Analysis Overview
Threat Level: Likely malicious
The file http://google.com was found to be: Likely malicious.
Malicious Activity Summary
Boot or Logon Autostart Execution: Active Setup
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
Event Triggered Execution: Component Object Model Hijacking
Loads dropped DLL
Checks computer location settings
Executes dropped EXE
Adds Run key to start application
Installs/modifies Browser Helper Object
Checks installed software on the system
Drops file in System32 directory
Detected potential entity reuse from brand microsoft.
Checks system information in the registry
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Modifies registry class
Uses Task Scheduler COM API
Enumerates system info in registry
System policy modification
Checks processor information in registry
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Modifies Internet Explorer settings
NTFS ADS
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-01 20:02
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-01 20:02
Reported
2024-07-01 20:14
Platform
win10v2004-20240611-en
Max time kernel
690s
Max time network
693s
Command Line
Signatures
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\126.0.2592.81\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\e58bea8\winzip28-bing.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Program Files\7-Zip\7zFM.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\!BCILauncher = "\"C:\\Windows\\Temp\\MUBSTemp\\BCILauncher.EXE\" bgaupmi=E014B5FC31C640D2B23EA9F59EC99961" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BB556A23-BF8D-41B3-B337-33D9F5273A21}\BGAUpdate.exe | N/A |
Checks installed software on the system
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Detected potential entity reuse from brand microsoft.
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\dual_engine_adapter_x64.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Trust Protection Lists\Sigma\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\msedge.dll.sig | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\MEIPreload\preloaded_data.pb | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Locales\bn-IN.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdateres_ga.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\ca.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\v8_context_snapshot.bin | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\identity_proxy\win11\identity_helper.Sparse.Dev.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdateres_nl.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ta.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Installer\setup.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\af.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\hi.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\tr.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdateres_af.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\kk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdateres_hi.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\da.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\mt.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\msedge_proxy.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\VisualElements\LogoCanary.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\bg.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\pl.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\ne.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\identity_proxy\dev.identity_helper.exe.manifest | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\da.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\es.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\SETUP.EX_ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\MicrosoftEdge_X64_126.0.2592.81.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\mt.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\VisualElements\SmallLogoCanary.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\VisualElements\SmallLogoBeta.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Trust Protection Lists\Mu\Cryptomining | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\SetupMetrics\b8b2bd03-ac98-44be-ab30-96800b21fa4e.tmp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\bn-IN.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\zh-TW.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Trust Protection Lists\Sigma\Staging | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\msedge_elf.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\libEGL.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\oneauth.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Trust Protection Lists\Sigma\Staging | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Trust Protection Lists\Mu\Analytics | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\edge_feedback\mf_trace.wprp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ko.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\resources.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\ffmpeg.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\kk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Locales\el.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\MEIPreload\preloaded_data.pb | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\v8_context_snapshot.bin | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\cy.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\identity_proxy\win10\identity_helper.Sparse.Dev.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\microsoft_shell_integration.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\ms.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\cs.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\VisualElements\Logo.png | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\pwahelper.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Trust Protection Lists\manifest.json | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdateres_iw.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\mspdf.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\AppCompat\Programs\Amcache.hve.tmp | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\SysWOW64\wermgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\SysWOW64\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Windows\SysWOW64\wermgr.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\126.0.2592.81\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\126.0.2592.81\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO\CurVer\ = "ie_to_edge_bho.IEToEdgeBHO.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\ie_to_edge_bho.dll\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\MicrosoftEdgeUpdateBroker.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\ = "Microsoft Edge Update Legacy On Demand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback.1.0\CLSID\ = "{77857D02-7A25-4B67-9266-3E122A8F39E4}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.htm | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.187.41\\psmachine.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{82CCB536-D2EE-4F19-9067-40531F08D1D4}\InprocHandler32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\CLSID\ = "{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{82CCB536-D2EE-4F19-9067-40531F08D1D4}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgePDF\shell\runas\command\ = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe\" --do-not-de-elevate --single-argument %1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.pdf | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 794012.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\e58bea8\winzip28-bing.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\winzip28-bing.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\e58bee6\winzip28-bing.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\winzip28-bing.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\e58c520\winzip28-bing.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\winzip28-bing.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\e58c5eb\winzip28-bing.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\winzip28-bing.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 36294.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd66c246f8,0x7ffd66c24708,0x7ffd66c24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5532 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1844 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7564 /prefetch:8
C:\Users\Admin\Downloads\winzip28-bing.exe
"C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\Downloads\winzip28-bing.exe
"C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\AppData\Local\Temp\e58bea8\winzip28-bing.exe
run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\AppData\Local\Temp\e58bee6\winzip28-bing.exe
run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\Downloads\winzip28-bing.exe
"C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\AppData\Local\Temp\e58c520\winzip28-bing.exe
run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\Downloads\winzip28-bing.exe
"C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\AppData\Local\Temp\e58c5eb\winzip28-bing.exe
run=1 shortcut="C:\Users\Admin\Downloads\winzip28-bing.exe"
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
"C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe" /install
