Analysis Overview
SHA256
23c75e988d1579ade684b8fc3e9ebea0f2d62b955d190c974c4a47112681048a
Threat Level: Likely malicious
The file sample was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Disables Task Manager via registry modification
Executes dropped EXE
Modifies WinLogon
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Sets desktop wallpaper using registry
Enumerates physical storage devices
Program crash
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Kills process with taskkill
Suspicious behavior: EnumeratesProcesses
NTFS ADS
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-07-01 14:10
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-01 14:10
Reported
2024-07-01 14:25
Platform
win11-20240611-en
Max time kernel
903s
Max time network
913s
Command Line
Signatures
Disables Task Manager via registry modification
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\YouAreAnIdiot.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\YouAreAnIdiot.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\000.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\V: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\G: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\I: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\K: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\P: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\R: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\U: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\X: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\A: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\H: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\J: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\L: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\W: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\B: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\E: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\O: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\M: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\N: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\S: | C:\Users\Admin\Downloads\000.exe | N/A |
| File opened (read-only) | \??\T: | C:\Users\Admin\Downloads\000.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Modifies WinLogon
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoRestartShell = "0" | C:\Users\Admin\Downloads\000.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2394516847-3409208829-2230326962-1000\Control Panel\Desktop\Wallpaper | C:\Users\Admin\Downloads\000.exe | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\YouAreAnIdiot.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\YouAreAnIdiot.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643171973895348" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\txtfile\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\icon.ico" | C:\Users\Admin\Downloads\000.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2394516847-3409208829-2230326962-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2394516847-3409208829-2230326962-1000\{C8D2E952-2BC9-402B-91B9-FDC29DDA9E25} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2394516847-3409208829-2230326962-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2394516847-3409208829-2230326962-1000\{FC2FCB1A-4737-4672-AD79-0159AA444E89} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2394516847-3409208829-2230326962-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\txtfile\DefaultIcon | C:\Users\Admin\Downloads\000.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\txtfile | C:\Users\Admin\Downloads\000.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2394516847-3409208829-2230326962-1000\{C2E44D49-FB4C-4285-A3BB-DB462F0071E6} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2394516847-3409208829-2230326962-1000\{B4430ABD-2322-44D8-9402-FEB91D3E2887} | C:\Users\Admin\Downloads\000.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\YouAreAnIdiot.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\You-are-an-idiot.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\ChilledWindows.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Melting.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 8373.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 711898.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\000.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\WinRGBDestructive.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Avoid.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\You-are-an-idiot\Google Chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\You-are-an-idiot\Google Chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\000.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\000.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd52e3cb8,0x7ffcd52e3cc8,0x7ffcd52e3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2536 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3508 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5388 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1920,14224201249669837933,4040244055524469317,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\You-are-an-idiot\Google Chrome.exe
"C:\Users\Admin\Downloads\You-are-an-idiot\Google Chrome.exe"
C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\a5559688d3c34048bb79e54a3606081f /t 3344 /p 2552
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd52e3cb8,0x7ffcd52e3cc8,0x7ffcd52e3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2708 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4020 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3820 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,14784744497667875186,9736558072983067786,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xe4,0x10c,0x7ffcd570ab58,0x7ffcd570ab68,0x7ffcd570ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1564 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3148 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3232 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4144 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4568 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4488 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4880 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4912 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4744 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4732 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4592 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4556 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4848 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5000 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3408 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4092 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3432 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5132 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4708 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=1600 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2684 --field-trial-handle=1812,i,3596441138747071137,7354000096374803214,131072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcd52e3cb8,0x7ffcd52e3cc8,0x7ffcd52e3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5440 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3428 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4968 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3528 /prefetch:8
