620a206a621875513455b57fd24e83 |
| SHA256 | d09c23ecd92f5cfbe650c63bc93af84c11c9ae143a5838286c04169eab8bd103 |
| SHA512 | 8947a9bada21ed2e0f2cf080d58f9473a5c54092a5c1f75ca9523b48143caed346e831714e80466cc2e88513e507aef422d8560b69cbf8663eb21ab05c61707c |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_bs.dll
| MD5 | 3e817089a18c72bd505dd6bbe5ce6163 |
| SHA1 | 2c21b568c2fda5e475a1a996b73874ba6fe420dd |
| SHA256 | 7c31aa69e3109d7134443c47b12859fffbade13a2f994f0bf42a8fdc12f796df |
| SHA512 | 20534eee7c59a9cdb595c3f6d01abc8cfa534aaf84a693d3b011e4dada3fde080142a95ba036270a6a2ad2b65e6fdb18b08e53552715cc4edfcb87662fbf8100 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_cs.dll
| MD5 | 731cb513cd866dfc65e12446a0d4d62d |
| SHA1 | be32570fb7fd50c43cf1ae24e7a35302eb5278fe |
| SHA256 | 829630039ca9125aeb8885d069214b4112972ed02dacd309ddd26fe087f3fec2 |
| SHA512 | 6357f965c183e89e5a1c485a0e3becf56ab91265241568d7df7fdc1c01f1ac8fa58bd206762ada8cec99b6988eff60c41cf4836290d5e007fff63a69a78de68c |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_et.dll
| MD5 | 2e1b7c75e1ee567906a62eb19ee4308d |
| SHA1 | 10b77bc1040db4a3712a94c2e5ba56be3a54bfd4 |
| SHA256 | 83a38cc799974f6a018dea761420a77e25bf17d2c1b7d09d6d75a7b50c5762c2 |
| SHA512 | 9bcbb626945390ca07c99b4a698036b2a59869040944866edb893f4e5f7a6524b8980183f9825b33bafa41b10165b7ef6d20dd7750e38edd880fc22362110c08 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_es-419.dll
| MD5 | 31177139af7d1da131c31d7d5cbe8099 |
| SHA1 | 113f3b38baeab35d2d0f51f1238f5b9e11402f26 |
| SHA256 | 39e80dad7071bc0a82fbd3475a780b50b9c0f1cac2240322c48b6befb1837163 |
| SHA512 | 6828a1cab2fdefe642a0b58f47c31e02b9dba7b15ad28cdb8039b194d9a86e2d24ff0e658fdf982e3d2d4208a2b57eb7546136e4739e64d714939c14a3d58410 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_en-GB.dll
| MD5 | 1b79536b20df86a2bd8b232abe07d533 |
| SHA1 | a9d24de616055f9800d5c4bc902cb2d0f625d178 |
| SHA256 | fbf5215552bf6e12e7ba5c3e6e69748c47b6750845f5e4f048096903ef009008 |
| SHA512 | ac4704fade4879992f0a67888e1e4098be2879e5e3ce2bd80275ce68729f0037497d975e1ececb587ace4d72f3e71b038f616725831d4fca12280d583cd77d7b |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_el.dll
| MD5 | 8cb60db631b0939688f39e76564505cc |
| SHA1 | 6dee577de716460737f7a330f440880b4e73c5c8 |
| SHA256 | e8f7c8baaa1187c430c22cfc5907541411ab46e0609a53d39b015d722e35bf6f |
| SHA512 | d43216c1a8ed2daf51d70d476b789a3797bd62f69c1a556e306dfccc41efea73117eafb970010d7db151cd3ebfb7cd82de01efb4e2a2c0757b2027732a3361f5 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_en.dll
| MD5 | a430ce95b80c07bb729463063e0c7c48 |
| SHA1 | cc488bdc18c191d88dd93e45bb85fda19d496591 |
| SHA256 | c9c8a06948123607b7b35d0d46c9600b1d3e2f674e6117820b4f559818c26b60 |
| SHA512 | cc9c24b95d079a949a8e725002494b0c75c19bce9ec6457cb4307f5803b7433eed738944f1baf770df8e034212224b1d9662fa533aa5bc5c01568d192fa49efc |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_da.dll
| MD5 | 9fa41c3ba8bbd84e85f71c3cd377d90d |
| SHA1 | 363c1d61c84fee42987193e8edeffa522eccbfdc |
| SHA256 | 157c6cee2a283c6a1966356f8d91172f55c05408f292dc352579a4dc9283c0e6 |
| SHA512 | 34569a917bf08ac7d50add115b09cd8bf4583a3bc7652fa54c1cd606cb94e752f4e4e278fbb99ea1e41e2d712f82893ca5f59bbed05a57c8d29b2d7037d835e5 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_az.dll
| MD5 | 1e4093c3b0af3eed6f95d2620d45bf40 |
| SHA1 | e29a10ede562f2d057d6fc04c3a286996051a14d |
| SHA256 | afcc0b001c7ffc1f5bbdea02fcbd6054e8b15aff9ae47366910bcf5908d4437d |
| SHA512 | 843480e2d2b431f32892830c26fc3e4b80656d069f83f9a9df78d10b1e22c9ceca99171360b2baa921d156995d87ea5223f18b11e2a8ac18fabdf905881940b1 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_de.dll
| MD5 | 896c0f7b03a6cd211fea53ecc71a1308 |
| SHA1 | 434eac60a992ea77945a77964050a5d0e41d48b2 |
| SHA256 | 84ffabc322775aee896df188189fd633483c3eb10571c8c86ec55561c2329582 |
| SHA512 | 7d2f9fc0086b3dc60275c6a2e17b0562626a57fb080dc1bc4cd5ad80c2501f366e89533aa961613eacd3a0bce343bf831e8cfa3d3a691c33481042b1ee02908f |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_cy.dll
| MD5 | 04ee3ec0e73eae42509bdfb689927610 |
| SHA1 | 6176e7ae836dcacea10f7004b04ba85e3e081da8 |
| SHA256 | 5410d30b82c006e207a8fab3a771eed3abff145d19ddcc92e48d47bb54684e81 |
| SHA512 | 89c41d77066fde1cad219603d1bbdd812a65bb0680d3c545ee4cb63135486296f1af934a69161e76ca53d00037729e75bdcc22a2eca954eba98cf3f34af5d839 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | e0de8c3f8252202d2f68341290c45e34 |
| SHA1 | 1d3322ab111774484be8865c1893dd834c3f52f7 |
| SHA256 | ed3676152ff3f24f93034f3931b0a735b704906c50ed59a8b9cf49452afb1891 |
| SHA512 | bb22666ba675c88715aa1b906f2b356c0d4289723052b942f416d3b56f727666f4fb8cc51609ca96be0c76ffda85cfbdcea917979e8a1ada5a5ba1b82e5bf816 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_ca.dll
| MD5 | 9e4ddaa68d6d4f210905092096051b36 |
| SHA1 | f38198c364da7b5ebcc75aafdf42a7d55699d8d4 |
| SHA256 | 8bbbe723da938f6f0b3cc35f48779949c5fc177b5dd157ee053a088e2968f48b |
| SHA512 | d65102c0f4337cea443c5f8e65531f0f7b628c5edeff17257b427d1073a1b291d1cc90fe46dc4bbd2c2988f940480d46e5abb2cbb9985bcbafa7e5f3bc727151 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a8817334810c093e0c280e2a61caf36b |
| SHA1 | 9b3b2a8e33de3fa8df0b6b6ab4a40ab1d088ab28 |
| SHA256 | 18d4c6a9840ba877dd1906ff258fb06c245cfea6bab00bbffe18c442957393ac |
| SHA512 | 24ee9a0c29d42c96ccec7f4f3322c3b6a2ed0e4d68b17a5b424a364f789adaa8f1404784c8feae77986cd0be39579dacc9ca89a3fa868bb0bf11d94c95f0bb23 |
C:\Program Files (x86)\Microsoft\Temp\EUDE93.tmp\msedgeupdateres_bn.dll
| MD5 | 4d2988ce0b2cf5cb02269a2455e1174b |
| SHA1 | d89cd05805965648c9e7b8bb4bc8bd3605ce2d4a |
| SHA256 | cbc9a8a3936e6cb279885dc8a23261a290e85907f947a1a16fe9e7d6bdee69f8 |
| SHA512 | 64cee7e579367faca4864ebb5feb9dee310915f8640780a5a52c19f5c68d817adab7ef357913a68fe841a3b2e801e85de173a37402cdd49cf35319571ff6ce44 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 526fdbbc40c3b5ef48ea9db882192188 |
| SHA1 | 2b3de36d7ac41f82141818f232a59a3bee17fb1f |
| SHA256 | ac56f15330f8561872847214cbcbafa52e2b87469434b1546e76b4c0290bc73a |
| SHA512 | 9f884375b34140986e50e909f41ba9d2d52a9b170360ff59edd5f4282858ebd90b21cdb1beda390bb723d9bbbd40ca25d66bcc1bffbb64f03aca2c36c7a633ee |