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe" /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTRDRkQ0MDItN0NGQS00RkUxLTg2RDgtRTQzNTY4MTJBRjk4fSIgdXNlcmlkPSJ7QTc1M0QyNjAtODI4Ny00QUU3LTgzRkItOEFGMDQ0MDBDMjMxfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1Mjc4REQ0Qi0yMUQ3LTRGOTAtODNCRC1BNTQxQTM2RDQ4NUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xODcuNDEiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1ODIwNjgyNTciIGluc3RhbGxfdGltZV9tcz0iNTk0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{94CFD402-7CFA-4FE1-86D8-E4356812AF98}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTRDRkQ0MDItN0NGQS00RkUxLTg2RDgtRTQzNTY4MTJBRjk4fSIgdXNlcmlkPSJ7QTc1M0QyNjAtODI4Ny00QUU3LTgzRkItOEFGMDQ0MDBDMjMxfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NDgyQTUzMTItQTQwQy00M0IwLUJGRTgtNDdENjdCMUY4RjREfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2hWZkRqTWRGRzZGZ0tzME56NmVtcllDU2c2VFF2RFBvbW9sUmF5UVhCSzQ9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIyMCIgaW5zdGFsbGRhdGV0aW1lPSIxNzE4MTMyMDIyIiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNjI2MDQ2NDA0NTc5MTU1IiBmaXJzdF9mcmVfc2Vlbl90aW1lPSIxMzM2NDMzNzgxNTU3OTM1NjQiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMzExMTg5IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NTg4MDMzMjE2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5520 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OTRDRkQ0MDItN0NGQS00RkUxLTg2RDgtRTQzNTY4MTJBRjk4fSIgdXNlcmlkPSJ7QTc1M0QyNjAtODI4Ny00QUU3LTgzRkItOEFGMDQ0MDBDMjMxfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFQTBFOUYzQS1CQzcxLTRBQTQtQkQ4Qy0wMjRGNzMyQzIwMzB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi44MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTU5NjMxNDQ1MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU1OTYzMTQ0NTEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iNCIgZXJyb3Jjb2RlPSItMjE0NzIxOTQ0MCIgZXh0cmFjb2RlMT0iMjY4NDM1NDYzIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1NzM2NDIwMTMyIiBpc19idW5kbGVkPSIwIiBzdGF0ZV9jYW5jZWxsZWQ9IjciIHRpbWVfc2luY2VfdXBkYXRlX2F2YWlsYWJsZV9tcz0iMTQwMTEiIHRpbWVfc2luY2VfZG93bmxvYWRfc3RhcnRfbXM9IjEzOTgwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcyMTk0NDAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU3MzY0MjAxMzIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzExMTBiZjYzLWM2Y2UtNDcxNC05NjliLWIzMDI4YjQ0MWM0Nz9QMT0xNzIwNDY5MTExJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUNCYkhlcWwzSzVZSW1Od3NLUnFUdGgyVld1VjRzJTJiakI2NW9nNGQ0anhLOG1zemIlMmZwVlAlMmZ2YldkbnFWc2c4NTlkb0swck5Jd2JDYTBoZmVheUtua2JBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iNDcxODU5MjAiIHRvdGFsPSIxNzMwODIxNjgiIGRvd25sb2FkX3RpbWVfbXM9Ijk1NjAiLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\SysWOW64\wermgr.exe
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "4440" "1188" "1056" "1184" "0" "0" "0" "0" "0" "0" "0" "0"
C:\Windows\SysWOW64\wermgr.exe
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "5848" "1320" "1032" "1308" "0" "0" "0" "0" "0" "0" "0" "0"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6844 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7908 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6308 /prefetch:8
C:\Users\Admin\Downloads\7z2407-x64.exe
"C:\Users\Admin\Downloads\7z2407-x64.exe"
C:\Users\Admin\Downloads\7z2407-x64.exe
"C:\Users\Admin\Downloads\7z2407-x64.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\KRNLWRD.rar"
C:\Users\Admin\AppData\Local\Temp\7zO8D68BB5A\krnl.exe
"C:\Users\Admin\AppData\Local\Temp\7zO8D68BB5A\krnl.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x440 0x2ec
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8628 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=8528 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BB556A23-BF8D-41B3-B337-33D9F5273A21}\BGAUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{BB556A23-BF8D-41B3-B337-33D9F5273A21}\BGAUpdate.exe" --edgeupdate-client --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\MicrosoftEdge_X64_126.0.2592.81.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9ED2162F-7265-4A85-A927-02843A006BDB}\EDGEMITMP_0B0B7.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.81 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff70d6faa40,0x7ff70d6faa4c,0x7ff70d6faa58
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzRCMDQwQTAtQTc4Ni00OUYwLUJBQzQtQTAzMDE2NjVCMEM3fSIgdXNlcmlkPSJ7QTc1M0QyNjAtODI4Ny00QUU3LTgzRkItOEFGMDQ0MDBDMjMxfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGNTM0QTY2Qi00MEFBLTQ2QzgtQjM2RC00QTlDQjY5MUFDQzJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7aFZmRGpNZEZHNkZnS3MwTno2ZW1yWUNTZzZUUXZEUG9tb2xSYXlRWEJLND0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi44MSIgbGFuZz0iIiBicmFuZD0iRVVXViIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg1OTU2NzcyNTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MDM2MDI5MjgyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNTE1NjQ2NzAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMTEwYmY2My1jNmNlLTQ3MTQtOTY5Yi1iMzAyOGI0NDFjNDc_UDE9MTcyMDQ2OTQxMSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1BdHdld0J2RWNlUnlWdkpPamZyTm5vY0FWbG91VUpHczIyVlhQc2x5NmZpOGFkNDg4SjRGaGJkS1JCSllhdDNuOWcxY3VVYU45ZE5TakJvZUhQZWQzZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI1MTU3NTAwNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMTExMGJmNjMtYzZjZS00NzE0LTk2OWItYjMwMjhiNDQxYzQ3P1AxPTE3MjA0Njk0MTEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QXR3ZXdCdkVjZVJ5VnZKT2pmck5ub2NBVmxvdVVKR3MyMlZYUHNseTZmaThhZDQ4OEo0RmhiZEtSQkpZYXQzbjlnMWN1VWFOOWROU2pCb2VIUGVkM2clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzMwODIxNjgiIHRvdGFsPSIxNzMwODIxNjgiIGRvd25sb2FkX3RpbWVfbXM9IjE5NDQ1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTI1MTY5NDc1MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkyNjc3ODQwODAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk3MTMyMDg1ODAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxNDE0IiBkb3dubG9hZF90aW1lX21zPSIyMTU0NiIgZG93bmxvYWRlZD0iMTczMDgyMTY4IiB0b3RhbD0iMTczMDgyMTY4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NDU0MiIvPjwvYXBwPjxhcHAgYXBwaWQ9InsxRkFCOENGRS05ODYwLTQxNUMtQTZDQS1BQTdEMTIwMjE5NDB9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIyLjAuMC4zNCIgbGFuZz0iIiBicmFuZD0iRVVGSSIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg1OTU2NjcxNDEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NTk1NzQ3MzAzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkwMjU0OTU0MjUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81ZjE5NTYxMi0zODRhLTQ4ZWEtODQwOC1iNGVkZTlkYzU2YmI_UDE9MTcyMDQ2OTQxMSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1CQlVLSHpFJTJmVVdLd3c0SUdNdCUyZiUyZjRQYkdHT0ZZSmtuMWxmVXpzRTRzTDAzRjRyMTdXU21DOGN1QWx2UnlZdHl3bkJwRDYzNk81bU5GY1l4RGt5eW9HUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTAyNTUwNTIwOSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MjA0Njk0MTEmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QkJVS0h6RSUyZlVXS3d3NElHTXQlMmYlMmY0UGJHR09GWUprbjFsZlV6c0U0c0wwM0Y0cjE3V1NtQzhjdUFsdlJ5WXR5d25CcEQ2MzZPNW1ORmNZeERreXlvR1ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSIzODQ5MiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkwMjU1MzUzMDIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MDMxNzg1OTgwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTAzNTk4OTMxNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjE0MTUiIGRvd25sb2FkX3RpbWVfbXM9IjQyOTYzIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0MTciLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\MicrosoftEdge_X64_126.0.2592.81.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.81 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7f4baaa40,0x7ff7f4baaa4c,0x7ff7f4baaa58
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.81 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7f4baaa40,0x7ff7f4baaa4c,0x7ff7f4baaa58
C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.81\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.81 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff73244aa40,0x7ff73244aa4c,0x7ff73244aa58
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REYxRDVEQzItMjJDMi00ODJELTgzMjMtN0VGNUY0MTlCMzkwfSIgdXNlcmlkPSJ7QTc1M0QyNjAtODI4Ny00QUU3LTgzRkItOEFGMDQ0MDBDMjMxfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1NzI2QjJEQi0yMUU2LTRBRTUtQUUzNS1BRDZDRDI2RkRDOTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7aFZmRGpNZEZHNkZnS3MwTno2ZW1yWUNTZzZUUXZEUG9tb2xSYXlRWEJLND0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny40MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iMCIgY29ob3J0PSJycmZAMC4wNyI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSIxOSIgcmQ9IjYzNzIiIHBpbmdfZnJlc2huZXNzPSJ7OUVEN0U0QkMtOEI1Ri00RUFFLTkyQkMtOThCM0EzMEE1REEwfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEyNi4wLjI1OTIuODEiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaXNfcGlubmVkX3N5c3RlbT0idHJ1ZSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzY0MzM3ODAzODA1NjEwMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAxMjQ5MjQ1MTIiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAxMjUwMjQ2OTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAxNTQ2NDQ0OTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAxNjk0NzUyNjUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTM5ODE0NTAyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTAzMyIgZG93bmxvYWRlZD0iMTczMDgyMTY4IiB0b3RhbD0iMTczMDgyMTY4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzNzAyOSIvPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9IjE5IiBhZD0iLTEiIHJkPSI2MzcyIiBwaW5nX2ZyZXNobmVzcz0iezRFMTE0NzYxLUQxQjUtNDA5Ny04QzRDLUI1ODM3M0VEQzQyOH0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI2LjAuMjU5Mi44MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iRVVXViIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MzkxIiBjb2hvcnQ9InJyZkAwLjM3Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7MDE2QzRGNDgtNzAwNi00NEEwLUIyRjgtMjBGOTNFRjgyOTU1fSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x440 0x2ec
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,15116184917447228572,4676722224822979781,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1080 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| GB | 142.250.178.14:80 | google.com | tcp |
| GB | 142.250.178.14:80 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| DE | 172.217.16.195:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 195.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | wearedevs.net | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 172.67.71.2:443 | wearedevs.net | tcp |
| US | 172.67.71.2:443 | wearedevs.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 2.17.107.226:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | cdn.wearedevs.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.71.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| BE | 64.233.167.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnwrd2.com | udp |
| US | 172.67.166.253:443 | cdnwrd2.com | tcp |
| US | 172.67.166.253:443 | cdnwrd2.com | tcp |
| US | 8.8.8.8:53 | 253.166.67.172.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 88.221.83.248:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| BE | 88.221.83.193:443 | th.bing.com | tcp |
| BE | 88.221.83.208:443 | r.bing.com | tcp |
| BE | 88.221.83.208:443 | r.bing.com | tcp |
| BE | 88.221.83.193:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 248.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | www.winzip.com | udp |
| GB | 23.214.68.208:443 | www.winzip.com | tcp |
| GB | 23.214.68.208:443 | www.winzip.com | tcp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.68.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | installer.corel.com | udp |
| US | 8.8.8.8:53 | www.corel.com | udp |
| US | 104.17.246.203:443 | unpkg.com | tcp |
| US | 18.210.208.103:443 | installer.corel.com | tcp |