C:\Users\Admin\Downloads\YouAreAnIdiot.exe
"C:\Users\Admin\Downloads\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1884 -ip 1884
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1884 -s 1228
C:\Users\Admin\Downloads\YouAreAnIdiot.exe
"C:\Users\Admin\Downloads\YouAreAnIdiot.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 2812 -ip 2812
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2812 -s 1204
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7052 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1840,4404931050490836399,4708761525446672606,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
C:\Users\Admin\Downloads\000.exe
"C:\Users\Admin\Downloads\000.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\windl.bat""
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im explorer.exe
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im taskmgr.exe
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic useraccount where name='Admin' set FullName='UR NEXT'
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic useraccount where name='Admin' rename 'UR NEXT'
C:\Windows\SysWOW64\shutdown.exe
shutdown /f /r /t 0
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa39f5055 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 216.58.204.74:445 | fonts.googleapis.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 138.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 216.58.204.74:139 | fonts.googleapis.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| BE | 2.17.107.99:443 | www.bing.com | tcp |
| BE | 88.221.83.178:443 | www.bing.com | tcp |
| BE | 88.221.83.210:443 | r.bing.com | tcp |
| BE | 88.221.83.210:443 | r.bing.com | tcp |
| BE | 88.221.83.178:443 | www.bing.com | tcp |
| IE | 20.190.159.75:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.203:443 | r.bing.com | tcp |
| BE | 88.221.83.203:443 | r.bing.com | tcp |
| BE | 88.221.83.234:443 | th.bing.com | tcp |
| BE | 88.221.83.234:443 | th.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mostannoyingvirus.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.16.225:443 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 172.217.16.227:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| GB | 172.217.16.227:443 | id.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 192.178.49.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c40.gcp.gvt2.com | udp |
| BE | 35.210.214.151:443 | e2c40.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.214.210.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.16.227:443 | id.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.f-secure.com | udp |
| BE | 104.68.69.164:443 | www.f-secure.com | tcp |
| BE | 104.68.69.164:443 | www.f-secure.com | tcp |
| US | 8.8.8.8:53 | 164.69.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| GB | 18.135.83.51:443 | assets.f-secure.com | tcp |
| GB | 18.135.83.51:443 | assets.f-secure.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | location-api.f-secure.com | udp |
| DE | 35.156.224.161:443 | location-api.f-secure.com | tcp |
| US | 8.8.8.8:53 | 51.83.135.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| BE | 88.221.83.232:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 232.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.203:443 | th.bing.com | tcp |
| BE | 2.17.107.105:443 | r.bing.com | tcp |
| BE | 2.17.107.105:443 | r.bing.com | tcp |
| BE | 88.221.83.203:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 105.107.17.2.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | bbfb66ff6f5e565ac00d12dbb0f4113d |
| SHA1 | 8ee31313329123750487278afb3192d106752f17 |
| SHA256 | 165401ef4e6bbd51cb89d3f9e6dc13a50132669d5b0229c7db12f2ec3f605754 |
| SHA512 | 8ea206daabc7895923f3df9798bfd96f459bf859c78f3e5640fad550678b5090539f2a1b590883cd9797efee999acccac16d499772f61f5390e91bcc44d60560 |
\??\pipe\LOCAL\crashpad_2240_LZKBKZVAGUSLRCQM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9a91b6dd57fc9c4880d34e9e7c6b760f |
| SHA1 | 77a09da6ef4343a8b232386e000cd2d6b9fc30a3 |
| SHA256 | 0170297f0103d4e415653f86dedc31b0827580042f86862206fd3f6f135b543a |
| SHA512 | 9fc3b9be931b3edebc4a6809d62d805046bdceb4c27a7db21cfbbcb0e5e253ab529c54d64e465e60904a6ab3b83156e26b97f852c9526f46f037944f806a7f0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2d5fbdd8c2e7c1ce71039310d0a027e4 |
| SHA1 | b08ae0b2ecd05301bf139fda9170abb786a5683c |
| SHA256 | 2d409024b4d434f2ac2ad44fe843106a61d41f9ab31de76e6bc881a53b163c30 |
| SHA512 | ce327dc7d496d286be2fa35cc8278d04d079adebfd09bfa50e5d1b545d00f8ee1134403cbc9fa19093d78ff867f6d2f66a206580230408afec8e8b1d242bc1d8 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | ebdb4566a509bf737e7f3726b8e5d003 |
| SHA1 | bfabb2b07b9cad82a182d5564c4bf61a6a40d61b |
| SHA256 | 29704bfd9a2326469e78055f8e9b54d6e0affbc5982608478beeb1c91a4cb6f8 |
| SHA512 | 30f4cacb2db6a19f221f90e1547d4ecea075de7f73dffb0573cc3a2971a2bf92f4c2ea02bc0b622fcc6fb5ba47a8f21d656dc552f676476e0abf779e8a52b77d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7b6a6deb89c454d7b13a068ca947e735 |
| SHA1 | ffd328aef0e2554b4e2adb184815d3f7ac3907e1 |
| SHA256 | 6f7519d4c846e1d0d57690adc6c3b0e996b9ef344577dd61566d574112c3e717 |
| SHA512 | 1c36c98326820655609ac048b93f6f90ad1e3ec0d534c5d38e7e5c1d8896dd5500083af05e26966b470c0ad068a1f970d345b7f94b3b4f8eed3e287bfca94c86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bef963c511ae285048891ca7c2657af8 |
| SHA1 | 965e1bb4785cb335dc8037c106aa10a065b46bec |
| SHA256 | 1d813796253a24b4e3eb080691ae8a9b4802c0cefe9113dcb7bdaa332e30616f |
| SHA512 | d45a7ad71b5e503039c563567055f8acc09e880dfdea06080ab0829ed8a7111e5d9eab81a43176ce29aee64d9b4e4cba53460de9f008e68b51c3bc7942f837d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ffa0ee7079ece091b1bf2f91ecbb139d |
| SHA1 | 99337592ce96c256a24e1ad948fc0da6630a9c16 |
| SHA256 | ff14da0b1f13412825f33b6517a57ac2da51af312b34aa10bd016efe5ebff768 |
| SHA512 | 2b0fe3a1a8deb245615667d15ac44ea231af3180e6d0a8676de4f60cd289b2c8604b7aa67d91752739ac5669d2c14525db1767e7d4ce2439519929c101588f42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2783d27a82717a6b136040a74589e2cd |
| SHA1 | 64565e6845abd8654d939629dda67aacb4e0c9fe |
| SHA256 | 2ee0223fe698ff823ab0e2fb5bea0fc222c97cfc4b50eef7759b2c788d6a2a7f |
| SHA512 | 79bb12578ea5fcb029544af8cf920009d821c0b9bf1719affa9453774ec7727b09acf7d294a2f57461a4bbb07fbdf3730047289a538b23e207ea3490f6cde756 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 80cbcc5b6d53abda747756f2cae03f09 |
| SHA1 | 7fe29232197560724b35c9a6301c1ba916753623 |
| SHA256 | a76e895570fc28e6445bc562b9d4e838d17f7296739c5930d1dd49486a6a5fe1 |