memory/1728-2666-0x00000000000D0000-0x0000000000105000-memory.dmp
memory/788-2671-0x0000000006130000-0x0000000006232000-memory.dmp
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 28d557dee88978a1ac527a5b998ba58d |
| SHA1 | c98b211de5c39115c82888f177ce0bc9ef7c03f0 |
| SHA256 | 2bed4dd54db1ec42d99dd2847b55088b2af531257be79ee9a0939276e156a8e2 |
| SHA512 | c3dd262df3c26dda256af85d99828d77fe974374d3bc181f6a2295068d1fa25032fd8c1738311ece3c8e068d77b9badc4764b2cb06a25e4f3a76c03bcf46cdc0 |
C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.56\Installer\setup.exe
| MD5 | 2db3410f16bfb551b063112f170cfe92 |
| SHA1 | 4ac32b5efaed17e0aab5146774e0a90dd912b0ff |
| SHA256 | 34a13e267b18b462cfb5c2b13c822d2b7d06b631f0e3257585382a10ef379c72 |
| SHA512 | e499fd5fca2c9dfca23b11a651a647678d814f7e64cfafd8ce0e3a88621655f7d75eca8fdaa6d1fd248f6549f544ea91411bb7544420a662891fc2cb231bf23a |
memory/1728-2724-0x00000000000D0000-0x0000000000105000-memory.dmp
memory/788-2726-0x0000000005B00000-0x0000000005B92000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\pending_pings\1ea0df11-c84b-4a3f-9206-d36e4b5809e0
| MD5 | e6100af8cc98a0f7b59259bc160cb5ee |
| SHA1 | 99b14142f4667ac9b24e50ac6d778701e495b06c |
| SHA256 | 507e8ad15860439072418176ae5863aaea22f8ec9b127d0aafb72e42b20dc5d3 |
| SHA512 | cf6d83139cad82d0867f054fe6e595926fa53a37b8e60d6a582389d2a907451b2777a9d168c3fd291d40f79fbbdb113fcddcf4eaacb19b034080432a963e9a91 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\pending_pings\fe95c361-a750-49c2-bff6-686e44531ace
| MD5 | 443741c6e477c5aefcfc8d8b4056bc8a |
| SHA1 | 7dec2eed93ddc2e0a2a89f19a6db3a880fd1a99b |
| SHA256 | 8fd86f5fe7e787f2959eb18afe0013faa66bf49c54087d561acf83eaf61f13c2 |
| SHA512 | 9ace460bf27c155c2de777c92a249023957b65b0dcfff8f963e2f68bf117e18b17584c9d1ef3aa45ebb2c9ae5256d6ed8d8880938b574e06167590de252bcbdd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 21617107dec882293ceb94d4ebf3ce9b |
| SHA1 | 6fe506b7410833ed48ff35314658d6dde8d51912 |
| SHA256 | 23b08f6bec1cd1b0efdf1dd020cd2bfb50d7b6ba9533c6859c5cc90d5e249591 |
| SHA512 | 35ecfc4c5747348520d1f5229d396ecbf60266df9cec35497352d4ec10c82b8fefebbe7b9ff5d412acc6daacd6c77b2b9000f9e7aa3ad68f53ac719b63ddee86 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | 65c3d5e8968c774750fbb37bd3b8b224 |
| SHA1 | c758bb14eabf70608f019276f72fbac1a2121f1b |
| SHA256 | 464bbb81eb7a1c511cf2e1c9873710c7cb11f387f874f450a8756fa45974b67e |
| SHA512 | d65ac7685dd936b757abd2f91435d757fff152277c68e3ff846fbb97ed4298d97dad7da7adbb7db9d6f57dfad5225668a265c9e81935347fd9a33f4c71f4d298 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs.js
| MD5 | 0525663f31fd4e6a664cb233c0340ecb |
| SHA1 | e31a86000021ce10f3fa629ff8ce39a6d865b325 |
| SHA256 | a43a1863149decd79c2c5f5ee4d2942a08f86ffa588cdfadca4179fb977493dd |
| SHA512 | a671ac8bc894d9d5d4e31263e9e728489cb8d7cfc03ac38055176b751d3ae9ab2a71555f9d33752bb101ee0cb819a7c2b2f187aff88e73feee5e021e7aeb6866 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | bfbda6941ec18eb7720c1000e201c059 |
| SHA1 | aaf5656ef5a2177619769e99efbc876f968d4f8e |
| SHA256 | 7c73345e81449c9b60cadd0d389c991cb7cdb35bbc998684946343ccb90e7323 |
| SHA512 | 9d01e5d8f82b92d6d67755faa2ad4ff22a494e3eec9b8838bac5d13de53f7c82ed78a0ddb89e15407959b96e003adf1fbc3e057b7eb5d4a8cff7174947aa97ae |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2b7acdhd.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | c460716b62456449360b23cf5663f275 |
| SHA1 | 06573a83d88286153066bae7062cc9300e567d92 |
| SHA256 | 0ec0f16f92d876a9c1140d4c11e2b346a9292984d9a854360e54e99fdcd99cc0 |
| SHA512 | 476bc3a333aace4c75d9a971ef202d5889561e10d237792ca89f8d379280262ce98cf3d4728460696f8d7ff429a508237764bf4a9ccb59fd615aee07bdcadf30 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 45c6745129962c0feb71a34bc8471a41 |
| SHA1 | a795b0dce2a49817c7a57cbca6a526347d7d76d4 |
| SHA256 | 27658b88ee11c527dfccf622a375587bb4bb783f67dbd68b478a411e09fbf945 |
| SHA512 | 030570d4bf1222cccde311097144579064091a2be1538ea2982a6dc6b7aac269ddb7bc9af90effb9c2a793740d0640b0071c3fb54491fc6ff66095bd7c0177cd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | 1096d21625920c0c5973ad3c68f88f93 |
| SHA1 | 3ff0cb76478853589a77d74b7511b7da3a92495d |
| SHA256 | d031239ae993bd2a4a5c5cefe1f5a5339ce84393230ea93b5275ea15ab3de595 |
| SHA512 | 7de22418ef9c945b9364841bf816910428f4bea35a33317354819f1afbbd1d23c4c7aeb690c4e070b73401253e8b59c6d6d9bf85971a590af4964e96936b586e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\prefs-1.js
| MD5 | ccc90089b028b013269e65dc24e904a0 |
| SHA1 | 837767221c7ffd0301588fa72ded4976abbe5349 |
| SHA256 | b5e9790cbe27b3d2f0c15f591642ac0ef422f2ab18f272934fd80e94a3893955 |
| SHA512 | f2a526c40643753b8b8337026497b14b704dba3854a7dd9eb10998d25c5d48ae9e95f49bdb48fd823665486ec7cddfc9c4fd5d39f20cdf2c4b38e50d5b2d143d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 298024255352db8b6e087e7854ce0cb1 |
| SHA1 | 68d792791e2246e05b66d1c26055bc18540f7059 |
| SHA256 | fd27d8024e95c2da7418e67241edda8b0e774e42faad798d2c5e66f8a1d5dce8 |
| SHA512 | 90c399b0880e91b9d76df2f1d54d3e3215f1447c2b098208f7077a9946e26eef2f5f40e4a3f21746880fae5e36b2e4881fcb52e8e72a97eb8bbca00a4d3a87d5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 4c30b580719fdfbe00b387081cc84f4a |
| SHA1 | 042552604e337777521d65f25e079207200c4f49 |
| SHA256 | fa85bb98f1dcdb46b267b27e568d21953c63c28065c50f9345cc2519024e7cc9 |
| SHA512 | b105663fad6248f411c1c11fcfa37fb6230ce08786cd081b1c7c33511114ffa65dcff806f7edc121dbc79f48c072693672411eaee234ad8894f486386d244bbd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2b7acdhd.default-release\sessionstore.jsonlz4
| MD5 | b1f6188380955b07518a25d0fb0f4d80 |
| SHA1 | 26ea99c7c1beb2578a7297b50c40468ced05c2f0 |
| SHA256 | 82a6a53b6da5fcdcece420d235dc0d858180bcb097ca99fc630b0a1317000a26 |
| SHA512 | a615735a1aef6a638fd56fa4c9c26c76b1ef0012335b325f8ef31d939b9809c25b5b7e685ef24bf256df88214b72ac64d1352d3a362e75a09eba95a8ab8bf1e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d9e9a37b2768743760f4b3175fb9fba2 |
| SHA1 | 488dbdac2232500679d53dfcccc8f91aaed42ae7 |
| SHA256 | 1c6ff4cbb783f82e99441bb5e03b2fc334a765cb8533642e674315af942fb265 |
| SHA512 | b7171bfd91604681fca7297935ccabcd78c7618fb81a1e567ba0b9a4522133a672414f1b9f066a011b5fb757656eb0f6e6658191f84ce95554eefc7b7016e405 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0759b769e8cbb79b3345b52de6c004de |