| GB | 23.214.68.208:443 | www.corel.com | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.246.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 103.208.210.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.190.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | cdn.optimizely.com | udp |
| NL | 23.200.188.178:443 | cdn.optimizely.com | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.188.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | download.winzip.com | udp |
| SE | 184.31.15.186:443 | download.winzip.com | tcp |
| SE | 184.31.15.186:443 | download.winzip.com | tcp |
| US | 104.18.32.137:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | 186.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ssl.com | udp |
| US | 44.195.247.202:80 | www.ssl.com | tcp |
| US | 8.8.8.8:53 | crls.ssl.com | udp |
| HR | 65.9.189.63:80 | crls.ssl.com | tcp |
| US | 8.8.8.8:53 | 202.247.195.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.97.6.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.189.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.installportal.com | udp |
| US | 44.235.127.184:443 | www.installportal.com | tcp |
| US | 8.8.8.8:53 | 184.127.235.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.21.175:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| NL | 13.95.26.4:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 4.26.95.13.in-addr.arpa | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| BE | 88.221.83.193:443 | th.bing.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 7-zip.org | udp |
| DE | 49.12.202.237:443 | 7-zip.org | tcp |
| DE | 49.12.202.237:443 | 7-zip.org | tcp |
| US | 8.8.8.8:53 | 237.202.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.192:443 | r.bing.com | tcp |
| BE | 88.221.83.192:443 | r.bing.com | tcp |
| BE | 2.17.107.98:443 | th.bing.com | tcp |
| BE | 2.17.107.98:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 192.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.107.17.2.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 128.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn-dynmedia-1.microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| SE | 184.31.15.192:443 | cdn-dynmedia-1.microsoft.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | accdn.lpsnmedia.net | udp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| US | 8.8.8.8:53 | cdnssl.clicktale.net | udp |
| US | 8.8.8.8:53 | d.impactradius-event.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | lpcdn.lpsnmedia.net | udp |
| US | 8.8.8.8:53 | lptag.liveperson.net | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | publisher.liveperson.net | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | store-images.microsoft.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| GB | 178.249.97.23:443 | lptag.liveperson.net | tcp |
| US | 34.120.154.120:443 | lpcdn.lpsnmedia.net | tcp |
| GB | 178.249.97.99:443 | accdn.lpsnmedia.net | tcp |
| GB | 23.52.178.65:443 | publisher.liveperson.net | tcp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 35.186.249.72:443 | d.impactradius-event.com | tcp |
| HR | 65.9.189.13:443 | cdnssl.clicktale.net | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| SE | 184.31.15.152:443 | analytics.tiktok.com | tcp |
| SE | 23.34.233.128:443 | c.s-microsoft.com | tcp |
| US | 8.8.8.8:53 | 25.43.201.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.154.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.97.249.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.97.249.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.249.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.178.52.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.189.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| GB | 23.52.178.65:443 | publisher.liveperson.net | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.18:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 152.199.21.175:443 | acctcdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | target.microsoft.com | udp |
| IE | 66.235.152.156:443 | target.microsoft.com | tcp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
| US | 20.189.173.18:443 | browser.events.data.microsoft.com | tcp |
| GB | 23.52.178.65:443 | publisher.liveperson.net | tcp |
| US | 34.120.154.120:443 | lpcdn.lpsnmedia.net | udp |
| SE | 184.31.15.152:443 | analytics.tiktok.com | tcp |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| BE | 88.221.83.192:443 | r.bing.com | tcp |
| BE | 2.17.107.98:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | mcraa.fs.liveperson.com | udp |
| US | 18.204.178.174:443 | mcraa.fs.liveperson.com | tcp |
| US | 8.8.8.8:53 | 174.178.204.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.microsoft.com | udp |
| US | 8.8.8.8:53 | images-eds-ssl.xboxlive.com | udp |
| US | 8.8.8.8:53 | sparkcdneus2.azureedge.net | udp |
| US | 8.8.8.8:53 | musicart.xboxlive.com | udp |
| US | 152.199.19.161:443 | sparkcdneus2.azureedge.net | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 8.8.8.8:53 | northcentralus-0.in.applicationinsights.azure.com | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 52.240.245.68:443 | northcentralus-0.in.applicationinsights.azure.com | tcp |
| US | 52.240.245.68:443 | northcentralus-0.in.applicationinsights.azure.com | tcp |
| US | 8.8.8.8:53 | 68.245.240.52.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 20.189.173.18:443 | browser.events.data.microsoft.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.6:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.6:443 | browser.events.data.microsoft.com | tcp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | musicart.xboxlive.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | xbox.com | udp |
| NL | 20.76.201.171:443 | xbox.com | tcp |
| US | 8.8.8.8:53 | www.xbox.com | udp |
| NL | 23.200.188.61:80 | www.xbox.com | tcp |
| NL | 23.200.188.61:443 | www.xbox.com | tcp |
| US | 8.8.8.8:53 | 171.201.76.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets-www.xbox.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| NL | 23.200.188.61:443 | assets-www.xbox.com | tcp |
| NL | 23.200.188.61:443 | assets-www.xbox.com | tcp |
| NL | 23.200.188.61:443 | assets-www.xbox.com | tcp |
| NL | 23.200.188.61:443 | assets-www.xbox.com | tcp |
| NL | 23.200.188.61:443 | assets-www.xbox.com | tcp |
| NL | 23.200.188.61:443 | assets-www.xbox.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.188.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| SE | 23.34.232.228:443 | assets.adobedtm.com | tcp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 228.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | emerald.xboxservices.com | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | signup.live.com | udp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt.live.com | udp |
| US | 8.8.8.8:53 | msft.hsprotect.net | udp |
| SE | 2.21.96.106:443 | msft.hsprotect.net | tcp |
| SE | 2.21.96.106:443 | msft.hsprotect.net | tcp |
| US | 8.8.8.8:53 | 106.96.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector-pxzc5j78di.hsprotect.net | udp |
| US | 35.190.10.96:443 | collector-pxzc5j78di.hsprotect.net | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 8.8.8.8:53 | 96.10.190.35.in-addr.arpa | udp |
| US | 35.190.10.96:443 | collector-pxzc5j78di.hsprotect.net | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| BE | 88.221.83.243:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 243.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| NL | 2.18.121.16:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 16.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | aka.ms | udp |
| US | 8.8.8.8:53 | signup.live.com | udp |
| US | 8.8.8.8:53 | iframe.arkoselabs.com | udp |
| HR | 65.9.189.2:443 | iframe.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | client-api.arkoselabs.com | udp |
| US | 104.18.33.170:443 | client-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | msft.hsprotect.net | udp |
| US | 8.8.8.8:53 | 170.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.189.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | signup.live.com | udp |
| US | 8.8.8.8:53 | msft.hsprotect.net | udp |
| US | 8.8.8.8:53 | iframe.arkoselabs.com | udp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.1:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | 1.173.189.20.in-addr.arpa | udp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | www.xbox.com | udp |
| BE | 104.90.24.58:443 | www.xbox.com | tcp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| IE | 40.126.31.73:443 | login.microsoftonline.com | tcp |
| SE | 23.34.233.128:443 | www.microsoft.com | tcp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | 58.24.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | user.auth.xboxlive.com | udp |
| IE | 137.116.225.129:443 | user.auth.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 129.225.116.137.in-addr.arpa | udp |
| US | 8.8.8.8:53 | xsts.auth.xboxlive.com | udp |
| US | 52.156.147.113:443 | xsts.auth.xboxlive.com | tcp |
| US | 52.156.147.113:443 | xsts.auth.xboxlive.com | tcp |
| US | 52.156.147.113:443 | xsts.auth.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 113.147.156.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sisu.xboxlive.com | udp |
| US | 104.43.136.153:443 | sisu.xboxlive.com | tcp |
| US | 104.43.136.153:443 | sisu.xboxlive.com | tcp |
| US | 8.8.8.8:53 | dlassets-ssl.xboxlive.com | udp |
| SE | 23.34.232.7:443 | dlassets-ssl.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | dlassets-ssl.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | dlassets-ssl.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | dlassets-ssl.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | dlassets-ssl.xboxlive.com | tcp |
| SE | 23.34.232.7:443 | dlassets-ssl.xboxlive.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | assets-www.xbox.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| BE | 104.90.24.58:443 | assets-www.xbox.com | tcp |
| US | 8.8.8.8:53 | peoplehub-public.xboxlive.com | udp |
| US | 20.114.59.244:443 | peoplehub-public.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 244.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o741402.ingest.sentry.io | udp |
| US | 8.8.8.8:53 | emerald.xboxservices.com | udp |
| US | 34.120.195.249:443 | o741402.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | images-eds-ssl.xboxlive.com | udp |
| SE | 23.34.232.7:443 | images-eds-ssl.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.xboxlive.com | udp |
| US | 52.158.160.64:443 | accounts.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 64.160.158.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dc.services.visualstudio.com | udp |
| NL | 20.50.88.244:443 | dc.services.visualstudio.com | tcp |
