Malware Analysis Report

2024-10-19 11:40

Sample ID 240702-j2bf4axdml
Target http://google.com
Tags
microsoft discovery evasion persistence phishing privilege_escalation trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

microsoft discovery evasion persistence phishing privilege_escalation trojan

Event Triggered Execution: Image File Execution Options Injection

Downloads MZ/PE file

Event Triggered Execution: Component Object Model Hijacking

Checks computer location settings

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Checks system information in the registry

Detected potential entity reuse from brand microsoft.

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Suspicious behavior: GetForegroundWindowSpam

Checks SCSI registry key(s)

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of UnmapMainImage

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Modifies registry class

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-02 08:09

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-02 08:09

Reported

2024-07-02 08:18

Platform

win10v2004-20240508-en

Max time kernel

519s

Max time network

525s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

Signatures

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\MicrosoftEdge_X64_126.0.2592.81.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Detected potential entity reuse from brand microsoft.

phishing microsoft

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\gu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\MaterialGenerator\Materials\DiamondPlate.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\particles\explosion01_shockwave_main.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\VoiceChat\New\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\hr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\WeldCursor.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\StudioToolbox\script.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\TagEditor\Insert.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\Locales\kok.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\models\MaterialManager\sphere.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\StudioToolbox\AudioPreview\play_hover.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Settings\MenuBarIcons\HomeTab.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\VoiceChat\SpeakerDark\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\xboxX.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Settings\LeaveGame\thumb_strokeStyle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\VoiceChat\Error.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\identity_proxy\win10\identity_helper.Sparse.Stable.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\PlatformContent\pc\textures\sky\indoor512_ft.tex C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\AvatarEditorImages\Stretch\bar-full-mid.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Settings\DropDown\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\RoduxDevtools\StateTabs\Full.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\Gamepad\ControllerSelect.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaApp\icons\ic-more-about.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_ur.dll C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\ru.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\AnimationEditor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\DevConsole\Minimize.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\MaterialGenerator\Materials\Sand.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\ko.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\AnimationEditor\image_keyframe_linear_unselected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\StudioToolbox\Gallery.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaApp\icons\GameDetails\social\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\AnimationEditor\rigbuilder_blue.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Locales\bs.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\TopBar\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\avatar\compositing\CompositExtraSlot4.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\AnimationEditor\menu_shadow_side_left.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\tab.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Settings\Radial\RadialLabel.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\RecordDown.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Settings\Players\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\TerrainTools\mtrl_leafygrass_2022.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\PlayStationController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaApp\graphic\playBtnBackground.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\VoiceChat\Misc\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\AvatarEditorImages\Sliders\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\scrollbuttonDown_dn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\PlayStationController\ButtonL2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Settings\Help\ResetIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\sparkle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\InGameMenu\ScrollTop.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Keyboard\mic_icon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\content\textures\ui\VR\closeButtonPadded.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\MicrosoftEdge_X64_126.0.2592.81.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\dwm.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags C:\Windows\system32\dwm.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\dwm.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\dwm.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\dwm.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID C:\Windows\system32\dwm.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Windows\system32\dwm.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\system32\dwm.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\2a\52C64B7E C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies C:\Windows\system32\dwm.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643813887912733" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Windows\system32\dwm.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\version = "version-034c0d4a0a9b44cc" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\ = "Update3COMClass" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\ProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusMachineFallback.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassSvc" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4584 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea6e7ab58,0x7ffea6e7ab68,0x7ffea6e7ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2928 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4168 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4344 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4472 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4472 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4628 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4908 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4924 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5052 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2f8 0x2ec

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5480 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5616 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5088 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5056 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5616 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5304 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultb6961443h0040h4a97h8c44h8d6a828f2909

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe94d346f8,0x7ffe94d34708,0x7ffe94d34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2004,15085837410621205998,3381706656855362987,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2004,15085837410621205998,3381706656855362987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2004,15085837410621205998,3381706656855362987,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2544 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5780 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5524 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=1752 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5456 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6064 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5492 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6112 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3888 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6276 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5936 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7152 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5936 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6980 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6372 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6096 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5624 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5620 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEIxRDdBMEYtOTZCMC00RUU5LTg1NzAtMUVEQjZFOTY5RUQ2fSIgdXNlcmlkPSJ7QTFBRDZDMjktNjE5Qy00MTVELUI3ODgtMTE1MEVFNERDMzNCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5OEM3MEZGQi01MTQ1LTQ0OUMtODI4RS1BNEFDNEExNjlGMjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY2MjMxMjE1NjYiIGluc3RhbGxfdGltZV9tcz0iNTQ4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{0B1D7A0F-96B0-4EE9-8570-1EDB6E969ED6}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEIxRDdBMEYtOTZCMC00RUU5LTg1NzAtMUVEQjZFOTY5RUQ2fSIgdXNlcmlkPSJ7QTFBRDZDMjktNjE5Qy00MTVELUI3ODgtMTE1MEVFNERDMzNCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBMTM2NkZGOC1FOEVFLTRDNDgtQkVBOC04Mjg1RDk3RjQ2MUV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY2Mjg1NDE3MzEiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\MicrosoftEdge_X64_126.0.2592.81.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{93779A7F-2BDE-4B44-8E86-589B9CEF367D}\EDGEMITMP_7E9BC.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.81 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff6acd5aa40,0x7ff6acd5aa4c,0x7ff6acd5aa58

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEIxRDdBMEYtOTZCMC00RUU5LTg1NzAtMUVEQjZFOTY5RUQ2fSIgdXNlcmlkPSJ7QTFBRDZDMjktNjE5Qy00MTVELUI3ODgtMTE1MEVFNERDMzNCfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCOTQzOTQ0My02NjlDLTQ5MUQtQjA4NC1BNjA3MTZENDM4OTZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi44MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjY0MDA4MTY5NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY2NDAxNDE4MzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2OTIxMzQxODQ0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMTEwYmY2My1jNmNlLTQ3MTQtOTY5Yi1iMzAyOGI0NDFjNDc_UDE9MTcyMDUxMjc4NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1BNUVtWkRHd0dSUVZqYUZqVGZab1pOdHVIa1QlMmJxc2x0VW5qVk41Y3pUSndWYTh3dmZzZUFTTllWY3ByUUNEZFhrUDI4SDZoSVVXVTBLV0FlMHNJWWtBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTczMDgyMTY4IiB0b3RhbD0iMTczMDgyMTY4IiBkb3dubG9hZF90aW1lX21zPSIyMTY4NSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY5MjE0NjE3NzUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2OTM2NjIxNzE2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MzgyNzgxNTg3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNzc5IiBkb3dubG9hZF90aW1lX21zPSIyODEyMiIgZG93bmxvYWRlZD0iMTczMDgyMTY4IiB0b3RhbD0iMTczMDgyMTY4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NDYxMCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" -app -isInstallerLaunch

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6944 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7108 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:TxWKnuUc_KvPU6NGKQeghzzpYXzJNK-gEm76qHGLnt5apj9PTUuXoaBeXb-gSGuo2ZfdbAzdZNDJfjdHXMdQZcoFZ9N5eESpCN86N24kzJy5preYKzUI2YXPBCRdUX05kP2Iwju2f_Xo-mZ45XonTupjOAchKVYD5Nnmm26GrUx1p_g64X-5pGvUsYbqp7AUjSbdLoawKfvqtjMj4nUk1sZdf08bwaCNzePEfu3m-_A+launchtime:1719907955923+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1719907885135007%26placeId%3D17811009787%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D71e04d4d-b54c-451c-8611-e1d06a3e682c%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1719907885135007+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5784 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6648 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7136 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5828 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5476 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6524 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5924 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=5636 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=6208 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=6024 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7172 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7308 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=4964 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7424 --field-trial-handle=1648,i,15363773029967793913,14364140275594663881,131072 /prefetch:8

