Malware Analysis Report

2024-10-19 06:32

Sample ID 240628-b9mv4avclb
Target https://file.io/2HcJfRg1SRN9
Tags
quasar spyware trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://file.io/2HcJfRg1SRN9 was found to be: Known bad.

Malicious Activity Summary

quasar spyware trojan

Quasar RAT

Quasar payload

Downloads MZ/PE file

Enumerates system info in registry

NTFS ADS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-28 01:50

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-28 01:50

Reported

2024-06-28 01:53

Platform

win11-20240611-en

Max time kernel

149s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://file.io/2HcJfRg1SRN9

Signatures

Quasar RAT

trojan spyware quasar

Quasar payload

Description Indicator Process Target
N/A N/A N/A N/A

Downloads MZ/PE file

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 551268.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3352 wrote to memory of 2104 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 2104 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 4820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3140 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3140 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3352 wrote to memory of 3876 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://file.io/2HcJfRg1SRN9

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffee2eb3cb8,0x7ffee2eb3cc8,0x7ffee2eb3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1812 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5020 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004DC

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10608 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1760 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14550242287089428565,4706524880864263486,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 file.io udp
US 45.55.107.24:443 file.io tcp
US 8.8.8.8:53 24.107.55.45.in-addr.arpa udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
GB 18.245.218.91:443 www.file.io tcp
US 151.101.131.42:443 hb.vntsm.com tcp
US 151.101.131.42:443 hb.vntsm.com tcp
US 151.101.1.194:443 hb-vntsm-com.global.ssl.fastly.net tcp
US 104.22.47.142:443 hb.vntsm.io tcp
N/A 224.0.0.251:5353 udp
US 45.55.107.24:443 file.io tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 64.233.167.155:443 stats.g.doubleclick.net tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 104.26.3.70:443 ad-delivery.net tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 143.204.176.17:443 cdn.exelator.com tcp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 155.167.233.64.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
IE 34.254.143.3:443 mydmp.exelator.com tcp
GB 52.84.90.40:443 config.aps.amazon-adsystem.com tcp
GB 23.53.174.156:443 secure.cdn.fastclick.net tcp
GB 23.53.174.156:443 secure.cdn.fastclick.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 52.72.95.134:443 onsite-tag-logs.apps.nielsen.com tcp
GB 89.187.167.7:443 load77.exelator.com tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com tcp
IE 2.18.24.9:80 apps.identrust.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
GB 142.250.187.238:443 fundingchoicesmessages.google.com udp
NL 64.158.223.146:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 156.174.53.23.in-addr.arpa udp
US 8.8.8.8:53 7.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 9.24.18.2.in-addr.arpa udp
US 8.8.8.8:53 134.95.72.52.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 a.ad.gt udp
US 104.22.4.69:443 a.ad.gt tcp
GB 172.217.16.225:443 lh3.googleusercontent.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
DE 141.95.98.65:443 id5-sync.com tcp
IE 54.228.55.244:443 s.cpx.to tcp
US 104.18.23.145:443 cadmus.script.ac tcp
DE 91.228.74.200:443 pixel.quantserve.com tcp
US 34.95.69.49:443 i.clean.gg tcp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 34.120.111.33:443 cdn.edkt.io tcp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 apex.go.sonobi.com udp
US 172.67.75.241:443 script.4dex.io tcp
US 3.33.220.150:443 match.adsrvr.org tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
DE 18.153.141.129:443 btlr.sharethrough.com tcp
DE 18.153.141.129:443 btlr.sharethrough.com tcp
DE 18.153.141.129:443 btlr.sharethrough.com tcp
DE 18.153.141.129:443 btlr.sharethrough.com tcp
US 104.18.43.178:443 elb.the-ozone-project.com tcp
US 69.166.1.64:443 apex.go.sonobi.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
FR 51.178.195.209:443 prg.smartadserver.com tcp
FR 51.178.195.209:443 prg.smartadserver.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
NL 147.75.84.158:443 prebid.a-mo.net tcp
GB 18.245.187.41:443 rules.quantcount.com tcp
IE 52.215.105.210:443 track.venatusmedia.com tcp
US 34.95.69.49:443 i.clean.gg udp
US 172.67.75.241:443 script.4dex.io tcp
IE 54.228.55.244:443 s.cpx.to tcp
IE 67.220.228.202:443 aax-eu.amazon-adsystem.com tcp
US 34.120.111.33:443 cdn.edkt.io tcp
US 34.120.111.33:443 cdn.edkt.io udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 149.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 129.141.153.18.in-addr.arpa udp