| US | 8.8.8.8:53 | 244.88.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 20.189.173.1:443 | browser.events.data.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56067634f68231081c4bd5bdbfcc202f |
| SHA1 | 5582776da6ffc75bb0973840fc3d15598bc09eb1 |
| SHA256 | 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4 |
| SHA512 | c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784 |
\??\pipe\LOCAL\crashpad_3752_FMNUYYWSCZXAWBAG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4c8b45e4f78a07a05a77753a1e70ca40 |
| SHA1 | 1c06b09bd8fb12d5e5ef913f78bcf11fd6def835 |
| SHA256 | cc8b6b28c886d1c2ee1fad395a0787d256a2d8f2c6f11e275b8149ce02222b3f |
| SHA512 | 333ac6654dc1c8df875b18df68ce284a53e606b83fb7acf0e9884092ee75dcc9f381948b8b70fdd1aa7bb2737951f4acb6bbdb7577a864bec6b17debfd0740fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9e2e319ca9a271a02f5f1a949ff00009 |
| SHA1 | f1ee5baf8522c6ce0ff534e572b1c018431aee08 |
| SHA256 | 4b58c69b6defb8d8d0abe6f0229a45b432ef2b1813d20339206e09f9c1509f56 |
| SHA512 | 7b9ef9d1d0dfc8426a2daca021d6f31d1423ac7045a5222adae42004e1cbddeeff3df2fb4340271bb0fd29f4d7f71f2a9350e4b6b073835e5bca075bb6bf338d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 86b671d2e5c5a7de0d83c8e0c403b7ff |
| SHA1 | 6ec4a85566b2eefee0a178025fa876915b373dbd |
| SHA256 | e5e272601a47edc9832b714079e10dfdc3aa7d3c13401bd82d82021c48f1663e |
| SHA512 | 7712c3df8da1d7f3ef542b2f10a247b2f2d23955d6187feb2c60c32e695dc2a05f124e0caae5276aa6627080530ba1c49312be66ae2b7796f4c072936ec42cc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 48e90e6bfb89d71ab7748e45e773db94 |
| SHA1 | 85fb8d924dfb605e0e9b3e4f62f8fe56d79c018d |
| SHA256 | f9632407d01274e5041214d5eb5c27a8f575db8d15010a8606c41f9391291b6e |
| SHA512 | a70f8b5a9fa5e34333d053231a4eb94e77fa0f736596152705981ba7d9324fb752c4d979c9cbc37e688a6e699b7e428a1588a5010abc01ac25a76b632979e12e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ef6dfa18ea39700afe988d1e84380327 |
| SHA1 | 786c888a430c8d01edc6b129dc0e96b7938301be |
| SHA256 | 9a38a4b3c135b8b717490aa8038c66064feeeb347429d510b613f62e789da347 |
| SHA512 | 10394009bbeeddbac6bcdad33ccacc85607c2db506730b416db5519cec5ad537d4197432fce1bc810e95ea5f12f118d019a0b7d0888ed277785985e804b80005 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578ba6.TMP
| MD5 | 7693c02ed61f950326d1943298097d7d |
| SHA1 | 34b3b4e87847151a820a64f35c4148d632aee436 |
| SHA256 | ad328acd18e38dc5c6bbe3c0adf160ff87f1cb23c1e39f21aea711c5bee03d3b |
| SHA512 | 2e1ab4219c10b4d46859ac01eb685086783ae803194dd74c803f4c54c38f273f3fd1ab116301add3cfc4abc4e16ec857c2e28d0feb6df1ffaa2bf4461e90e946 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a723d1511ea3b0b10ac537cd937227b |
| SHA1 | 94ef4386b4801930348480013b87196b5cfa6f2d |
| SHA256 | c1cebaa6098acff94113f20b0e3a61883c40ebe66985ea82dbb05969a601f8fd |
| SHA512 | 16b1cdda2d98a27e5597eb600670b0b8aee6b47efc62caf7ad74f7a3c9876818c148feba09f4df239f0561472b36d024cab643f14acedf364fe1c34d515b1cd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | dd2d68699e0bec930819a7037b428a3a |
| SHA1 | 66742882f271ddccbceeb3a845908ad29ab27a1c |
| SHA256 | 7426fe890e6eedb10e509061ec43b0467fd703af816e50f7906c47f8d31448cf |
| SHA512 | 238ff83a9901aadd08b5ac417b7ae635ef945d318d0a5efa6451bb17f2f5b3cba2bcbc6f71372465936c977b3221cc6af9318cd33f3e227cc78d02b3c58f2675 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | a91c8acf084daefe905c538075d9e3ff |
| SHA1 | 398a0d67e3e87fb1f01a644a5b9820ab5d5d69b6 |
| SHA256 | 9901aba2e46fcf181f9b641590df7bba839243151e8747c1e6798703798bf4af |
| SHA512 | 2c0aaa2bd478af9cd3424bb483260dfe174f1c02ee1638565c6dfe43f7181e12e0788dfcd19316c6a884dbb02144ffb35fb886caedcf29f8a2c65ba70079fc0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | baa80a18dd87df5735d95654441feed0 |
| SHA1 | e600bd34f9822eacbe76dccac24d70178a839d2c |
| SHA256 | cd12b1ca0960d19a282b891a804a3c21729d00ef26ea23b674e908465d4a691a |
| SHA512 | ba381c34f3be056d6d44debc209d97921c2bdd8e3af66a8a899e4ba2b67d163395789e32aae31ee80c7d0d0c35685c01d1e734ebcb7645ffa54a72f0729adab2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | bb30ea3b46964f49ba85f475efd1fb6f |
| SHA1 | 1bb4aae7781af8b933e1dd4dee56879a3ef92d38 |
| SHA256 | 7a5bfdc2463dfde6b169ca4555ce9f5a0fb21c15c3ac807967590df27dd800e6 |
| SHA512 | bc52e8de4712d416aebf1d403d6ee8dcb6386a93dfc6727613af487f73de69db90913a9e9781660d8dec121d720ceec9c84b260c76f0f6f565ae80967eee7474 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9d3f0333b7eafd143d2d89fa66407a4e |
| SHA1 | ccc03e6c917c7fafc3a6a3d1253eb8754bb21ce9 |
| SHA256 | 38315caaafd71b5388fcf6ddbefe38f1561ca8dfd6d6b0f05f19f8a0fcdec3d8 |
| SHA512 | 2ccb95ff638d323e16aa503ae7016dd73f4778b574beba9f48b571b0c62ab1a036e0a6aa41138586ad668d7bf10af46aa2457bc1baf095097c913b47a0f71418 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8fe035c56cfc4f057da1a602dfc4197c |
| SHA1 | d8a08a57abf414c277015785122b9d11efc5e813 |
| SHA256 | 9c70c114190a866f777dc5f3cd47b8a7b6f6bf681c75e0ba032fd393e5c83da2 |
| SHA512 | 86d2f48c7ed507c99d9db85eb752f38252fbf07f39180ee19bc7b7bf5e3e94c0b5154de9c9e7f45b80863e88ddc5795e5c826835e2aa90af3a3731fbe6714874 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57bcc8.TMP
| MD5 | c2349215a7316d8f5c611dba361a71da |
| SHA1 | 9c74bac73aff4ee3dc94bac4336f3d9daa488123 |
| SHA256 | 98c8cf3e6f69f1b51951283d76d828136869b12698c4e3dc3dbf3d74fce00fce |
| SHA512 | f1d08c8be8e7ef11f67245e8397027ea1d0d71823181d054455e038774e658d05636a4877ec0b7793d1b3ce8e3f33092b42ca39e7b83e1e9b88b05916e7248e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5dae80aaa6f235424647755b82e91313 |
| SHA1 | 6eb121d44b0d9c32d63188d7f6ac0963c69c4aa1 |
| SHA256 | 1a80138b6c7520431a2316ab8d4bfab6c095abeec432113a25d0409f0cc5a8e1 |
| SHA512 | edba69e3f8de8002eb9e47c7ee1c6bc9ffa87f80a023560e24164dd2915b4929a4d18c3dcc868ad604f6cdf91357107954ca93c077c6aae8e5d29178fc647180 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e7948fca04934a0f561616b597d89875 |
| SHA1 | 9d6641b2ac9248b5b8b3311c610d6a2b2edad9b2 |
| SHA256 | 8de6ae105c936c9d296674b12e1267b0b4d1b5b14084e3b3a9dcb071a78f1d81 |
| SHA512 | e62375078b91879b473131ee44b491f0841b8bc31bbee9b37ab2d3804ddb3299e5f139ea15d07e461775ab9ecaf4f1da9be26f4c2aad0013c6026c2fb7185ffa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f54339b3733a33acc3d39ec38be1b521 |
| SHA1 | 82fc3e3f30cfb65a899b89a73fc7f3218302b96b |
| SHA256 | ae896c4b34f71bffe0d7e4e9c88375c6d64eb0c23ccc7b7c70ec9caeb57b042e |
| SHA512 | 5688ce1f6e47caa9574d317fa52e6f50fd90c4ca456ccdf6ea0ab663205c8db19e57e7a6a28735b2a1239ef60897ecde2c5d3fac69de0842d55ae55731af078b |
C:\Users\Admin\Downloads\KRNLWRD.rar
| MD5 | 0543fb19e06332230138146e743561d1 |
| SHA1 | eda5c083624948c1388ba73c33447c97ddea7f41 |
| SHA256 | a5236b3142e898d26bf6f106029a3dafc72960eb4949b1ebb59cac601364fd61 |
| SHA512 | e7d934d87b730b484c578f3db648224cc192f292a1f9434a655719015da440b4d15458348a85c2f88d0b6808ae032a3f082f12d1b53fb0a7405425d95f7a358e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 86ed37ae56f87419bede2be7a1cfd82c |
| SHA1 | d1fa26d579bf6ffaee268e6bb0f74ac1e133329a |
| SHA256 | fa99c16c217bf0a9bac7080d4bcfd6d6454268c4638374e50c9c267966d56401 |
| SHA512 | 6461ebdfb546e9491acfa1ff81ccf4e09c360caf5cd2369d283562f5c0812e645f605a2eb7bafe5962d432a1cdd52d04cafb35d5eae2edbee17dc3c2b1d2be97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65c0ba21a90ff90a448aac456ef37d6d |
| SHA1 | 0053c764a396bc909b9ff1b1a8166c6fcc1a0e54 |
| SHA256 | 4439508f5e8f4ed981da154354a8b9306a111e184c7430a79f06064cacd264ec |
| SHA512 | 5899fd2332d5db56d1ab3365d94091fa88d5aa707b5d1c8d3b2bd0efe07594aa6a639519c04298e4e021fb647d37c5a6b2e0aae9e482fbcc73ca00ecdc6cb74a |
C:\Users\Admin\Downloads\Unconfirmed 794012.crdownload
| MD5 | bc34279f29ef0e6a2ff71072127d76d7 |
| SHA1 | fd84ef523831b618b18b489b4c72fde59ec2eefc |
| SHA256 | a121bcdd9e39e2772d8d0ffb3ac7bdb7b9df060378c75ccc4d50557362d03d21 |
| SHA512 | e3b80b3b1046533fef77d5e3b78b184b27b2156e2e824192e81750abc30443b597103d69d19236f79b6524274826e45fb3c3079dbe9bb5e39a72892b00aed580 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7b3fc16e4f7153de5a3c04f27a73a821 |
| SHA1 | 448aa36fbc2e6420dd168cb11b07661966c48f7b |
| SHA256 | 6420b236e5601298344521e204a79e99d7b315eef7d5cb6a2a5a3c92f53bb283 |
| SHA512 | 41a6b6168defb794d7a3e470880dbed93d54b78123ff688ffcb04b9386d521c02b35fe1db12225f51949b4c871185a78fa63c51971f9bdfaffe29ba3fd375ff7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a8e0f7634796246b021d613379a6c213 |
| SHA1 | 59add1628e3bd91ecea1fe82707edda55689907b |
| SHA256 | 69b470e9f54301664bb3f16757d051118a67b7448afe6cd6a8ce6d0b4daffb9f |
| SHA512 | a94149f42e78879bb782880ab7db4995c0ffa7238ad0450576d47e92b072c07cb55092186548f66985bc8ffda0e392a3730e931b3193f328b073d2e81b4a0113 |
C:\Users\Admin\AppData\Local\Temp\e58c5eb\winzip28-bing.exe:SmartScreen
| MD5 | 4047530ecbc0170039e76fe1657bdb01 |
| SHA1 | 32db7d5e662ebccdd1d71de285f907e3a1c68ac5 |
| SHA256 | 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750 |
| SHA512 | 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e |
C:\Users\Admin\AppData\Local\Temp\e58bfff\Load.html
| MD5 | 1757c2d0841f85052f85d8d3cd03a827 |
| SHA1 | 801b085330505bad85e7a5af69e6d15d962a7c3a |
| SHA256 | 3cf5674efaaf74beccd16d1b9bcf3ffb35c174d6d93375bc532b46d9b4b4ed35 |
| SHA512 | 4a12a55aac846f137c18849302e74d34df70ea5aaff78d57fce05b4776bedcde9e1b1032734e29650bcbac3e6932dfef75d97931443446a23e21cf5b3072dd9a |
C:\Users\Admin\AppData\Local\Temp\e58bfff\common\js\jquery-1.11.2.min.js
| MD5 | 5790ead7ad3ba27397aedfa3d263b867 |
| SHA1 | 8130544c215fe5d1ec081d83461bf4a711e74882 |
| SHA256 | 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 |
| SHA512 | 781acedc99de4ce8d53d9b43a158c645eab1b23dfdfd6b57b3c442b11acc4a344e0d5b0067d4b78bb173abbded75fb91c410f2b5a58f71d438aa6266d048d98a |
C:\Users\Admin\AppData\Local\Temp\e58bfff\common\js\common.js
| MD5 | 87daf84c22986fa441a388490e2ed220 |
| SHA1 | 4eede8fb28a52e124261d8f3b10e6a40e89e5543 |
| SHA256 | 787f5c13eac01bd8bbce329cc32d2f03073512e606b158e3fff07de814ea7f23 |
| SHA512 | af72a1d3757bd7731fa7dc3f820c0619e42634169643d786da5cce0c9b0d4babd4f7f57b12371180204a42fec6140a2cff0c13b37d183c9d6bbaeb8f5ce25e5f |
C:\Users\Admin\AppData\Local\Temp\e58bfff\common\js\external.js
| MD5 | 140918feded87fe0a5563a4080071258 |
| SHA1 | 9a45488c130eba3a9279393d27d4a81080d9b96a |
| SHA256 | 25df7ab9509d4e8760f1fdc99684e0e72aac6e885cbdd3396febc405ea77e7f6 |
| SHA512 | 56f5771db6f0f750ae60a1bb04e187a75fbee1210e1381831dcc2d9d0d4669ef4e58858945c1d5935e1f2d2f2e02fe4d2f08dd2ab27a14be10280b2dd4d8a7c6 |
C:\Users\Admin\AppData\Local\Temp\e58bfff\config\installparams.js
| MD5 | 21f6c8978cc749dff4e05ef4e8fe5127 |
| SHA1 | c9daf3ce1b3de9aeb3b0b273cc7d70b1cd410ab4 |
| SHA256 | 07811bf7163c8b8955e60b4378186a32ed0cf96adcacf1a70c5a2215036a80b8 |