C:\Windows\system32\dwm.exe

"dwm.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:80 google.com tcp
GB 142.250.178.14:80 google.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:80 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
GB 172.217.169.3:443 id.google.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
GB 172.217.169.46:443 play.google.com udp
SE 23.34.233.128:443 www.microsoft.com tcp
SE 23.34.233.128:443 www.microsoft.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 play.vidyard.com udp
US 8.8.8.8:53 cdn-dynmedia-1.microsoft.com udp
US 8.8.8.8:53 mem.gfx.ms udp
US 13.107.253.64:443 wcpstatic.microsoft.com tcp
US 151.101.193.181:443 play.vidyard.com tcp
NL 23.62.61.129:443 cdn-dynmedia-1.microsoft.com tcp
NL 23.62.61.129:443 cdn-dynmedia-1.microsoft.com tcp
NL 23.62.61.129:443 cdn-dynmedia-1.microsoft.com tcp
US 13.107.246.64:443 mem.gfx.ms tcp
US 8.8.8.8:53 128.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 publisher.liveperson.net udp
BE 23.216.249.177:443 publisher.liveperson.net tcp
US 8.8.8.8:53 fpt.microsoft.com udp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 lpcdn.lpsnmedia.net udp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 34.120.154.120:443 lpcdn.lpsnmedia.net tcp
US 8.8.8.8:53 64.253.107.13.in-addr.arpa udp
US 8.8.8.8:53 181.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 225.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 177.249.216.23.in-addr.arpa udp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 8.8.8.8:53 assets.adobedtm.com udp
SE 23.34.232.228:443 assets.adobedtm.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.134:443 login.microsoftonline.com tcp
NL 40.126.32.134:443 login.microsoftonline.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
NL 23.62.61.129:443 cdn-dynmedia-1.microsoft.com tcp
US 8.8.8.8:53 s7mbrstream.scene7.com udp
US 8.8.8.8:53 120.154.120.34.in-addr.arpa udp
US 8.8.8.8:53 171.30.167.52.in-addr.arpa udp
US 8.8.8.8:53 228.232.34.23.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
BE 104.117.77.98:443 s7mbrstream.scene7.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 13.107.253.64:443 aadcdn.msauth.net tcp
US 8.8.8.8:53 outlook.live.com udp
GB 40.99.201.226:443 outlook.live.com tcp
GB 40.99.201.226:443 outlook.live.com udp
US 8.8.8.8:53 4.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 98.77.117.104.in-addr.arpa udp
US 8.8.8.8:53 226.201.99.40.in-addr.arpa udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 13.107.253.64:443 acctcdn.msauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 152.199.21.175:443 lgincdnvzeuno.azureedge.net tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 lptag.liveperson.net udp
GB 178.249.97.23:443 lptag.liveperson.net tcp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 23.97.249.178.in-addr.arpa udp
US 8.8.8.8:53 35.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 outlook.office365.com udp
GB 52.97.211.226:443 outlook.office365.com tcp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 152.199.21.175:443 aadcdn.msftauth.net tcp
US 152.199.21.175:443 aadcdn.msftauth.net tcp
US 152.199.21.175:443 aadcdn.msftauth.net tcp
US 152.199.21.175:443 aadcdn.msftauth.net tcp
US 8.8.8.8:53 226.211.97.52.in-addr.arpa udp
GB 52.97.211.226:443 outlook.office365.com udp
US 8.8.8.8:53 r4.res.office365.com udp
SE 184.31.15.227:443 r4.res.office365.com tcp
US 8.8.8.8:53 privacy.microsoft.com udp
US 8.8.8.8:53 autologon.microsoftazuread-sso.com udp
IE 40.126.31.71:443 autologon.microsoftazuread-sso.com tcp
US 8.8.8.8:53 identity.nel.measure.office.net udp
BE 23.14.90.90:443 identity.nel.measure.office.net tcp
US 8.8.8.8:53 aadcdn.msftauthimages.net udp
US 8.8.8.8:53 passwordreset.microsoftonline.com udp
US 13.107.253.64:443 aadcdn.msftauthimages.net tcp
US 13.107.253.64:443 aadcdn.msftauthimages.net tcp
US 8.8.8.8:53 227.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 90.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 res.cdn.office.net udp
SE 184.31.15.227:443 res.cdn.office.net tcp
SE 184.31.15.227:443 res.cdn.office.net tcp
SE 184.31.15.227:443 res.cdn.office.net tcp
SE 184.31.15.227:443 res.cdn.office.net tcp
SE 184.31.15.227:443 res.cdn.office.net tcp
US 8.8.8.8:53 csp.microsoft.com udp
SE 184.31.15.227:443 res.cdn.office.net udp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 13.107.246.64:443 csp.microsoft.com tcp
SE 184.31.15.227:443 res.cdn.office.net udp
GB 52.97.211.226:443 outlook.office365.com tcp
US 8.8.8.8:53 amcdn.msftauth.net udp
US 8.8.8.8:53 eu-office.events.data.microsoft.com udp
US 13.107.253.64:443 amcdn.msftauth.net tcp
IE 20.50.73.11:443 eu-office.events.data.microsoft.com tcp
IE 20.50.73.11:443 eu-office.events.data.microsoft.com tcp
US 8.8.8.8:53 titles.prod.mos.microsoft.com udp
FR 20.74.67.0:443 titles.prod.mos.microsoft.com tcp
US 8.8.8.8:53 11.73.50.20.in-addr.arpa udp
US 8.8.8.8:53 0.67.74.20.in-addr.arpa udp
US 8.8.8.8:53 config.fp.measure.office.com udp
US 13.107.6.163:443 config.fp.measure.office.com tcp
US 8.8.8.8:53 163.6.107.13.in-addr.arpa udp
US 8.8.8.8:53 webshell.suite.office.com udp
GB 52.111.242.3:443 webshell.suite.office.com tcp
GB 52.111.242.3:443 webshell.suite.office.com tcp
US 8.8.8.8:53 graph.microsoft.com udp
GB 40.126.41.97:443 graph.microsoft.com tcp
US 8.8.8.8:53 res-1.cdn.office.net udp
SE 2.21.96.97:443 res-1.cdn.office.net tcp
US 8.8.8.8:53 cxcs.microsoft.net udp
NL 23.62.61.99:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 3.242.111.52.in-addr.arpa udp
US 8.8.8.8:53 97.41.126.40.in-addr.arpa udp
US 8.8.8.8:53 97.96.21.2.in-addr.arpa udp
US 8.8.8.8:53 clients.config.office.net udp
GB 20.90.202.62:443 clients.config.office.net tcp
US 8.8.8.8:53 99.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 114.66.68.104.in-addr.arpa udp
US 8.8.8.8:53 62.202.90.20.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 media.licdn.com udp
FR 152.199.21.118:443 media.licdn.com tcp
FR 152.199.21.118:443 media.licdn.com tcp
US 8.8.8.8:53 www.clarity.ms udp
US 13.107.253.64:443 www.clarity.ms tcp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 51cac6fd6bfbe255e492140593992f60.fp.measure.office.com udp
IN 40.99.111.18:443 51cac6fd6bfbe255e492140593992f60.fp.measure.office.com tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 119.190.114.20.in-addr.arpa udp
US 8.8.8.8:53 18.111.99.40.in-addr.arpa udp
US 8.8.8.8:53 tr-ofc-mira.office.com udp
GB 52.110.3.5:443 tr-ofc-mira.office.com tcp
GB 142.250.178.14:443 google.com tcp
US 8.8.8.8:53 upload.fp.measure.office.com udp
US 8.8.8.8:53 5.3.110.52.in-addr.arpa udp
US 8.8.8.8:53 munchkin.marketo.net udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 dc.ads.linkedin.com udp
US 204.79.197.237:443 bat.bing.com tcp
US 13.107.42.14:443 dc.ads.linkedin.com tcp
BE 104.68.89.134:443 munchkin.marketo.net tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 134.89.68.104.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
GB 142.250.200.14:443 apis.google.com udp
SE 2.21.96.97:443 res-1.cdn.office.net udp
US 8.8.8.8:53 roaming.officeapps.live.com udp
IE 52.109.76.243:443 roaming.officeapps.live.com tcp
IE 52.109.76.243:443 roaming.officeapps.live.com tcp
GB 172.217.169.46:443 play.google.com udp
IE 52.109.76.243:443 roaming.officeapps.live.com tcp
US 8.8.8.8:53 243.76.109.52.in-addr.arpa udp
US 8.8.8.8:53 m365cdn.nel.measure.office.net udp
US 8.8.8.8:53 exo.nel.measure.office.net udp
FR 128.116.122.4:443 roblox.com tcp
FR 128.116.122.4:443 roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
NL 128.116.21.4:443 www.roblox.com tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
BE 23.14.90.82:443 css.rbxcdn.com tcp
BE 23.14.90.82:443 css.rbxcdn.com tcp
BE 23.14.90.82:443 css.rbxcdn.com tcp
BE 23.14.90.82:443 css.rbxcdn.com tcp
BE 23.14.90.82:443 css.rbxcdn.com tcp
BE 23.14.90.82:443 css.rbxcdn.com tcp
NL 23.63.101.152:443 js.rbxcdn.com tcp
NL 23.63.101.152:443 js.rbxcdn.com tcp
NL 23.63.101.152:443 js.rbxcdn.com tcp
NL 23.63.101.152:443 js.rbxcdn.com tcp
NL 23.63.101.152:443 js.rbxcdn.com tcp
NL 23.63.101.152:443 js.rbxcdn.com tcp
BE 23.14.90.81:443 static.rbxcdn.com tcp
US 8.8.8.8:53 4.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 82.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 152.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 81.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
NL 128.116.21.4:443 www.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
GB 18.244.155.18:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
NL 128.116.21.4:443 ecsv2.roblox.com tcp
GB 18.244.155.18:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
BE 23.14.90.81:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 18.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 locale.roblox.com udp
NL 128.116.21.4:443 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.91:443 images.rbxcdn.com tcp
BE 23.14.90.82:443 css.rbxcdn.com tcp
NL 128.116.21.4:443 locale.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
NL 128.116.21.4:443 auth.roblox.com udp
US 8.8.8.8:53 214.80.50.20.in-addr.arpa udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
DE 128.116.44.4:443 assetgame.roblox.com tcp
DE 128.116.44.4:443 assetgame.roblox.com tcp
DE 128.116.44.4:443 assetgame.roblox.com udp
US 8.8.8.8:53 4.44.116.128.in-addr.arpa udp
DE 128.116.44.4:443 assetgame.roblox.com tcp
GB 18.244.155.18:443 roblox-api.arkoselabs.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
DE 128.116.44.4:443 assetgame.roblox.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 aws-ap-east-1a-lms.rbx.com udp
HK 18.166.190.245:443 aws-ap-east-1a-lms.rbx.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
BE 23.14.90.104:443 c0.rbxcdn.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 8.8.8.8:53 ams2-128-116-21-3.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 216.239.32.116:443 beacons4.gvt2.com tcp
SE 184.31.15.64:443 tr.rbxcdn.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
HK 18.166.190.245:443 aws-ap-east-1a-lms.rbx.com tcp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 104.90.14.23.in-addr.arpa udp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 8.8.8.8:53 3.123.116.128.in-addr.arpa udp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 64.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 245.190.166.18.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 t6.rbxcdn.com udp
BE 23.14.90.73:443 t6.rbxcdn.com tcp
US 8.8.8.8:53 73.90.14.23.in-addr.arpa udp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
HK 18.166.190.245:443 aws-ap-east-1a-lms.rbx.com tcp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
BE 23.14.90.104:443 c0.rbxcdn.com tcp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 aws-eu-central-1c-lms.rbx.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1d-lms.rbx.com udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
ES 108.157.125.14:443 c0aws.rbxcdn.com tcp
DE 35.156.168.119:443 aws-eu-central-1c-lms.rbx.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
HK 16.163.44.104:443 aws-ap-east-1b-lms.rbx.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
JP 52.192.143.17:443 aws-ap-northeast-1d-lms.rbx.com tcp
JP 52.192.143.17:443 aws-ap-northeast-1d-lms.rbx.com tcp
HK 16.163.44.104:443 aws-ap-east-1b-lms.rbx.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.122.116.128.in-addr.arpa udp
US 8.8.8.8:53 119.168.156.35.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 14.125.157.108.in-addr.arpa udp
US 8.8.8.8:53 17.143.192.52.in-addr.arpa udp
US 8.8.8.8:53 104.44.163.16.in-addr.arpa udp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 badges.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 23.63.101.171:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 171.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
DE 128.116.123.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
DE 128.116.44.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 18.165.242.41:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
NL 23.63.101.153:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 41.242.165.18.in-addr.arpa udp
NL 23.63.101.153:443 setup.rbxcdn.com tcp
NL 23.63.101.153:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:55760 tcp
N/A 127.0.0.1:55764 tcp
N/A 127.0.0.1:55767 tcp
N/A 127.0.0.1:55770 tcp
US 8.8.8.8:53 153.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
SE 184.31.15.42:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 42.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 216.58.213.3:443 beacons.gvt2.com tcp
GB 216.58.213.3:443 beacons.gvt2.com udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 csp.microsoft.com udp
US 8.8.8.8:53 res.cdn.office.net udp
US 13.107.246.64:443 csp.microsoft.com tcp
SE 184.31.15.227:443 res.cdn.office.net udp
US 8.8.8.8:53 outlook.office365.com udp
GB 52.97.211.162:443 outlook.office365.com udp
GB 52.97.211.162:443 outlook.office365.com tcp
US 8.8.8.8:53 attachments.office.net udp
GB 52.97.129.226:443 attachments.office.net tcp
GB 52.97.129.226:443 attachments.office.net tcp
US 8.8.8.8:53 162.211.97.52.in-addr.arpa udp
US 8.8.8.8:53 226.129.97.52.in-addr.arpa udp
US 8.8.8.8:53 loki.delve.office.com udp
GB 52.111.242.2:443 loki.delve.office.com tcp
GB 52.111.242.2:443 loki.delve.office.com tcp
US 8.8.8.8:53 res-1.cdn.office.net udp
US 8.8.8.8:53 eur.loki.delve.office.com udp
SE 2.21.96.113:443 res-1.cdn.office.net udp
FR 52.111.231.0:443 eur.loki.delve.office.com tcp
SE 2.21.96.113:443 res-1.cdn.office.net tcp
US 8.8.8.8:53 eu-mobile.events.data.microsoft.com udp
NL 13.69.116.107:443 eu-mobile.events.data.microsoft.com tcp
NL 13.69.116.107:443 eu-mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 2.242.111.52.in-addr.arpa udp
US 8.8.8.8:53 113.96.21.2.in-addr.arpa udp
US 8.8.8.8:53 0.231.111.52.in-addr.arpa udp
US 8.8.8.8:53 107.116.69.13.in-addr.arpa udp
US 8.8.8.8:53 eu-office.events.data.microsoft.com udp
NL 13.69.116.108:443 eu-office.events.data.microsoft.com tcp
US 8.8.8.8:53 108.116.69.13.in-addr.arpa udp
SE 184.31.15.227:443 res.cdn.office.net udp
US 8.8.8.8:53 exo.nel.measure.office.net udp
BE 23.14.90.75:443 exo.nel.measure.office.net tcp
US 8.8.8.8:53 75.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 res.public.onecdn.static.microsoft udp
SE 23.34.233.157:443 res.public.onecdn.static.microsoft tcp
US 8.8.8.8:53 157.233.34.23.in-addr.arpa udp
US 8.8.8.8:53 titles.prod.mos.microsoft.com udp
FR 20.74.67.0:443 titles.prod.mos.microsoft.com tcp
SE 2.21.96.113:443 res-1.cdn.office.net udp
US 8.8.8.8:53 graph.microsoft.com udp
GB 40.126.41.161:443 graph.microsoft.com tcp
US 8.8.8.8:53 161.41.126.40.in-addr.arpa udp
US 8.8.8.8:53 webshell.suite.office.com udp
GB 52.111.242.3:443 webshell.suite.office.com tcp
GB 52.111.242.3:443 webshell.suite.office.com tcp
US 8.8.8.8:53 clients.config.office.net udp
FR 20.74.35.75:443 clients.config.office.net tcp
US 8.8.8.8:53 75.35.74.20.in-addr.arpa udp
US 8.8.8.8:53 media.licdn.com udp
FR 152.199.21.118:443 media.licdn.com tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 3e1744c72a03b13624da54a2f6f31c3d.fp.measure.office.com udp
FR 52.98.159.194:443 3e1744c72a03b13624da54a2f6f31c3d.fp.measure.office.com tcp
US 8.8.8.8:53 tr-ooc-atm.office.com udp
GB 52.97.211.82:443 tr-ooc-atm.office.com tcp
US 8.8.8.8:53 upload.fp.measure.office.com udp
US 13.107.6.163:443 upload.fp.measure.office.com tcp
US 8.8.8.8:53 82.211.97.52.in-addr.arpa udp
US 8.8.8.8:53 194.159.98.52.in-addr.arpa udp
GB 52.97.129.226:443 attachments.office.net udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 roaming.officeapps.live.com udp
GB 52.109.28.47:443 roaming.officeapps.live.com tcp
US 8.8.8.8:53 47.28.109.52.in-addr.arpa udp
US 13.107.246.64:443 csp.microsoft.com tcp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 id.google.com udp
ZA 142.251.216.67:443 id.google.com udp
ZA 142.251.216.67:443 id.google.com tcp
US 8.8.8.8:53 67.216.251.142.in-addr.arpa udp
US 8.8.8.8:53 onedrive.live.com udp
US 13.107.137.11:443 onedrive.live.com tcp
US 13.107.137.11:443 onedrive.live.com tcp
US 8.8.8.8:53 res-1.cdn.office.net udp
US 8.8.8.8:53 11.137.107.13.in-addr.arpa udp
SE 2.21.96.113:443 res-1.cdn.office.net udp
US 8.8.8.8:53 odc.officeapps.live.com udp
IE 52.109.76.144:443 odc.officeapps.live.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 144.76.109.52.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
US 20.189.173.4:443 browser.events.data.microsoft.com tcp
BE 23.14.90.75:443 exo.nel.measure.office.net tcp
US 8.8.8.8:53 portal.office.com udp
US 13.107.9.156:443 portal.office.com tcp
US 13.107.9.156:443 portal.office.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 20.190.160.17:443 login.microsoftonline.com tcp
US 8.8.8.8:53 156.9.107.13.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 thomasaveling-my.sharepoint.com udp
US 13.107.136.10:443 thomasaveling-my.sharepoint.com tcp
US 8.8.8.8:53 shell.cdn.office.net udp
GB 2.22.247.141:443 shell.cdn.office.net tcp
SE 2.21.96.113:443 res-1.cdn.office.net udp
US 8.8.8.8:53 10.136.107.13.in-addr.arpa udp
US 8.8.8.8:53 141.247.22.2.in-addr.arpa udp
US 8.8.8.8:53 substrate.office.com udp
GB 52.97.211.226:443 substrate.office.com tcp
GB 52.97.211.226:443 substrate.office.com udp
US 8.8.8.8:53 res.cdn.office.net udp
US 8.8.8.8:53 ecs.office.com udp
SE 184.31.15.242:443 res.cdn.office.net udp
US 8.8.8.8:53 r4.res.office365.com udp
US 52.113.194.132:443 ecs.office.com tcp
US 8.8.8.8:53 webshell.suite.office.com udp
SE 184.31.15.242:443 r4.res.office365.com tcp
US 8.8.8.8:53 amcdn.msftauth.net udp
GB 52.111.242.3:443 webshell.suite.office.com tcp
US 13.107.253.64:443 amcdn.msftauth.net tcp
NL 20.190.160.17:443 login.microsoftonline.com tcp
US 8.8.8.8:53 242.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 132.194.113.52.in-addr.arpa udp
US 8.8.8.8:53 thomasaveling.sharepoint.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
N/A 127.0.0.1:42050 tcp
N/A 127.0.0.1:42050 tcp
N/A 127.0.0.1:42050 tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 8.8.8.8:53 config.fp.measure.office.com udp
US 13.107.6.163:443 config.fp.measure.office.com tcp
US 8.8.8.8:53 eu-mobile.events.data.microsoft.com udp
NL 20.50.201.201:443 eu-mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 201.201.50.20.in-addr.arpa udp
NL 20.50.201.201:443 eu-mobile.events.data.microsoft.com tcp
N/A 127.0.0.1:42050 tcp
US 8.8.8.8:53 clients.config.office.net udp
GB 20.90.205.241:443 clients.config.office.net tcp
US 8.8.8.8:53 241.205.90.20.in-addr.arpa udp
US 8.8.8.8:53 ukwest0-0.pushnp.svc.ms udp
GB 52.109.32.1:443 ukwest0-0.pushnp.svc.ms tcp
US 8.8.8.8:53 1.32.109.52.in-addr.arpa udp
GB 40.126.41.161:443 graph.microsoft.com tcp
GB 40.126.41.161:443 graph.microsoft.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.214.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp

Files

\??\pipe\crashpad_4584_PHFCUJZUEPKITOCO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ab3833c80425aecb05be0bb77216f13
SHA1 20c0fcbf1af69354d61d62d215fe0a1f04249067
SHA256 448cc9256b47d8b01ca16cde10f0b6ed81f217bbdf64609e3f99576378fe6725
SHA512 3bde62a5c6b38aa164c86775c7a6b35b04e8a52440017af5041872d98471e7220f169e144884c4d37012455145f038e403548590438baec831fb4b0ff0c0195a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8e659d28-5e21-45ce-9082-becd27457d88.tmp

MD5 91720b8637f981a5e57c3bbec5924db8
SHA1 d26744887e534902469d17e64bcde0d70832aa0a
SHA256 4075a6fa66133a0c03e372b719773bd4a90e66386e4eb3be7ffa1009bd2cc428
SHA512 945339fdd2b96990ec30e640fc5a25faa7a138804a8480762f4a05aa67492870ae8dba6556760572c007e93adf290aedb0d8d24f734954c7246e1838026dae10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b12b9ce416d5e79a4888ed26364f4231
SHA1 f7729f0410aecc2bad41843fe133ee3f2aa48d53
SHA256 46f9064d0f63b8f9665ef501d91c8b2217563b582645c0958fe65ade8a371b4f
SHA512 fd4a0617908a92822a22232b09398c6d45fe7a58f523a49c079d614c2cf90404ca44ea82ed55336ee2047a7d4e0ee88dd7301e971f287b589a29518c5cf34366

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5f41aee41886c149b26e95de7ddb3958
SHA1 5922cdb3c5d68bfc2f2995c805607a1e45175fa0
SHA256 6349211399778e1310467716b6a74094b821308abfb9b2172bf8163480fd1965
SHA512 8201ae26c6e8bd67daf81f86fa5c4c7e56e32afe5eeb2dc4d1bc631dc6962bec229df97c8b766e655da93a3aa2c42cb41d4e74546f7fc37ab4df7ca0843e935c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8ff10f99ec2b8e1ea0b1cf422f9afeea
SHA1 650cc1c675c6d18ae8cbd4dd79eb9533006c45b6
SHA256 51df49ff67ffd9788cf889700ebbb4e1ba8855a9072c3829aa4064c5fe6ea710
SHA512 ac8f0af68241eb3d8141612963e23256e96f95e743e49f0f9ced14f390f126c676fb8c88282e183496b0bc8e72dc07804522cd0c065b2a5fadfb9166900cb99f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7cfa70383151fa89091c063b2eb9927d
SHA1 d51f8e4619f748fe28d06fa0c53df53fc541d63e
SHA256 708766d720c85b5b2f6bc1be836c7604c3f2d2a45dd66fa75e530af671a7d9e0
SHA512 93e6821060f576a0f4b94aea2a0e07137fbf032d172af6765aafe33df1f0831f69eb9ed9d325b6a5fdcac3704c6d66de90aa66f0dfc92eb7bf8d320375807b34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5d97b9f890697ce3ff2cc4c9dd936bad
SHA1 682b48b86df0a93fd38037b72019a7dcfd3582b8
SHA256 0d8db0f7da37f220604dec546806a40f4cbb1acd6ef6769e55d82f7cdba6ada5
SHA512 4def091cb9a34604370f7bf9c765b6c11b0b43183029a860ebb2ea38ebc711a85db6dbf67bddf88e74677384990a5e02ed5f984fce968ac257d4110bc18a5d61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f1b3.TMP