| SHA1 | 21a9ea3f39ca5fd55ea0bed9e1fc85b820d7bc01 |
| SHA256 | 192b8b30b1dc89d6dcb176af00b083503e21805f508296b3ff078ce3ec3f1385 |
| SHA512 | 5efd89f01b27d0fb130361f2d2bf269418c5f0a001fd0c13670977ead3889a71dc38e6c72368b0eb8a94a4bd91e5d6e67c19f814bc243cfc2e5110b3afdef176 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9265c358710332d4d43fb2459bc29594 |
| SHA1 | f170eeeeee51ab0b39f29c3ec5229f1d3062c281 |
| SHA256 | bb4515168d8e05630d7f0d49de997c8eaba5e82d945684482e02b6c1bf7be70c |
| SHA512 | 16a24654987a1b7d021659c54cbfc1217244bd694dbd22ac966bd4e3e7323673f584a947ccda752f5fdd0aa587f4d90fe8a67535d23e8bf5962f7546f126f413 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e2221483a27b1b882022b94064bf07bf |
| SHA1 | 11fc527d10998fb35c79126ba9cdd8e0af63aa8c |
| SHA256 | 5e634829851735c9a3b78afa36707b1e98494eb86e9aa54380ceaeae4a64aa8f |
| SHA512 | bc8e3a9748a7abf63b4c7b562590763f16fe2d328240194f2664982624c671f02ff73dff90ac6a6bb28a5936d85710885be867268a44e8158e30a1a10452209c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a12c9433ee9267faa0e597c804b527ad |
| SHA1 | fa440eccbcefceedc89da3bdfa70a75c6bb08232 |
| SHA256 | 82ebbe658355a6cf59b46da790a18672c1749847fefcd2ed00476787fc1954f7 |
| SHA512 | 2aa0f7bfafc046f0a66af33848953c03cf5cc50a90c32c888e0ecbf169f230fc1e73907cce4f4a41cb2c2599bdfe44ac847fe158c23e8f5f4f71378ac323735d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ddcad068a3576da30a8615bce501b22 |
| SHA1 | 1cb4138cd1dc61b8b7affda03c428c9249785a87 |
| SHA256 | c8fdcb22cdc23c6ff4293ef19cdc1737c57dc55bf809cba87de93236e1ceb09b |
| SHA512 | 60ea4949cedce142dd6a25d790e0e34ae37fdd3202176a0afb3826632b1657bb24a9ca8230cf86500cc9fa96b6c9bc52ef6384d4803b0952197d52f03b381c1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fee138ccf3f0c848c268e9abc6d7dd2b |
| SHA1 | c39bbdbd2152b45a6a4acba4ca088fce5a4817db |
| SHA256 | 6d777d831c829759ca3c85031a4cb0c755ca0c19a5feb76dc89daf0611fedfcc |
| SHA512 | 650f41b3442cd1217971ec7f3f23395524a1e272fb93f77848c1a47d4082bc1eb7c9ff94692a92ea55e059a256de0be05e1374e1d0a1460488f776c725e06c7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c5ccd549a5b018864878391fe5bd2735 |
| SHA1 | e40ee3ebea02999f403e11b232951a14ae00a8b8 |
| SHA256 | 474d3e00690af6d3780349fe26114fcd82e591446df216b8321a2a1105dfc72a |
| SHA512 | a4a70d050aca481909f77dff90f7dd90d6d0e7d5168b3b8a68d7e8196b24529a9cbe1ae49b6b4506aecc1af2a61b847bea13323d315da30fb58e109afc3a6cff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 5686e7686e4fc8bfca3f2fcdee8f227e |
| SHA1 | aac156c140bb1c71176c340a586fed396202bdb8 |
| SHA256 | 6b9c3fa5332c7f38fc2cc3ab52b06dc1a4890142291defc38712b76507e9e1e0 |
| SHA512 | 9da9a5415deb016668e44177c049b6bfa36c86ae2ad63fb30fc1f4ea9420e3bc0827bbeb798490bcc604dc44edec9ee61cdbb9ac13b5d8a9cd0f6c1bda4ac226 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5e7d2d.TMP
| MD5 | 42afa76c86b4def04dc6036b46fcbfe7 |
| SHA1 | 978f08a6838e5b04a1686c8fed60870598337d6d |
| SHA256 | 1d494fb88564bd80e31754d2a47af61c2b46e088258e643b357005418f820cd4 |
| SHA512 | 7f732b134dd7f5ed4caa2afd58d38c58c3202ea564a7b6c14933044d2d9afb639239d1ae394993f5db562454faed85e2a35d73ad963714d93ffea9dc10182250 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a062b013ffd097e657e3d00ad4ded563 |
| SHA1 | 1c0810eeb0509d5edfdb0e4906fb9bde9d173445 |
| SHA256 | 9078131d67f997e932177eb00d746f56813faae0483a60560f39f3530331b8a2 |
| SHA512 | 7b86c9c74a4b0b4d8898839bc01360d6db4e82c6ab3e9d692c62d8080257241be157289de7d8a5b2a6016ebed2862cf04ae58057e9cd3c88e1f62155ccb4dcba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eb14b7bb7e19f3110a6d96a5b4285f78 |
| SHA1 | 50fa11ec00b0994c83734b8805d70728ac86266b |
| SHA256 | 36bdb35d003b82743d4279131572dc34a8f561a20a978834f6e8270191530cc1 |
| SHA512 | 45f5163b06ff230c7fcd7e5d109ae0016ffdcf271139ff7e28cb90f0bb41b31acc8736655544b8a43883854f46b5f8a1066525eac6beddf28421b401a09342eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 425ee6328d028ad0f6a030236274774e |
| SHA1 | bf48bba34be1b50b0cf7eee49484b70ddb9cc279 |
| SHA256 | 847fbe587425e13430d4b712250c6e68fab98b0910d758343690b9227260dba5 |
| SHA512 | 7125d59892a7cd1963ca3c53227d7bbc744e2afe35718c316c557580f726e1a713ced0246675e135e41e3ff7607a9dfd9c485e94d0285b157201fd7ca0f53627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 09ba428c65c2a5031c4e3f9e85dbf9f8 |
| SHA1 | 84bc43bfad99eb32e0f7b66e0cdc2072eff75828 |
| SHA256 | c5f051cd0895683aa5c829ea8ae6ee7e3f8466dea650c2a842fccecb84596381 |
| SHA512 | 679cd45b335a6cf0beec6d10534ae41cb4f97c608e706328cd1515ef424ed159314b55d4f041deaf2416623ed99e72b70968729103d5e25f52dc634a0ec0b708 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 06f570cb7bc87ff68105fe7e3d83e266 |
| SHA1 | bf618a2bbffc7204c352845042c406d2b17a89b7 |
| SHA256 | 3497435a2edde69aeb8f12b9e5aebd4df76ecd42ce8c1517103fb1bd34feb814 |
| SHA512 | 45bd19beda17ecf8bf43567d00e8f800ada08fa6d8dcea1cc2cb753fd7c4ed341b64ec138d2bf592879def0c51f6e52e34ffed565f8a8298b7d962f24817b29d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 6fd3ea008e48e352f15975f96ec1f51e |
| SHA1 | 7b91f69c379b990b0cfff18a27603eede5b2fb23 |
| SHA256 | 49cd6d544771433d9b3f07ae306465a81f7a15c86795f87b88111f530b6780d1 |
| SHA512 | e2cdab7b2218b5c0b98cc902c7d8d631bb2d46f97b247419960fffc1566899865f98e641ca33557abb4700182ac3e42d76b4af41a4efd2c94db0db131310048d |
memory/3952-4010-0x00000266A8720000-0x00000266A8730000-memory.dmp
memory/3952-4026-0x00000266A8820000-0x00000266A8830000-memory.dmp
memory/3952-4045-0x00000266A78F0000-0x00000266A78F2000-memory.dmp
memory/788-4047-0x0000000005FF0000-0x0000000005FFA000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4196736dcdae7d8aa1ea1bef224d7bfc |
| SHA1 | 11982ccdd9b7587225ed8f03c04edb5ad78899bd |
| SHA256 | dbfbc3ebbfaace7cfdd83aea25494edce763958fb808563489dc7abdd70772b0 |
| SHA512 | 6e0309750955f32c9005097d961b26f9da6b40f640c491947e07158f58969fef2cb286b0fa4f1f360dd72f872df054af4d59d5ce22130ae252a875c30bec6359 |
memory/788-4071-0x0000000006060000-0x0000000006072000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\get-intrinsic\.nycrc
| MD5 | d0104f79f0b4f03bbcd3b287fa04cf8c |
| SHA1 | 54f9d7adf8943cb07f821435bb269eb4ba40ccc2 |