| SHA512 | 13f44e13cf4d2712f2b3274127400d33b71a22ef170d07464d748843e40f93e78a400a4076a2b3aedd07063cf9629530518f44c77d79ea41c68d1f83dff35d90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581cf9.TMP
| MD5 | 9d9c1d7fdb95981371cb8d0f47f52d5e |
| SHA1 | b26bb2064902716c3f0ed4ea72eae3b8ba81d8c2 |
| SHA256 | 935a01fbdbd858e3f76963991a8d9147926320f3105a8e5467887c8ec311b7f2 |
| SHA512 | c7024184c795d0ce539cbc45a952fd00cd0a45f89bd32d0cd5bada1dedb9de56f8566fc71e55219d8a5dbba32ddade46698a8d8636dd5d6830ab70f4f304df97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 35a3e69b5eb3e227aaea798328538b2a |
| SHA1 | 204463d18507e719a22e7039ec901f5ebf16704b |
| SHA256 | 5778c61946c961d84b168f67d156ad3d320beadc352d97372dc995492ec799b9 |
| SHA512 | 94058fd188d2ea89289572c5e1c1b8dfda4a2b99dd50621ee2c0d113eb96c40d67806a99bfc15f3e54c4bc455b777a8e26bfef79f701a06f1fc0cc9bcdfb605e |
C:\Users\Admin\Downloads\You-are-an-idiot.zip
| MD5 | 4acd75f2bfeb99226a8c9cc721284208 |
| SHA1 | 4c5fc527d8825952a6f45d4fcbab3bdb074e9713 |
| SHA256 | 47dca4e070081df4b70053c858a851dbd720845d4ac579eb5e7334a44ffa16c7 |
| SHA512 | ba18b878ad12916ae75dd1f5fbee09bbdfef4776d243fa4e9d7b34a113978b529a242c66e868c52cbb0cab4198d0b356e83dc36355f9452e03e7fbd4e0f9f6e0 |
C:\Users\Admin\Downloads\You-are-an-idiot.zip:Zone.Identifier
| MD5 | 94a51fed4a7a18919ee2019e40ddc701 |
| SHA1 | c614366b7275f8d31ff8496f83982d7a8acf7ccd |
| SHA256 | f1285647a1f18f30882d863021593c4eef9877b1b5d1f0c8822e2c4abff98a47 |
| SHA512 | 781ad8da039503ac0484c44c164e402edac260e356dc5330a1ade0c8fbf3ec4d0416389685bc33ba0d70bf7acdd34639caf69a17dad8b63cb36e6917fa33689d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b10c2ff05854df9b7d2fbbf7a07ca749 |
| SHA1 | e54c0abd2593f1a2fc8cade42d2083591e30de1f |
| SHA256 | da688397518f0055fddaa76bad5144981653a9c26bdc1646968cbd0a041afd3a |
| SHA512 | 629cb65a66f1d5cb3a509a81cf5d836a44be741174955d7722f1ef4875d5cb058cf3478bb89bb9b75c260c044917afe7855b50229dbe80d0c862cf75d90dfa6b |
memory/2552-418-0x0000000000870000-0x000000000087C000-memory.dmp
memory/2552-419-0x00000000058C0000-0x0000000005E66000-memory.dmp
memory/2552-420-0x00000000053B0000-0x0000000005442000-memory.dmp
memory/2552-421-0x0000000005330000-0x000000000533A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0a029303e561d4312093ada015b39d03 |
| SHA1 | ac507bdb3cb758f3f0e68a05be0d9c700cf71d81 |
| SHA256 | 22db487e09afa8f1488e1577ac3631a0f8daf55f0897c832a565ace0b6c4a6ee |
| SHA512 | 283e6a959121c812fe5ce0687254a4ca3b09f3d193c861e783c59ce4be5216882f951348e83a4e491935a34973617ffc17c401a32db946dcda840de3afa24167 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1d4582ccc5096e0ac30e52e9426ba9a0 |
| SHA1 | 7afedb307ac4fcc402a7310d6a4326ae41055958 |
| SHA256 | e8432ff2f2c5f9a8aaacd3fc8bbf0684d65359d930a27393bb328cd0f2c7b4a3 |
| SHA512 | 3aceb0a2f876db3d7996428a7163e77bcbd53a198d99b309aeabc16f84b2020f2e7ad1d55c4d90de5ddb981171b0eff8177406f593292e240753223b3b190b06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1d412fc1-014f-4d91-873f-80a5d91723ce.tmp
| MD5 | 2b323c2a116b29c5e4a6fe1ab056925c |
| SHA1 | 8987b211ad80c68ba1ab3d5cff335e55f37e20ec |
| SHA256 | 9e1e17b9b017a22966e5f019800809746c0ee6f9c6b0b191b76514a784b18122 |
| SHA512 | ddc7caf4bd0f19aaa51d2af2eb20f0007fe937ce7e0fb2ccbf932ec29c15ff4c5864bc64cfb66ae1f2d145a73010b6cc39b808e8f51732f895afe53853ba2387 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ad91f17f8d62ae69e11644700f9cc7d8 |
| SHA1 | 76b659694ec6376abb643c279b1aa80b751b07f1 |
| SHA256 | 5fee0797abccb3bdd957f3f9252e61ca6edf941389092ce54d1b098be1d7173e |
| SHA512 | 22b474988ecd7f987dcfca2f608b9782b134dce604882d04b4c9d35aeb72c919478a74f789cccd60b5e11dce0dbfce7cb1845783560add4b7617ba326807cdc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | beb661c17226a15cd98d3f4988d75387 |
| SHA1 | 829eb5e763c1d4e6d6f9491fc42005b50d23371e |
| SHA256 | 93642558c2215f6d1d3f6830205514bf53b5973defe14be41d6d835cb450d12c |
| SHA512 | 5a4422a3fc042420b8a18109aa72237051d35bd8b1c6ba2c76cd52d83605b748a1b21f52637cf6aec881bb79fcd30f94a3056d6915a7496d49c4b8106e5fb24d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 764db32871d13df16f9789236bb08631 |
| SHA1 | fe9ed3dd49b34888690f42c86369d917bedef319 |
| SHA256 | b1ee2bb1b8aaff7c1eb637304dcbd27032961323c842f9fc7f647fadaef78a63 |
| SHA512 | 235b20a24df17e3a8213339045b48f88b9b22430adc2b97f26f184094a93f07a0977f975bd5ea796b01c58f79b2c48a3d9ef42be93cdd0e44988108d6e87a6a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1b0f1a5e2d1f125c2976aeb5940a5ac0 |
| SHA1 | 8e15cc490bd6ee096ca6109f442f1ad2f35b1850 |
| SHA256 | 4c90c392ad5208bdcaa576fb1caeb11dafdce226f7b4c18a0d0907a40d992a7e |
| SHA512 | 3d87aae9e820d158769ee83f6389dfe122052896f5ab15322d499ecd1494519a0fb3d1c989490cd4cae5d901500a933892eb9104d43988bd12695e14b753ded6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 01b6ed6eaa23e41e1289c3087743bda9 |
| SHA1 | e1b2775ace6c6f6fbecb1e979e5f7182fe3c978c |
| SHA256 | 9657ce7ce7f5e758a271978110a925934409307d21777b1c8a9ef7a727e315ba |
| SHA512 | 224c9fa9bcc35a8c18944d2e92199fc7522bfd9e25fa5f8c5ca587041b14807d4d14acbab1b86e848decccd8ee7a70ddb4a00a8f8545cd5938b297c5db211427 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | dd465e28cf08e278b0a87d929d4c5ecd |
| SHA1 | 0b99e29f7a02af607b73cbbbf19714e39d3ae3f5 |
| SHA256 | 63c59d969a7bb673280a37b341ef219d7db06d225e12db0315ca67c6b0919dd7 |
| SHA512 | ddf5bbae44522ba8f4c311e0cb4976bf8dd2322f3e00c77f1e3c21e54e35bcb58f439710ffa2ffe045f1ff55d9867f94fd4a316237f9ddb9c7d8026bf2b0eb3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | cbc17bb48b28c8d0752a359e46e926d6 |
| SHA1 | c9b5abde39d0eb13d64225faf38e43c6dcf7f542 |
| SHA256 | 5cb50a22d12ce65995c55f6a490ae995ac850cbf8caac58540f01ce8db40c19b |
| SHA512 | f1cb51a1ca1ab0d19633ef07879e5f58dc1394168c3003bcdbedbc5968a9bd45e53cfc48a35951dbc9b15e62c40f64e5cde8add60784e70d17d5d5acc059e89b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 94974c520bda98ec12a6da95e76a6d7d |
| SHA1 | 19ef493f86e466917fc30314c03333ad40b2b234 |
| SHA256 | 7c543027618ae44ab32838b1439dd28e47d17b849bd6e7e7a20f9b9646d7ff83 |
| SHA512 | 20a6739902dff134fdfb761e3b1805d0b797f96158ef70bed9ff71664515c20cbb2c6f88c797d8ef9a1c5c2e59305dbe2031abd4420c730d2ba00875d9d4225c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 58ea085adaa1a97b709f509636284ba8 |
| SHA1 | e4232747f0a72f15ecdad9580707a5f078be526c |
| SHA256 | 6eb09a85509c94fa10a38eb33bb9e59a1cdb288cb4a248dfbcf239e22e06b0b1 |
| SHA512 | 87e9d2111b3b32840b8bf6009783ca057869389a32535fba5f99900c837a1cadc7acd14d2defe76b2b935751af287dd169c5aae95ad110cf8db2daf69054d7d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 40a6764860266698e468a55bde5cd434 |
| SHA1 | e0d88c2a6666ddab8804adecf9570a30da7da106 |
| SHA256 | 857c45e01a6fb85f31fb3f0607ea10a1014cd6f1a33a4302ee2a2f03563dd741 |
| SHA512 | c9ecbe2871f8628f7c9520b252e81b00277bd02a9aa8a2cc1eb50cb305a84e2cb533e9768ffd8105481d1055d4ef6da68f5e5b5a8a8bce039eef229bb26cd11a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e910a119fb95f76edb6e8c5957113487 |
| SHA1 | f15855e50820c7c7ad8ccdaa79706264549cc6cc |