MD5 d1742476d10dfe908a0cdaf9ea318880
SHA1 9cd468637eebbfef9587a24751a50548836d5cb3
SHA256 3a76cbcda97d9a29f9b5daeac5a7f59cf1798a94199ccfb354ba590865c2c658
SHA512 3c229798cf283c4526302a9945bd489f5cd9d11cdf0da0496180ac3dd1e9dfd34c044f878f8f14b37b2ca8e526ef48083c0ad0ade204aa31f67b8679100f4db7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 07d6db5244f1e786812935e8a8837412
SHA1 ecb1c0506a0f804c7e40996a6ef735de20eb3289
SHA256 c6760ab9b680c8e2edcf6da3c16d80c9b5b4376d331289849eec23c76d24546d
SHA512 e139f28f8a7ebb13d82463663ffbdd9b749da2b5bd4c310518c63c3653776d1000f7245a54a8d761cf680a78df22368e2041133d7fedb619cdc4cafe7fd8c662

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b3250efc2bb4ea5bfe6e3194f19d632
SHA1 878cee8fa692ce754efa21d1747334e22953d587
SHA256 91ddf517cf245ba229ac32d63975d078041003a8cdabe9e83442a156996f0288
SHA512 eb211e51c081de660d829556a09980201a9cc1aa47d8b84ecedd586966f819aee5be1bdf73f6925af841c3fc2c86c8f505fed21dfc907bd3cd2f7e647a819f01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d18edfdbe7d08fc4a6fa13b983feded
SHA1 8c74533ef45a36b42329de0bc1cf9af6f086b983
SHA256 854d48fbbfdea6ccef237c55d0d580c704c6b78c46ef43f3b4650f03a221dd5f
SHA512 cb9cda0291bbb532e9dca84aa336971c1fc148f6d787b532a5c5d94dfdccf087fa4cab48fb023b4858cbe7c93665ffa3470875fb2618a2fdfeff39f869dc5683

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 439b5e04ca18c7fb02cf406e6eb24167
SHA1 e0c5bb6216903934726e3570b7d63295b9d28987
SHA256 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654
SHA512 d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25a3a5f6ecb7fc50c07bddb9a4831dca
SHA1 ed6b0127e4bde3e7c2bb9c108fddf69695e9d73b
SHA256 3375f3515510c3bdae19ae5432d07992ef3d2d770b57b9b1aefa0cfd19b6ddcd
SHA512 b174f1676b4c4b6b18b5399866f64e7ee6306ca7551fc6d38db85bc780bf3f243ac3656af02811bf5990b20c5c0363dcbceb9eea00df2e04f0d80b32786414dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 862561583951f75a2c692854a1a72672
SHA1 792e7a3667ae2e09033ed59e9920ea402d985173
SHA256 b5d4990bb9208a3156a24b2d7346dd284494b4d47f14665a482254d40f2a217b
SHA512 270e0100a52d21b339fcd362615c4509e4e57dec7859eb931f723184ea54653a2a328f1085a25875e7795777074f7b51af6f17ce935c2ef4bf9a958aebeda003

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21d2f3df89c45e915fa13b3959b36176
SHA1 679f956e349c9b503f17a8c6442d8fd40a478acf
SHA256 fcb7b858f987341876946ff4814d1960c0e7a746a5a1a802d69ee81d00e055b2
SHA512 ff82752e017983ffe8b189dab5d370a0fdfeb09afe2f11f227832a7f2a006d2c9bcf6fb20ae81677d735cffcd3457665abcdbc7433bcd7ae02c866b382dcb6a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fc31057aa18a0be2816b9c326dcf7479
SHA1 5016a5bae0b4f13f8756755baab23234519a7d47
SHA256 6c10dbd420c62311663f2a43c3401cd1759583241904c4aec3b8845c680e7c16
SHA512 b2bcbe7664632ab125c6a1a21f85a10f23812a1ab2d7af445824793a8a06f8c182cb09c10d80738dd92301394f4e6cab9d9619dbce701cee87bfb27504dbd1cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6f1400791d863e1b5fb1a971e70185c1
SHA1 1116ec153591635f167ab626c86ce2c601aa554b
SHA256 37d37b963c2b881ecaf31085e97fea2c92a61e34d652fc182fb267dca12df62f
SHA512 6c57092b31a8132368ea63529dbd82de9219e58eb7005db86738db5dbe878149e937b419b0f8cc47dbc5084193f556b39c32630e8ee9d7ce0c301070183c51ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c91c9fccbc6e1c21fd203dd440aa63ec
SHA1 fd2427073108a0e904f12a489b81342e367d67ca
SHA256 ff73e2205a7a2cfc16a222904e2d08265336c3c776179d6a8f5e2ff8e223525b
SHA512 32b8bc5b31be9a860d9a8c06a74cea8b713eca3d76e375c7205af5b912d25f3d8431502e3310636a721b9590c7c49e751baec709acc1d9e598b8b0ffb7ecbbb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 967b97c8efbf54183fac9b9c7863001c
SHA1 89e51ae099bb0eb959e07c8d1d0142a9671ba5cd
SHA256 138ead15b5e1df3d6ad6c2d8baf4d12182b681b653f428b07df49bab8bee24c7
SHA512 6617c02214bdbd54f4828597553fd2e12c9e14d8be320f19d2647d725beda51352cf508cd18b95cc3880f90dab42a23728d384ab9dc42e44d17e26afa0ab060d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 835f8350f9102dcaf2fde735529856fc
SHA1 9430ad1a01352f8dbb0ce90b34fa7f055f26a7a6
SHA256 d497447f07bd29576c6a7bd7d7ef8a5b325613484b285ad0a40db4454bf04f82
SHA512 0ae895a70cb0c74809c40b3c0f8a2a45918e67d2452da025680c2484672ffb7b82171aa49c58b95e3cef008264c174e1f05a66ec85a692fad67caf9fd80ca213

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 03dad47762071d974549058ce04273c6
SHA1 82cd1ad6e915d8c34245ad35d62c051cd2bbba0c
SHA256 50beeda74c4a3a1512dd8aca40613dd7454e075df50c79885ed9a476f3f48e69
SHA512 e829c4bebeee576d4d35d9837b39afc1d7330b612a4672dd78c790d531a7c5a604460bfbddd7a263279d644fe95fee7488a82623573b0521299269c81b485536

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 0af1a10e19f765da2f2792dba876996c
SHA1 b15f130680714e87921cfaf864122f9c708691fd
SHA256 970f547da4f8656d2bacd529a3fd8d950abf522244f26a2c5511308d65e6499c
SHA512 03b2672ad1a1209fd5c48a6ac9566e139f1de47cde4dcf88d772ca233b4bae99dd525b84858244e8f3159d43870068e2014512007bc3d25135751909b7ccb0ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 23bea63721d279d16796e355ee00a98b
SHA1 9c7a34176266a042e45bfdde5eefce8df5968a42
SHA256 347d018f5b5cbc1a5892bb7b314cdbcefed8b0507808127b108c6d4a49b22252
SHA512 9fd11fd6ebd6cb8f0a940ce3833d07515e71c53da6d279069560d4f549fc78d74b5e856934c7919b03f6ea0b1820a0df2ab010a6649fb6a60c1d8e319ffce689

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 f2ea0a1218f371c95b1d2706e68e8ba6
SHA1 8c31981a3a605936effae8dfa2241706ba859462
SHA256 7bc99f1fe651b9ea84a528b796118088cd8ef8150bfad995809fe31478022da1
SHA512 137012183bd4859454f38a9378df70560be2328a7fc1ac94b5e40d8c0e039a87edf503dda4bc632031a042acefecd504c857c2512fa8e4aba2f1144a5cae0d00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt~RFe58be88.TMP

MD5 ca4abbd72530d4abbc9c30ebf1afc388
SHA1 6bb191167d0eabaae8491f943f1664a9422cd7ec
SHA256 292d7ee116f4454d1c15258aa7d4530080eb7369f169020f9f48e338c7b8047b
SHA512 e490bb758a2fca2ba50dd4cec4d73ae691fda9dfe2de2c5b080941159b56e123130f0526c6732baace8eca0121b541fbe10dfa5e5e3e9ba5725cd23185172f31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\7722baf6-b92d-44bf-9ca4-63139ddf528c\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 f8008a6a26d157ae9d0486f22fdf6143
SHA1 4713611fda2c9d4dbec63b5494e355042f0c8d47
SHA256 0f71c34065a419a14d2e65af6addb0f4bc945e2b22ca44a9e4ac0734ec962801
SHA512 40b136c0c8a5a7dfc089b08171fa20512e6f138a158d5fd781f0120de72878256ae83779d77ea538b3e9000f22edb7d5d913438358d58b3125168e5cacf0deac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 3c1549f3a317f84a6fa912cccc639282
SHA1 0f0b4f5630adad822d9cd5a2b514c096d75a48d3
SHA256 34d53379d785255e05ba068322939f57574950d752beac857c02cf2d274652a1
SHA512 c485c2ad2b6303a624639a177b1f87969a74768d7d2c1751138963619031dfeffd07868b2adc4fe549904503bff5ab16b423495a277b2fabbe17abc8764a5189

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076

MD5 1784d82edabfbc66aca767eb7becc500
SHA1 6b5e78f735d0d09fec5ff94efc3374af2a75ad74
SHA256 7ea81e7c911e5ba134b67278f0d7f2baf4e652243c57bb699030ecc77e85619a
SHA512 852dbdb202cd0e83dcd4b2e83a9875db060cc2202d55b9b37c3514e8e63f1d12178a3ba24ea6e2cd10b57888c56477d18a6883e520bbf7092c3f9b2d33746849

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

MD5 1e716406133e63853729cf416f065351
SHA1 e6a54a42a36bfb5c781b6873a79431b11e016f24
SHA256 241d46d249782fa9b9163f89ccd2d1537b55a567438863c46001a86cf12eb3c7
SHA512 d3aefeddd21de9f8fef8ec288224131f78049475ac449b193bb31584bea25b6844bb4f75d561d93dfcd08d7f442f659c301ffec210e03bf4f3403e994c63156a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096

MD5 12d0c6aacad574881a5f55670e94c11d
SHA1 7aadf8d1038e32609557c5169f45ce77175b42d6
SHA256 3b455652ce5f370e939b8c79efca8193db3a55924d68650f584c963859704d54
SHA512 428dcde26e1f97d8ad74f8f9f33fba5d74e8c4fb869119cf36d236a8586ff7223490ffa988a6dc7df3e912a471616c3cab676056dcfb9835698f050bbaaabdd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\LOG.old~RFe58c629.TMP

MD5 07ed6371a4ec7438ccad3585cdfc26c7
SHA1 42cd3d344564f1f3c10f8f93249295387e4da98d
SHA256 654240313efcb6bd6fb8b3ae772470f1c2efd30ef2c7bb5f59cf629e59b0e94d
SHA512 eb27cca2bc90924ec37ffa34314a35f6dea4b1263677b073e2de0d717fec08556b6c591fc178f028b56052171fa7666f27819e5304b39a89a422630e3670e6d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\LOG.old

MD5 e1808b0f99fc73679d58dc2e7ac3e243
SHA1 c88b21ef4d34228eebeeca9d8a431582332b332a
SHA256 ec298d4713fdfda098564518ee3c0a82e980b7c25195b718b90b66ce78e10e92
SHA512 e5cfd71fba638572f953917100085379b352cf751833dd0c4732e1a4c0bad95f067f54ee7e43a5fccf11d664d9fa658d0cc8656c612e13ef631ae6f49f135d6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ce