| SHA256 | 997785c50b0773e5e18bf15550fbf57823c634fefe623cd37b3c83696402ad0a |
| SHA512 | daf9b5445cfc02397f398adfa0258f2489b70699dfec6ca7e5b85afe5671fdcabe59edee332f718f5e5778feb1e301778dffe93bb28c1c0914f669659bad39c6 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\hasown\.nycrc
| MD5 | c2ab942102236f987048d0d84d73d960 |
| SHA1 | 95462172699187ac02eaec6074024b26e6d71cff |
| SHA256 | 948366fea3b423a46366326d0bb2e54b08abd1cf0b243678ba6625740c40da5a |
| SHA512 | e36b20c16ceeb090750f3865efc8d7fd983ae4e8b41c30cc3865d2fd4925bf5902627e1f1ed46c0ff2453f076ef9de34be899ef57754b29cd158440071318479 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\has-proto\.eslintrc
| MD5 | c28b0fe9be6e306cc2ad30fe00e3db10 |
| SHA1 | af79c81bd61c9a937fca18425dd84cdf8317c8b9 |
| SHA256 | 0694050195fc694c5846b0a2a66b437ac775da988f0a779c55fb892597f7f641 |
| SHA512 | e3eca17804522ffa4f41e836e76e397a310a20e8261a38115b67e8b644444153039d04198fb470f45be2997d2c7a72b15bd4771a02c741b3cbc072ea6ef432e9 |
memory/3968-5029-0x0000020EEE380000-0x0000020EEE480000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\Monaco\fileaccess\node_modules\vary\LICENSE
| MD5 | 13babc4f212ce635d68da544339c962b |
| SHA1 | 4881ad2ec8eb2470a7049421047c6d076f48f1de |
| SHA256 | bd47ce7b88c7759630d1e2b9fcfa170a0f1fde522be09e13fb1581a79d090400 |
| SHA512 | 40e30174433408e0e2ed46d24373b12def47f545d9183b7bce28d4ddd8c8bb528075c7f20e118f37661db9f1bba358999d81a14425eb3e0a4a20865dfcb53182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 017b46f78b64ad3243b2297fc6508fa0 |
| SHA1 | f9a978031d8be386fc015d410d69a640fb13797e |
| SHA256 | d706712b96a38f2dd16d56bbefff2e19c24acd5a4967532622f336c269218439 |
| SHA512 | 2e3c46a39f3e64fe0987544e119ab765dd94ff6452f0b7da9e3966419d7a9896c7ca318f7a8e4d72cf41d9c17bc29b5726b428220e1529cfe9ccc4a2cb480665 |
memory/5216-5551-0x000001C55F330000-0x000001C55F34A000-memory.dmp
memory/788-5553-0x00000000738F0000-0x0000000073FDE000-memory.dmp
memory/5216-5562-0x000001C57A720000-0x000001C57AC5C000-memory.dmp
memory/1944-5563-0x00000133E0F00000-0x00000133E1000000-memory.dmp
memory/1944-5569-0x00000133E1090000-0x00000133E1092000-memory.dmp
memory/1944-5567-0x00000133E1070000-0x00000133E1072000-memory.dmp
memory/1944-5564-0x00000133E1040000-0x00000133E1042000-memory.dmp
memory/5216-5577-0x000001C57A3A0000-0x000001C57A458000-memory.dmp
memory/5216-5578-0x000001C55F830000-0x000001C55F83E000-memory.dmp
memory/5216-5579-0x000001C57AC60000-0x000001C57AD62000-memory.dmp
memory/5216-5581-0x000001C57B100000-0x000001C57B17E000-memory.dmp
memory/5216-5583-0x0000000180000000-0x0000000180AC0000-memory.dmp
memory/5516-5586-0x00000246F8E00000-0x00000246F8F00000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1eca1ce98ef115ca2a90c3ad437a6283 |
| SHA1 | 8b252eebd939e5d1f65e16c51cd09cb5ce0b09c2 |
| SHA256 | 6a11db6cec7a5040c98692b3851e480fcea10cb7109ce8ac9b75eaec75f585f6 |
| SHA512 | 28fa77bba80abcddf278567f23018b4abf02d4bec5a030bd4fad35c8c6078d8e4bd7df0d434560fab5c8d21ac5c76c07f16e3282f866f2b752030605549bc70b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9d21dc3ac92c2c4e7425743311252077 |
| SHA1 | bbe074f296959c04410b035091d5dc9cd9391c63 |
| SHA256 | e878e8fdd4e86418d4da5500c551c7494973b66a76b510a559585ccc50ea8cab |
| SHA512 | ff5027b12ca4d6474ebb7be1cc8be71523346b3b90157ec9fa3a48164545f1dc81c906e05a7fda155852cbc4f27a17626aef2db2026e6e5463b732884a58ec51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 243eec43309f5c89c7077c57c2ade524 |
| SHA1 | d93a920257f8a6fbdd8b5f5f0aecd1e5206417b2 |
| SHA256 | e186645fdaa5d4b68bde3a7d7abb8b305608b70c765da4a26455874bb55da15e |
| SHA512 | e8a7bdc2b2acdc2382dd0d1a015da143cd963006e8d27c515e030cc4920413118645b1aaebc3d0c00b81d8619bead56bfbbc9b22762301f07c80c0e3cefb205a |
memory/5216-5619-0x0000000180000000-0x0000000180AC0000-memory.dmp
memory/5216-5620-0x0000000180000000-0x0000000180AC0000-memory.dmp
memory/5216-5618-0x0000000180000000-0x0000000180AC0000-memory.dmp
memory/5216-5621-0x000001C57A380000-0x000001C57A388000-memory.dmp
memory/5216-5626-0x000001C57E3F0000-0x000001C57E428000-memory.dmp
memory/5576-5628-0x000001A7CEC00000-0x000001A7CED00000-memory.dmp
memory/5576-5644-0x000001A7DF6A0000-0x000001A7DF7A0000-memory.dmp
memory/5576-5643-0x000001A7DF440000-0x000001A7DF460000-memory.dmp
memory/5216-5642-0x000001C57E700000-0x000001C57E70E000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF6E85DBEE830434CE.TMP
| MD5 | a6656bab3b17100ef39f0516e389356d |
| SHA1 | 100c11f9e8e42e2560d3786a5cc3b7b5b569ce4f |
| SHA256 | 94653a373238a63ede3a8a9d2cbf9e9e8183d0864547d105821445aee11628aa |
| SHA512 | 9323527afa02edae9ef3c845ac22918069c5f08bb47dd03b4645016c00a97461013fb51ba2ec1a35bd92024f52e9a28a6980abb0169ff65b944338eb7187ce9f |
memory/5576-5658-0x000001A7E0040000-0x000001A7E0060000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Crashpad\settings.dat
| MD5 | e580cf17ce048a4dce9cded0c1c7b903 |
| SHA1 | 1419211cbe718f4f3d93d3b517468cc3f4a87d03 |
| SHA256 | 311095de0d55d268c468b648fd496cfd0201f83bd04d717e7f749b6e773052d6 |
| SHA512 | 6f8c7ebf6db9c70edfab84f8d3b4529f65c7b49ac9208d8fcea182b6c08c6223ca1ae8c2cf48165755793469434acf35b15e3e1a51a553ad59be8ab83a6a6fc0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | a6eed8ba08db19f740b65ac5cc90732a |
| SHA1 | bb2a1556df5ac97a886ec4722983b884dbd8197e |
| SHA256 | cd6f740ca18faf1ea543b0fa1f208197b7cb8c1a5d18581e8926a9b3959b7345 |
| SHA512 | 43abe3494a98419862ab58f196ce5347e459a1a429f3de11ecdbaed0c27d128134eccee63b219123c558cdb054a98568c7d3492fc51e00a40bab2491a1849bbc |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | 30bca7fbb836991158a2a89dfdb8bc9d |
| SHA1 | 6bc830bd4dac431511ab7a9b54a1d5539cb2b63f |
| SHA256 | 9fb038fccc09cd2e8d5e9b45c023e86d8b15d74a5c55b82f85f56eb2b61fb6b0 |
| SHA512 | 53dce80e6f9278f90169e6b08c0fa2aabdf7d50dfcbd016d24c5c4daee5429973019b7c0b7d9513e57ad116f56a25844e764df59df620ff487156ef693db1e45 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\shared_proto_db\metadata\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | c4b97db05e99a748ff4f58295ba302fb |
| SHA1 | f453b2709396ebaf2ce0602c4d822ae691eb796b |
| SHA256 | cdb8cccfbf4dccdfb293e33796ae079e13ad1488c25e3b20b7d9dd369be33b30 |