US 8.8.8.8:53 209.195.178.51.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 158.84.75.147.in-addr.arpa udp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
US 8.8.8.8:53 41.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 210.105.215.52.in-addr.arpa udp
US 8.8.8.8:53 64.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 202.228.220.67.in-addr.arpa udp
GB 172.217.169.65:443 9dc24687e3eebe3f1ade2a8b1b71564f.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 tg1.aniview.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 image2.pubmatic.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
US 23.220.113.164:443 tg1.aniview.com tcp
NL 185.89.210.90:443 secure.adnxs.com tcp
GB 185.64.191.210:443 image2.pubmatic.com tcp
US 45.55.107.24:443 file.io tcp
GB 172.217.16.225:443 lh3.googleusercontent.com udp
GB 143.204.68.53:443 ib.3lift.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 2.16.106.147:443 feed.avplayer.com tcp
GB 23.73.139.56:443 content1.avplayer.com tcp
US 172.240.45.75:443 track4.aniview.com tcp
BE 88.221.83.187:443 www.bing.com tcp
BE 88.221.83.187:443 www.bing.com tcp
BE 88.221.83.187:443 www.bing.com tcp
BE 88.221.83.187:443 www.bing.com tcp
GB 13.224.245.126:443 img.3lift.com tcp
US 8.8.8.8:53 147.106.16.2.in-addr.arpa udp
US 8.8.8.8:53 56.139.73.23.in-addr.arpa udp
US 8.8.8.8:53 75.45.240.172.in-addr.arpa udp
GB 23.73.139.56:443 content1.avplayer.com tcp
GB 23.73.139.56:443 content1.avplayer.com tcp
US 23.220.113.164:443 tg1.aniview.com tcp
US 34.120.111.33:443 cdn.edkt.io udp
US 172.240.45.81:443 go1.aniview.com tcp
GB 172.217.16.226:443 cm.g.doubleclick.net udp
US 23.53.112.216:443 acdn.adnxs.com tcp
US 23.53.112.234:443 ads.pubmatic.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 23.53.112.234:443 ads.pubmatic.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
IE 63.35.249.114:443 ap.lijit.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
FR 164.132.25.180:443 ssbsync.smartadserver.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
ES 23.60.223.190:443 secure-assets.rubiconproject.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 34.231.72.174:443 ssp.disqus.com tcp
US 34.98.64.218:443 u.openx.net tcp
DE 51.89.9.251:443 onetag-sys.com tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.231.72.174:443 ssp.disqus.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 34.98.64.218:443 u.openx.net tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
ES 23.60.223.190:443 secure-assets.rubiconproject.com tcp
DE 3.71.149.231:443 ups.analytics.yahoo.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
GB 23.73.139.56:443 player.aniview.com udp
ES 23.60.223.190:443 secure-assets.rubiconproject.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 p.rfihub.com udp
US 96.46.186.182:443 sync.aniview.com tcp
DE 141.95.98.65:443 id5-sync.com tcp
US 8.8.8.8:53 216.112.53.23.in-addr.arpa udp
US 8.8.8.8:53 234.112.53.23.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 114.249.35.63.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 180.25.132.164.in-addr.arpa udp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
GB 18.164.68.59:443 api-2-0.spot.im tcp
US 34.120.133.55:443 api.rlcdn.com tcp
NL 193.0.160.131:443 p.rfihub.com tcp
IE 54.154.253.138:443 ad.360yield.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 54.164.16.2:443 sync.srv.stackadapt.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
GB 23.73.139.56:443 player.aniview.com tcp
GB 23.73.139.56:443 player.aniview.com tcp
GB 23.73.139.56:443 player.aniview.com tcp
GB 23.73.139.56:443 player.aniview.com tcp
GB 23.73.139.56:443 player.aniview.com tcp
NL 64.158.223.137:443 equativ-match.dotomi.com tcp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
IE 63.34.117.50:443 delivery.redpineapplemedia.com tcp
IE 63.34.117.50:443 delivery.redpineapplemedia.com tcp
US 172.240.45.70:443 s2s.aniview.com tcp
US 64.202.112.159:443 b1sync.zemanta.com tcp
US 172.240.45.70:443 s2s.aniview.com tcp
US 64.202.112.159:443 b1sync.zemanta.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
DE 18.193.153.32:443 match.sharethrough.com tcp
DE 18.193.153.32:443 match.sharethrough.com tcp
DE 3.125.126.125:443 optimized-by.rubiconproject.com tcp
DE 3.125.126.125:443 optimized-by.rubiconproject.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
DE 18.193.153.32:443 match.sharethrough.com tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 34.98.64.218:443 u.openx.net udp
BE 23.55.98.169:443 eus.rubiconproject.com tcp
BE 23.55.98.169:443 eus.rubiconproject.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 2.16.164.54.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 172.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 50.117.34.63.in-addr.arpa udp
US 8.8.8.8:53 159.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 70.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 125.126.125.3.in-addr.arpa udp
US 8.8.8.8:53 32.153.193.18.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 169.98.55.23.in-addr.arpa udp
US 8.8.8.8:53 67.1.166.69.in-addr.arpa udp