MD5 823cc03dc2a57ff7ddcc40c4728be9f9
SHA1 385a6d029a0d1efd47bf12fbb64a018a0d7737ec
SHA256 29d4725dbfdff4c26719db2a8c3b065e6911745ae745717e688bd22843eb3053
SHA512 2a572ac4f1a6d1ab42695892d457acde1887f2ba1f786823afb805aab88edc3244afe3a7a5d288e616b8031b98e8a084046da55daa7d8a42498bae0b2322979d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9df0da99f803f99098d7a3c11fa2a760
SHA1 e92aa5d38dc7470beaeec9f5e046ee62bbdaa92c
SHA256 81723e0ad576860bb99e7de3e9af2e304c528b8ad9733585af08f027862bb2c4
SHA512 3247629976f6f63302339c0938b576bce9918e4821f1b8884dc570483a58d1162d666a86c0273ff5fbe1785d94dfc80a3ee0c8f73621768de8768f6ce484399f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f6ac8c4889da2fca1250c423bbe117b
SHA1 e010f3f8680dddb741949cc00004ece5892baa23
SHA256 903b3c83251e9e98c2f9cb5a50297c0f987ffdba30b0f30cfd93fa85e0e81e14
SHA512 931d238622e9c9baf64174e1d8091260db78d39659f7616c39ebf6617a993e29608eaa4218760d7e8a31beaff7a3a94156123d2a41a0847be6d676cb71e8576d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a4d8c7c5e43b47f4c9c3a8da79a3b658
SHA1 4de5fceebe83bd132a1a40ab53b02c7c2fadc173
SHA256 05ab9f0c35dafa91497461fdee508d4ffe532c53c554294d8ecfe118ee12984d
SHA512 346d631f61431327eba41ea3abb615eddd50fa57418ee6a856dfc08879098ae57e5889f0bcb3445b40699a0ed32464f65262051373d9ffe0a3ab36bfc8fc7a53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 da8ca32df43e3c6f8585b1effba8f6d7
SHA1 ae10d1c96b6fbfb46031ecbf0768cc5d48441f0c
SHA256 57a7642cf9e558e8995434762e964c3b03330a60001e6b44806b2c4633ba40f9
SHA512 229ef805d264fb4afc233788f662d65418a15da331729438ea91b14ae46efe32b8c919f46f692b9f3fc231de4834f47622ca3e3dcc3959febfcecb417d83d8f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe590ca8.TMP

MD5 f4797a7d46f7f9a4d9c5da942177e900
SHA1 2f0a48ea3c56d290b679cf82a46eea6f8ef03f4b
SHA256 27a174bd7e17955bcaf5444d76291634fa07e005c935f0c509962a6189d7e18d
SHA512 a5822cf2107e8f554c79f5d1a87de42f1274fdb520a246e1a4f54a092bc9278aaf2b55a3fd06333fbde215d80317534ce74e3a6c2d4fed12de108fb9fc83ed95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0cfc07a82d2b89d7e8febebb61705a1b
SHA1 1fc9269a92b1f3101fa41d3d445ccb8e773456be
SHA256 e96dc955e83940bbbbb7669024d8ac4ac4cda510b343bcad3369f193b696cb75
SHA512 eb2f096dfa6d9bd2a863c0e32c29d55edd582a03a30f4efa73f6bcb464723e8172325c0d2d217539b76fb77d71ff6322fffd4e6886a1ed978317756638ce207f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\b6afe382-bf48-4f16-8b4c-eeec64684b86\index-dir\the-real-index

MD5 32244559728fb3b5b8bc935a3b2d9419
SHA1 8f6dda1622bd620620d4e0c770b63acf96cf9eeb
SHA256 ecb0d54151d21cc69d1a16c23722e48827b0aa3031137d0a8fa211582131fad9
SHA512 1390260d6a44c4f093e9a2d38d57890aad594d4eb19b5879950a5492b1678a4454ba89da4cfd6a912a6fa1c63012f7aff5b8dd79350846ca172c3ca84e7b6d48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\b6afe382-bf48-4f16-8b4c-eeec64684b86\index-dir\the-real-index~RFe590ce7.TMP

MD5 7ce8b62caf8100ea0fc2f13f8a7d43c7
SHA1 3af3610a5c8d71256115ae18de4e78e02f9bbfda
SHA256 8ad1b86cad5cf21153ad3cfa9aa13bc31fef944e541b65629bdbebc3946d9457
SHA512 fa04037aca5bc6b61c683f0f7b2315a9883e93002734fa74cec6034e25059308cc50f3bf606f23e056318f537c7e607102b7eb88231e7c8737930468b4d665a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\7722baf6-b92d-44bf-9ca4-63139ddf528c\index-dir\the-real-index

MD5 a0188863124e5c209488677f23a4deef
SHA1 3b3b54feb86033df265f909bbd35a0c39f74889e
SHA256 217968d47c68ac03cce60f7f9113610cebcaa5dc75c95582c27b881ef41c1dba
SHA512 1d56b69d665ed4180c12ac4daf8185821f9343e61d5da7243e8f7b25feba7cd140ff9766a43ca615203b411ef8599c2a96e88ee310247999bcb2346b6d847cb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\7722baf6-b92d-44bf-9ca4-63139ddf528c\index-dir\the-real-index~RFe592272.TMP

MD5 de79c1caf3e0f8fb69f7a38e09487d62
SHA1 c671a5c44f28547414371bd85902940234e90561
SHA256 69c8eb21498e9a9f27be336aec9a4d722f4e99dfbfb9e6cae1783970bd910c78
SHA512 212be701eecdfd0d6caf1bb3500059e50c9c9725ed0e13b839f9749cc5c6d333813aca7fb5c3de328bf396a1158e0ac2811ebb9f215a2cdf4bfb933d39b07497

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\index-dir\the-real-index

MD5 f55ea730d8fe8fd3f8dd61b6b2dd57c5
SHA1 eab446a108a2a2bd04ba0c61153f0573e097790c
SHA256 e02727d8e912e10ba60d3bdbf1a43b0747a679edd0da2b325539b7b765b7a083
SHA512 9246524fb2592e4f60803c5b1a72858077d2a78a5e2879c91aa1ea1c0ee720baa1c2cfbbc53ccf87c0322d0cf839e101cbac90bbc31747963abc3372cf45db16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\index-dir\the-real-index~RFe592272.TMP

MD5 744c0b0dc3fbde6120be7530118c5927
SHA1 46a71535284737b11b00e070fe46af7bcf8f43dc
SHA256 3fa6b9b87c7400ab441c0adc0976688acb39ffca0e0be9fc3747c4213c208564
SHA512 95834fde40522eaacbe922222aa599f0de3f20693531ce278e040484c79b8211d255ac9e4ffee40bcea83c930fc466074053b2c403bc688d88ff9e96b52e6271

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 7647db68c8788a0585022d8379e59ecc
SHA1 e3bdb047d38fd627a8af8072d2a2a537c82a4a32
SHA256 17e4a099234edd2ba45f09218e4be2aae067c42563d40e5f788fe839413a46d4
SHA512 94a83d78a4053b17f6414daab1e57cf30be71b767431ff2dd646fea6cab0b1d26b7dba83186679255cb33e0f22255b6c6333fc51765f57ffd9a82d91bf7d994a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 caa8d518d635dcf672ed99e1b97be912
SHA1 6cb4e2a1006fca0fe7fc6a15d26b011df9d7545f
SHA256 dfaea8bb8d1fbe3b5eddfe91d6a5fb28241e9d7d8cf7eca4d15454dcd7ca9d2f
SHA512 fbea74c968587452cf6b50d870f71cfd3d292a217710ba6f6c9b4f4dff9bd28e0d99416de856e08cfc545671f6326fd3aa1b0a9128e8e28d69e15a6e61d6d183

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 330ba1860def2ae94161811ca87a2805
SHA1 7335a01d422949fbd580bfb36c8d04a3254e9c0b
SHA256 60e783bfd48d564d07f7c4a454b815fc02da57ef345f14f1276ef8f401a73c17
SHA512 52cd64172481e222bfb5f5fe2f03a277db1d39bb8cef333f45e86ed6a16518b85101aa0313e4f489968c079e4a7354fe2904b586d8e4d1fd8a1564c1e02d6fa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8366d37a8627af1079effc4bb0711448
SHA1 2ef4693d4ed491d2217508ddb617a8a8b6907284
SHA256 84cb37b51f7de592ec98d46ffbcce2e429441ee40da96df481a113aa1d0a84a3
SHA512 4cb3a46b90c96b205aaca13cee9db8482fb3e278c420118001ccde2e49f8b78c30217b20ca87e671f55a0afd02edea7b9c3e2e0d9d500949404f9e3e89a49fc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dd033646b4861b1aa0abfc4ba2e9d135
SHA1 3cadbc2c65f893439c96386280d963b1a28de21c
SHA256 474644d9784f79017c91386fbd8797beff0075c4370ed16242609c707f757ffc
SHA512 70550d4516b29c9bc5ad0a39d249c82f6713be10664b72e171c9d8966ce9511f2573e2c87d1f5b7cac700d5846b23a44e65cd2e277146d767f72433717b55b5b

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c3f82b3cc9b2bb441176b9e8c81a8296
SHA1 44f12598857147817d99bf7544a3cd23d67e812a
SHA256 7da321f9ab9e9ebf86fe58177ed43a84b4107d4b15630165656696791ebae611
SHA512 a83f07adf4d9206674f6f48af2327ea2d368bd0e825598659dc24f98fa527790e03004ec04d3eff18cb902e6bda18d0a22423dbad6ad7a9c6950be8b7956da19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f2e0485876de7c26ff09375362b3c0bc
SHA1 1e26909ad121a4841e0b4e7892a2a4518295bbef
SHA256 94d8cb04320647d35882f07b289b99e0162d524e34363366bbc1673e6d0fdf07
SHA512 b207a8d170d3e1ed89e7ad7e956c0eb1e39afa8c78af4c700fab043fad5da765c657186052a9a2c3270f0c43984aaf99b9974cb61feb140decc021222d13dcba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59b1927ddfeef1fd1e0a092ed48f9d42
SHA1 10f0b52d868dd74e22ee3c41f31bca1c920a0d56
SHA256 3e54f1cd2bfa70951ff4225a0b97f39a2630de077f2f49b56723e3a50d6ffa52
SHA512 672952d9de78fca3bbb00651b4db9f222e87375cda9a37f3c2b0473e6310c37671b3e276fdbb3bf88f9d06c3eb6e52cc707a7fc40226863b319a3464c92b9a97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 47e51ad8d6c275dc0445afd51f24f7e3
SHA1 51f44f15f520254b5d11eaed7fbe1ff44aabbab0
SHA256 df1cfe6f4137dcfe3c9e8bc2d3074c17a0cd42f543b7a04476b1b4295dd9ca58
SHA512 07a5e05b357f18cb7828b02c4aed1fbfbe8706cc0e9eba69873a88228edbeaf8ba28401dd4e9ed2527eb04d399a1230eb40de31f3fdad5947e7aa2b1060a6a83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5441cba212c32372726964400c29e5c
SHA1 2d681ad8acd7dfa47379da22c3cb21951d4fbff7
SHA256 ea7e5ff505f28198afcd2b11015a61652de72b0e871b7a6dd77bc10a2269d92f
SHA512 ba57d79485150821ae42c69a64557f51730ff961ee0f910ef2b6337423f576031d73878e1b127b01812469730177cc22fccedf22633868c2af10f611d83b362c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000eb