| SHA512 | ddb8ab43869ea278748323f2af40818c887741c7c7442978804d27ca50a15e0acb2abb25cf621fe7d1aa200dc40201213e99691fb908ead1c6bb1165673a88b1 |
C:\Users\Admin\AppData\Local\Temp\e58bfff\config\stubparams.js
| MD5 | 91f6304d426d676ec9365c3e1ff249d5 |
| SHA1 | 05a3456160862fbaf5b4a96aeb43c722e0a148da |
| SHA256 | 823f4f8dfe55d3ce894308122d6101fed1b8ef1eb8e93101945836655b2aed1b |
| SHA512 | 530f4fad6af5a0e600b037fcd094596652d2e3bf2f6d2ce465aae697ea90a361a0ffcc770c118102a0dd9bf12ab830ac6b459e57a268f435c88c049c127491f4 |
C:\Users\Admin\AppData\Local\Temp\e58bfff\config\config.js
| MD5 | 34f8eb4ea7d667d961dccfa7cfd8d194 |
| SHA1 | 80ca002efed52a92daeed1477f40c437a6541a07 |
| SHA256 | 30c3d0e8bb3620fe243a75a10f23d83436ff4b15acb65f4f016258314581b73d |
| SHA512 | b773b49c0bbd904f9f87b0b488ed38c23fc64b0bdd51ab78375a444ea656d929b3976808e715a62962503b0d579d791f9a21c45a53038ed7ae8263bd63bc0d50 |
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
| MD5 | db7fb67fcec9f1c442de25f3ad59f50c |
| SHA1 | b600aa26d1cded59760304c6d77f4ff75722eabd |
| SHA256 | c227208854734bbd38c9f74f39034111733da5c7ce71515b1610aedd79417f9f |
| SHA512 | c14ec7d252a6f201dfea476d302fbc5140713cb4ea7bc8d4e610bfd806b3fa3c141153e2e9b8cb36255fba1fab4d4400ed83f5f5c1228d77d77bace41d5de7fe |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdate.exe
| MD5 | e3f7c1c2e2013558284331586ba2bbb2 |
| SHA1 | 6ebf0601e1c667f8d0b681b0321a73e8f4e91fa3 |
| SHA256 | d19616ac12d3d536c8fbf034513a4977c88ef2d1676d358a2358fa051c8a42ba |
| SHA512 | 7d4fd7ad06b05d79211144cbaa0047bdb4910212565b79f292a6bea652735dacf69435b24c73bc679cbdad4207f6352726eb297a1e7af4f7eef14dbc8a2ca42d |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdate.dll
| MD5 | 1125e435063e7c722c0079fdf0a5b751 |
| SHA1 | 9b1c36d2b7df507a027314ece2ef96f5b775c422 |
| SHA256 | 7d8d1756343598bc651d62a0e81835820e0d6cf7a995503bb6b129b4bcc37df4 |
| SHA512 | 153f096af5c874c00a3c38602fab590eccf885f642040007b67799ef39d919d7cb261fba43a9ffbd68c8824eddea219505d49e05b3dcc70f00e6016a1fbd12b9 |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\msedgeupdateres_en.dll
| MD5 | a430ce95b80c07bb729463063e0c7c48 |
| SHA1 | cc488bdc18c191d88dd93e45bb85fda19d496591 |
| SHA256 | c9c8a06948123607b7b35d0d46c9600b1d3e2f674e6117820b4f559818c26b60 |
| SHA512 | cc9c24b95d079a949a8e725002494b0c75c19bce9ec6457cb4307f5803b7433eed738944f1baf770df8e034212224b1d9662fa533aa5bc5c01568d192fa49efc |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | a177a23ca2ed6147d379d023725aff99 |
| SHA1 | 1a789e5ef7bf9f15f2ccbac5f9cf3750ee41f301 |
| SHA256 | 9c584238ea9189afd6b11cf71604b1c2762ac815d6ca8994788de7e076b21318 |
| SHA512 | c508ffd3e2cc953d857a2128e29dfdfe0f9e729da38c9cc3022c4376342aec946c6e79176e7885f6637008573c85339bdc8a9e261b3811887ecf5a7dd78383c3 |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 687ccc0cc0a4c1de97e7f342e7a03baa |
| SHA1 | 90e600e88b4c9e5bb5514a4e90985a981884f323 |
| SHA256 | ecbab53f1a62d0459d6ca81f6c004651c09562f8e037b560dcb0890a2c51360d |
| SHA512 | 4da91ee55de7abb6ce59203edd9ae7e6fcacd5528ac26d9e0bfbd12169db74758a9bc3fde437e3c1d10afc95d74b04b0e94586472b0a0bb15b738f5e6ec41d8d |
C:\Program Files (x86)\Microsoft\Temp\EUCF70.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | 4f840a334c7f6d2a6cba74f201e83a7f |
| SHA1 | cb032c7b1293190f8f1cd466f6ded4bbe71c47a1 |
| SHA256 | 2ff44aa5f48a3e5b3ca3c5a3904be23d29a282b467e30d6f52494df3dc1d612d |
| SHA512 | 575c20fcdbebb16bcd17a137a656769d355a81817e7fa3743981976998e00bdf3ce42bbfa046c42a835e9e9e7a10ef6f8d7b306de9940fa332817cb2885db833 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | a69c464a90824e380922c0034a1051b0 |
| SHA1 | 42a142af8d9e1d8e27466d0ee6d4a270406cf6d4 |
| SHA256 | 7ac4cdd64cdafceb226b81bfcf8920d04c3cbdb9bed06ba7e97fe2d2d0130d80 |
| SHA512 | add2f79125b3ae0e0f8209ea90fd1570a301ef7c70396302976bcd92950d790e0fe18756e48138d84acaff1272edd4f3dfe607fedb04f7c3b54331483155a125 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ebb8dc0a4a9c75f2ab7409ac625ccdef |
| SHA1 | a97d70be6a76ffc7a0e5e65fb8c949e871ced207 |
| SHA256 | e905b0534e862d50cf35cbe1e80c299a04ceea3eaeddf13733e835a148afa17a |
| SHA512 | 9a0ebfffd79562c577c4d6ea155f97ceb9b26b77227b06bc3a9a013b6f047cf89e2d56703dabdd6db3d1655833b52e3f6c553a5f853f8f4e14d5e0c4ed60908f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 78be657ad0bcf7cd6dde84163b606809 |
| SHA1 | e1366dc418dfa3c63253811c324495ea9f90a199 |
| SHA256 | 0d75fbc138a8cac25f96c2223b6718e77b5f2f7ee9b1298d4c34361c4a5ca0cb |
| SHA512 | 9fb8ba8b4824c9897ff070f5c05cb5cdcee338723ef64a0fb8602a8d2c1d57c88d265d89427522538d4c31e77f2f94667e5294442d6d617f01c43253cff8bfb0 |
memory/5848-1047-0x0000000000940000-0x0000000000975000-memory.dmp
memory/5848-1048-0x00000000700F0000-0x000000007030F000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | 9e3f75f0eac6a6d237054f7b98301754 |
| SHA1 | 80a6cb454163c3c11449e3988ad04d6ad6d2b432 |
| SHA256 | 33a84dec02c65acb6918a1ae82afa05664ee27ad2f07760e8b008636510fd5bf |
| SHA512 | 5cea53f27a4fdbd32355235c90ce3d9b39f550a1b070574cbc4ea892e9901ab0acace0f8eeb5814515ca6ff2970bc3cc0559a0c87075ac4bb3251bc8eaee6236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | db017f895f6edccb6b4fb37f7b41c9ff |
| SHA1 | 813fc0a101ac1444be29925b12886e5cba24f91a |
| SHA256 | 502ff981c025b86b293c4db5e45876f6fe0d7f0cba454888894b362ea2a7e726 |
| SHA512 | 2bbff3f7a1847123953d0b285297c6814a17442d25d75fc88f2a8e0aff5827b591df89e656264c3c5c12862a086fb2a549e1df2155f4ea3ba82319df69b713c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | 620dd00003f691e6bda9ff44e1fc313f |
| SHA1 | aaf106bb2767308c1056dee17ab2e92b9374fb00 |
| SHA256 | eea7813cba41e7062794087d5d4c820d7b30b699af3ec37cb545665940725586 |
| SHA512 | 3e245851bfa901632ea796ddd5c64b86eda217ec5cd0587406f5c28328b5cb98c5d8089d868e409e40560c279332ba85dd8ce1159ae98e8588e35ed61da2f006 |
memory/5848-1264-0x0000000000940000-0x0000000000975000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 57f5b11450bdc10cdac5bebfb5cb61b2 |
| SHA1 | 267e6b2de58fa4c2ef3d2b998d44857d4b2a5dc2 |
| SHA256 | cffd03640fe3c264d0de4a36199b585e2fd45233bdb09e761a997ccc1003c8a8 |
| SHA512 | 0c0d13af4ace57dcdd7159ad0d232fc3b2b32cefec30c056ad39ea00d557662566d9fe815885dcc40681be930b7550ba4d0bfc6bc0e706fa39048a6b1562afbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a3e97b614e1a00104cb24caf54b121e |
| SHA1 | 2aec8040049721943bb0b5dcb58cfd7dd7c75d27 |
| SHA256 | 22856c4e6b46e103a678f7096136c6d81f6ba819b1bdbb0375c7f52a038c1ac1 |
| SHA512 | f655ad8f673bbca9047d60d782e5ec13ca28ff628e22bf44cf180b94c94a8db740c022799bc667f3b279e470200669ff18b496eeb225a31b0d6befafbbdf490c |
C:\Users\Admin\Downloads\a (1).htm
| MD5 | c8aa50ca5bb08968af9ac0cf44c86b73 |
| SHA1 | cb4cb39d7512772bc55503117a95dec165fc9713 |
| SHA256 | a1e62b7f9e53abaefdd84793431894db112f559a69d1257d9701f10b47f549fa |
| SHA512 | e8a54c178c86405a4916bc6d19369eb6bb0b8d4b170f8ee4354b890a71aad222dba57d041f66b90ba1837ebaa59243d6473d43814c0a09a49b2ebd150b08c65c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0a88135b1c7d6dd663f9cb7f3fd3acbf |
| SHA1 | 04fc302e48ec0d7f3eac5a0efa6f8cb8f6b56420 |
| SHA256 | beb7522474407ee356bb855f5343c3d007b04a2168de2d3d2d28b20118cdc7ba |
| SHA512 | f3e0a9b278cf6a5759aa9a38a73a64c2908cf61fe6c51569879d0ed9db6d5c134b5176b981bf305fff5640f4b2a4bf68005330458afd9d2cd91652b5dd4c69a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 82febc0f0219523136f4671f72e013a9 |
| SHA1 | 0ff6969788daf6b0e3e070c6e69f32202f14356e |
| SHA256 | b441770bcf68ee8d88015ff9b7ce0e3897a30e28adf828c082e99492e7f26ad1 |
| SHA512 | 927a55cb962a6d6d28aed0b291fb56080dc1509d5c63a4b297eb2d47dd004ea95fa8b34a01d4f105efa658437201c2e2d85825fd4e88222975265a7df958f39f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cee27c61b69366b04b8c77d7e3c2eaf5 |
| SHA1 | da9f95b9a833ea42f01d45b9f5e45767508da884 |
| SHA256 | 28e9be9d9091ef07de4b041efdd5244bcba7d0f889fb072079ab62026c95035e |
| SHA512 | d6da08ec2d129f86af765678c7008b1f9038ca980662dcccf75b5e594b69f769e48249fdaaf058923e14544b01a4e7c97b4c7f5ba330198be09c34a739c94d4c |
C:\Users\Admin\Downloads\7z2407-x64.exe
| MD5 | f1320bd826092e99fcec85cc96a29791 |
| SHA1 | c0fa3b83cf9f9ec5e584fbca4a0afa9a9faa13ed |
| SHA256 | ad12cec3a3957ff73a689e0d65a05b6328c80fd76336a1b1a6285335f8dab1ba |
| SHA512 | c6ba7770de0302dd90b04393a47dd7d80a0de26fab0bc11e147bf356e3e54ec69ba78e3df05f4f8718ba08ccaefbd6ea0409857973af3b6b57d271762685823a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 454aac834eb65919e733b8b004aa11a2 |
| SHA1 | f8c4191d09ed4028f851753f24ee6772d934ac36 |
| SHA256 | 1af6288174ef939058664d8332481dbc4b5b140d7823a82f0c8b9e6da27eff30 |
| SHA512 | 8083d9b306a56e546091437a1082c7a5fcc9ce5ab3532cf6e5809e1d3c38ef6bffbada7ddfb041c7e81d00f942f493b33bfe136959a475c6830af4ff55314242 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 80d636769ba64ec75974fb0208b6ab96 |
| SHA1 | 2658ccd5a9b5ba91466bc39c00ba2cc104c0fbcf |
| SHA256 | 44a7e287ac76dea10791df52684be0788e36d29e4f3b0255788273a1abc6ed58 |
| SHA512 | 15e0dddff59c28840ffa80bf8800b34e82e6825d80572e086d4b4055b76c673c42407c351f3b2edff9bb9240f654fe266e2ca3df4f76e2ae1ec991e63c9fa42b |
C:\Users\Admin\AppData\Local\Temp\7zO8D68BB5A\krnl.exe
| MD5 | fb3a52d1045b1a0298668f2d77680306 |
| SHA1 | e16d5085977f1b895b7b2a046570b2da474add86 |
| SHA256 | 8869c44219364f911548cb18da0cc6413b3277d3a8a8df18d0a521b558830d6e |
| SHA512 | e19ce4c86ef8bf2ab25b4da67bf83acef5a8e688abfd3f96e8dec8169ce410c833df7685b6fb0b7489cf90ca51c56cd7264e8b2a94865aea5e5dacd4c5b7f44f |
memory/1508-1639-0x00000000007C0000-0x00000000008F6000-memory.dmp
memory/1508-1640-0x00000000058B0000-0x0000000005E54000-memory.dmp
memory/1508-1641-0x0000000005300000-0x0000000005392000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 150f8bde68fa243acddf22047e899f83 |
| SHA1 | 291ab16a3f5ad7cae1f85ffca3f63548955bfce0 |
| SHA256 | 924d8f1c17129de06dd5adc9ba7a3d36f1d63b3deb1ce63680446c6fc6386c8b |
| SHA512 | b907344ed59e251252291bf575400ee6f940341e9b920faad6d9694ec5ae9a539ab9b4e55bb65b619b6609d17046b1f9614887811f7c7f85d709a9466e73110e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | b07f576446fc2d6b9923828d656cadff |
| SHA1 | 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103 |
| SHA256 | d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496 |
| SHA512 | 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | 2448f641fbbbdd88f0606efa966b052e |
| SHA1 | 25825aef444654fdc036bb425f79fd1c6fc6916e |
| SHA256 | 03f060bf37ba360360d6a7413d98e485e7d8e6f69e6a1de300c788d439b78d02 |
| SHA512 | d56e3b19d3f4c6d6663117000b99071cc453b6fd93f708bb8cb92d5adfa0eaab749d8d6cef4f19fbba548d31edaecfd0a74ca55dbca7d5f5f1fe66879b27b9d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fbf77bc11682ee690398c23d9eb2e925 |
| SHA1 | 24f8e7ac0315971843665885dc96f830598b80c9 |
| SHA256 | 1da3a5af8d4ff18eb75809a7e093938c238f910ec701c449a3e70064c8bdae33 |