| SHA256 | 48c488200d52fd70733f0c44df584a157b632e9afb7c2420f40bfc0ff32221b2 |
| SHA512 | 07e55d718e9f45989f2d0f9a3ffc996a3f95dcefab523fc162aeabc1baa8a9fa4c313006a67b3b5e8cb26829d042931b9627c278c175dbed2c64fca2936aff23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | f25e5afb7ae67662ba4b297fb5d1b983 |
| SHA1 | 4329a61586434137b3514b545dfa056f5a993caf |
| SHA256 | cd29ba4c541f64a5b083d31767bd31a79df256f6a095a0979f75b86414ce3445 |
| SHA512 | d503678fb80bb3a78a7819905ff50bd900590cc3dc60321f528b69cddefdda73c538a02273aa00df1b09ecc7e6a618dc65d2057d1fbb5741a020ea38d306b504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13364316638351272
| MD5 | e8e8dd0a3ed52a5ab53e7f119a72eb27 |
| SHA1 | 7862ce099b235cbc9bb3fa7bf5cf8014edabcc78 |
| SHA256 | fe8b8bb53337167ffddd1fbb2f7029f21d8c96d0b8b18fbec8eaf7d571676962 |
| SHA512 | d6b2ffe282044e34708c057e37e124d2d5d80c643583a570b063e794e816fba966bf9e6a5c955832e68484d4d3c8ca81c123e60856335105760ba34be6e864ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | 73d5da08b49725ba99f93518e19a98c5 |
| SHA1 | 56a70c8a30602c5951a2da3538513c57c54e0d10 |
| SHA256 | fd7341612d8e8d1474f32870a798641912b1848c9aaad3d0b19b67856ab31ce9 |
| SHA512 | b4acc4a211b09810f489407714eeda28f121ff4a2c838272315e583f18ea17930ee6c872226b48ac91d56a393096afa94952a3872b5d30c560bb485cb32bce69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | ed46ef8da7c1147987a34a81009026f1 |
| SHA1 | f86d09b48fdd1803098d1cce73181a8a50398b2c |
| SHA256 | 4318dcad82aeabba605ea007ac6b4026800c0b9dfc06f33ce3a0e9654bd957d8 |
| SHA512 | 1079c3d441ca81bdccd8b3aee139af99b22e1301e3c952a2e4373dfbc646c626073095fa6a69a320916d5b185ee7dc7c9cda0fb2e0d452e7d664f4ca2116ce1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 46940777e66ce5d1157fd86e3830064f |
| SHA1 | 84f993a14e8bef93b3ac365973e027a40f435531 |
| SHA256 | 6cdd3957834b614516bb0788d8b1b869a14ff1eb3901e6a3e926c412d7847b3e |
| SHA512 | 11a6c6d708a03437418c85db7711b3cdae850c0b481eb698f750e512d6f3d6bb2465705254ec0d1a21da2569d6ac41ab8ff0eb3fc723568706a97f90c326af52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | eaf685feac9383a1a93a4ae1cce2467e |
| SHA1 | 03e179212858aa7f3a73f98111564751dfb9a7a6 |
| SHA256 | e33cf368fc8342e4d78c4847fba54871b7c70a870a59bdbf6e7082a41d5ba972 |
| SHA512 | 27c9b61fea89c6ff9a431df4ed294c4a40fb0cb725a8918b52035957a105e4811ae82d40c97d0056f6a0eb34a1765a60e1ecbca70c8c625bdf29f59297d45f9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 8762dc7588e9a1325b31db22a1630dd4 |
| SHA1 | 5c98555b5a6f1191b88a0ec2e21f9a6b754f6f02 |
| SHA256 | dfda8de09fc50ee29eaa8f38bab7dd14e63df824d10f2806a9e02637715c0abd |
| SHA512 | 9681df7f6dd61cda6c55eccbcabd2cd9f117524a24b4c14c4d54c5b643b9034b45263c467b9b58d954dfebe7ac1b3c38dfabc65a7a63bd6a53a6cd34db0ed461 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | a92690f37cd49400e4af546d04797564 |
| SHA1 | 7ca37cc3d44c3284503ffc5fd8bc730c399d3df7 |
| SHA256 | b0d7ee62fe785e897b6321d3a15925a6271d7104cf6b788b0e18659857d9ddea |
| SHA512 | 69e2ab698232d512dd52a0cadacf462e661005214f8197634999f8b93e58e6e14ae4dc7045511e3e30e7a43d910fae7d4052caa1e4bbc5c46a125a59db36f63f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | 11443611914de9c146aee6b096fb0161 |
| SHA1 | 99ea617cfa4cccc18a4491d2a771beb94db4ba2a |
| SHA256 | 4706a3a8d701992d89adad259c51589b73a2933e517fd45c26e61c2dd5e3c730 |
| SHA512 | 98d7c4b40c14d0cefc0dbfa6e0b2fe9917ffeb9ad973ca1a5b8a1b656becceeeb3c9d4ce7f7d9a8c58c3b3319488b3016762e60bef12fe394c82aadd7479668c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | 851131cccc2e5949cb463f0e4a84f517 |
| SHA1 | 25a22e20850b4fb1b79a19e6daadee432f122499 |
| SHA256 | 156e673c82823df56149992f1ad2d74baff283bf0b336cca3c7e0af91337200f |
| SHA512 | 3c5610e21bfde6548eb1365f66f4437201bc9838740f0f34c725c9ce6dc117ac51884881283ece6b63bc22686833c462bb1273e0f8c62196d302e756103f21b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 354ed39de5f5e0cde295243746639f7c |
| SHA1 | 91a9cfc377964050bfc05d92c98d1fcfd696e236 |
| SHA256 | 8fd46ecf30358ded8b952a193cdd5bdc9dc5bd4b1f4491805df1c097f1784ff1 |
| SHA512 | 06d0dd4cd222930dbce7eede3ef71547dcff9fb6e28668ce2b1c8f17a546c278968b0b5922d01187da6a52335d354264fd5624d23ced20d07f3de4c78c485092 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | aa47da8de67af7239cefa16ac6ee5ef0 |
| SHA1 | f7aa2f3a90cde1954da641e5015c4ae470dc445c |
| SHA256 | 000fd37f4d7f4cfc5bb43906470e2d7c895a037e3c94d9a217683347c9d80dbc |
| SHA512 | ddddf19933d32ba4ff4c1820863b3dc355495e99f6f16b5d3e1efe72a82cf630694d2b63758caec24e88e873ae729d98192e6ee18320bcd3fc8222f4307e7f18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | f654bb06c187079a4b36c6daa6048e08 |
| SHA1 | 00cc36a2cedef51e400b39d277e5378e53651bdf |
| SHA256 | 67d7eefc274dea66486818c0c3baa720602cf953d490b207f156f52e6d49ae5a |
| SHA512 | 5f09a8b22d255c34cde7a3166355ac960f12553b716ed0b1fcf303549b1f4eee3a1a73f0c5cb91a3ca056fadeeb43f09126d6475e434dfccbf1c4abf300050b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 1c38192a84618a83cbd80e2cabbb386a |
| SHA1 | 9782c3ec6d1688e23519b0bca4e9f964074dc511 |
| SHA256 | 7fc5c684314020e66a02fc458e0e74d1f64cb4f1e11733e5b836616b0eea083f |
| SHA512 | 5d49de02949a8e325811fab841e1cebebbf902e55495d7ddbaab862280cbfe9a459b79d0a5a67ab5b34bb48020df6bb00a8e47440bf95bd1182772b5aa6e33e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | d034a2fd0a0e7a8e7ed884fc62bb1bce |
| SHA1 | 34c18e1cf98e692bcdf90d50555ed1a84b8b7400 |
| SHA256 | c5bc4972677bed38857d46b876a999cedc2e1339a5b5f4c3953250ff1695f7b5 |
| SHA512 | 20d9bf3fe8dad80870113881f3fd37bb28c47fee6a05c26acdef3cd856fbba241e7ffb04fd3f3c3ec96ea1834562cf6d91c24882396c8ac44cfc15ab6165388d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | adfd0d7b35de5aefe6bd87a721e4a81c |
| SHA1 | b2042391dd71723c2782054bd2955c518d07ec6e |
| SHA256 | 7f36b28eaf2e9b0a4503bd938fd60286e70ad6284b720fc21f10073391c27fbb |
| SHA512 | 565d937b94547bdf3ea0e9795d27fe8acf6c8536627671843708245e7b34ad380b643210069cb2138e71b4e24986b95e1b3e6308df84e4b31fa7fe0dacaf327a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | 183ee48ebd56f0cf5329702082994c1e |
| SHA1 | 16d593eee2992c62ba42d5b567454fb4ccd3fcd0 |
| SHA256 | 76e0ad362054c28450866285152b38a92f2190e4c084f25a1bcc8f01369ffd97 |
| SHA512 | bcf7c44d2074fd6a4b1082b7c9f47e582d5c0d61ce496cd288c7d95ceb25c1673cf005fe1e61a3e3b2d8084a1ae41d9fa7d8a57b4c0df49b9a7a5b40ba6186c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
| MD5 | bb83b2d026e333e641463cd0b96609a2 |
| SHA1 | ce56a2c53eae00253f0995ce74ee6298797f5026 |
| SHA256 | a4e7e8902dc55d3d73c42b4a75fc714b648ea88907cac6188854418938901b77 |
| SHA512 | b82168bbabd92a017787e25e4d900efbb72037de59634a0a4f69af5998b383d5a7effd108d504db0f54e7389d475550a951d61b16fe93649c6828eb0fc2de974 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
| MD5 | 8235f98068f731038d8520df4727c625 |
| SHA1 | 6ef1e3ca36d59de490e593ec195b632e8e09565d |
| SHA256 | 98280dcf81e7ed7a29b2d383c12027481bf771aa6358012ee5ffcc8b3af21e38 |
| SHA512 | d75d4b688898ee9c9ee07f7be6e9dafd0154518ac54042270666969dd15dbc3b7c8cf92997c510f42f20a5ad8270d5324dd8f2ef91666a9d6d0450d60bacfd83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003