NL 77.245.57.72:443 sync.adkernel.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
GB 142.250.187.202:443 imasdk.googleapis.com tcp
US 96.46.186.15:443 track1.avplayer.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
GB 108.138.217.48:443 hb.yellowblue.io tcp
GB 142.250.187.202:443 imasdk.googleapis.com udp
GB 216.58.204.70:443 s0.2mdn.net tcp
GB 142.250.200.2:443 pubads.g.doubleclick.net tcp
GB 142.250.200.2:443 pubads.g.doubleclick.net tcp
GB 142.250.200.2:443 pubads.g.doubleclick.net tcp
IE 34.253.118.168:443 match.prod.bidr.io tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
US 44.196.209.172:443 cs-server-s2s.yellowblue.io tcp
US 192.132.33.69:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 151.101.194.49:443 sync-tm.everesttech.net tcp
NL 35.214.226.31:443 csync.loopme.me tcp
FR 142.251.37.35:443 csi.gstatic.com tcp
FR 142.251.37.35:443 csi.gstatic.com tcp
FR 142.251.37.35:443 csi.gstatic.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
FR 142.251.37.35:443 csi.gstatic.com udp
DE 57.129.18.111:443 wt.rqtrk.eu tcp
GB 142.250.200.2:443 pubads.g.doubleclick.net udp
US 69.166.1.64:443 apex.go.sonobi.com tcp
DE 51.89.9.251:443 onetag-sys.com udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 89.149.193.101:443 ssbsync-global.smartadserver.com tcp
NL 89.149.193.101:443 ssbsync-global.smartadserver.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 172.67.40.173:443 spl.zeotap.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
NL 35.214.226.31:443 csync.loopme.me tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 18.153.141.129:443 btlr.sharethrough.com tcp
FR 51.178.195.209:443 prg.smartadserver.com tcp
US 69.166.1.64:443 apex.go.sonobi.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
DE 141.95.98.65:443 id5-sync.com tcp
IE 67.220.228.202:443 aax-eu.amazon-adsystem.com tcp
IE 67.220.228.202:443 aax-eu.amazon-adsystem.com tcp
US 151.101.193.16:443 m.media-amazon.com tcp
US 151.101.193.16:443 m.media-amazon.com tcp
US 151.101.193.16:443 m.media-amazon.com tcp
US 151.101.193.16:443 m.media-amazon.com tcp
US 151.101.193.16:443 m.media-amazon.com tcp
US 151.101.193.16:443 m.media-amazon.com tcp
GB 18.245.218.86:443 ts.amazon-adsystem.com tcp
US 151.101.193.16:443 m.media-amazon.com udp
US 151.101.193.16:443 m.media-amazon.com udp
IE 3.254.237.161:443 aan.amazon.co.uk tcp
IE 3.254.237.161:443 aan.amazon.co.uk tcp
IE 3.254.237.161:443 aan.amazon.co.uk tcp
GB 54.192.137.6:443 s2.paa-reporting-advertising.amazon tcp
GB 54.192.137.6:443 s2.paa-reporting-advertising.amazon tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
GB 108.156.39.62:443 tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev tcp
GB 108.156.39.62:443 tungsten-service.prod.eu.adsqtungsten.a9.amazon.dev tcp
NL 178.250.1.11:443 dnacdn.net tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 54.164.16.2:443 sync.srv.stackadapt.com tcp
US 44.214.226.155:443 i.liadm.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 69.166.1.67:443 sync.go.sonobi.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
FR 164.132.25.180:443 ssbsync.smartadserver.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
IE 34.253.118.168:443 match.prod.bidr.io tcp
US 35.244.174.68:443 id.rlcdn.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
US 69.166.1.64:443 apex.go.sonobi.com tcp
FR 45.137.176.88:443 sync.adotmob.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
NL 81.17.55.172:443 rtb-csync.smartadserver.com tcp
GB 108.156.39.126:443 s.ad.smaato.net tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
FR 51.178.195.209:443 prg.smartadserver.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 18.153.141.129:443 btlr.sharethrough.com tcp
US 69.166.1.64:443 apex.go.sonobi.com tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
IE 3.254.237.161:443 aan.amazon.co.uk tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 69.166.1.64:443 apex.go.sonobi.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
GB 142.250.200.3:443 www.google.co.uk udp
US 151.101.193.16:443 m.media-amazon.com udp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
FR 51.178.195.209:443 prg.smartadserver.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 35.156.158.169:443 btlr.sharethrough.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 69.166.1.32:443 apex.go.sonobi.com tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
FR 51.178.195.209:443 prg.smartadserver.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
DE 35.156.158.169:443 btlr.sharethrough.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
US 69.166.1.32:443 apex.go.sonobi.com tcp
GB 142.250.200.3:443 www.google.co.uk udp
GB 18.244.122.174:443 m.media-amazon.com udp
IE 3.254.239.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 196eaa9f7a574c29bd419f9d8c2d9349
SHA1 19982d15d1e2688903b0a3e53a8517ab537b68ed
SHA256 df1e96677bcfffe5044826aa14a11e85ef2ebb014ee9e890e723a14dc5f31412
SHA512 e066d74da36a459c19db30e68b703ec9f92019f2d5f24fd476a5fd3653c0b453871e2c08cdc47f2b4d4c4be19ff99e6ef3956d93b2d7d0a69645577d44125ac7