MD5 65e56706c75f6e9a6919adb6a758b8ee
SHA1 10a88a193c4a11bc6ae69e032061fdf62b564173
SHA256 4b9169f4e8dc65736458fb1d2d74ff0254cf5e3d883be7dfd05606eea40092c9
SHA512 2049960c061dfaec124791e5842985662d70ac7fe7996448c7ca6960243f3fa09da77561c0840a32677f55656d3e96a330f6a5fea579c17b3643929588e583e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3e1a4667fb4b321f7e1b56a7501bf91
SHA1 e42351836404769a2e628a3384cba7236a49c4a6
SHA256 a3c42b5b779495be4323bad7024898b02513200a94ca6c153b3746397a8288e0
SHA512 af4d6f2fb732834fb944e1c48a6df47828e0c3ae3731b6578d2887068aae598c66c1e40d7d9f9606533dea1900ea35c574cf8568c1516e4b890ad1a761db11c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a249d152c0707bb6fc7129021828ef2c
SHA1 8e36c7228c14fc643c69cae3ac6db1091bb214b6
SHA256 179b4c1537b19b19dbaa02d6507f7afaf1ad872204544fad132176757bcbca7a
SHA512 8300ce64b02887e8abe2ad447935a11aff751c154dbd18cc2687a2a8f92be23dc33e9dee06021845bc5fb8a75b718036d963616717d444ce42d24f0a4a27cd4b

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

MD5 94740510822524d579f869a81e02f5ea
SHA1 0e87d714e9eec2eee7c3af028e8e66e7478a107f
SHA256 ad927962330c2d2cf2bf7c33c1a5395df5ccd4ceabfb10c72db240041d773dda
SHA512 7cb3e72b0f1bdcbd53096fdec470fec9a6aa56d56b5f4bfa86b6afaa3ddbd2be6878f7874feb2c15647a627cea34a1fee7be35f6d1dffbf6a5a9c0bf8efa1d24

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 4fa63f4ccb9b1fca93ab82e51c6d4750
SHA1 1f26018c15ed5e14140ed44c28cf52a7b892fc86
SHA256 685f8b14eb645f892a666cf61cf691d086fe0d3e344a245323f1fe75034869fb
SHA512 a25031fb2afe1baebe9b46266192574c6c73b7fcd8e3e2897873d97b3f6232c5228fa4f633b1df98b9410808d5afe1dd470cd8f3f6dbc0c52526311b769554ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6c8dd0765c357b694be22b7a9f5a97bc
SHA1 43b7e14bac2cfd0da3db87f5abc2208b4c5fe6cc
SHA256 b1a1117fe374b400f556e155e4a20efb6a0a5c910e9ee5791940227ce47aed56
SHA512 f6ef219be76989a169c3c128526638382cba314f5bf5c9f95f53efe4ef649b983820c1d70c1e789a768e69589cf295a66741e365609543a92d0feeaf90e45af6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c20e8a34e772d923beaddccc9d908395
SHA1 c07349b5f903a83e7d765af967621f288ca919ce
SHA256 279e06ec3a22323d09cfff3fe667601d44aee8ef66147a6c4836e2b0014141a0
SHA512 100353bd6e8acac4d1b63f0cb8a452691958747028feeaae4b44dc991de6e39df63a24113b5d2d693915ce2881c46282e055ec17d57aff63da67a94eddd84ebc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 089228a492a7a258711bed8171df79d0
SHA1 c0c575294b78e178eb938e52cade6ef07fecf8fc
SHA256 3a4ef588f739913044c69183e36251d3ece0e3eb7303f3dc2edccb479db45f46
SHA512 904d50c27ee70337489d091a8f7440bf6d5a3214c2da038c04060897282efb9c26a7b7afbf1e742e40aa3a10c499a139decf05473673b2a8de96a4f9aa7d7638

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0a4e72e00bb84f9563ba3b249c46818
SHA1 39874cf71d093b76090dbd563cdd19cc89309518
SHA256 c070c9122f5652aab48c4aad79afa26d9b0f37b52a8198b9512cc7b3580ea773
SHA512 749b9e9e7d89cc7dcd719459ca81f7ba2a4c46199db4d1e5d1cecd1d34ea64b2d5adb6f8f24f30900e7a5aa3ae717528f05adeac2088278b1bfad77ec2da072f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1b90c67ef3281dcf23af3515d9a7a319
SHA1 11357506f2a82799bb2a4ca1e612cfa996cd54aa
SHA256 6a3c5f24e522fff61fd492c094a73f17d152f5e87029fa60e8f5a2e988bdcd84
SHA512 b71b3c037f7b3ff7fa7fb9d2dbcce4a42aac3f452d3332c8b2711af983dc480c7ff496d720f968536d9669ba3ce9190a28abf782b6d4dd9e22c359fa8004622e

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\b022682dd39d113f2d5a65a172dbd28f

MD5 b022682dd39d113f2d5a65a172dbd28f
SHA1 aa874df3d3d0a9539c53a8a0c96c4c119bae2c52
SHA256 47a2e8bbef18d5491be3c449d9a5464a8804d9d1a85bc7e24ff80876e85104a3
SHA512 d6746ca7c1e10b1ed7fb48d857210ce5cd0f0542c81fdbf00a6afaf4607f30020ccc09f4c41ef9f50bc2562bf6e4380e7abaef1d5a5b1e91773281bcd9e58525

C:\Program Files (x86)\Roblox\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU67F3.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 376db4b1d91f48777f8cfbd78fde1cba
SHA1 38a465a621e7afe9c160c82aa8cc483c4ff99e90
SHA256 4b61753d200aae47537feacb3c9d8f46b52d9fe558ca53735b649334e280028d
SHA512 46483fd0e7d0c18293b25051bde8dc332a67fa696fdc04220689901b9f0b8384706f5d94d1abc7d5fff5188aec0e2695984e65f70ebe64dff9676020f9fb8f91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f6013e509ffa445a5e2891a8c3d0bb24
SHA1 177e789c5805b486b16428f76615744dc0b48abe
SHA256 fb958947536deed5b4c5d39bba6330721c6ceb09dfca2ea71850ca2405e90a15
SHA512 5ddcdf1d9ce6a9703c0741d1e61b4cc4767768bcb80a5740776f0a7dea4460020e674cb51d10366fb9c91ce88394c8b5d9517cc436fee7428c2b55af62486ebc

memory/3552-3398-0x0000000000530000-0x0000000000565000-memory.dmp

memory/3552-3399-0x00000000734D0000-0x00000000736E0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1dbb47aea3b0250b4c9c6d4d27779ecd
SHA1 2843c1f87c92ed26cee5f33900c4152a3cc60325
SHA256 e6941dcb816a0b514e8f7c3bf50c02d58dae982fb0e6b3733f4132db975017da
SHA512 e6434eac380fc63fcbaca9ed5b36405be1bb9ab4feafc8c070b00fd7defcb8c3d2bf8f281a6276dea2e3d598215c2bced41e3e80707d0ab6acbde98e003eb296

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73d1c9a4ab6c070c0bb392fd0a79765b
SHA1 bdb60ec198c16528bc0483a8292fb7d2aafeb354
SHA256 d420749e85d48e30d340496627b907ac243a6d5ce975022cd4ca06bd9a7ff3e3
SHA512 a080ea3544634d017015c65551d377c4bb879b0a274836838e04c092ba343c1855cda446d1a7dfa8b7badb8de5252bec1009e0808e08bc8c6de78e33da6e3a59

memory/3552-3433-0x00000000734D0000-0x00000000736E0000-memory.dmp

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 de26891995244ea9e84b430ad55b3b78
SHA1 453d99eacfef4e9bcfd434e8ceaad6f425d5db9b
SHA256 cbb135977b386365139ded5168416bef3009333c427147e991cda6f28f5d8d76
SHA512 a57a52a11ff451d70e034be375c173e488396c2b5bad9ad1c48305081d05d6363f793a5c7145f547d213356153be4969af901be8a1e3ee416d8039f91eb55308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 663f936242d620da156ed346a1c63718
SHA1 e94764c13fb955cbb579ab9a8eacc3c32c4d72af
SHA256 99336158958e1a22ed0c24097ed32ba19e801cff7ae7c79d21a95514dc19738d
SHA512 b0dc52ddbd03abd8a15bbc2c6781a872d1ee3424cc20179e10952544fb8287c6f1da063ca18a11cf4d3d16f700b0b2d22eb6b0a406e33c9e46485a525a60be04

C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Installer\setup.exe

MD5 7c44a5cba89f38d967b1f4e11225da0f
SHA1 44837f2ff9b3ebc7c371ee5f9e0cd5dcaad508dd
SHA256 a10c3e0b2ec1286bfe6b3fe9005a9132fad01be9afc4bdd5adb29f174b8fb706
SHA512 25b4cae7fc6d200dab70e94461b7f2e7899813975cab498fb367a32aa2e187fb7b1330545b60f6340d53fe5e04a1ecfb5d6b8bf004ac26ecaa7a8f6e387dfe99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c40d505d8254bb9e413a2ca8e4229b62
SHA1 e4e4fb4ea97b654fb891ffb47c03b5bf2b3a4697
SHA256 4162f5b4fe09f0f4d941284cfb7353f72a4eb9d9c5468fd7b11d291e4d7ec09c
SHA512 72a738cd77245bfe048cdbac3202c2ea727ca246675786ebf394ad98e878efc051145dd3218b4a65a053a53a8e1ae1d1922c443dbb48c3763b05d0dadbda8c3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1dd4d7c0b3753809b549b046795c26a7
SHA1 fdb096e9007a9161ea1179087c8a6e1d268fe427
SHA256 55d165301c910d078ee74386b9b99205face94db7f1117996d7a2fbf3f5ea4d5
SHA512 519303dbfb6d15e0c18ad2c9f528a2ea4be36ed05680c75d58315afe8ebc1eb03eed4c7dd2361430faa097d7cecf1d5b8dff0f23a283279151a106caa5a44913