| MD5 | ad2134ff16b8955dbcf63336d3e33d58 |
| SHA1 | 1d818cc140127deca1fb5bbc4ff88fa3ff52d6df |
| SHA256 | b0ac89e9f894fe05628c1bdead63741499df44688ccd44351d58feab09712246 |
| SHA512 | d540504b8e393cbe5438849dff802fad000227e114a4b2e155d39fe082683413c3b14b493ac0bd0e6bccf40b9a15a86b508aa76ca58a24a1a2e426b67030f09e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 779e6c9a29ed4a2566a0327bf2cdc2f4 |
| SHA1 | 28375aa075c1938dab7566e44ef3f992691ab3e0 |
| SHA256 | 49ccb6b1d7fe02bdd8a0dd32e7b40213f18dccc0d7d5b7d3aa58536047e6b08d |
| SHA512 | d75cabb6b23866f9c68d9ecc953d5d6f337dc48180a33ce9ed1ae12570be14d9521de670a8258cba02d5a45187d44f777b5e6d19a3537a36da00189bd613722f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 1fe82b538b595c072b222d69336f6bb9 |
| SHA1 | 4fb201490fda9d50a7fc1c79fad731707b2b15ce |
| SHA256 | fac1e0ba9874cbfa949a023cae57e0cd688ec76f6dbba6784dcfea528539f608 |
| SHA512 | e52bc963663ecb802c23ba688fb45ca27d17e779c205a35b59289cbe7ddd13c8e03056ee96a85ff8786d6eb1f73e267c0bbc6045a2900c25fdbf041dd1e745a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 4375a38c70e9df6a6659fd86011af239 |
| SHA1 | c9d57092713e80888bcdcb8c400ad5b433ebdf6a |
| SHA256 | 9ff497c716538fdc4916118e6af9712a15c7ecfef5a8227e7b669af36ffc5bb1 |
| SHA512 | 84d6ad779c5eb9f72ec6fc1510a5b4dc0d260ef936e8bc88e4d5074a9e72d77b7c68679754de75d2c7982f263bce060e8eb1750d39b625b2a78abaae6ede8ae6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 09dc42dbf44b8066097daf0108d31330 |
| SHA1 | 0f1d1ce0c8ca91e46b4080ffcd7a693868b6c643 |
| SHA256 | 489a44c5a9d9f654d9851f9690884e74e411dafd662de286cf7c83c59ed57af2 |
| SHA512 | 0b00fbb096e0df306452dcb660665d73c644bc972c34670040990a3f755b9498a05bb938a28613dee6f3190c54f24e99cad6a77145b506c1c7355141f860610f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3db33cd8e3d880e9b13f678bb0bcefe6 |
| SHA1 | 9b4a33418ca5bf324fef6b447fae064f7d1ed56e |
| SHA256 | d56b8e20e280091a818867766b92e209cb209222a2377f165ddfffa235079279 |
| SHA512 | abc6ba5b1c4bac6d118179492676c299d04c9480c2297ed1fde3927bc83e27087a4f0222b837858061be664da7be0bf9d35869690e6913cbe856a1aca52e1873 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c52516ae38dd3eceabcbbafe31106d9a |
| SHA1 | ec8baaa33b8e721d33b0672ed4ae9f0f4201368a |
| SHA256 | b124e92775a51850121e533b8c3febdf2ececa45467df5c334865637cfb73e61 |
| SHA512 | 51b29dee7edf3ffd68529be88c1c0bd8e75b56b7f4e2abcb34925f82976f1d949d7bf36675786b58d61b93eed2495aef2e4876cf41c14efaeb11bbb68a774925 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2991a9d264cb79ea5c10e93cad021f74 |
| SHA1 | f55c17cdedb1a49d94dd4691855628f25b4db9ed |
| SHA256 | 6873540ec17cad8ae8e27acf4443d037530a23cc24d29bd7ac8a3523de90f370 |
| SHA512 | 69f8dd70d5788062f1fa88ef4da2fed575fe429768988e9c8008d7906af387707d166f953652ca949110da9cc28218355da3ef306c8b456a06b916ba818d635d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7deb3987ce0e7551fcef225118e2e1ae |
| SHA1 | 811ac683cb00c63b37079acd527093e509c0b421 |
| SHA256 | 405011797e53797d06dbab03324e6159c69fe01c0e3ed63be98e55cb231595b8 |
| SHA512 | 266c0bb1f9bc34ba75b9b5df82a406cccc2177b2a95f31f39c84f6bfaed98dfc16e190be30e5c96e026c0a1bbea9dedffb5544cdb6cec08bc163ccd6416353e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5f31b3278166c398bfe57c3e2a5a1b26 |
| SHA1 | 52ed6b052ddcd508be1c8140972973f0f179f1b6 |
| SHA256 | e3bb0c7c167062f6786bcac7689eb4e8ba9b24a3f654f7b52dfbb3b4955ec052 |
| SHA512 | b1edcfaefb01d005779aa3d94241a092fb101d5abc25768a2bbe0ef6d7f34ea69114172a56b73cc559d45016f7a3bd04ef4eed0927155d9fdf0c5135bfae2987 |
C:\Users\Admin\Downloads\WinRGBDestructive.zip
| MD5 | 2ccf48c0f0e4379e7fe1290008e9e27b |
| SHA1 | 4841ae2ef01eb9cf6046034ee605eb0082efcd48 |
| SHA256 | f14dc938825e26808ceb544d8dbdeea14a3e88ee299d9b07f60b851e4f4b188b |
| SHA512 | ead74378f562cf24cd9b52917a0a6dac93659f7714f6b5477ded57e28fb9c93a67611fec4744b4c63cc95f634e3520724775ec263498fc8e0c5cb77719aa0671 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b849594a0abf939e15e08a61de770848 |
| SHA1 | 9d901bd7d8e3c9c19d20c9b8a0ade61ab863a230 |
| SHA256 | 99dc9d85093178028f5fd3836b0d3818425304d421780d0285058ce41015353e |
| SHA512 | 7b3da23c994258068a84c9d80afdc31c5e6675bd6cf28b4d6916283acc87545b009eb38eaa45e996f01d1610407fea8f690bba9076d4f4fd2163af84842f7977 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2fcc111bfd89c099ee58e74ed749d242 |
| SHA1 | 00ea29966c6d69f3bea7524e3462d7720abe704e |
| SHA256 | 70e628fb8be547bad5117a28f99d19aa33caf9b44f1f5abd49c8b5d92a4d118c |
| SHA512 | 0d24ab83b5bb8db6f4b1fd13b9c12cbe98445693050beebf01825bc60f3a08ec5ea1b8c7659f567ca2fca4cd7bbbda0db148ee5b87697da85f07e24609179869 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d0d50df749038255467dbc1565ca5079 |
| SHA1 | 584fd4dad8ec09d54f77fda0da3fa83596984ab1 |
| SHA256 | 5a4053934460248f985ea7695fc8d025b36d928db44f1884058d909948b658b5 |
| SHA512 | 1ff7cbb63f8ec16c20ab42f65ac4464f735aa640cbd0aac03acf0476a09a562a38ff5c69a7cb73907cd75e2422df2ad56e7bdcfb594e935738b01d166bb5758f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8aec998678c9deff1d8b5c3c495bf69f |
| SHA1 | 68695b327e8dda17bc5fbdd5fd8031658ba1c2a7 |
| SHA256 | ac0e6fa25ccc1b489a9b890fe08f871ee369980f0bbb79d8afa6e114ea925061 |
| SHA512 | 649af12b25a4203436540a314bdc9fa6697ff8bbdbe93671f46d9fdc6f8720bf22a29ba5fc81ff978f8df070b6b3c68180cbede4de32f3bcf1f862f10118c350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 652159d797fabcb70269a8c766c88830 |
| SHA1 | 85fbe836062b7e158c542309797e369dc0191f7c |
| SHA256 | cfde3998df61ee54fb60027955d98133301be5758d63e1dcbd77d906b54162c5 |
| SHA512 | 30b7c9fd1d6655d9401472dac1b08039fcdd762997169b3467e3b7c81b24f5db2f596617ae74285f71ce0ce2e2ca303bbe3c34e4cdddab55381e242ae40ac4a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 8879114480a93c6710adb0dfade85f46 |
| SHA1 | e3903d945f9f3f3d2fb6d1f5a137129193045bb0 |
| SHA256 | 243a7d2c9f860bf06eedc5c2f12e4253077d8f6874e6ea9a1cf5f9b15c6263df |
| SHA512 | 1a9be4763831b47c69d6ea4743543dcbaa33fa77c7536126e99eb520e42667ec004d26baf3527b9d07dc6ebd304e80e7bdc0683ae54729cf6ea8839980336300 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\7b898fa6-8b71-4ac3-8991-119454766442.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 683f52e28de88ad2f163395481f1727b |
| SHA1 | dc68b0fff31442e269fd46efb030bb59e1f901e5 |
| SHA256 | ebc86d010315dd1ab09ac64bae9c11124a0a3ad2cf1c213743dc1d2552246c76 |
| SHA512 | 18968c23fe90f7cbbd5005aa237399a414fc119a0de232f8d6745e81126b8609833284b2ec62d6432772313bfe4cece6e542d00c97368fff5f9132228f248ea2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a60a98c838212c811c9c33b74426038c |
| SHA1 | a0195a34150cdf1c767bdf468d5eee117893a317 |
| SHA256 | 7ce0c0c2db511a4c2672122f856be9db7953b15baf69208a152ce471207944e6 |
| SHA512 | 82b258f9787906c245d137a1b1aaf5f25437454cdac260ca5f7244fde69f791c739af8f84ed1fd23140b154298ddcd3db7c5ec1ca0beb502fd148da892ffcf9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3cf442a3a7289a50d35c0ccc07fea869 |
| SHA1 | 7e7555cac9a1fb520293fe7559742d05bc9f6188 |