| SHA512 | 95612c0c6fc3635a2a6a441e824a48f85993cf7b4732739678fdd0a93c66f7b52f5fe1151fe3d5be0bfdf297e93e17c660214ddf487e025ba94a2546afe39d9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 099b572e5352938e324867c47bb2538f |
| SHA1 | 285b87a91b42a8ea286599e39f6d1c54ac06052d |
| SHA256 | 677a4c0a2173151985b09b484877a9f00fd207dc0a8346403854109af0975d73 |
| SHA512 | 3508d7a4ed7f063fc62d969fb2d9268f0a13f05eec8acc9b7d0c6d96d77ccb4cd465d91f974effd487e2f532710394266f67708e8be3cfba288453067dd11ab5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c285f9d1820524b4dcb0cfad4da6489f |
| SHA1 | ab839e4d6e11ce039528b0258c86931da8b4de42 |
| SHA256 | f36fbe017616e4a455be5b83c3839218f27c0f9821da855e55a184eedcd744b0 |
| SHA512 | cd326a6ea98d4591d68a69f8282f56ef1ff2ab802f142d7e0304fb275722417d993d4f0a63e969d8801f677fe5cee4191faaf1aade7c70b9acd7a2edb9d5466f |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 19858e3daa22e0b19999ba451e7c1572 |
| SHA1 | 37062275f0dedd307b072dc476ea3ca6b20a0b80 |
| SHA256 | 59522b29c1369003fb8c514d109545ee49ed9aa23e1869fd9ea21c5c78b0a1f6 |
| SHA512 | 6b4019f7ef9280c6e8a1099fa9a2be8135c6855d485fc15b378b3841c6dc84a03b032d78788b9221c8353f0b1d98e717be78ef62f015a4c764123585b641d5bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1f20809d19a79af813e33e72d9bb7e55 |
| SHA1 | d6b7e567a91fc0446f09c0466086cb572e71fa1f |
| SHA256 | e4c0c290f12b94cbefe7d4d080fde09054f3a12ca8b9e93b63a76643a9cfa6dd |
| SHA512 | 8979e57bbbc81a2a341ea8436e13f3a85851d44725342f223a5cbad9772ee44949eb5982952fccbb1ba4e25955e4442f023eb34e1ec22115dcf6de343857e374 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8a311138f6fdbcdd4a22e327e144288a |
| SHA1 | 0733f8c322bfddf5186459711a8b584f55ca1e1a |
| SHA256 | 3e29922cba4b26c9346e85a23aa4b5cc8d4eeb08aabef164c0090d40ff3525d8 |
| SHA512 | 3e10d69541fc52356f33bb46f5a0903e91345c1395d9a1f26ba65399f3a1d0e1db06cc26572e37266e4f30e126f6b14056edf65184b3e838743c05cbaa8a1a01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 27c2d9cc4662dcf57c746621beec1eac |
| SHA1 | bafe268cf172051061e5f356a385c0cefff0f6a8 |
| SHA256 | ffa42a0d5bd545b5a6edca510ca0354ad04da93a48e64bc85f58c698aeb8f623 |
| SHA512 | e1941627bb9c73cbc55a29a33409d11f174df7bf2cf07c0515d424b566f2fd572a86d3f62cdeac8ce03b51f122a830cdb4b78550e191f4195b81be909221d31a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
| MD5 | a02cd334312ea16290c0628784d1ace6 |
| SHA1 | 5341ce9f642e1b568a39a707b2063fab81a53684 |
| SHA256 | 093c30567dd8f6f0aad0fdbc4bd7b9799a71750e1c7eb7721a0472b25459b8f5 |
| SHA512 | 810c11326a369785fc3c09f0d4d1f34ab6f1c608543a6ee0f973dcc1415bada2131a9b25d0eaaae286c5673099a47ba4306efcac562513e2d669f9987f942d82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt~RFe5b7183.TMP
| MD5 | 7b239b3f4a7eefaa0ac7ca52930bc579 |
| SHA1 | a4a26cde894273ece54dad6c9975263990c9528b |
| SHA256 | aacd4b7796f92bfb3a070a26d8d17134010c80a005738085f7c8e5f2b5da93d9 |
| SHA512 | 6634308428fbfc9f92cd451b4b54d26729a3d4b839a5fd1a44a3fc4725372df196b70fd206b26873208f5cfc9a3edda1ef5673ba85daefa0eff96ef251990c8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 76206bf84d4e3a8e71b20b59ef98f2c3 |
| SHA1 | e2c441fda5c00ceb2baa31f4795610e399958196 |
| SHA256 | b1e8bd630ed4bb54f6f197e0e4c51a0f653763441ba5417bea4142c12489ea46 |
| SHA512 | a29533a316217902d3ce766460cb963c13f47e72cadfcd3f80db64c56a81b0481152e85ff025e89d5f8d894eb80ff44efef1f29422aeb83412aa2d22b39d8d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\162fe5b2-cacc-4475-8c01-7fd660bb2b49.tmp
| MD5 | 202329ba56c405153645e51675008329 |
| SHA1 | 9f6cd3f0e96faa4eb761e97b621ae4cefa27d639 |
| SHA256 | 378d605d632fc77f1a634ee46a44912a4dd75350b6077c5c37f02d4e11b8f3e7 |
| SHA512 | ce975524e4eea6814ec30020d48d5a16854b4de8350db53cb078730ccedbf2dad72f6fa3bb22a9834987743a22071d2b88ebf2965b01193dc1289076d75d1e6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5c21311d3e04ba560edae797d00e032d |
| SHA1 | 4f80b31d1384b9ce88b03b4d94baaf4dc4ca7937 |
| SHA256 | 35781895ff9fee0134d56fc0c50746c5dce5fa08ae561c65f9673536410dc580 |
| SHA512 | d5d6f53e548059cca4fff120351aa8cfe42373854243dcb894103910d113f038a2b27de04785a9aaa61ff2e1c60d8c4088d79a4644476f68b80d5c515da62eb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5a6373978013951bab0d82ed2b5fa899 |
| SHA1 | 4e2dc0f833e42825e5286fdd79531144446dba17 |
| SHA256 | dad4b4e7cc0338df6521619d67796475f96b92bc4ea8c79988425fd45d794a78 |
| SHA512 | b852fda68fb7663f62817bb2a8c52876076b4582817ea10a63983f7fc1a22502f206bf32887223479dcb8b589ad3a15d6b8f52477e0aee1e111bdef9a3889641 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 3a8cb1bcf8b4392a5bf4800bf7db0914 |
| SHA1 | 2e9af65efdbeab28ab07870e165df517cbdeebe9 |
| SHA256 | 9120d1693fdf5a101abee2ca3f86ba3031ab46332b712c9416abd6cd5ad8293d |
| SHA512 | 6f6a1f470b0f34d74b1d87fe5ade211b5a93ce4dcecffb2b8c8d7598f21f68a59f7dad3940fa9764d91d5fcdacb0299cd58e7b9fb8eaa4316a722cafe1f55d6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\e33f8c6e-d53d-4218-b20c-f737da95b5dd\index-dir\the-real-index
| MD5 | 573eeffe93342a1bd97bbf2b239e2fc7 |
| SHA1 | a00dfcdb8e20a4ffd2a7489ebe14022ba4759482 |
| SHA256 | 920daf79a73b03545355d90f674987176c0dc053bfafdd284b88a4f88e7fd90a |
| SHA512 | b2dee0bf0eaf7a3ef4b1f73c2466ab5bb722110ea05862b89a8d17671eb809cb2fd542aa5e424cb9ce0d5c7a70d4444f4af93dcf9c43bd7fe64d766207a40e68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\e33f8c6e-d53d-4218-b20c-f737da95b5dd\index-dir\the-real-index~RFe5bbfe1.TMP
| MD5 | c02deb1c67c69d567c39d8290b2d33aa |
| SHA1 | d8c2876ed22e379712cde29957c96ab7c9259529 |
| SHA256 | d8d033e7d86f962e78f0722c640e8e80a635c542d46faf6bd5b1d9459bffa49a |
| SHA512 | 81a28d115d9634e3d72491c7283d42eaa93e93f83174231184f993d64a846a6e0ed557b5e7ca41cab602844a0756936de512ae62b98d8dc32930822f25fd1061 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\2e36fa9c-cd01-4895-a668-fff4d7665cbd\index-dir\the-real-index~RFe5be57a.TMP
| MD5 | d8115b04a64656a54803bbd2fd3342f1 |
| SHA1 | 22561630876cf95f9f71d199cffef054b7d9b8fc |
| SHA256 | 9061572ccf3ce71f48c4cac181cd2497a84203fdf82094ca385c71574d5b278f |
| SHA512 | 2716e6bc8f1dbd0ddfd55c0992e3ce75413e3abb840b25704c2d12fe737ddf608963da9268df670030c4221b3a6191bce28d3e1e58af8ea4b8b597da97618511 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\2e36fa9c-cd01-4895-a668-fff4d7665cbd\index-dir\the-real-index
| MD5 | e25d8a3f944cdc3e4344315868a93244 |
| SHA1 | bf683d755a7ca1b7edd97867bf6b281df52d9a50 |
| SHA256 | 32a25d0e709ad2724a562e405d0eadb0ac27ad2febe3ac48124c884e692a95a4 |
| SHA512 | 5e5e5e7c2bb088dc67ce885fa24fd6d21ef543e2427beb71315c86831e4d7d487deedccac8d5942aca4cac890333ef3987696ce82d52cf2d04d3be590c950d39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt
| MD5 | 0ac09e41121896b650276de5bb73aa4a |
| SHA1 | 466aeb700cb95811a2d096b5f02bd33bd9d6e4e3 |
| SHA256 | ab96bd63e0a39b50a0b2d6bcf8b3a03329243fbc9bf10bfb5c31ce25a75ca268 |
| SHA512 | e8e6b3ba6d456c2fce82355d6ba3437b3df44fb2f862e5c48625a85897057b79fc831c8f87405aef308da80661744de6db3edf0a702ffdbabe788ec9aa7bc709 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bde853f28ebb9345ce3d5f35fd226131 |
| SHA1 | 2b84fd44f05f4ce96dc9569c7d90747caf8063de |
| SHA256 | 71765c4668847e40248dc328f6559141613931897362f060f814debfc4df430a |
| SHA512 | e8d0a81da30da7db40f397aaf78151800d7fc31054276069b2b4fb29d45daf0b341c3c76854a35fc9015beac5be38a5b9c4bd1cfa9e9d1f781d2aa2b5929c5b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fab6d3e2b42073228ca87df24f41475b |
| SHA1 | c4643cf261b8ab272aa4ae374f75f911a00417e1 |
| SHA256 | d582997f2b93feda2b2f36b70cd4a8765ac4beca14a294b4d32bfaa069ab585c |
| SHA512 | 414ff0adc7b7fea0ea58808d894aa9ee747f7db847a31fc3a2ad545c697a6dffc7ee9d218316eab186ac54b837d07947873a4af1a723262a291826abd87a681c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d9
| MD5 | 9196e81f8ed7f223d765423c1f9bc8a7 |
| SHA1 | 88f9d5c2a6908cf36b8daae803578ca9e1fd2929 |
| SHA256 | a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe |
| SHA512 | e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ec
| MD5 | f206f8337a187dc42199ff6772838d22 |
| SHA1 | cb3f334350c77fc705d9dc3db778dc1b4a03af0a |
| SHA256 | 40163312d820a039fbdd57dfe4de9036a06c844474c845f357451706b7a20f2e |
| SHA512 | 97666a93f1a12426dff44c283ce0fb3da390a557ed53d02d5c79387b346d2f2bf77d0ab89c7d138848bf268330391119d9f1c8ea5032a93486c53c913af0a651 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fd
| MD5 | b786554392ab690a37b2fc6c5af02b05 |
| SHA1 | e7347fa27240868174f080d1c5ab177feca6bd84 |
| SHA256 | ebe47cc89c62447316148809bda9095bd07bd5392a99ab4b8ac8b9f6764cda51 |
| SHA512 | b71cdb76464a775fca909cabd0a7435c34de3ee4e19c40f5bebba6415295f0be2f82532a2ecda043c787ea4e8c23fd4e582a4d4322923fdf603a56e3fcb8b567 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fe
| MD5 | 7dbd5dca202b651abea7db3d092712f3 |
| SHA1 | cfefa958e9cc089a5355b73145f8bc834a00552c |
| SHA256 | 16c7b582088cd626101f338070c7046b3fe902a4ffa0069651392314584a4b46 |
| SHA512 | eb9ccaafa365a2965ac92a9b34a065913825aca5fa1dd8db772a97fa5928bbc5bc80ff6b536d66f523ad7f0f5304ddab861e0e5d1f19ee7f2b633ce4b41d9c3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9e0040372b340f39ece521fe50d4294c |
| SHA1 | a60318e3cd7e17dc7fc4f31f932ef59b25d5ca4a |
| SHA256 | eb81863eed19276e04b7d869aafa87f8658ec980956ddd035954df5b72eb3173 |
| SHA512 | 7dfb68bd6fb810fd263e5939b31fdcc34b587b982b553a59744923e2bcbb22a56f923ae194c92491cac0a2f9fc69d37544c4ac486382eb57c48cd4d0374a8660 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000102
| MD5 | 5009982b60a0f93eac4c1728e5ca17e2 |
| SHA1 | c0f932d333b91a4b971a52ce88bc96320745064f |
| SHA256 | 2ffc0ec332938cbce14008ab246c3d918800189aece932e92bedd8adb8332fe8 |
| SHA512 | 401dd0a45c177130628787b92a17642783d27b1a977833af4110d81cbf2572a159a371beb473baa07ad38ac8297551aadadd2ebb80401a73acd580fdc03964aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ee50bb9f5d8114a5aca298d625ea1869 |
| SHA1 | d5bbbe5891f7883afe0f8b7258105310bde38b3a |
| SHA256 | 73dbe2273394719f86fbf8049b3613c612f9b842b3581e57a2eb7e76c1da5b7c |
| SHA512 | cd0189d6dda9af539a53415c1d598ef64359b7df6ddc6b33d37797a528ad00b3334fcdfeeae5b88241706e03b89ef346282758644269ae853a3bdb91ac963520 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1061bd45382609c3f27a3f1b9000298e |
| SHA1 | 603ecce2ff9c5d14717b70b9547ee14a303ab551 |
| SHA256 | 9170d6fb55fc9991e47dd17f4068e8589de63f6266034da247f7126e493f46bf |
| SHA512 | eab2b5a1192d5cbec145de6101aaa3dc2d642eb3d7d1ad03d3b225b230cf45386bb4b453ea12cb5a69faf4236ef81a93c1d2c2156c5e3f0ac0a34ed37b4a5e03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 92c1667a18478c413bffadc85ef6fe91 |
| SHA1 | c4296d8ca0da6ffcaad66eec1c6efefad277e850 |
| SHA256 | 25e9c66bc99b2e32ddf9f95bab42e3e390b58f163532205286d565284c60304f |