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6212616fb7c74f95f7addbfc511a8629
SHA1 bd331585445e32861c14aca1b9da6be4f96f64d6
SHA256 486c156d0a6c44a7bb155310b74754ab3475e5fe292f580831948d201e5c8499
SHA512 33163ed298166698cadc7da17cb015d2a9c93facebec6555c57104fd457d87288ab2c474a59f6eb4f8908e1ae50ed144b440ad348d2684a7491c5e40a91a1f78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0173c84ab4f67a4ce136d077e896c3d6
SHA1 741eb92baef9543cdf2d8a8d31359da314e44201
SHA256 e1b396c9ea20cb4dd481767fac441a4c2ab236aab1adf75bc6e7aea4c7808057
SHA512 1bfe2d77a85104bfcadd5fdb511d65747b95b2641acd57c40a5a43e1835f03789884a490614999a14d5c18a0d8af70f3bb83445f60c002bac9be6de6632ba06b

memory/3552-3535-0x0000000000530000-0x0000000000565000-memory.dmp

memory/5728-3540-0x00007FFEB6290000-0x00007FFEB62A0000-memory.dmp

memory/5728-3544-0x00007FFEB63F0000-0x00007FFEB6420000-memory.dmp

memory/5728-3549-0x00007FFEB6480000-0x00007FFEB6485000-memory.dmp

memory/5728-3548-0x00007FFEB63F0000-0x00007FFEB6420000-memory.dmp

memory/5728-3547-0x00007FFEB63F0000-0x00007FFEB6420000-memory.dmp

memory/5728-3546-0x00007FFEB63F0000-0x00007FFEB6420000-memory.dmp

memory/5728-3545-0x00007FFEB63F0000-0x00007FFEB6420000-memory.dmp

memory/5728-3543-0x00007FFEB63A0000-0x00007FFEB63B0000-memory.dmp

memory/5728-3542-0x00007FFEB63A0000-0x00007FFEB63B0000-memory.dmp

memory/5728-3541-0x00007FFEB6290000-0x00007FFEB62A0000-memory.dmp

memory/5728-3558-0x00007FFEB5AE0000-0x00007FFEB5AF0000-memory.dmp

memory/5728-3556-0x00007FFEB5AE0000-0x00007FFEB5AF0000-memory.dmp

memory/5728-3557-0x00007FFEB5AE0000-0x00007FFEB5AF0000-memory.dmp

memory/5728-3555-0x00007FFEB5AE0000-0x00007FFEB5AF0000-memory.dmp

memory/5728-3554-0x00007FFEB5AE0000-0x00007FFEB5AF0000-memory.dmp

memory/5728-3553-0x00007FFEB5AC0000-0x00007FFEB5AD0000-memory.dmp

memory/5728-3552-0x00007FFEB5AC0000-0x00007FFEB5AD0000-memory.dmp

memory/5728-3565-0x00007FFEB3C30000-0x00007FFEB3C60000-memory.dmp

memory/5728-3567-0x00007FFEB3C30000-0x00007FFEB3C60000-memory.dmp

memory/5728-3566-0x00007FFEB3C30000-0x00007FFEB3C60000-memory.dmp

memory/5728-3564-0x00007FFEB3C30000-0x00007FFEB3C60000-memory.dmp

memory/5728-3563-0x00007FFEB3C30000-0x00007FFEB3C60000-memory.dmp

memory/5728-3562-0x00007FFEB3AC0000-0x00007FFEB3AD0000-memory.dmp

memory/5728-3561-0x00007FFEB3AC0000-0x00007FFEB3AD0000-memory.dmp

memory/5728-3560-0x00007FFEB39B0000-0x00007FFEB39C0000-memory.dmp

memory/5728-3559-0x00007FFEB39B0000-0x00007FFEB39C0000-memory.dmp

memory/5728-3551-0x00007FFEB5A30000-0x00007FFEB5A40000-memory.dmp

memory/5728-3550-0x00007FFEB5A30000-0x00007FFEB5A40000-memory.dmp

memory/5728-3574-0x00007FFEB46F0000-0x00007FFEB46FE000-memory.dmp

memory/5728-3573-0x00007FFEB46F0000-0x00007FFEB46FE000-memory.dmp

memory/5728-3581-0x00007FFEB5050000-0x00007FFEB505B000-memory.dmp

memory/5728-3585-0x00007FFEB4250000-0x00007FFEB4260000-memory.dmp

memory/5728-3588-0x00007FFEB4280000-0x00007FFEB42A6000-memory.dmp

memory/5728-3587-0x00007FFEB4280000-0x00007FFEB42A6000-memory.dmp

memory/5728-3586-0x00007FFEB4280000-0x00007FFEB42A6000-memory.dmp

memory/5728-3583-0x00007FFEB4150000-0x00007FFEB4160000-memory.dmp

memory/5728-3582-0x00007FFEB4150000-0x00007FFEB4160000-memory.dmp

memory/5728-3584-0x00007FFEB4250000-0x00007FFEB4260000-memory.dmp

memory/5728-3580-0x00007FFEB5050000-0x00007FFEB505B000-memory.dmp

memory/5728-3579-0x00007FFEB5050000-0x00007FFEB505B000-memory.dmp

memory/5728-3578-0x00007FFEB5050000-0x00007FFEB505B000-memory.dmp

memory/5728-3577-0x00007FFEB5050000-0x00007FFEB505B000-memory.dmp

memory/5728-3576-0x00007FFEB5030000-0x00007FFEB5040000-memory.dmp

memory/5728-3575-0x00007FFEB5030000-0x00007FFEB5040000-memory.dmp

memory/5728-3572-0x00007FFEB46F0000-0x00007FFEB46FE000-memory.dmp

memory/5728-3571-0x00007FFEB46F0000-0x00007FFEB46FE000-memory.dmp

memory/5728-3570-0x00007FFEB46F0000-0x00007FFEB46FE000-memory.dmp

memory/5728-3569-0x00007FFEB4640000-0x00007FFEB4650000-memory.dmp

memory/5728-3568-0x00007FFEB4640000-0x00007FFEB4650000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d82be3c2542f1e0272b7cda5a6db4422
SHA1 923fe00523bf04384b03816c1d43a6e206888d0b
SHA256 b6684b366a1c907cef169fceb4ea4105452d62139f4d137ea429ac25ea575f6d
SHA512 e2bea5f07086ca519e9200af6d01f39124d214515567c849792942cf1e5fce3c11a875656dccd9196c3c912ca89c0c68cf14ff5fc57eda12870a4253e1fb0c06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\50b8eb03-0a68-4681-a1f7-0207c5848dc0.tmp

MD5 20158aba6132ef1aef9b3d85710bd31f
SHA1 1732113f67aaeebbd0f168d294df0ccf2dbc934d
SHA256 1130559ba339d65818563dfc80c34a5b7b9f9c3cd7334de03f9d2a23886a2ab6
SHA512 92094bbcdfd4f78e903ab5963370390717acf19cc035e88479e1cb7bb20d43c83585949376391e9989bb3b262be5a92c54ffb83b2aef6cc695018b861e3986ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d16c1036ae03edc3f055ea100940a6a9
SHA1 8687a33f7ac65f5d29d31bc71e1cd4e7a15fdce3
SHA256 6f184315a31065f11cd28fc8d4b2e6b95845883442d56ea924c379763112ab69
SHA512 93c642942b39bd1fe6e775d6118b217f066aaab5fcd0a0bee3da9077561a2533df3372d54a62c405d62201404d2a9206d7c05718adda8edc1e66bf1581045029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87d4fd0f1733f2c280e73df83037dc8e
SHA1 84d7d9dfcd6d2276ba2b265b7bf7bcdcbc1b31dd
SHA256 f435265a3208d817271c73bac1faef88ef9a2679ad95bfb4f2ece499b111bdd0
SHA512 4943d5677eba751cbe90125ebc1c8c4cfd93f4fa2290e06d29c513faaab3f25dcef25eaeabd1ffceb42b2fa89e991704c215ed2053d55d78874a9b0f0e174798

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e5b59ab706eb2e5fcf1e5af139bcd4ba
SHA1 4d227bfc6bbd6bdb4c49db19893ce7800cc2b175
SHA256 dc99ea5fee62108c1939ef760615abcd8c15bfda01dd780c8a55a45a10cbc606
SHA512 0546e248d2a86b7d83a4e95d7fac71a454e01f81045bf8b734c2fef72983276a89da84430da62661dea4450812b7605aa7ef8f9c8198b277f40ad9c4159725cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f079b0dacf0e6894b44b1f37246eaa10
SHA1 44e85ed587ba13fa4f1d8a0965c2450682af6f2f
SHA256 5ec513d0c133d05a66ce13d1c8d221b0033ba61ae0b5a2466be11f74aa9b5454
SHA512 514291455d6f1d378113dfd2b5a9b6f89157a2039442db421c0d3df72bd3c7c5342d9f26e9540ea5318a7e12a88cf629ebe261e00cd469f5fa2ffa17aee251ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f67085a857db10d72b4f40f2d4987ac8
SHA1 104ee312f797b330c9d2d8f0e8458891f0fa72ab
SHA256 95b65ee77ea07619452303266a6efb190c1bd0e7eac4ec28bcdbc6e0d3cfe3cf
SHA512 65a2fe88b1bb2da0a0796448cb17001cd2696b873f9bad6faf66a3d700da0b40733687ec74ba16a00ca2fdba068c6ec14ea2a0063525a4cbb05ffc0b8a34c675

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1235fac45f14a9c3267b72532f43d7a4
SHA1 952fd1f5aa87213597164b9e951bed1d05ad6e02
SHA256 900f8b202a9ad63b7c051c4410ef51dabbaaa1101bc952b6746773c141f4e2a1
SHA512 650792b41f77edb6087b847fe45d1de6d4f64647e18551853800f9444e3de9d998f30b1f670396ccf1d35c94b0821b1b329a16ba36ba4e03b6049cdceab1cda1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 c56cd574947e4073b95c68dafc1621f9
SHA1 664700bf0ab65c9a8084feefeec640591a3cec9a
SHA256 1acd526b80c32da652fa4a1d5173552c0d079c45f51fd5b66ee5d4cd9ef47c8a
SHA512 7a59252560a42d799d044edefed0452ad505555ad14216974b1e8a9a042f91640aa8a02af8ccb46afcaa711ca07894bcb0fa88d3d5dc4735a8eb23dfc876d41e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\LOG.old

MD5 42f1e803d630764101d003ba4408d898
SHA1 e29db855d445d98f6f25f1b01d34b9d2cff6194d
SHA256 10af5517ba4ae26bed708e2dbc2eeeabde58754759c2de87ba2d511f99368708
SHA512 9c4195dc69b0f6e326f5d722cb0f3470848742d7db560902053907e5a0408d64acb325d894068dd33b879bf663ab6bd8fd6335cbb013c956a9b53ee33d319e2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f1f0a999d4eb644494a6bc1433d625ed
SHA1 00d6469bada2562d041101896b944349a8593147
SHA256 fd84482e92d2b3ce3ec0cef73ceaf42df528573da74c8d15df3ede36e3461caf
SHA512 9b009b61b8637ce8d4b0eadafce86412b8475c4283f2b3389e7102148ee4e53e4419a5e1a0e9c50a432e6bb4ff0c99999a484a259875da28f0eaa22441948e21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a9e916216eefdff652fc5681875d2ff1
SHA1 a37d91b53bf3bdcc94eda3b672e3f95038cdd946
SHA256 9d2d425eb41697e37f5228a32f34ec504cb3cdf72a3627e52aed51ac09cbf274
SHA512 819bb7ad059459f2e4d71ef59694e3be1979a6903d4c39695a9bc4b133ac676c7f80c3607585f58ec5630d105c73799b071d4c239386626fda1148f16a86dddc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\000005.ldb