\??\pipe\LOCAL\crashpad_3352_JMQUPRYPDORTCDKP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f717f56b5d8e2e057c440a5a81043662
SHA1 0ad6c9bbd28dab5c9664bad04db95fd50db36b3f
SHA256 4286cd3f23251d0a607e47eccb5e0f4af8542d38b32879d2db2ab7f4e6031945
SHA512 61e263935d51028ec0aab51b938b880945a950cec9635a0dafddf795658ea0a2dfcf9cfc0cab5459b659bb7204347b047a5c6b924fabea44ce389b1cbb9867d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 299935416a68a41c316b9b9879900cff
SHA1 abf11c7e50fffcf4682010ba46ffdac77920e042
SHA256 8402fba406b7ad384de0f0534ce0fa40b60fda7a9b619bfcd0baa316a5a44f0d
SHA512 2a97f3ff5882dc7dc95d62a8df5e164d6dfd3b9a6cf158d1fc77f3f8fd0714a740a9df002f4b74a8fef65a4fbd469c66ff8a4b9a8df82b9a4c588ee62a35621c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 17cd67763ec12314a5dfc7f18146ae06
SHA1 c46a586a532894f1b1974bc5023fe49c40e6d964
SHA256 14755767aeae9a6f1f9bc6ffff9edde9b2774446c8d7c2ecca4ceedd475e44ef
SHA512 20ebb07c042b94434f2cb223f9a1e895f2970d189f06d77f22d97f52403535bc627e760b00b733255b5f783272b73a7b7caabfc84f566495c3ecb4ec3537e95a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f33809094b5ff4a3cc22ba7bba91c35a
SHA1 7a5c7262007a43a1b5345335684efff210a25d87
SHA256 be92c500b929d10b42f9e48d04cd04796dffa9ca07346da55aa92e92ecde2431
SHA512 7ae709b570de838c4d83e4a9f23368b4fd1047a97daa0f8b7920b08009b793774f549d1b07ae7e0b198c7cca247c3434f8901e6511e3900da38a4ae36cbcbfe6