| SHA512 | 23427489f01f8ca6c1d47b58cfd10c52c18054349e7e6b204dbc07154ce3d31ce12ebb81c02bbf70e820bbbb88071e062bfbc0460362c5475f98b4b703b10d1f |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Extension Rules\000001.dbtmp
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\GrShaderCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State~RFe5f2bad.TMP
| MD5 | bbfdc8ccc5d7fc7127ad4d750777e664 |
| SHA1 | 7e091890cb715677a79824217496463833c5ff72 |
| SHA256 | 38eb752d163f8662ddc1e3b4fdf9e2a5bb8c13145cd7fb515ef7dc3c50ce1181 |
| SHA512 | e9d9ad41877d6c19679b091bcb6ae069ff793bbbda6fb966798ba6d1ef85eba3c86f2488f4e6bdf64df4243633a68425fa11273cee7a0f6ebd344b143c68fb42 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\GrShaderCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\GrShaderCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\GrShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 16059b9632ff2fa75d05b84aeb788643 |
| SHA1 | 56893b2d8154df8a4b7d8961680aae1d25a3fe0f |
| SHA256 | ee65f5d48776f05cc3abc7902893354286486a96a20dc7b54d13dd458330c733 |
| SHA512 | 4a981afdd89671ccd270b462fbfcd31835000a9c2db42458f97fbdc7c8a59b778a2916e9add681e52c3369bf958b06283a6c50c612fb1b2c677e8faebf43a0fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d7faa2238c1f697b2d8973213eb5293b |
| SHA1 | aa0d938d0f86ea5598ca4c31bcffe11c3bac915e |
| SHA256 | ab359bcff0f7a57e23dc71031cea6da1ac28584341f5e547dbe8e6c5d3eda3ae |
| SHA512 | f760529c02c6910fea91edaed848a320f5f857ed2e0f324b3276cd112cc7777dd232a3c77d8381b1710dd0e6091177480c3e6ccf4a6bb05ee716ac4e066bd9a4 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | 176d34484593a4b15075864117c84c3f |
| SHA1 | b0a0c84a32d8d976f9f561c26336be8ea90f5dde |
| SHA256 | 223942c117ca39ec6b018b52f559e82c5e110b5bf2da086a1d9bb7729493052d |
| SHA512 | 85261eb0774e2d9c123a7c3a764212d8bd6548d663421e6989ebb6128d72d39e6e02634d8585157c29302e82c214b9e5d6f803e56ac5bd0cc508886cfca51b6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 8ef55859ae329cfe96bf819cabb9b05d |
| SHA1 | d506ddae246b967ee4287f3a55a1f75cc3f59830 |
| SHA256 | a38119ce927f5dd9c7c8be6492db32b3c92b0ff2197d55346184485de59e4e83 |
| SHA512 | 9333cfd26097ba84d0b7d0387928d0437bfd45017547270e85be0c1d2a5b42c11de23f3890e22b45cdcd3548ced0cb3bf7810d74121531515a5c8d0c6a897a78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
| MD5 | 803f8039e39be49e6868f72e111204b8 |
| SHA1 | eee00470cd5d8ef295d1d0868b5365c279155eab |
| SHA256 | 7a35d13767a17da230a6a60334a08dfa31255de7acc764f70d220d9b9f1fa24c |
| SHA512 | c735f804e9ad4b177e5605b7105b324659c13f9b5e53db91a998df9d677a9402c45de69aa99a84bc27c668c94db9a3fef5c718fab34c23aff2a20b6a7fd21634 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 8d92ec7425e786ecbec969a875675767 |
| SHA1 | efe0e19dbb97e1a567efd9eb5223e6bc2a616ca6 |
| SHA256 | 19624b4ebd18fd6399e640b32226d950ca17274158509fdd3d5e9a8063d082c7 |
| SHA512 | 41a2eaed65990b62a9f68ac9c3ff7994ced066e553bae546bfcf030edfc4a281eaec4b00d0c797f792df0727923a1a598dfec98b28366e91c64c1e0c24a2332f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5f5abb.TMP
| MD5 | 0d6d21bdaa08646bcaab7b96e0c08e71 |
| SHA1 | f8b7961e5c912c88fdded31a0f2fe4da85f1c1f1 |
| SHA256 | 924ad4a3795d044bce2285fcdf06f70c161d1fddb101ef4ee62e95e0f9c08be7 |
| SHA512 | bb9ae955cd561d3807d10701123ac7ce429717bef75a6f039c77b953a08086b701feeed89980d4f565744b7ca6f6ad05431ba259154fc6c18bd36366cef3c553 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e9fcb34cc698a15ddf6915bfa0ae7835 |
| SHA1 | c595273e8bbcd5e20359342336af7d65021e5fac |
| SHA256 | e7990656565029d692a910c3c7d3d7af38895c93a77c768e31b01f584157b5e6 |
| SHA512 | a00ccefe506d01f4aa0fd49316d933368aa3966ae619037732f3661cf6a7ee6f0ca1ad4dadde191651229c70ada3b19b9faa8badb82813283503b516dadcd7de |
memory/5216-6198-0x0000000180000000-0x0000000180AC0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 90e79a607a972219b2b0473c172d9c18 |
| SHA1 | 959de9762e918b93908343855234b6dd219ac95d |
| SHA256 | 9ff5ffd11bb353fe6d5892b555c94747c857eb9747e7eae2534a2a55173ab063 |
| SHA512 | 8658a17b36dcb6f1053914e91ed016f29fb6bb7163f0e7f77fda98b335034e6d6669c55d2a6dbc88518579a5337c89d2a7a7367d350cac2c631525413392833c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\9f030f68-9b29-46da-825f-88577454bd27.tmp
| MD5 | 6f11e2ec5ff9d00c13c2cbbdbd11f261 |
| SHA1 | 834f1d825b2527f38b9ff97a36e5c877a5d00f96 |
| SHA256 | da3f292b1b6c8e519aefcc1784cdb0e2f13953eed9eb503911cd4e59ac6de820 |
| SHA512 | 10258dd2ec716d4597eddbc2b6ffc6ce5e3ec3f5a64eba6da1d4b91ba6e17411cc4f266761bab30bd08c03d139d9819721d4fd7d088cc975e5e526c3bd7ca0fb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 73255211717f473d4e300f6c884b3f04 |
| SHA1 | c760c398cabee3c21f2e0e6272d0f157390bc2d6 |
| SHA256 | f9c1f97f7197092ea679172cc36d716062ff0e93552c50c1d4eb00f2d23d6d2d |
| SHA512 | 0a515af3c619c9096709cbbd5258170eec806acc8d601fd2cb9a3bf97c826cea435892eb978e37b5a4924f9cfa70bd13dcfc716c73522be17d6e00aa2e35655b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\544ef719-0737-4c82-a806-673da90866ba.tmp
| MD5 | caf33fc8d31a3103eb2f50ceced649e0 |
| SHA1 | 551dfa721b40aa008a84708404ec4da25fa92df0 |
| SHA256 | 3f2e0fbbf0d2cf36291becc2c24a8f560167064b6f5c5acc3ec0e2e68b0e64a8 |
| SHA512 | f96c5aa8355e72722bc9725189cc7a0f33d33e0463c33ca2229080c8d0ae6563e7d9a7a97ead0e1deb8af80c589f7d71e274b372181de24798067820e4125aa2 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | a0396f9bb5e0144808cc7c7fda47e682 |
| SHA1 | 76bef1c55c6f288ca5988d344c4e92ee8f3a6329 |
| SHA256 | b5d35eaf2ca4befb5ac6de8680609c9a86fdc257b49d21ce4c8d17eddaa1b51a |
| SHA512 | dd49140d4661d813501d67c44d5fedd6bdc7ce731242fb33973b0b7a5b603344682fe1bc393fcf9fe3f5ad10ed9f1de7dbc42c66ec16b84063fe535f288ab7e0 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | f899ed8284f9df71e4dd43b152dd60e9 |
| SHA1 | 715796f8e8c83699dc2672f5acee91dce08715cf |
| SHA256 | 8d886a250762d21047a8a579251909225f5adab2e372a7f03e2c1c8c3d294152 |
| SHA512 | 49b6ec6cc9b7256a19ec18ae5045fb01118b5ae1b2aa5b6e4d9b66daca8b7b3dcbfdde84c20a416378ece260fbb06addaed2c3d6af7eaff4958934fbb81dd796 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 94d10ad0bcc804c8b057d31f52e40c02 |
| SHA1 | ebd465625eb19813e1de5154f20fa83780c719b6 |
| SHA256 | 6dc6002ac10dff1636763662e767918c4c198ddfb9f5a6c7c29f4547d47c1ff3 |