| SHA512 | db36ab1291b917b43f6651ddb9bc69348162de4b0a91968d3e9139cf5284a6808600c7e557018c613bb13510762c58a90d749003d88eba774e6b1b52d5771493 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 830194300fbf71c17353d99b77d43992 |
| SHA1 | 3453dd7e60b190a33d0600b4f20b6b2f13a532c6 |
| SHA256 | de2c4d31d16bcac0992aaff6c986c5fe98ff190d1483b464b9eba87d4317a74d |
| SHA512 | 6053e4323ce900d874490baaec2fe6b92fc425613ddd56feb3265b6a5513feb9db9ef5e1a06f09d316361f3bb99392c76a704442170e53bcaa97b20a584534ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f4aebfd4905e5a0e48be7ce918b8761 |
| SHA1 | 0451fa5bb671fc868e2816c1864f994d0e6e1041 |
| SHA256 | 88336d9c21d93180b2cb01d374a9f831ce0b4417133bf41a31f8edb09b863acf |
| SHA512 | 968e7b5889d78a33623ffce2a199eb81117976535674e880c0f1dd018a2ef23a6246169b2c7ff56223bcdda158c95b6b7c56b478d0d7e6993b551898dd9bc702 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3cd72652d4082af11fb3d2479845b264 |
| SHA1 | 715df5cfe1f957d72d1bb170fd7f26e330982867 |
| SHA256 | 6bc1e2113a00a2c382215bcd764b72cba964f0c009f083532baefae0086ac131 |
| SHA512 | 804af119180eb40be4a3410f04b3a2c2380c3bfc1c8931efa4d51014b9fe610d07848be0cc3d83d0b10346f52ed0ca586b7b3a2804698b180dafbf65846bb79d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6002218a694fabb43e0b464a2d7e9aed |
| SHA1 | 3efe27e449aae4323ec4987fd8bf0dac6587baba |
| SHA256 | 38a3a76de0885ca970c29f1431ba5fc624e4efae28eff3c79fe44d5ff2521791 |
| SHA512 | 000f2f7b383fe95717c07a730b325d16c36e729433b41646b4aeeac2c18d04e2437e02b081b33ab44510a58c8479ae65e74449335b7b4c08d9a935cac56ff973 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a0f0d3a3d9e1a15fb77d37773d4756a2 |
| SHA1 | 5025010a5407970b4e01065b3163d6229ee3544d |
| SHA256 | 280a8dfc82cec231cb84c3d476f440c1d9b507415e0f6eb31850a0a40b3f5989 |
| SHA512 | 10437683c545845f2efe78d29b1e11963ccce8c66666e6526ff5bf22ca30a592eaae6111ef6a474a4eeb8d077fe65a20048a231f6669ff3a20a1f9034cdb1e9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ca299aba30c4f7b859e0bf29056a280b |
| SHA1 | faba79eb9c98d829a0825c71fb4015f154c36428 |
| SHA256 | 8bbc3febd3acdfcf61b09798e59e6bac83aad8870daf17d53da0b9722f9ecb53 |
| SHA512 | 4f91c48c20705336b01d35944356f57c8028effe2113ea09cc3eacd72ba965fd972fc86c541d0ce90374aef544f8929654ee00b0977a1f547f9316864cb0df96 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe
| MD5 | 3f208f4e0dacb8661d7659d2a030f36e |
| SHA1 | 07fe69fd12637b63f6ae44e60fdf80e5e3e933ff |
| SHA256 | d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b |
| SHA512 | 6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2ef9f2cba6a7aa85afaf12a2facad6bc |
| SHA1 | 801e3237763e18f6559b3234afbd4be09c07535f |
| SHA256 | 5664ab9dac37ba92d965254cf93790ba1b99cb7cd728ee6eaf83a7e3951bb332 |
| SHA512 | 31dbea8c5dafc678f60ed0e45c0292f800e67261ab3c235dd640b9724b34a177e05197275161a0f32312e426cb6ce809e32357f7f197d06ebf6e96f6d74df684 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0acaa1364660e080a4118b5c3915a4e3 |
| SHA1 | 617004e588a744096bb3ee684e0368ad17706921 |
| SHA256 | c3d6c4161f62a45a4a0021e4aa91331229240aabfd0c7acad46618d67d0f09a5 |
| SHA512 | 95fe438a5fe36185887576119bbeaa82076d75aa74112a9cdac7a06ac047f794bc29a5cc1c1c07a16d354c06f201b91c002d529fb67cc1a203010f063b23b3e5 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 2bc10ddbc52ae07744b65c9e4b5d40b4 |
| SHA1 | c2c012a0ccfb1767feb2229aa0e20144540e8f66 |
| SHA256 | 918e0360222796bb9f209a2a3b201e9b7ab26014abdb5ddfeb00e3ce906f2b01 |
| SHA512 | bc58aa7b43f495dd2a4e77654d7d81d3cb132c336ab624f768e5c15eeb417f658cc80b8a27c0d6d2fe4d94445ef27018524c07fc971f0ebe2b43c6d3361631f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 021a29523c70cce8a804683118b5ddac |
| SHA1 | 9d31a13f90dffef6d86b14b951c0a024010fb1fb |
| SHA256 | 2bfe49c5ad9efd9e6d8c0d8f7ef8c1908f6a0704e89be498f10f7778d138876b |
| SHA512 | cf3bdc3e46c3ae42786f72100df885d8a398dd180536d8bf185cff29d240c7fa2ed5e7d084a58150c0e3ae9f5b43740c6a260ae4708e5a169f07698b578ede71 |
C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Installer\setup.exe
| MD5 | 7c44a5cba89f38d967b1f4e11225da0f |
| SHA1 | 44837f2ff9b3ebc7c371ee5f9e0cd5dcaad508dd |
| SHA256 | a10c3e0b2ec1286bfe6b3fe9005a9132fad01be9afc4bdd5adb29f174b8fb706 |
| SHA512 | 25b4cae7fc6d200dab70e94461b7f2e7899813975cab498fb367a32aa2e187fb7b1330545b60f6340d53fe5e04a1ecfb5d6b8bf004ac26ecaa7a8f6e387dfe99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3a28f1226f08c627d46b7fd2553d4456 |
| SHA1 | 7e8ebacf8fde0c3e78208df2d19fc2b7ad621e1a |
| SHA256 | b117baaa237b5877ba6ce816215071058739c9cbc183e4bb4a625c1444825233 |
| SHA512 | 40fb5c4bf914c555a232d4a6e6d436260964e2b19e384bd379f4d185ca36cf6a05dfb73401f1f63cb79e3a18c43d049e0e0b23bc4a496d8fd4a3131730ab2efa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 496f8f0457ae4c715d25fff4fab442a9 |
| SHA1 | 2c61f4e9250042214201cb4dd63744085d0dda29 |
| SHA256 | cfd7d7f8caabbf1784a6c079e65129c7c6d831b170676cb90f65e6413a06ae4c |
| SHA512 | 809ccce23a8bc4ad6036d618ebe8f706b8adf2218b194e58a23330af7d939014bd9327cdb564b094beab7eb15f678d2171c0b1ce0c8b9fdba1484e4b2a382c92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c2c627957669dd7a3a345fb9dcdb4521 |
| SHA1 | 01be577a67399fbca941afd9f1a116a4149cf4e0 |
| SHA256 | eeac90738075554d7e5e0251e8d70a41d63dba89e321da97d448cd5817969bcb |
| SHA512 | 8263c44a2591b4af4c874a5357e22fe108dc97285109a104be6579f161d153bc7c57501cfde1af9275537e0263ea7c33afa4d6c6e3b2f6a9b5e3d1ceab2b14e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | be473ab0b79047be6f56d468d0822501 |
| SHA1 | 78d1e6073390d20fe21a7f024b2de53cdb71c6ad |
| SHA256 | 20e7a90aab50b796d4238ee51296726670187de13fa4ff561a5cff1ddf492379 |
| SHA512 | 73f001c8bf6a074f767513320da13888daccac0612f62f8dc668fe4d06fcb38660776ebf009039e02ba67f9cd31e7767ac4373ca9cd21a6edaede8c271acb191 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 92aa2edca1564f51473a9a228c6631f7 |
| SHA1 | 2c4eda11b18b0cfad6582109311f1501aded86e7 |
| SHA256 | a139e55a032af0ba9ee8ae71894f2b383920467fdca35af28aa9b768b8fb8afd |
| SHA512 | d6a4ac3d85276a68bd1a533b9b1cdcab495c11fc54aeef9690d3ed70a2a6549f12e09cbe729301d4ad024ea310eb948e7e558d8e3d8545c5fe4a5cac359e2164 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9eaa6c498e25c1977a7a1f0719009bff |
| SHA1 | 3413c6b22a9c1161cb41f68728a5707a4909c619 |
| SHA256 | 48909c720b5c197f96aa5ac72c2783692914f31bee915ee99c6e7c8367bda8c1 |
| SHA512 | 8fe3ede9319bb65773d683e42fbc0e7cd579795c3420964c60f294c668ba212203b55f13ae50808e239c21ff06cb911e61dfd63ad65803d339259c5e8202f4bb |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{19EBEFB3-B60A-4F3D-A293-41C54B2693A8}\EDGEMITMP_9115F.tmp\SETUP.EX_
| MD5 | 33efe1418d476ff5d8eaffa404072360 |
| SHA1 | 0b24c3cf402737e23b509b7cd9c49761d2d6ea08 |
| SHA256 | caa9ce4d4a529b0a5e19c24a85cbe3bcd74b7d8bc5d3f946c909cf05deb16d10 |
| SHA512 | 0438c9b819a695edc549ea19419fab9b6f152d3e457c8f59418d1bbc409a80ca4988d1b6797d9b4c47aa79761074f5f9c36d96d131b72a64b45cf3bfb4b80c0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49e0bb762ce906236f89a1fd81195ea6 |
| SHA1 | 5fad546341339f362bf477c76c8bbae9ef79012e |
| SHA256 | c1da2fb931fb63f44825c14384a6dcf0b45366f189b0c05b7893398187f407d7 |
| SHA512 | 88943acd95ea4e82770c47e2e84fb9f817fc5e3eb64bc0dce48b2c73256602036b57431a397895eaacece8edee204a5d958899f3154d64fecc73bbe4071a5a9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f0581eb4201c860d23ecd517be2594e9 |
| SHA1 | 80e45287b0367caca9a78534a18645735bb80da4 |
| SHA256 | 573f560f975600746bd08eb24da3ed5a726932484a44ef783d0696ca9d14a5c1 |
| SHA512 | 301ba7cb704d10f8efa29aaa88a82e4dcaa31a688be8c028544a3bdcdb29888ecc2f24a4d481503f78af98a0673c752095bf39a89f82ee11bbd4b5ea8b5eb5e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000119
| MD5 | a4ca7a8290839fe98b361492d8b37273 |
| SHA1 | f18ee63b2fe28e49ca4075d5a3dc7e0445bfde36 |
| SHA256 | 6dfed8027e846d07781ed9e68b4f1466eee59c0c84b7b040061eb22f87ca698b |
| SHA512 | 214481a465cabd610bbbf023da53694cc934d94d583ff67ec822c64ebf3b263879c8a5c7a8aa98fe6a65e02ac63f19ffe8754c8112b5c22c18d33f50065fed42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011a
| MD5 | 72a6d415d49d5007e5c7944ed07debb3 |
| SHA1 | ce5b665015b9e1dd2bbe10b403b917c3ae166be6 |
| SHA256 | 7abdc76bd509bdc21986cd08d594aeab61529d1090a50e42e4e70a1b571cf488 |
| SHA512 | 455c2866207b99c0a926c570fc6909cf7944df00238f292599ffdab60006ffba10a0b925d8039cab5a0b1e8f25427f724b5e793aadcc526b3dc4d6670641d08d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 97cd2e7160c8de58c5ddeece6bd1cc7b |
| SHA1 | bde96c35fe11f5c5c3835f0385ed64cc74936c7f |
| SHA256 | 5d394010ee5be3182bf16c1b7cfcf56ee3be114225388cddf9ce695f5f48ed4e |
| SHA512 | 4f645508720d4d28bfe99a29455915b64a41e6dc9eca5da9a3d3d8473cf08cf3db4f5e8bdf2666ca4e98b7dcf8ed7155a1562c1560ec49fa42e5b50126676f2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0ea69f069e9477c6ef1bee050f25b7e7 |
| SHA1 | 5afe203f5f475ea1fc6573f709965658fc6b7612 |
| SHA256 | 243299547b90c953ecfbc880eda2d49cd9a5bad4295b9182979ed26397e67393 |
| SHA512 | b9b78183c6d16c238bb6d10c79fa16bf292d06ded923a9e3c90d8b30489aedba3784ee914f0baf967d90905a51796dbb1c5d16b9c01676d4129357b745e7b3ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 601367abfdffb00ff71e0c27f0fc149d |
| SHA1 | d44a4a2688e4aa7436eefb2a998ac255d9a02f9d |
| SHA256 | 9fbdd2273da7b5a00a9d431a0882549213c7763a6b0856e37e9d3647168bdb3b |
| SHA512 | 653c743bb020bc2845ad89b16f652a2ef43c1f4af33e2783ce541e0c999299ba54815388e13963aa917813562d1ff605b7904c68b95b5b2f1616c07f14be457f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3cfcaf40b2a3fb6a9c1629bf1723717 |
| SHA1 | 0ab384cfbc3496457595f40fd67555b4242ce249 |
| SHA256 | 5cf65ba32ab9221c7e0071a93ccd26b4136747e5a1088bc0a0dd1b76e788b2f7 |
| SHA512 | 2a71ef47420b50f24397bd1ecb6eecae2be58fb9ee98b57e9529566b102de3f65d5cadb1ee810b7c9112b649e1ae6c193c998c77c1adfd97bb3b58dbc8c36d96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000db
| MD5 | e8a63d7afa88b9b09863c1cf3e23e8c0 |
| SHA1 | 4de3c570359684e860925d9e9769dca54cc4d4b3 |
| SHA256 | 273d732ff1db36c5dc845ec5b48d22fcdfaa0bc17a141d9721f9159b7c9106bc |
| SHA512 | 5f562b6c62227203f188a7bae92c7318cc574fcc740461a869a7f0860c0fc2b738966e4c61aa4b9c2176e1e729c08962fbdfbc8e1599b8a4cedb6c51fbdfe38d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dc
| MD5 | 0d4a6ae935fce7852a933eb68c24200c |
| SHA1 | f515c8df1cecc7c1b450dc86228a947b565d3220 |
| SHA256 | b5cbfce62da4709c30fb6e21e330f8128dfb2711f80101f8884ed3f234b3145a |
| SHA512 | b90718d8f39722c74b241b3147d891ad6b987e1f7bcdd77c1621139684bbd91cb7a701e04540014843c31ab242f72e7b909bb3e3a99e4da1b96558e30b002f22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e0
| MD5 | 5cf1cd7808cd16fa10221bd1a1a484d0 |
| SHA1 | b0a03ea27249c8cf4a8f3927961acbf9d1a46357 |
| SHA256 | 07984df7c595e2c0e312cc88183740e091c827dd71e9910ecc1fbce069a2a744 |