C:\Users\Admin\Downloads\Unconfirmed 551268.crdownload

MD5 8b6ea83a3c031a60b36324a02fb0e610
SHA1 9716678978d300443d3cc2a757410489c5c10760
SHA256 a847f4126ae5f0d337e772adfae8e9a2c95b6056e6153f36c5f36f93105f84ec
SHA512 02944ec71aa93e7db557baca37fb569170cf43a0f25b95e21843cec6bd59d2773cadefef49d68ea7065808024e91f5ff374a355f422e9f48fd2ae5734cbb292a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 4322f0449af173fb3994d2bef7ecb2e4
SHA1 b6ee5c6f76b8eee448f6b4b2b56fa1ec39653934
SHA256 0502e6e2f3fc54a30dea0eb07eb19a395c7ea6fc273321a49a4cc977a59b7cc9
SHA512 d8bae6131a5a8a1fcabb2d7efebc6cdbba27955fb77484a5d87dbce7a237c0cd5e19b74b4dad28312929ad732d3b80cf3d7f15f059c88438d0bc6ff9535ceeef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 9a23e02c51224896115a872ee5f62800
SHA1 447ac79a43947ca2519a6a9e4d63333c81156c06
SHA256 f6acbc67934394aa13122f6cb281e96a0765dca464725108b63b046da126831b
SHA512 9d1e4546a4ced1959212bd1c0f0f8f8a09e6d69b85db5d9cd0172c614745c46143b269ac9a47253fadccfd5834f2db03d35398db16419607b4e749fbd8938321

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b764bf7f6c950693f66e9a90410ad558
SHA1 b80a6438921a9975873224421560840c6f9768d8
SHA256 8a783b4f9490af9663102c0f675f6139bb62ab3ece9cfecdde92d048e35f2a72
SHA512 2a53b7b0153684c5326f6ae881a9d1fa881c731d52a459bd8aa0003817c46058d994b4c666cf0d527c2740c563a4da640d0a3c599d51cc9a0b827fa0fd6bd721

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9d2c485174efac4bf7685e3e6a1592cb
SHA1 ffbae88e10dacf1f6a3729a9b729d11338161251
SHA256 499c5e9269c1a0b63d0e7333d15de609cc00d2848ea4ef54fd5d7bbc362a5278
SHA512 be7946e6e08a166d95b0b191b85402fcdaa3842eea93f7c95951575b1e687025e2ea4bcdbe5bfc6cf664377f1e225513969aa53f50f664bca8538ef12a826d2e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cdef.TMP