| SHA512 | a4969efa502c3fe4dec749093aca5ea885140e31b23bec1ab097a4501b0541e89b8d62f5eaacf11406b8eb22e510ff6a105c614b80501a005c1f7b5467ec4c3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 821b6aa2194e57bc9108355f61a544ab |
| SHA1 | 7b67d249903e5fa83679820839c5668eeca172e9 |
| SHA256 | bcbebb9f91f8148bc32efd541cd9bb91d2916f312e8c6168d0113ab6c711bc6f |
| SHA512 | 55bba91540c823c4142e3251b951eb2c482ecfc1449186ee5877bf9a8b7d11b442969ce373a09045789fac0bf4c3c565c5aab426b479ac957a52bbf9ac90d36a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 5c170a38716a2e25a429dd114f500684 |
| SHA1 | 88075ebdaea7a9e71742c84328817025317aa9cd |
| SHA256 | 15a3fc3702d52ee6372525d8be047466044dfdbfd85d098e3fec6703caae3e95 |
| SHA512 | 9b5e982d7fd5ba5585d6f17a4c06445bcb36aa3ab4435c6dbb3e21b3b5c7f85a4181f24896a6e74f324897ddbf5151d77b2d908ee3a2711133e64ade83d54bc6 |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\e602387055ae7b12c23fbeefeb417682
| MD5 | e602387055ae7b12c23fbeefeb417682 |
| SHA1 | 4efa866cca9693eafb65a6babfebd64bf99037da |
| SHA256 | 8df68686863894e7f47069b854d07d6eb449269f527c09433495efb130f33dde |
| SHA512 | 87ee31aaf7929c3ef6ddad322727185efe0702f239d81eeda85ff0bc5c873316a660129aecc3bde5809de1449efd5de0f458db27610d126a69dddf35d38c27f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 04397debe09728e3a9fd546878482228 |
| SHA1 | 83b97fa87712343a373a66e32a83dacd64d7960d |
| SHA256 | 21cbecfcdff7ca905c4dcf3e3b6fc31f52b1050498bf74720038fd30badca132 |
| SHA512 | d01e84e532f66c4a0b64023e0df0ed4dc29df52482a985c9b473683830f55d635390dd8ad4bf3f523f63b4a5478f97742e119e7687d7ca11f4a5cce763f20d7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b36a337c5a578b99079b25347c603b26 |
| SHA1 | ff44e1a95066b68410d9b445940ca09620090afb |
| SHA256 | 633271aa23d9294132a71583ad3ba88f1fb97f0aa0571443e347940fb0042b9c |
| SHA512 | 54e46084a23a88a186374d9b14de27c3340fa4c351cb3be4db702675d1b6ad49b697facb6b2379ecc16ca611909614630b0106a6b83351ebed55e3802f51c4c0 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | 3a4dcf533268ea9812c17499551a5cf4 |
| SHA1 | 6e1332cd37d033dae7d7ab5fd4e2d65bfa587203 |
| SHA256 | b4cce2e267372ade79f5652baf97ee6ca08338de7a22f8367b562dafa744ca81 |
| SHA512 | 8d232bf8bdaa3aa8fbd444fb975a2b5714a1b63e2ba6477ee04396afd3c779a7413742f079d82e60a4562ca72a56ede148a7486339161f468736bc846994f0fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 73011e84091eec349901fa432549e7e4 |
| SHA1 | 092d51a469c82c3e0d84796c756f513ada96f432 |
| SHA256 | 8e9546da16b502d09949517b98ea28cdde0f9862d0d34cf068355848131780ea |
| SHA512 | b5089744d0912ffcae60b154477d609f19d12faa12b793455520b6b5bc2f9876c23e93626ee6484e71285a3756e6161ebf73b63254e12ad805a47c9c5c754146 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\Network Persistent State
| MD5 | 146a87c2a2213990ef4b737d6d6b041b |
| SHA1 | 8f11f860a69058c687deea3737f3faabb516b32e |
| SHA256 | 4a1af4bc43604b4d287b901726d5593dfd74a364787cb2ae049793fb4fe95df8 |
| SHA512 | 3686808d6bcf631d50f34e0efb6c59ce11c33d45402adf6a9bf36ad5ac31be81c685a9afe636a1b58ca01b0dbc704cb4b32f580fa81519dd41e247d487a49e2b |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Network\Network Persistent State~RFe604903.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_1579737218\manifest.json
| MD5 | 8062e1b9705b274fd46fcd2dd53efc81 |
| SHA1 | 61912082d21780e22403555a43408c9a6cafc59a |
| SHA256 | 2f0e67d8b541936adc77ac9766c15a98e9b5de67477905b38624765e447fcd35 |
| SHA512 | 98609cf9b126c7c2ad29a6ec92f617659d35251d5f6e226fff78fd9f660f7984e4c188e890495ab05ae6cf3fbe9bf712c81d814fbd94d9f62cf4ff13bbd9521a |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_1579737218\crs.pb
| MD5 | 981a9155cad975103b6a26acef33a866 |
| SHA1 | 1965290a94d172c4def1ac7199736c26dccca33e |
| SHA256 | 971393390616fbe53c63865274a40a0b4a8e731c529664275bdc764f09a28e2d |
| SHA512 | 2d75ce25cb3a78f69f90fbd23f6e5c9f1a6ed92025f83ce0ab3e0320b64130d586fc2cd960f763e1ab2c82d35ef9650ebd7ff2a42a928a293e0e7428cc669119 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4818a62d28a32efbdb4f71d6a063daf9 |
| SHA1 | b2a47ac41b47fd364831787ee4306cc4c6c2f041 |
| SHA256 | f26916efee3d987877a6053b11ebbb9b6e3bdb14531ec7cb889c174500fc1517 |
| SHA512 | cd5dc06f2359f10e38a732625417158578517bb1985cc60212a2956887e5bf97941ffc8fafbe14fb1c56aa7ba1d77dbafc45833c5e4d4ac3099f00006a9a201d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 215420dc80568f138295fdca6e3f69d2 |
| SHA1 | b880351713d4e25b88c2f29b944b001703d190cc |
| SHA256 | ab7a742c6a213be45f76064d9d70045b69524dd875d238a2d7a13585167951e8 |
| SHA512 | 84d51f9b4ee36a1a8781c4b0f8e369966d7c8179b588ac178525e1098a111bc9faaeaf8a7ebeff965d34f8b1ef32fa4ce704d4f6992f8dbc0e6ca4739da602f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2b3ade8341d5242402074243fda3b834 |
| SHA1 | 3c575b2c22bbcaeccd618617fb36560898016424 |
| SHA256 | 37a3c8e7b1999fe727f48378f17fb3dc3a342c47ce2f572942d1ba4caf7ced87 |
| SHA512 | 5872c51e5a7672eeb64c2c399993c781bcdcc0a134a7af9fcd7b834bff6877403b7ad3aec281e21a854defd7b8b3574b978012ef0306d415246ae0e32cfd633c |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_479373117\manifest.json
| MD5 | 9f334804d984c140e3eb9644171ce6de |
| SHA1 | 3f24cca85f25517e9ee9cc6bfcee4f10169f5376 |
| SHA256 | 4fe9e95540546ad31adbe93bc4780aeb381acc9c769422a8f8aec9a1a5376c79 |
| SHA512 | dec0efd18a63abf3368ccd0122d4d461b68c92c20961416c22f28c5b9d85d8f06779436b1b992e315fe649557f65e51512a74e7642a5a5dcbba9a69c6317ef8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 67e5694dae1321ba4ab22aee04c930a0 |
| SHA1 | 7b073ec76e7683b4543d82b3f32be06e51c19641 |
| SHA256 | b915fd3b64290040130f78e1d15a6fecaaebfad17e44650561870b2f70c102ed |
| SHA512 | 62b812e7660e0985eb0e7c245bd1aa16525a84d06926219f96e857c520b7d8d2cfd0bdce2e263c4325819003af6423ae95e4d61efcc6554a7b0028765070b0af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3ad038c03a913f1f82a03f653fa481b5 |
| SHA1 | f7169dbea0f5fbc5118a68395af9579479786b6a |
| SHA256 | 3af7cf507352f9202436a19c0c98f5368b1fd22a9ae6e4f0bcf554c6f80950df |
| SHA512 | 390d8059d9d7584bf0753082cf094afe9c28770a9a7a0ab89d6e9d66ef4ec3ad920d82669d18ef2202d40e26619f962599dc6a74fd30cfa29043410ad5430b56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8c1fad1308bf9bd9564266ecaab25204 |
| SHA1 | abe0047b4e2c941c8edcb177c50553764b960322 |