| SHA256 | 353761bb58cc1d5df859f98117128f72f81c245459412a651e232690da332786 |
| SHA512 | 747249dafe8985ec378bf30e099af7f15bc33f7b40420139a2f4e8b8830bd043288c0710c6ab5c91afdaba2235688b59417c5411367b36a197b081a30f1abdda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 60b58f9e75e0149cb0313c60acfa9cba |
| SHA1 | 09d7bbda0aa4422fc2d347e85393c40d3b9dc168 |
| SHA256 | 33b68016b2cf7ab793f43b451af0db2a6e0cc7f31842648777ef8d5620953834 |
| SHA512 | f048a7797a717cc87d42f46bd8b2da1683077a177f697982f0bd51b7516d5c9d5f5500946e08f91cf5ad162b6733248fbcc9e38527e4c4f4dbbf9533158d36c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec4bc9f844e9fcb83c27ead818341683 |
| SHA1 | 54b91f55e92032054491edfb66d2ba7687a5e76a |
| SHA256 | be575dcc3b9daf9e9e2b2839918d0cdcffae046a64525079c4d0182a59464028 |
| SHA512 | be54f309471feb29b94f1b6c9c7994558cd8fe5a3b9ab53e8ea246ea69e003f0b9471a1e3f806fdf495b251db86ee665e182a6b1d4738d60ad6bf5bd7413f8db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7f77a7c69220c0fbd58d4a34fc4c9b5a |
| SHA1 | 98d18f42e3c74dede9ccd6aebf3d6f02d84975ff |
| SHA256 | d0c6e64ea7f87e0e91c899d8048a35b09c32e0f2d8796cd96e171b398b75d054 |
| SHA512 | acea2c7d22e4252ed70f62d6105be2ef32ff90f52fd58f1d8f29dceb133b4b4c76cc4f2945c44fb2fbcd9c845b48a5467ae2440a8a9cb3116f10076eb1ade4f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 326993f68f645b7c879655cb910a481b |
| SHA1 | 95717db0b6a85ba68e9d951e3db4b701ee67c9ae |
| SHA256 | 594e8e82ad685cf1e72d28a953bb31d19eb32a5b227666f2d038dfac92b49612 |
| SHA512 | cea2693a30862a72874906964a448559db8f5ce3bee56cf5cd73877d3337006d1d6d590ae1c558f05c030f1b63cab76d54b8b18e3f4c06eb3c95fd1649bdb7ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b1df5d0e6f9f84ef7163c4b4727ab962 |
| SHA1 | a99d5346b9315bf6b677c35f6a77db744cc7fddf |
| SHA256 | 05122103f12bd613ec3ed5499636355167a0ba2bc4280e5bf78de8e44a78cabe |
| SHA512 | 467fa67310e7bdc55bb28d89d6b54428ff5d085f957a0eead38ccbab06c967de7bde5c03af6456d2bea0fadb2fe26a941d7129c10c883f09ced488dd3861152d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 2280e0e4c8efa0f5fc1c10980425f5cf |
| SHA1 | 1d78ccb26fef7f1bf5bf29de100811e1ac8bda23 |
| SHA256 | b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74 |
| SHA512 | b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e87027f71501b35b6f43e66204e33b46 |
| SHA1 | e017581c055a4fa1ebf0ffee0ddefea201703a23 |
| SHA256 | 3c69f8aef819f8d722ed7b44d57de98e79bac7db184ed32ff526e13f3c7cfbad |
| SHA512 | f8e785508a81019be62a8242e9f664527a5bae9460887f3af542c01e9e3b072b8026252f888c68f0ee8cf32be5139fa42f1cf691cbc549cebd6e250acf35e3f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 4bdb35f3f515f0cf3044e6a9684843b1 |
| SHA1 | 12c960465daf100b06c58c271420a6be3dc508ae |
| SHA256 | b835bd77e17447a2dacfce2645a5e812733fe5a777a5e45d9daa56d28675cbef |
| SHA512 | 9fa600b87843759b632c2d384596109cf1fb149a5ab38524cf43cab5833cb25c355479aee90d60462764200108cde5ec71f0988504c97ad09e25975cac65bfe5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | b9295fe93f7bb58d97cc858e302878a9 |
| SHA1 | 34c6b1246cad4841aa1522cbd41146f9a547e8c5 |
| SHA256 | c0233c9b273aae7df532a992e710aaec409455b4b413b89a25854e9fb215c36c |
| SHA512 | 4c44ddbd35807653a60e2718dbd2ea85f09d7107b270045bcc2484e2a0ba977fbbb5739236ce7edb71d584c8f68df31fa3bdd03229eeace60c19662469adafc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | edbf9beb56d164c98d7c91af3f73048a |
| SHA1 | e9e31896b8182f4f9606e08c7d23df3227d8c770 |
| SHA256 | 043b65b069a06cb072849f001b12803bf6f647df12fb6711a996e4c4f89d6035 |
| SHA512 | 574af32006abd1460e60826e85dfbd97b37437c1c95430fbb83d9a37d8db4b8ac46f93e3975a478e0f9e00e22539b9ec0fb0ae92d35aa8dda116a9148eb9846e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 80395129670b9d6cb7555496ebb6193a |
| SHA1 | a40211334f3c667ab1ac6cc2090fb0482de8e29e |
| SHA256 | 8752fab55a1477a2a70bb0734cc5379866310fa423f528786a21cc5ac60705cf |
| SHA512 | 2a2febb1b1514cd4ff449d3308df54cb9f00519fde0dd54e23379b001a370bd69a2e96e10d85eee14dae4428084fad7f0806364a54fa82c1d97ba7ec00b2afdc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7abf0caa7a1d59de110c9e8e96fcb69a |
| SHA1 | 6202d9f391709c0c4384c737fd9d4afce7af0b09 |
| SHA256 | 64fcd930985f0d90c20b39bd5ff8eb2839b47b3ae7166d671b4bae49a313f3c5 |
| SHA512 | 513110f1788653b970778c091c7d76be145b8ff3101442f3192239e316d50be19c5d58da8a62220f99fa9c6c90d7e45a0536c7142d9a8b0263045107632ad275 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ba2ae9abd474a551bebdc8d7b09b0004 |
| SHA1 | 42f572aaa33708f2160f45cbd7a9de980a88b638 |
| SHA256 | 907e348316807751d46388083cab326bb5e919fd7082f47d83949b81fa208f2c |
| SHA512 | 1ed455a32c4437f412dd7398137e28d7bacddf8e7e0aec51eb527c3ad778c97fdfff9cbfeb5b64f2ee1503d6685fcd2a1ad27118baf16a66f2d108a58b57f0dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031
| MD5 | 0e52c094a93d5bcd8875cce575d7da9a |
| SHA1 | de9ecbf399f77a497c96c1a4b3509153ad9751a2 |
| SHA256 | abafb66ae53e45e075a02ab40e19bc2dbb0126d83f4da5f1fbd3bed1a4b4fdce |
| SHA512 | b2cbb5075eb1cf84b9b24c2a2f3165675496d506d5e98a8868c18514c5740c366b5a29a925dcf6f6cacdb8ce6e39eb8673b15ebb55c5e9078e0d7eff631905cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | c16e1c136cf1145dc9f9c316f7202ead |
| SHA1 | 03702b11db49b08a0e18b456fbccd7acdf694d2e |
| SHA256 | 13b146cae0a6f8cdd95c6b03483cc52fbea6dbb1ba1b70a07ab101b1a6c880c0 |
| SHA512 | 22dd54f959ab1050b4585128d3df63ea64ee13eb0f92e254795bef75642452e36dbbc2c0fceda2a8090b5b2a43d299a94c59a74aaba67af4f4b2e6895a4664d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033
| MD5 | 41aa1302e61cdf4f5f01a713101f9e16 |
| SHA1 | 37ebced00331767d769990b89001fae62fea7241 |
| SHA256 | 774b0bd311acd765c82224148a83bae0e360f9216e31a8430f8715246bbc4f92 |
| SHA512 | 05804304bdfe0ea24d79c03e4fa8621b915a1f58b91eacdccce50a0706fee31e372357bbfdfa17415149096fd149bec32eb6fdb009c8337d87b2cff319c5bd8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c982b5a9cd4d1cf0eeafb587396dfd57 |
| SHA1 | a43679c52cb6fd4561405d1649fd1c963be66baa |
| SHA256 | 469b90bfde9d04051062cc2cb983e9679c9c3c503cd77fd4eb5094bf9bd18b12 |
| SHA512 | 6e790e24044453eb41948c93a3aee394cf791d1f82b529abf66b3a925a5bd0432db0d53ab3538cab936acc177af40d8f06b13a3c7d8ec878b065e75d88d74e79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 64254ab3d99e3fe6360362d829b8a2a2 |
| SHA1 | 90ca01a98e989926e1a6b9e34f714938aa44d8fc |
| SHA256 | 0d04940963092a505f441217e7cc06b1f60c096da68edcdda90d4c227a86a94a |
| SHA512 | 97678925aab6ee6bce9dd92063cbe52f3ea003f2cb923e6340928ecffa6de671482fe0457aedaf32c037b1fb685a2310767430dcb1b78ad1ea12253092b5e74c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | 5fa6d6c5283b1b8a3e7640a0844beb67 |
| SHA1 | ae48434c3b09b6e99b76df79ea8747952ed46d22 |
| SHA256 | d9b4c7088716700cdc39d7dbbbb7ea34371985d23f5bc89073f5872faa645c69 |
| SHA512 | dadc435b349d00b85ba0e47657f438fdc59bb86283c841f39d076eb3891a0e0c6ec9ebf2159f0775066c79dbb36ac17ed6d6c7ba381c20c6e7ca0e106df2ab35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 783402983e5407fd97ae329bcacdbfae |
| SHA1 | 9d32ff816e1b6547895f3eaeb93ad3e13e551165 |