MD5 b67cee510139a5c75a5fbfec6eff7b72
SHA1 273a40eb61ff8a054dae0bea898c2cc0f848ee2b
SHA256 342f4112a1958cec7c52d7e33b37c364bfce24811185755f155dd955fb8020c6
SHA512 cc7e683d6b31d544805820306145624a8bc71a76d4dd2deda58f8212fd0387c10912f86873d0ddfbebaf9d23cba631702beeb72caee582043ef591ec073be5d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3c0b6f9d126be0d5d8505b7c423b62e5
SHA1 959309bc98c49e52f52c80597774605c32ae77b6
SHA256 63bf11323c4b88d6685280e2b5e7ca9e5defebab58ca00b9677f1e81bcd0565b
SHA512 c49f31d523fefce9e41d697af94c378dcadf6c01bd4161220e57b23d6616d706adb8996e0173d6c940f3a012de73294fea9cfa60c4f9a4b2bc01a94f36c40e1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5e42077b85df235_0

MD5 60d3613a3bd520dc5e12fbc1efe0a304
SHA1 83a0aa760f9a635581681ddfb2867b2c44709fcd
SHA256 1abed51c47bec536b5529a7ea7fefb157729ce8fd4f9ba99086eb8bb437bfbf7
SHA512 ce7b3f1bd219a80e5471e57b8b17957e728b1f0be4e6fea4cac2c69fc731087ae4695f80e831f405434e0207a0c4feb369c7c4bea3dca2e67d6536bd5dbb4055

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 40faa0c4150091170644046bbe98ca75
SHA1 d07b30afeaad31c52a1e9dcc2b5362065cc46625
SHA256 c3973eeb11e12431e06d1ef84661ade738e2f9d653e09bb1882dfdee5f887158
SHA512 afa3bf63f9211982ff39b058d0dc8b5ade5339ed68615df5f0c16477dac454897dc1d61e67d78ef1191c1f5859407828d297a5102ee7f28addd10449fd07c85d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c27ee838b6936d7026901f1a5eac5e8d
SHA1 3572130f89bc43661e7428e44f1a7aa873e1df6a
SHA256 50dff959dc956f20c24381ae5454f396c0b7c02c75f90b01ed665046045102ef
SHA512 d8b9341c0b3acf7de370f960a84e6863b1d7c23e31b5957c9de9d4fbc8fe0d5c8c4fb608eed7abc01d145c5187b7de5301eab77d9eea15ac6dae3e40bd03194a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 10c619f583a0d310d0a4f88196b79d5d
SHA1 b709a204cfb36ff75e8a527ab7bc814c6e8cf060
SHA256 34a46fbc8bdd5268e1ac3a2a1a172179391e8882935fdc6e74d88257239d8460
SHA512 742cd40725011771ca94457f7eb4460865ffa23c918d661c7a4f8f317499f137cebfddcaad8a9279a230640b9bb4082997504d0293eb1dbbe8680b8d70f32aee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 107f2d10bbc3d6b19625f426a5897645
SHA1 0ce49d0c392787c9fb1792e604663d69b3363275
SHA256 d6e3f59448c5c366254e9fb70cc41898a7cb2238bc1e0bb1c5e9364f94234185
SHA512 8cc4126a07642e3ac918eda392207a1b86be471a25573889c189294a2ae1fdcb3adfa8452e0c0db665d95c468c6d6f8a983d6f84a7d643bbcc9780d44dcc13eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 28d098eebe97db1b224e82899b6a7cca
SHA1 0ad93666b70a35824285fd5ec687598c465cb965
SHA256 5c2d7ea6928eb94a9f293b0aa42294b1822e13592f8b0112f47cee5a7dc50bdd
SHA512 b91beecb434f8ccff7ab1d262609ed7d2a79b0c75766a2c6c6578e0e1c7237f49467c95eacf2ef0dd5d3ecaefed20155b784a82e42b69b7978cf10866b31a634