| SHA256 | b5a6c563d88da342e13eace5a4480f5d7490c8d412e089830621062c8f91c497 |
| SHA512 | f57a78153e36b05768c4f084e4f5074270260a433cf83907f819f1a28256dd8c95da35749b9381af19b8c9d233bdbbeb1edc38ae69669c2815546a499a3a7884 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f447d36ea2974bf58c8050bbd3d8c663 |
| SHA1 | 5d3feb34add864a03c220fee782d1b06f7728330 |
| SHA256 | 729dcab6c9ed3fba1a5f24378a36e481169a32d871362c1af41d47d7bb04f24b |
| SHA512 | da5103facde19b66c660e5b896b1c971a8db491eb8ca764461f8656624e90b20826a3c7acfc365259ea92803b3bb7a6980281066fdc0ac2a78e9aa66c1c3200e |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Default\Preferences
| MD5 | 0f9e9ac623aa587412013311d2691f0e |
| SHA1 | a8786b6674faf77d87d4d6a72eb0467cfd17d28a |
| SHA256 | d776346cec1bd4009380f376a4bf5cf54b8bbad7678425e703a665b03f46f928 |
| SHA512 | 826368ba40bde47d312304f1de1de9f56192632f0cfddf30457751311ba65ff1ff5415775b9b38f0cbc97d6fdc5efd583c526dcd374989f1c0c050021ea58c5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0f67add38f0f4f5570f6833e5c74576e |
| SHA1 | 4cef5270a78623339b7a1c54fd414d35784e6131 |
| SHA256 | 2f1485b85fdc2c2158e95eaa7b2ff1848115588bd68743ab7ee57c5b33cd15f7 |
| SHA512 | 3c2eb4f39d1ce9ac86e40b0d7a2de3bfb285f97099dd22d31ca7eefc42566718008407a103e7819683521fc721433822fdb640655b0eadc728434464d984ce69 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_1357807766\manifest.json
| MD5 | b6911958067e8d96526537faed1bb9ef |
| SHA1 | a47b5be4fe5bc13948f891d8f92917e3a11ebb6e |
| SHA256 | 341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648 |
| SHA512 | 62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062 |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\CertificateRevocation\6498.2023.8.1\crl-set
| MD5 | d246e8dc614619ad838c649e09969503 |
| SHA1 | 70b7cf937136e17d8cf325b7212f58cba5975b53 |
| SHA256 | 9dd9fba7c78050b841643e8d12e58ba9cca9084c98039f1ebff13245655652e1 |
| SHA512 | 736933316ee05520e7839db46da466ef94e5624ba61b414452b818b47d18dcd80d3404b750269da04912dde8f23118f6dfc9752c7bdf1afc5e07016d9c055fdb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 84cef5c7a08fc83900cf45ed47b994be |
| SHA1 | 2317a80a9e947ab51bc5376ab55f742d41261129 |
| SHA256 | 45b281687b064a9603eba023ff01a0c4969dc694006a503550d9e0eb8110e147 |
| SHA512 | 10ada58b86f83d447a5fd52867c9c4c9b6f559015c1bce8c062918ae9b0edd73e7c7f157634a2779cb2f5b706d5d3aa09a62c2aa1c221878a3bdcc5d21d1efa2 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_266246809\hyph-as.hyb
| MD5 | 8961fdd3db036dd43002659a4e4a7365 |
| SHA1 | 7b2fa321d50d5417e6c8d48145e86d15b7ff8321 |
| SHA256 | c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe |
| SHA512 | 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_266246809\hyph-hi.hyb
| MD5 | 0807cf29fc4c5d7d87c1689eb2e0baaa |
| SHA1 | d0914fb069469d47a36d339ca70164253fccf022 |
| SHA256 | f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42 |
| SHA512 | 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_266246809\hyph-nb.hyb
| MD5 | 677edd1a17d50f0bd11783f58725d0e7 |
| SHA1 | 98fedc5862c78f3b03daed1ff9efbe5e31c205ee |
| SHA256 | c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0 |
| SHA512 | c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_266246809\manifest.json
| MD5 | 273755bb7d5cc315c91f47cab6d88db9 |
| SHA1 | c933c95cc07b91294c65016d76b5fa0fa25b323b |
| SHA256 | 0e22719a850c49b3fba3f23f69c8ff785ce3dee233030ed1ad6e6563c75a9902 |
| SHA512 | 0e375846a5b10cc29b7846b20a5a9193ea55ff802f668336519ff275fb3d179d8d6654fe1d410764992b85a309a3e001cede2f4acdec697957eb71bdeb234bd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ffcf66b9024e6ba465ddf0daf4e713a1 |
| SHA1 | a34d0e7c83796629c92c9c0482032bdc7cf53db6 |
| SHA256 | a7893f5d911576f8738172d67983e885e09726fc91d757a07c242af2621803d1 |
| SHA512 | 6ddd2d2219a1b2c4ad9b86c130a606095369c8f7b26c047dab2940fd934f60c6a44e4f5f3613c795371ae3f7b1290b58f1484d263f0a3a7aee779f8d1c1c4a39 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_132281605\manifest.json
| MD5 | ba25fcf816a017558d3434583e9746b8 |
| SHA1 | be05c87f7adf6b21273a4e94b3592618b6a4a624 |
| SHA256 | 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11 |
| SHA512 | 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aa341d11150e337e646b20a5a4069282 |
| SHA1 | 848b684633c89a2c7daa0e3f7c27bb4898889716 |
| SHA256 | b20e68ae1d017286ab385fe8cdea89fcd2701ea91fc19c98abffe5d6022b037b |
| SHA512 | c2af6f342f29120eb740b611c94fe6d6dc5e1bf90fa80d0f4e8871dd3ee5cbacecd90f5f4ddb0344d025d609e951ceba3474c87cea0d75236c42de53f40e08f1 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_1654256483\manifest.json
| MD5 | 178174a0125d4ff3ed5211426f1ea113 |
| SHA1 | 26f72c5a2f65c767c4edb04d8da62bdadc02e809 |
| SHA256 | 64986dfeefa8855069e799b28e5523b35c9efcf2ea152a2b03461471c218da1f |
| SHA512 | c0d1d9555f4cd7e9a4b0ee5fc1b069782638ba1680d18ba9c83f796746086b6afdf1400c80b7f586422c3a2a73e51bd04fb250e2db818ef723cb4f7a8b3b15a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3ac00d68ba9d78b729cb4a09825e7c64 |
| SHA1 | bd63bab29f0b06ee5592f831de9a1c5572010a78 |
| SHA256 | e66f5e51e54782c2038c5c4ccf48d9aec5a3f069ef46dcc57c172a3669b11064 |
| SHA512 | 9b53981075ec5725b69c5e40518ca25b062d1cb0223f8de85cf6bfdd28041cad6589d2c7678bffe4d976d29121c189a8d8ed7bbc7d1f1b4c5739c400c3a32c61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1818dfee-3f92-4d3a-9ed3-2dfe02b1d129.tmp
| MD5 | 8403f59d01a2d5979fa7f1b236debd03 |
| SHA1 | 08cce29d8b8023c6cc5f0338e4f93b028b39320e |
| SHA256 | 3f81ea403fe8a9f779bd5e3c3cb439cb076da0250c91214e953cf01455a1d0ee |
| SHA512 | 6f167c4626ea467c0d2bd48440114f915bb295fe5f4ea5c4ff8b0977e14b93364cc1704884653b8e2f7ad15c8945c416084e702e160049e28d62524776b90745 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 259dbc508dcf90a753ae69b2917ed1e8 |
| SHA1 | b4f84d021ccae28fb71a2c463e76a977153db995 |
| SHA256 | 1a417d82989dd74c232da4ce0361e8311f2b92de1add22330b64b3cf630c0db4 |
| SHA512 | 9304d5e257c080aa103af44ee84cc670cd1eb5f1c47bddbef8e73878a31c33fecd1b857b247b4345e98be033795815f2886d48388d0f58e3d060ac9d49b83f82 |
C:\Program Files\chrome_Unpacker_BeginUnzipping3708_495507261\manifest.json
| MD5 | 55cf847309615667a4165f3796268958 |
| SHA1 | 097d7d123cb0658c6de187e42c653ad7d5bbf527 |
| SHA256 | 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877 |