| SHA512 | aec2f8d8f6d58fe3489c340911528943b3e6a370d574f41c8ae7bed04412810722c46e9f185cb254da79ca23e84cb61dcc568932abf299ebf60f0e5528ac4405 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000de
| MD5 | bf92795fe3abe3bd46764d8006ccac38 |
| SHA1 | a2eb38416e34a1c9b02b7a35843dcb1e547ae0fe |
| SHA256 | feb062b3e2361417f9de3bd1a352b8955876a1064a7081ad553c4bf4a4517f74 |
| SHA512 | acd11e8d1f8e710aa963f7e0bc3d99700e3b066dc101f346cd9f2ae6db4d19e30baa594ae9f132a74b27a7b6d0208ed01995767dcdd6060e7f470b5987f5852f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dd
| MD5 | ccfcf00c68de144d656f5f8dbcb23187 |
| SHA1 | 1a8334312ea438c3c287e7b59e558e14400144ec |
| SHA256 | 36ecffe7b8a17e52203d317024ecf946a0f7fd5d22adc95f917b75154c459963 |
| SHA512 | 0b757717b4d172602c2dfe36b9ec0a3c113093ff4671e65e376a90b01bbbfabc440c49d2610e268e0908bb13d3d159c8198acb767766a1f1da0fb59ad69a3bfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e2
| MD5 | 416abfd9659139612c4ef3c9da8f6556 |
| SHA1 | 8af9e71f05c485e800fd576a1b4977aea48aeba2 |
| SHA256 | d5699f403d93ba3080020d6c88d40d3baea21fd0bc61733b3bdd5d90ff8f18ea |
| SHA512 | 4e5fc2208eac61ad72e563b3cf218dd6ac21776235c0b171a1578f0e5d065378316107b44fe6a949e218b8fda469cacf6fabe6c965794d8a6e04a37fe49843e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e7
| MD5 | e51f388b62281af5b4a9193cce419941 |
| SHA1 | 364f3d737462b7fd063107fe2c580fdb9781a45a |
| SHA256 | 348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c |
| SHA512 | 1755816c26d013d7b610bab515200b0f1f2bd2be0c4a8a099c3f8aff2d898882fd3bcf1163d0378916f4c5c24222df5dd7b18df0c8e5bf2a0ebef891215f148e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000eb
| MD5 | f5e7b7c5355f5cafffa71cb0af2bb5ae |
| SHA1 | 0a60c26ce42cf38b5d8b13b3a135efeab312a68e |
| SHA256 | b400f02c077d018e056e7c8563426d8e132ccb121dc9ca9562baccb308db42ea |
| SHA512 | eb2a7594278f1978e5d84b85c490610c05100f529e150ec4b468cd29dd6a75a12324393b8178d55e204965235c64e1e6129d8b24c78b53960ca2ed060db1d8bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ed
| MD5 | 6a9a36b5fbc10e5d08ef8f1da748b4ab |
| SHA1 | 808e2598711b0019a495e042ae276cd1b5f07318 |
| SHA256 | 692dfc1e97aa5b8cf2210d9c9117a026ecc2d6bff1035ce88392eb76ef17c294 |
| SHA512 | 057697513d9379f14551b3431680bb18dd440ecfb381f50e64c143ee2b69665c5b38312ba22b7b4be5b11389ed7424239e9ee2b30baa58dd1b7be751f66e8aa2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ee
| MD5 | a63dfc87e287de3d5795e217d7e8d7de |
| SHA1 | 3650f90b29f478052fc69f7cd74d5651976d0101 |
| SHA256 | 407a8747d44f58a112a86ebcf82cedd11d966a2e133bb92416fbbea640b87da7 |
| SHA512 | 8dc02e9c7386ee2de0a1d46455e2d93e22bd9419350b2bf408da5cbaa75dee12aa239377f31b835addb03751fb3744545d774555dc914d307700a22e6f96f462 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ef
| MD5 | d3fcaa627d335d465058cbf95813df64 |
| SHA1 | 49eed6eab47a531a0f4539393f655a7863a11096 |
| SHA256 | 06a3772e6aed2f1801dc2d71df5c38433381cab5edbb3715b401b70bb99e8395 |
| SHA512 | cdf50aec2d457746a5710d245c1584cbcd1608f90a28bddbf8c6b331cb68222e5d4d7525768a0c0497c1ca39665991e7a075eff4d0fe590d7724659c0af10704 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f3
| MD5 | 5a8908fc64b20ef3e6e02f1e4b8e62c3 |
| SHA1 | d42da0f785d2f12296560729ac4a0ad961e23279 |
| SHA256 | 3155b056eb524a374d7f727b8b2e5efe7ec147d28d3135cdd0f60c3b2e2ea490 |
| SHA512 | a6a33e8970212bffbdf34b0d9116fcb7a677820c325be13f21c546ff208b10573eb110eeea1d260575345fe3c26b5949ab3f986234c3ddb4d1a1766e2dfb428c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f2
| MD5 | 22799a76fde42ce1650666ff3edbd72e |
| SHA1 | 117d8ea3d9b1c867861fb82398e0d18f1c4b8208 |
| SHA256 | 39a2adacfd543f05c229c34fefb4e6bf010b7d34813326734fe981119a9377d0 |
| SHA512 | 7266f222cb69b7f8d3658080a2fa2aef2b3c15e60b1e0f5dc6b534be1e1cbf2b49a0b26492758109f20e7e887371d53a1d9c84c7dff0bc4d1315e0fca78bed7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f4
| MD5 | 1bfe76226e9814857da39b197085b79d |
| SHA1 | 2ff9de47fcdf4de66417351142d259cd57a3a0a5 |
| SHA256 | 128070057ccbfb35266a8a618550876aff4c175a8992ca942bc4f046978de3c5 |
| SHA512 | 1984dd514b037bd5a71f4393621b3d7cb98f65d2a26992b5508512f8d0fdabd35a39eabf695d9717ba0be08e180fcb10a70c92de2a4550eb06853068acaa82e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f1
| MD5 | ec22797788f067219b240689a243f25a |
| SHA1 | 62eec65787ad0bce4c10eb516517db70958b41bb |
| SHA256 | a1f1212401625b1f03ce14b64542f11adcb7ecb4d3a47bbefb8ee50fddfe7f54 |
| SHA512 | 385219883da4276218784a3a959139407b61db225cc7f16402d5c6a6901e036167b7b865ac11497f3fb7bbbc238fe966528f60a26281f3e08ee7ea27a33fba3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f0
| MD5 | a45bd7c96c6e7eca7313ec065ebccf83 |
| SHA1 | 152adb0cb4c03584ad08cd4d2e0a17fb0d49e23a |
| SHA256 | b5a532e67ca244d59b590ef6f93d98eb2db7f2bfdc7f34ee0961110dfecfe509 |
| SHA512 | 7b288f8b125efac763c7dc33504cd3ab1e0dcf2138e2310f62f36164da6e7ac339f3163b43b71758746004b95393ed92c93274ed1d599f19f4bc775cf50f7602 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fb
| MD5 | 48d9a4f939c2bc09c92af8df9d43f2dd |
| SHA1 | 12f6a13e39dd40874fe68c1edc2c8037c9badc63 |
| SHA256 | 34d19df4b7a7bd4647041cfb44332ad4d1b34874f27450dc8dff27c3feb3e0b0 |
| SHA512 | d9c407831614f4941278e190162805b428899d39f6db8a55ba24721a185d30c6cdf97e7366071c620eae17c5d4ae67040b0ce456d84bfae3718f075e8ab0e51c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f7
| MD5 | ee4736d26232ffd50f0a9f315c511d76 |
| SHA1 | 7aa317ceb2551ccecbd169619780168d2ea0aef0 |
| SHA256 | 39a9b359ab8edb748e68aab41b739ade4f9efddb8d9da1c810d87506a5d2f753 |
| SHA512 | c537d2686a77b1d62e006f662cccb4b9f8f57a5be559aabc7583317bfbc7ed27772ec888cc898ada6e94df5c733386c59c13e379bbb9a2c99d212289413fbe89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f8
| MD5 | 387f44811a3371223bde1bf0153c529c |
| SHA1 | 7eb8fcadf1149a8048a2cb1f14c3c3c43ac38cc0 |
| SHA256 | ed2619a7f29f2ef312467dfe6ab61ee1c08597a9f7cb3fa7c3bf8fb2580a41f0 |
| SHA512 | 3a3f1e6dd5bf1751b21846fac10e7ca58bef8138bac24667f652f6ed31987169d1fabca3cf496cfe176ec4d56b4c7b7fd21b8d6a0ad6ea66dca5946a4dfe4479 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f6
| MD5 | 5bcf8259ae799c9c49d3c79c8dbb352a |
| SHA1 | a6a066bd384358f18cf8cd19d008e2e9feb73977 |
| SHA256 | 914f5c3fb0d7dac8f0406a3ce7e021a24791b8d5440418086fa7395f47aa6a31 |
| SHA512 | e9b471f5db01ef162aeefd9460852da469ffaa6e0ffeb944a76750df62bdf2e110223822b7d5d639e53c9fed14a62dc05a4aa964d2856acf8b4219445f167d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f9
| MD5 | cb2d3f0276e4981d05e7c70287800301 |
| SHA1 | 64639f6225063a1085c94a792696afef6e176e2d |
| SHA256 | 53a53c61fefacca04619da28171ea9ee4a2bb7038a4894c7805dfef37f9f753b |
| SHA512 | ab5b96119917556bf96b5321b4343abdee527a7c33001d0568f2ea173d968ec017b5bb6ece855798cfd96a85f5f3ae69fa10b5837634f911269b5ed81918e0e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f5
| MD5 | 0cb38635d5fffaa695554ef8be2fbe29 |
| SHA1 | ae85a8390bafac509168b95d84fcd2ab13f5afda |
| SHA256 | e484ab3a30d2afccee8f16fd90d99446974bb3c1aa5997f51f027e26a3c2bd2f |
| SHA512 | 5c82bc82d905ece50bdf0b5cd15194f58bca0e8d7d3602377cd3c3c10f2f6fe49ce85fe8007dae094e7d9d839d991f12738b41d98c79e007682d80563b2b820e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fa
| MD5 | c90faf45f47e293c3d70e7003175de15 |
| SHA1 | f00328cbd179a7b790e83b0f92a4f7c98a7991df |
| SHA256 | 606982a2c61210025d92a98ba6fe338cbaad90c3f7e16ca56666462e3699b711 |
| SHA512 | 101649d50916f021a6392b781b69ee47fedcb0a3c2a2a9652a6635f5bfa1bc90b2cbc3c68cdcc790dffa23bb629edd2e890899175f0e2b0995082a071e79f9ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fc
| MD5 | 5f6f9ca1fa9ef97b9d30410f4fffc176 |
| SHA1 | 255b97006c2bfc9da52f3fc0cbf6690b5820254c |
| SHA256 | 4053b99efd240f56431bde641acc8a3f3e66217982e9b078541c68dbf557770b |
| SHA512 | 4fd2ff72ba290c534b99d09d0517e036ccc0ebc0bfa3723436bd1c550575f0bf6a75c4fe961450397f461aeda3cb722a038303bab7faa4c0774e511924292cb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0b42e0ed9feb2c01b0d0d23bbb78262b |
| SHA1 | 579c7fa14b71976ca1f638e58ed895425a8064a6 |
| SHA256 | 9dc64771fa503879beb17bb8b3456659d3b6423219fd741a1d8a5bf1a315b124 |
| SHA512 | 9a27f09b311d73f0226af828ea689a412be30ef611e5c787a219cb428da43d33b7e08a7b86a116631097daf96d0e3439193861721971b84eced62a498a26ac95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 73f5dec5ccb441e5b76272e8693d08eb |
| SHA1 | 6273b6f0c7ca3652f8c192b315d4c50f7b058b5d |
| SHA256 | 4c046537ca808ace72de2d6acf938d2d3eac37c29a6ce57b319bbc2ce7831c69 |
| SHA512 | 64262f87a5ea464c6867f50cc066c052531a824fbc740697ea0d10a031a9f83571ce60cc718bbb4505fe08a458a57eeaa641efabe860c2401816183455dc7a91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000da
| MD5 | 69b550731f9a789a39d18eb917e43a4c |
| SHA1 | 20721285bcc8dfc47777e43b2d94a224469a0b50 |
| SHA256 | 230bd4129d0d79dd196efcf6d9e8db962c5e750fa539dfb5b72ba43666485066 |
| SHA512 | 0de48338b7108eb2b9206c57d382c69703f1424788f7c665f44e4ebf8fbc92da8f11d10416c03f37d62c0d72cf760b902ef52f8e41caeb89ec221f0fac76702b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000101
| MD5 | 0031f8187af574819dbdf1e68c9bc6ab |
| SHA1 | 40e11960acdccff667854fe0defee89dcd4da061 |
| SHA256 | e2ea3f97cbd8d4c4cc936c65c4494f745315b53d924f9854f3ca8e78f1d3c850 |
| SHA512 | cda108fa99e23807e52eddae42b4910b506bc5e9933c666aa883f546eb4a125860d327cd737394e7aac60b574f002a3a1e09610253909b4fe8235545a80da5f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\LOG.old
| MD5 | a484320a9afa2b08074996855ba9a74b |
| SHA1 | 8853fc9efa5c512247fa331a1e3ccd1ee576b421 |
| SHA256 | d01a38880e47658cede916b96a960e1e3215e60c848100b4f532abd838e5617a |
| SHA512 | 513c5958423368f9e1205198321c65f2a95b02b17a5a8d5c36bde77840efcd3b4108c3ab3e704714e25009a77782a683707e0c1539a68d31a2c7cb66b7470e9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\LOG.old~RFe618404.TMP
| MD5 | 7eecdd0df691d7c8840386ba4c27d2b8 |
| SHA1 | 3e3ac7713223a8ce7cfae000024fa1163b9402ef |
| SHA256 | c442d9dbdf66679d03d6470aaf8b364d762a6da089900ab62870d4392e273462 |
| SHA512 | 35f2b28076bbb3a65361b45ca1460da749cb5b06f67ffb78fa23f5eda398dc851d960c2e38fe9452f8b57b61371a62cb68ce7cfa8f9da18a8c79b30e26ea6ff3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0f9b4d3ec42a0b0_0
| MD5 | 7608a04060f5f97a8a6677a8e02d2096 |
| SHA1 | 9a851624b604a3766459400a5dfee9f041f357b8 |
| SHA256 | 02b86b93bfed28b0b8c982507cadce844f1bb58ca578e104be7bdf9393b531c5 |
| SHA512 | 41ac4e02e8dd4b3ab191b10f8450b62e275f518251d33745b9d50f5cdfab822a8a74f916cafea46f4915e0b96707f10922dd6305d3d6bdf0b6f69aaf7316850b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9f9db9df850b7aa9383a5ed4a691c107 |
| SHA1 | 096bd5c981f618d1795f585926707c758e46f1ff |
| SHA256 | c89fe260c5972202018ab3bffd393165314620be68d2f955cfcd58d7149cd612 |
| SHA512 | 79492c1cdd016873e42250559b0a42f0cfbdbe7b2e29378e41880759df69c26fc2e3fb96515c9c1d233d9f5a09207ad032f198e78813e76f2aab8145dc425e10 |