| SHA256 | eee0f62ab0053d756bec180c76adb6c0e67fe4c406860422a75ffbcc2c57f8c9 |
| SHA512 | fa68310edf53ecf197a956c8121143e2d202fe5f94bef08021fbd66d37f5346a151354d7ad9c0c9af35e1ea81246e6827c3f8964393e0c60ceaa2609426aea26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0143e0e2f15446be11e0f84acfb914f4 |
| SHA1 | 7d9af62f916110eead91c03935cc8cf9110e61d0 |
| SHA256 | 52f6fa58852b387d2455ddd5887f09dbe776cf02e6a3b8c0cf98c177d66a9e49 |
| SHA512 | b5832439d465909bab2289e1a98b117609a60eff4b15f9f3f5c3e845fe1f9c0ad1e2a8587bf345a14e0b0eb64f72c40ef899fc71d70bce794b65f6a85eaecd0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | dce1e6289f5eaacc5392c2541619793d |
| SHA1 | ef1d699cce26c2eeb1d7b8aa93d5955cfab7ee98 |
| SHA256 | e2effb8c735516c82ffe4b9b21853a83776dbf8784047d39de90b473d744c8f1 |
| SHA512 | 60018281ed00518d388abd4d410358ac3b3480dc7e2f514bdcc09c15447557498ea9f70ff19a7a4523f2e70568054554d2f0c06d9435b08c6dcd82d0251ac1a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a3cb374e63655e1bf545a46b6033b0f1 |
| SHA1 | e8f40509d963df23917974dab6cdb0b917997aa8 |
| SHA256 | 0b66db3a339b982477840f0171d06968c775f526de6499e0c3c9579f297c6714 |
| SHA512 | 30a0fd6ac2a12ba78f0d3b4e453bfea0e63f2a3e973b51661e5a6255ccd196301e0c73beef83708148a981d80c5ef1ffb79fec3d19b60fb383c94963197645d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5e648b33f9de9888c8b4cd6aee67f21d |
| SHA1 | df796fb7d1487072db4d509a273445d8c8d20e13 |
| SHA256 | da9459789db38438bbed52a1fdee7a9dcc96a1e7c164970bcbd9ee7029a25ad1 |
| SHA512 | cd6bd20b538a6747b8ccb86d0797bde8104366abae654ac64c4a91b2a3cba7e69e08c52b23f53def443e61d16a86dc61d6cfb9513df6896bc0c1bd9ef65f9c19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | cdd44c0ed3fbe45f1e51faa98ba3d35c |
| SHA1 | d932e78acf31d779a4cdb0b4e8a54358b787b803 |
| SHA256 | 6caa5f951371b1c291315f4c2d54bdc4f0c1e5366fc56095f9ab61fecc0e3393 |
| SHA512 | 1693c6a016f94e0bfe57d0f8b1e8d6340e926a56dc9117f5b5f9f299902a675a921c5fb77a87aa446577c4826b12d817947023e8457e8e173d9078e2e1463ced |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483329f245ce10efb1c76b473f14d61d |
| SHA1 | 6937cf5bfa5600b72a1584f797bc15c5a00b1099 |
| SHA256 | c0ee26fe7df90cd8133df82b8cc784a93730eac718442990b826320ebab8b450 |
| SHA512 | c3e6ed7d66b8a158f4552a66cb5794e3b4d45a4fdf40de6407e0b770a691b6b0599cd38697ae199ec88daf929dc9c8929ca5a8a8c1e171290580ba0eedeae725 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e3c46c90fbea347dfdf6924223c7ff10 |
| SHA1 | 7f200eb6fe88fee77a34604021bd36a6cfb85ff7 |
| SHA256 | f878c47d439ae715a60698499b9480146594d1f2ab143f274937f665d9b8b5eb |
| SHA512 | dfd72c8b262b80b6a3da7573ae1e9b20fc038e76449c066ee5caf64a302526f0b0c7e84d32185cae0f8a2c2e506fcf8363ccbcac1af3f316768a2957f993ddab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 71d7aff55ca133570bad7e04e7cc4331 |
| SHA1 | 0d5b14d0156dd2c1ab64916f194261aea53beeb5 |
| SHA256 | c58dd88fc294635a9aed5911cc86c3ad78f5b10191db92945b31bbdd80c611ad |
| SHA512 | 615bfb36a88f48b720ec7b2a7fde30504db0d7d5c863d57be58607c35c490809f3e310b7be166c59c2afd9524c851b5099afcb6a21119df91988819deb85c338 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | bbc630407f310ed54a80221483990cf2 |
| SHA1 | 3d59203b2497a73677f5e2d6538212bdfa166600 |
| SHA256 | a3c450529ce95124974e17e15557a59b98355c4d4a5260e9d146abc1997131a6 |
| SHA512 | 1cffe622da5a48dffec02cce8d3ecf55aeb62fe8adb4c618b7db65ab45a115e00ee51990b026998eaa06686aadc861cce76c042ee7a2eab54f48a5287913747e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | d310da8efc9ec9529bb7c7ba3af4772b |
| SHA1 | f0ad039405299edaad803014521928ffed7d67f6 |
| SHA256 | c5bf2c018fae2749995916180c081bb5e03bd585c5e2d8f07daf5b1531712989 |
| SHA512 | 527c1894e7dd76ade6ab7f86e54d7b2ec160d106839afa077a60b70038fb39c11bf775909a475ecbdbde2e2f0224c900c849a4319ab912264ca8f44f7936cb87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 07f6ca20b0944564715803e4e4182ab0 |
| SHA1 | 01876401c3688ee7e88d5ebe9be5dd01df028616 |
| SHA256 | 762a9f5c4957949f1a405a161d603b80e59f57a7c7ff99117640872470afb785 |
| SHA512 | 40a36256fd21b19d68e96676a9e4e859d66e76871bf122655a80e5d8d5af625c831a2f4b060fef423453938a06065d4f415a1dab5cdb76916dfd2b3486fc68d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dfa2d60a0658897215568fcd0f8c65dd |
| SHA1 | 44e6ef2c21d5e29b6c71cf03f7e0182573f70dec |
| SHA256 | 6587da7d066383bab5c53f1d4375036583d9c439fbd23ee67e921a15333fdd9d |
| SHA512 | 1d2d1cf165e0b2262e9618d724374886407bfbeaa5850783b0703baff68060521584f6f8e59c6791136ec3a75ecf3da559db0cfbd8c31e35f134e00689eec034 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c5686683fcf181539d3f1b253041c6f4 |
| SHA1 | 02db6a68c843e6aaccb8f4874795678bc59884ef |
| SHA256 | 1c61d95e06ec6c92eabdad82c02635f020900c1c584585cc1ca38c8e8ff19bed |
| SHA512 | 3b877593e012d7f1f6f2dc61b87c45ec12424df1592385dfcaaac1a9ced9896c845dfce4bab0a7a09b3d2992357e305ac61a99a73be86a243b11a5f315e8df15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b6e7a7d7261437bff3ec7c4b9b1945cb |
| SHA1 | d46551c39a19f17e2dbf444c74e2e187088524e1 |
| SHA256 | c788d68921ad48afbbe82b3b4ab045ebba873493cd35aa5f13572fc67f24b8cf |
| SHA512 | 3082f5abf946f3dc9b3c29bb0875ace46d2937124d95f0bc0a675d9a21f88ab8345dc5d4cf0140cb666a841a3ec891a93ed7e55aac2283706bab9e93e99049a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5bc03e223f43a50ddaea5b0a53a19fc5 |
| SHA1 | 952bc5720b63f163cf27976957bb88a15626bc08 |
| SHA256 | 57424d9f09dba4e36d1e0b163ac4bd7025d7ecb30b457659cc9f6c7a6902e658 |
| SHA512 | 7855e60d23b9cac5e9d4e3b2db05344a5aad3a89e0b9d633d9b7bee99e9c90c3c87c8e0b2e51ca98328c39aa85f035f9aa3b54fbeb007e59d683c536ae1e1bbb |
C:\Users\Admin\Downloads\ChilledWindows.zip
| MD5 | 5806c691583167135665b6aac348d3b8 |
| SHA1 | 34d14feafac0946097fbbc03e3be2b235392587d |
| SHA256 | 00cf66b0bab94b1ae74d534160a801315df8a7efea764cda906af49f99be54e9 |
| SHA512 | dbcda2362ba5aaba904087a512e3423e2356f0e824e4bd4de99f277316afb32e03d6f8ea109d4d046ba9f14fc32f21a5d80cceb982fbce529c6f15abd7c6fa7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d7d48306c9072f62deb86866cb376334 |
| SHA1 | ef649713b4ab6f74591452f04cb3f1c0b20f1494 |
| SHA256 | 37be9be8fee94852142c245b7c2ae487ab247ef4c72d1eb5bb94a597e3e1e57f |
| SHA512 | 570a6ed8512f0b10a23dc09f7e76aa5a05cbb1271f2426f5e4c9033a249649468dc15d672a16f5c0512a2fb577d02e0b9955b0a48bf20c553bc1dc4b261e9afe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8f843b259eecb38a8df5622f3d4d59d2 |
| SHA1 | 9d424f6e716a1fbc50084cb59c327125a3872fb9 |
| SHA256 | 3f98e75d428c0deaa4f1db0e10a54d16ecf159e177bad413afb687a38bc2d876 |
| SHA512 | aedee2a6e539b402305437a66eb5e7e52c701503fc56783387f84972f2c6eacba9e1a8066e6db84e3d0c9418b2b125ee4c04af5800da3093045e737ba0e0d106 |
C:\Users\Admin\Downloads\Avoid.zip
| MD5 | 19851e369fc50763189442e3c6694712 |
| SHA1 | d2e47f277743f3c4253bc2ce85bb40cc67c87b8f |
| SHA256 | 8a9d0115b56f9a6a8ed231d3400e1362425e265e5944a0ec0903a70e888ab171 |
| SHA512 | f79ba6f1219f8e10cadc3a4a5c8ab2051affe3b9bf7a4edaed505dd3acddcd57327f6cb1f728e37a74a78d685a9bd244313a629cdffea58a219a7eb4615f31de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9c73088e03fb74d47ca79b8c32e2aff0 |