| SHA512 | 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 272419e4b87666b30fcba25f0298a377 |
| SHA1 | d6f60d64928048f0bd48f79d2a4db1a74584ed28 |
| SHA256 | 85ba4dd7f1767341644beb636ff958630dd3882fc93594e71f00cc1ddc55c012 |
| SHA512 | f29cd1888daaa265b66ce0cdb7c0994243b2371efa10af66805b4193ae7b680b4b16932a80cf9bfd6a4f08422d30153533423a710ba56fba740d6eecc0f76e04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ac1d6479fbf86d9f14d108b905ecc4bf |
| SHA1 | 5cf8864b2662418bb59d1d065291300b38d04db8 |
| SHA256 | 9ddd714fa912f21fb087f40f5dde58ecdf5750af4cb8ea1f2a5db4b96b947894 |
| SHA512 | 20e4f8792caa25d51968f400cf36bbd979c55d511e30a64179bc5b89275086546b7e5839d95ae3fc6de7cb24d0694dcc9c85db2686f4500c1c7224d48edcabc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d7c482231b8742438372fabc54ebeaf1 |
| SHA1 | 96534882efa95ec750a280674a7e5f02a008a52d |
| SHA256 | 670ba4c0cfd93469d5fb2cf6beb0187e97c42400707ade3332b4dc4b27a1dc29 |
| SHA512 | 27eaac11d2b3f6013110fa48008f549e439c1535b65e14aa5b671f640fbb7bf4d34efb7d4b01228104a0d589154d72bb383d70b28928e42355d6d29a79c7909a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 65a2f0b2a9772995509cbad11637481d |
| SHA1 | 984addb7188114e65d716c9f7d573825d897d3a0 |
| SHA256 | 6e119b46f1356e00b1d94a40be770d95373293aa717b6c65053e4675e892027c |
| SHA512 | 48376ec590de628a4850f6ca131da5193f5376882c1b0ef301c0f0176e7ef602fa001dd7bb6d7d14a9ec6bb9caef14fdc196b54c2eb6f6447f696c5224d018c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a97532291ce02be6de99d08481212b60 |
| SHA1 | d7cbba43032b263c537ffa6c1b02a81e9e383721 |
| SHA256 | 45593adf6bee22894c47087f8e5b3f2cb425870f8a71121cc8f9ebf2167e7f1e |
| SHA512 | 0ca397e598a8ddc9f03298c52260cf1c95b8e1f189a1b30e45d3683583f0e1b1edfa603c52f4d2a7f9318cbb6a05b685c2ee86c84605c052bfed774d48e4da09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7cb735da70eff871c251862a99299c8a |
| SHA1 | 7f125cb8b166e6015328ff9c5112b9a8c487da0f |
| SHA256 | 3b3ea7c9781766c2c64c56dd7fce7db7970e142bc751c128bc10a105cf647b9e |
| SHA512 | 1bfa43daa2c27a95cbd6f98b477d00668b0f0622babc6c7dc2ef4d4a72d738115e6c5a9b503b22fa6132c323fbe6e069f664b9f661291570288da49655f14a93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3c9c46104516b492d5ebf807519f032d |
| SHA1 | 6472c5632d122c1ef303cb2bf170a16846377812 |
| SHA256 | 3cc566fc26b33ed24f6be761ebfa76c2eeb2dc0a5167e8c9696cb1ce332e06b1 |
| SHA512 | 0ea99205b66e03b4182dd73b90268ba663090487f59168beb769d572b00affe4bead4c21e7774be893e46c5ab934349775113fbbb70ea56cea6d6f05d8e54a6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\72401e5c-db35-4117-8088-72c483d5fd3f.tmp
| MD5 | 7eb81146bc8f436291bccb475a8e4800 |
| SHA1 | f0e9c7608779c3d782c61b419a2df5a88f53211f |
| SHA256 | 379e8b7ad2611ecedc77c974490208cdafc5001b96d143d137aab98d92d584e0 |
| SHA512 | 774cddcd1bf3371ced6981a617499d4a94aec0f35eea122e9b41aba94e5d382d1537d15bb60a94c27bb57e257529b1f182f7ca137d9c15df1380b751a0f18f5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d6f1683416df5fc3f64441685fc609da |
| SHA1 | 93987e7754d652eafea4ba174f6111cab7bc4db0 |
| SHA256 | c1d20510cf82c2135da8717541a49ab7763dbe02387533cb68a6f1e33a1f516f |
| SHA512 | c79ca83f326a9bca590b8b3da688fcc71df117b1421cf1a89871b64efb87c5bfdc471f8147cba03ad17dbf374e7f4e7c07f05c398fa0c6e6543828fe57c894ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
| MD5 | 71c6e4dcb559033bffb685bfcac9213a |
| SHA1 | 25f961c9654c8b6ebdb65fc84b3e218fba9fe9fe |
| SHA256 | 77dcc1c86b052027db7eeeec2d6bad3d899360ca512a5c8ff38db272e9cee5c9 |
| SHA512 | f7065427eab4f90046446685101518f036d4472bafa41da4d0c80f30e3accb19d90f29c0483ff7b95a8282d1ef68b60457818e4c1457d307208b56d536e9ac68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | bdb6121662777049aa9ed38e2dce9d81 |
| SHA1 | e83df3f30d4a863c4f04b0ba5a8712649b6a7c6a |
| SHA256 | a9632aaf66f48e8e93558d7718ce59bd98d646501f58c3cff0f126a79773622c |
| SHA512 | 2cd3116fda4c0c39dbd3a30c5e6cdf64d2e557f1c2923cd717cef06396cc77b252c6f28a6e27a6311139e5dc7a556882eb9730173bd0c9aad2181c50e92e6269 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
| MD5 | 759ab24cf5846f06c5cdb324ee4887ea |
| SHA1 | 41969c5b737bc40bbb54817da755e3aa7d02f3c6 |
| SHA256 | 7037e6c967c38477a5fcd583c74892e16b7a9066cd60287c7035bf0760d05471 |
| SHA512 | 3470ae07eb7c54feee1e791e63a365cfb0da42f570a66e6c84faf5db6bf8395173c6cb60e8c5cf28eae409f26ea5433c3c5d6ea32eb07e5997c979c6e3ccf4be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 399ec29175e024d85e1ea46ddd660e9d |
| SHA1 | fdb5be9ad9ca384f20cc0a42ec398ced59967bf6 |
| SHA256 | b1ae41e8470097eccd7ccee745d27cf23eafded4b7d7d2d9abe440a3e277f1d5 |
| SHA512 | cc3d5bf8bd16ae1104263b157b02f5a90e5904e7f79bc1a6a7c7294d49accfb7130d8ff428baf11de56503e09d930b9296af776ac5e384cdb485d772bbb89aa1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 912078abe074e2341b43fcb165175b1f |
| SHA1 | 1db93c7d17c8b473ff63a14a58d71098d0e98496 |
| SHA256 | 4bedace5274f5ee1db86dd248f969f333bb2232ff2b06c17e516d328a82c8915 |
| SHA512 | 5df3f807a7ccba978e21f9c8b05e943d12830d64a2177304045722faaa939307f69198f27310be146855074f797d78d93ba799e4e5baefb549918736ab682fed |
C:\Users\Admin\AppData\Local\Temp\Solara.Dir\cd57e4c171d6e8f5ea8b8f824a6a7316.exe.WebView2\EBWebView\Local State
| MD5 | f50305e14ec98758686cf10d0a889f73 |
| SHA1 | 3ed0cd0069cf921fce416bd95cac8cdfe91af1d7 |
| SHA256 | ec473119ba23918ff41f8f9b5a153d5d426d236e9374ebe56599d2a50d890db7 |
| SHA512 | abf95ee05d597796bf64095c4da6dca8a06cba5fffadba814cc41d5f174cee65ffc26ecb305d1df7b8a676a3236d095c7d5e60f7ecad36b1e824c9c92d39d5e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e1e503b58d907f1d958fb1dcf546cc36 |
| SHA1 | 96f2fe2d62e0569f01fc5c973d612a0e01df5f6f |
| SHA256 | 7cf47c88e061a326d16f0ddb1b55b58e63d5c610e57d1d61c2998661ddfdf312 |
| SHA512 | 2314edfc08f30affaa4f46f2af61c42f4fc93457ea06ee4ed5dae56633e1566ce5f1ec6748726630f8ea0efb54e24b4ea00c146f45d08557fb31d99300de8e3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6657c404a2239810df2a6049c1a45821 |
| SHA1 | a775035bbd81a3bbdcb1f6d2ef978f0326209923 |
| SHA256 | f7afb1ad416ad0c4095adc153936e8d539b497f2de5bb3796c1969fe775c100f |
| SHA512 | 42609973181a647abb2417c939c21e9626f80971b22314ba4ba01e197e40a6c0776244720dfc0edde26e83bbcb38115f41a62263185b4086f51f1f0ff6f6a764 |