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 279dad77b0626741a9e78215bd9a6c54
SHA1 2c94c23d81b1bb6156aa268dd8994ff384feb40f
SHA256 2e1ddf3a00fef29a064d9e327edd13a587ca24126c7f24b4fe2450ff045aa9b3
SHA512 0786ce42ffcdc9289767d033ce3a3b6506378f5742d1d53a8e546ae873e376dff005a696131ea389e37f192efdec11d92f7a1b49af69c0e5fc0cc9925f17c9fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d7b67c80767aed3c74f374777f71e704
SHA1 2b9416c3f309872ff4c7e4d1807911422fe8f365
SHA256 9755883dc440f89675118d501ead10ad7d0559ef45cb902094b4c3a7ab996e48
SHA512 7351126ee9151b6a049203979fc63e3cbe02b9f71055a34022444b032459d88b4298e0a3dc5be56a57fe606f77ecc2c57cdc56f6f3490df6f5184ae5e39c775a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b8771cd1298b4c7d51345a2ead61628
SHA1 e17e5fab8ec8ca59e51bb0205970646a1ec3df6a
SHA256 9324f724c6a2521c957dc2ed3c4def7ea62035382a630db529e4594e80176e2a
SHA512 21c1bdec454c4b317f8d96219c621e26c6e312dc2f48b2c4204e07cb39dceeb08d5654ad1e4659e355971c6981eecbad3b5884eaedfe526596f283144d9809aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 faaabc47285917a13ddf9085ec484a2f
SHA1 ae7e1c9f996abc995f8b889afa538449fdcebb52
SHA256 91b82d1cf2c9b5daeeb21a4c6b1774156a0c0e1d246f5bc7397126b358299f21
SHA512 412024ec2e53aa9588e90d13dcf0afd8f908166d81489f9cb68d863d53354559a5ea23d5a8a4a81c8731c04988c8b427f59caae3df52ade62f64517a9fabe30a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb0774e1a1c977db_0

MD5 8aa95e745674053d789180420b19061e
SHA1 1b31ba31d6b4490fe03a69aa9663839fafb2157c
SHA256 10af2ad95ccb861caaee5841f9166ad14f2c6b89f2db23f941dda2f67e1981c9
SHA512 9d37a6402571d69319b7717cb153f5dac3417267bcd39ac73710296be7b17e70f62c464982437626b83272e64936fe357e52d8b3508cb31eb086ca516ccef71d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f5d6e213bd111fe_0

MD5 bddb691d12d04f38b42dc8bc98d3270b
SHA1 3d410701ae2142202ff22eb8fdb4abf021d245e1
SHA256 ec7473ff9fb6da574debb4bd252aac5663f59496a1f3bc1808e589ae11dfe088
SHA512 ee1799438736960a1723d455fa9361df3ef05d6cdbc454105463b8b94becf855425f48b6ad8e80250a5f5e91ef7f0512cc91bb8fa7c848aea616504445c03c32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4d386dbc84433b8c_0

MD5 c1af4ea89ee0486bb4325e6afd936aa7
SHA1 de0404ec8be3612bed23713799fdacb3b1664f04
SHA256 6a2d0e3b75c952ba7effc5bd50f1305df557379f810c27d4f5ebcbe602bf196f
SHA512 0658bdfc281906d4a78e8d2584d70e269b9b90e5418a6332515b47ceda119d0e963d5180954de7e36b619c9f1b67af61aefb00aaa84da99d5b34ca8801abf6bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 65a5aaaca1bcc807f71877d2209333df
SHA1 bf2bee700ae3844e8ea0d2a849622238915d0e14
SHA256 8e4fa56717bb803bd4828396143d3877f69c9d7ef5bf5c153051dc86791b33e3
SHA512 b3a939e4455d80d24504b8471cec53fe5d09ef7e1b00a2e804d7698bd1c3a3bc29e9a2cdbd7dbae1b828f68ee85d16669b7cc4d29e278d3b461d6291b91384d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b7e540728dbf786aa51371712d637079
SHA1 3a7cae9afaa386e3ac27954554b099a8f5d93ae7
SHA256 69ddc97b4f7352252e5942972bc3d5bb732b817c5a1db3d1d88ac899367badb1
SHA512 f1073ea2c4353fd8aae535fe89f89cff4dfc4ba4181e6065e4bc96900432bb7591b3d2aaf1f59a055eddf7d436b51bb00877c60bbb7a4ece5dffcd336c7fe4fd