| SHA1 | 0b32b58971986edd69818da907c9b879010a2c45 |
| SHA256 | 595f799a8803bf7892ef4568b5c70e5bff8416e55d8e88862d09a91e336beac9 |
| SHA512 | f78d557acf8f9fa0cd37b365b49ed3e83a42a362517f5409c5364898d40f1c712cad2796c3e01d6b166920ba2fc14af4124c21f51c7322dfc42abdde813532fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c27056af99f3aeb6f9ef0932c3076ba |
| SHA1 | 193585948323cc4487f6a25c3a5b2ead32bc8664 |
| SHA256 | 6c7f8185822d7e12a7ac11bbc25988ce54317dcc47f16c9c3137b4b04083b361 |
| SHA512 | a2c3190255f563a08777b1a8701fb8828b3198dedb82509f05cb98bf13b277a444246b6a4d42e1c8a6941426b85cebe19fb132c4fe836a02bcc5af3ee45b4088 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2b345241afe976755aebfc2c64100698 |
| SHA1 | 1b6d4d2dad51e572932a827e41b05105a33ef1ca |
| SHA256 | d9b4181d0f09d772b969526e8f16a7ea4add4bf02fda90c0eb06f050920346a9 |
| SHA512 | 989a8362d0f93aea22d218fb6571b10275e237e679a7cf43383ca8801b88a7715e98ac4efa7c0bf07660780baa06d2e1ebca2302ca0e7514f0d2ae8323a09683 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2ec9c5867ef098992bc05cc14931ac5e |
| SHA1 | 233a2e71a8192179b809c992eca859c0d23ef90b |
| SHA256 | 5570043d6d2986a73a6b9a45ffd3878f041497ea5676e7712f7f6762e75e877b |
| SHA512 | 23d0e44c74968c6be4f4d97ee05b953c8e9da359c8b73ea86696dd2a13319452dd6deefed2a4473150b4bffd3b5e27aefecba9d14942390ac1ae7ac640c39d85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b6095702d80a8c2957e942fab258d912 |
| SHA1 | c59a4b32afbc15a3e01899638760f6b9c3403f72 |
| SHA256 | 0b2840af3cb64590ed2a32e6f205d70f4715687c2ac78295ba72317d0fb93e4f |
| SHA512 | ec8e2f0066146894454159b5a69874ac842bea0c297d74373b915eab683c8d97ff9072fe3d5a039a6e382c9043036b46848c557353624efd71c7b2f6b94ab71a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 62dd487cc5c5bbbc5a7b5bbff72d3f42 |
| SHA1 | b1d9bcbb166160cd75a0f0e1bf72ed4f8890a138 |
| SHA256 | 44d5250ba6330c42e862b028761a831353689ba42c13ae2e84634835a5d484dd |
| SHA512 | 67912ca2e7cd4bf7d240e77f00c3dd53b4b4f93990b0b14bb0bd71e6bca92b37a918510a84fdcb7cfe34e41c820f399cf6a85add4aafd2c962acfb9299e5b167 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cb7029b046b8f466b93a423cda4193b1 |
| SHA1 | b5d0af7e3baed7bf69f42b0d19b133ea61d15cc2 |
| SHA256 | e3f05d5ad439201c2e228e65c1f29315dcfb0517d121aa4e00bb4ad2176cdc2e |
| SHA512 | aeadc28cf7a996ad187923010b8413b6865877c05953bc60cffc9c8d76cee72b4fa61ab1d2b06ebf9084aa3d56eb867ec8427715063aeda64ad7b68802afc030 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 29230597763f806237ce6facc5f3916b |
| SHA1 | 3f72f9925eef8a45161713920e95b787ab17a778 |
| SHA256 | 66a9cc5073ef666d15c8eadac646dcff223be45cbcabe3c604faeeac9acff7a8 |
| SHA512 | 95287279d88c10e6fbe5fb646cc12620413674bbfe54945c0f90b6ee130f571043fcbd3da80cdff3447a08cecd0714bd0bd0bbdac683c6659a05fe19fd1c3cb6 |
C:\Users\Admin\Downloads\Unconfirmed 8373.crdownload
| MD5 | e263c5b306480143855655233f76dc5a |
| SHA1 | e7dcd6c23c72209ee5aa0890372de1ce52045815 |
| SHA256 | 1f69810b8fe71e30a8738278adf09dd982f7de0ab9891d296ce7ea61b3fa4f69 |
| SHA512 | e95981eae02d0a8bf44493c64cca8b7e50023332e91d75164735a1d0e38138f358100c93633ff3a0652e1c12a5155cba77d81e01027422d7d5f71000eafb4113 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3797b0379b3451c0bb172c05a17baba1 |
| SHA1 | c730c15dd45cb44e544e767359db25e27eb40c4b |
| SHA256 | 6ee30289a9a50d5cfd45d2f3fbf2676f13c49d6576bd1eb1d32a47edc15009e5 |
| SHA512 | df4ccb3a0f0ccd63eff80edd2e35dfaa2a96de7d0d461ae1b910b1497d9f83b78a1e9f5d36f48aa15702bd88a4126b1a85843810ff0f97971a5a59fb540c95a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b0c81e5f84a54ebffa99723089bf5c96 |
| SHA1 | 985d105f0ffbba31c0807da2d18cfb11a9e4f447 |
| SHA256 | 21c042785722dff0de90ef9d2262de625c9980182b1b3af9d5c9ef65b2de80b7 |
| SHA512 | 317bee7a5f7be8ecc733df4f62d6a886400e3b20296dceda76f2907604c12d8c0fb0a260405b40705dbe1cf7b0df3356e13a778e934314bfdaad772901dc72ed |
memory/1884-2498-0x0000000000B00000-0x0000000000B72000-memory.dmp
memory/1884-2499-0x00000000054C0000-0x000000000555C000-memory.dmp
memory/1884-2500-0x0000000005600000-0x0000000005656000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1f6ef00ab5658dfa9fb375e87f9d3149 |
| SHA1 | bc9bd2c871bdb6871da43bb13f7477095930bee8 |
| SHA256 | 14f8dda501463c0e351a7583dc9350043e6a2d503713ff171dc485e6c07e3686 |
| SHA512 | dd5c13469487224cd33f48b25ba48bafd0ad2ba546d18571101c93059c0e3bc042348604e387f36c9c3b1dfeb8b2ec9a225a219caf0bc942ae8ca0e70078bbb5 |
C:\Users\Admin\Downloads\Unconfirmed 711898.crdownload
| MD5 | f2b7074e1543720a9a98fda660e02688 |
| SHA1 | 1029492c1a12789d8af78d54adcb921e24b9e5ca |
| SHA256 | 4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966 |
| SHA512 | 73f9548633bc38bab64b1dd5a01401ef7f5b139163bdf291cc475dbd2613510c4c5e4d7702ecdfa74b49f3c9eaed37ed23b9d8f0064c66123eb0769c8671c6ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ceec93255bfa1f17a2b17ca9be988a1f |
| SHA1 | ebe400a52340834acba4d080e8cbd63db8f5d1e6 |
| SHA256 | 15da167c826ba28899aa99e589a80a5f9157e55da7d594e740e63ddbcc45fe79 |
| SHA512 | 6ad779683c1fa26d1266544548bd1762618acc2af94f17d32482c948eea042d93ef1d0804a4499bdca4285356fdd43fdee3978d805108f8dfb7491eba5671b95 |
memory/928-2556-0x0000000000E80000-0x000000000152E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ddf14157f1f3c5e875bb5662b6936f9b |
| SHA1 | a23689d9136ed399712214ffbee8764da5c1bf1b |
| SHA256 | 03cb3743bf2e25555bfbf3ba9a2680ed9eb83ebeda65b721e9693a3865844ddc |
| SHA512 | 3ea59d2da098c37ca36447e5a7d5e2c1a3e298c5d838d22024eaa9a19e81c37d53b3822edadd15ce7466a859124434989c949e2bd8b2346f0bca1814ac212670 |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
memory/928-2583-0x000000000BF20000-0x000000000BF2E000-memory.dmp
memory/928-2582-0x000000000C1C0000-0x000000000C1F8000-memory.dmp
memory/928-2589-0x000000000C200000-0x000000000C210000-memory.dmp
memory/928-2588-0x000000000C200000-0x000000000C210000-memory.dmp
memory/928-2587-0x000000000C200000-0x000000000C210000-memory.dmp
memory/928-2586-0x000000000C200000-0x000000000C210000-memory.dmp
memory/928-2593-0x000000000C200000-0x000000000C210000-memory.dmp
memory/928-2594-0x000000000C880000-0x000000000C890000-memory.dmp
memory/928-2592-0x000000000C200000-0x000000000C210000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 8a410ca32cfa68b6af87dd2a15895e22 |
| SHA1 | 78218033b8278df0e23513baaffdfc346efaf5cb |
| SHA256 | 078710f879b2d154a2ca8d9983b4ba9a90fc0be52a52c98658ad9c2c5fa5592c |
| SHA512 | de46b955a9e9ca25d045efae4f34367a5b5832d36e49291d0c5e237381af12045a479b0d53777ab135db15b7af09f24152d48210ba24e4ffe0bc815b9936972e |
memory/928-2590-0x000000000C880000-0x000000000C890000-memory.dmp
memory/928-2591-0x000000000C880000-0x000000000C890000-memory.dmp
C:\Users\Admin\Desktop\UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR N1XT.txt
| MD5 | 9037ebf0a18a1c17537832bc73739109 |
| SHA1 | 1d951dedfa4c172a1aa1aae096cfb576c1fb1d60 |
| SHA256 | 38c889b5d7bdcb79bbcb55554c520a9ce74b5bfc29c19d1e4cb1419176c99f48 |
| SHA512 | 4fb5c06089524c6dcd48b6d165cedb488e9efe2d27613289ef8834dbb6c010632d2bd5e3ac75f83b1d8024477ebdf05b9e0809602bbe1780528947c36e4de32f |