MD5 5f6ce09abad5e354df758de5677d4165
SHA1 70e3a92d8dc386dcd044a237bb9be908e60a9b00
SHA256 6d4da31da7950977060b6727c6e4d75e98ab98f2a5df332451a073c22d8c4e16
SHA512 e6cb478aae99a4cd612593ee8f05b87f4cc85b86419736a1fe3a2d6700c1b67494e8eec8ea67bab41b445b80b510faaa231d83004777b6e7895bcb97794a86d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\LOG.old

MD5 54f344f7178f94ab9ff94cb27746b634
SHA1 7c0ee8b42df770bc36c4023d5ba3e53e8bf27e31
SHA256 0158e50d0789337275fea82e4957a15c7cd6a92cec573235462e4a951e021195
SHA512 015c620fa35b77cb33768808a4d82d05043dd1427df25bf142637a9b7bac609aa684aea9eabcf7361a70c89becda0794426f2cab97389aa07b3a9b90dcdb1864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_outlook.office365.com_0.indexeddb.leveldb\LOG.old

MD5 c6dd0d803a1eafface5acde1ad51ac08
SHA1 1e7d0737b5e37c9539d1a72f3cac716f74efe522
SHA256 83ceece5e1de0c18dc44d196bbebc78fc6a984c74190028c3441046c0dda252d
SHA512 d5c0e506d90c1819969e68858555b6ae796aeb11e5316bb4b9f3e8fb1723e56d468af9221c3adc305e242fb7dc55cfe121db1f4f635c8efcae7d608748f16885

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b971510a575b4f05b98c65076fd80d46
SHA1 65de3d2a506dfabc394c88d002374a4b2068cc03
SHA256 9194a4f15b0d993374173171eea47b1d0b344b28ed36b2a4abac7bef04e29a9f
SHA512 77ecb2468811d3e48402c4f3847ae06cf24665fef13420c67857404c2244f77fcee221e733b18f51d5db930b709a98d67b8f849aaca15308112d94e0b29440fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 708b0e4542ba9e4346e3dcffeb109205
SHA1 0b87998409336506cd79d9ee2ae2fafeedd62415
SHA256 40dd366dc947b0445da98237a2b801619333ce8fc67e9b68b091e0876a7fc817
SHA512 09543dbf27ab152e4cab966a4d2781dbc17137cab45e5d22b449d43a68c073edb717236d4a1e5c3e4c7fe095dba12970f95c4f797ba235014db8ae6aa18271dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\f8b114780e842c58_0

MD5 7809fad1df912a22340ffdf975018f4e
SHA1 eb57902eb2ff64370d4b8acc918c9dc846434804
SHA256 22398c100b18d3680602cf52289d8050cc7c26680d6efeec1ef0c2f63ba09b08
SHA512 fccefa88cc06d70fd5adfed49ad62deff4c4f0e4c72950aedd0c8b4b86016cd28716047644588d67c78e2e3326944e1de2d44e612f0eb7579cbcdd0a7e877539

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\c50139eaf486f144_0

MD5 989627ba17701cb5115b0085591fdc3f
SHA1 fc1b54c66f2cda717dc84ab76c75922d9cbb8914
SHA256 df9e01260292c8151ad33cc2948ef72f0983811c81d856bb8d101f8fde8d2658
SHA512 84e59ea6c4d4725e1981ed305a45cba8ba64b56bb58f56e39788dc3f3564998cf94e1bd8d2e983fa59a50cca9bf132560297047aea0cb948aa03d6986b5873d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\93a21fc0a37eec66_0

MD5 e26e204d38b0a5ef719db4ab84c36757
SHA1 29485e3eb33697c0fcd11af5e2e0cfb854a22856
SHA256 fc4670076b960364a4f7ad51d205f3924505a8a333f58be4fb936cb29bf5b492
SHA512 fa99efee9d6d1a0eac7302ad7c556d423c93e64483e641c75cd6b71b58c3a4619f2a29094fd2e5c94cc0980dbad8cd74f821db29210c993d438711b4744df6b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\7641c6ffc07cd03a_0

MD5 511b70ee3930f0b149b01da1947fbf71
SHA1 fe45bc0d426f160375481f0a13c48c20a987564b
SHA256 48552ad2844a82088254fa0fe8a52fd64841d8d846960bbe6a892f6bb0feb6e0
SHA512 923f99667e50074d252566d6215bdf7eaec74cecee4a7e15e77ae44ba7798f02fe573e682a33f2a9c4c99fd3a32f5e777197ae443e1aba584fdd4a743cbc46bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\eacc3992a40cd2cd_0

MD5 531d8970a2de56bf45c802ff0fa08551
SHA1 6aa89b76de9b4902fbac56d02c70fd5634f9659b
SHA256 a8b9c56f29dcf40e5c69163ef73b7b8f5352d38aa596d75c9656a9792f722e02
SHA512 8ae86d30637752c631b266ead6052e299208d108dbde842cdbdd4287e5283d37ee254d88a727bec5608146b673d03ff2c9eb9f663f436791b0ada1462c2f4c76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\32460e172f5e27f6_0

MD5 981bcf30a96a761a02679412f46dc099
SHA1 41c122d53dc77efc43efb4491048fa36a9cb0fa9
SHA256 96334dcdb62720db069462a5bd0b4e1f86bdf681ac8d5b533d83a26b7ea27d6e
SHA512 72b064115cea5748af715f0963f21bc5a67d5510d8c35bd41c3c7738be6b475f3296f0ee3faa5baed1a853b65bf2f79ec65ebf8c25b74d4dcb7b78ef6b77a151

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\ca2c57ef4515fb83_0

MD5 36e0fc878ffe6ad67307c491ee94c3c8
SHA1 917b81012f5e29ee25b5cae6547a7cbba2e3e21a
SHA256 c0e6f7c154f227e989e049e76cd73d37ee1c10a5c255c3be83364ea75985ad0c
SHA512 40a8940fb359f0411e455b37117bfc65b5e2eaa3a3af5eaab4cd6f66bdf02e10c9b87649cd3e19b99b12883eee345d260cd747a7ab9a9074e95256e2be117ad7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\aa743a69c21e7ce1_0

MD5 1bb0943adbcbf0be3b9b74026bd502f7
SHA1 c2de1ed0dff7af69b26f294e528c29e44baffaf5
SHA256 0e99123b5bc3b11565cf29c18e1238a3d76f22b5975485eccf3aa2e3ed59be09
SHA512 ea5ae325fbfeebc958baa65d29f9aff66750078226e260304d200b785eef46f2829667e97842b26ceca95ab11bacf7976388262d8de68eed58d0024f24d6b603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\d404ca11742d9617_0

MD5 721b9f933e3b132df1a3ecf5c13b6f94
SHA1 f478de7e67cca52344a1735865ee1d20a29d4c20
SHA256 cab61c839f5ae1be258250bd497abe087abe85f5bb2071bd261ef6a990ade360
SHA512 e5d266d6dfbeeaa749910e10da7eeb1fe6cdce1727e705833413c4c4e58db0554949bfd009c9bf45466237c61987150a76e2febc0d08b74148570ef2ebb7a971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\048e351415e7f8ea_0

MD5 d8a8484012ff741124c1fff448385666
SHA1 102db61f01230ef5c17bb696d20ffd169e9c9d19
SHA256 3980ec7cb0ccd0c16416b80997f0f52d35341052c59f7e8d8c455703f880ba51
SHA512 2b86d4752e7b05f94847735a3d0c76a1df25b7aabf56cf566c5a9a3e18717de2e0ddb771e8f7a35c76579b4f40ffa6124351d7e83cd9c933a773e0a4ed1b2e87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 50f3d41baab19846b5cd11b5b8bd6630
SHA1 ce9757058f3004e5826f76b0acbffc9c64ef4c8e
SHA256 12d8e9b00b26aea8798b87d120e3eafc73067116eabb84cac69f05fce9dea339
SHA512 976409d5aff68d24c8ed4ed1fe502d8a204d8815d070370c4895f843fac35f9db6a428f64ec5c00583a019b16bd570d9fd5fdee1de7f32b7ff9d83487baa7608

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

MD5 09a955cce6cc6f66e75a39d9e9b14b99
SHA1 fe79923c32a25ea6c9a1310f2f0e6b7ff78144ce
SHA256 de8bf204eb380ee4d32184b57c87c6f62758ef6ae0c0845e6544a6501d20b0e4
SHA512 5fa06929adc522142a6dad98e88e5f7a8fe78738d5a98580ac08bb61f26874b56e8f59a566757843705f443bddfe01d69390a1414d2cefeea76e7e6888abace2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 b654cfe44f357d59134935edb2363c76
SHA1 986e0e399e82e263ba61701dc90693eaffac126f
SHA256 a11cfd181fc979ddccc9aaa821e864cfbbaeda812041ffe83d1a4845ee3add48
SHA512 98524291ec09ac8a68f1c2dc5cb3faa58d3eaf8ce14db5da02ada2dbedb2034243a70a93c65448b4b03cb7a59162dc711769c0c1af98b921664c3b62fd0f6f26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\cc2fd9a6c88fd60a_0

MD5 b18ceee046a8cf8648f660377d9f63fd
SHA1 b28246877019e229cf44a1abba181b24b514d6d8
SHA256 ba746fe526a49833f79f5f3d18bb6b87fc673ad399c2e8b4be07aaaaed2003a0
SHA512 7bd5ed945a5546785a8423cb5052dbb8a48d6f732c197f4e291ff04da5308c0142b3470d60512021133605df8097836a4c535be4e4c92858387a3656598a3167

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\b6afe382-bf48-4f16-8b4c-eeec64684b86\index-dir\the-real-index

MD5 b7cd5f57c9899dc52e7a3b0e197387f9
SHA1 e660657cb7e67911c8a97e17e900ca2ae45bc512
SHA256 ebcaf409cb852f7a7fd6298bc04c3f6c53bfd6a1d8c453f404c95132cedc8b3e
SHA512 b60eef0a80756f8aeea53cc85a7c1e1b6d3790f091c506bda1387a392ebda2b014de5b59feb0736be33eea64ee23b16ac3816b5e9923538e46967616f197316d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6bd9ec7bdfdf7724c8b8e84fa4916caa
SHA1 e36ea6cdace8749a41386523c309a3470122afc3
SHA256 a055c869429360928419722dfafc64e44f8877a3061e7ffb88af94d4bc89f21d
SHA512 497d0762539106f8e1d1bc3c33ae7446fd3168c19e91eba498d13fd9a5fe5e1edb646b4619258d0fd912db60c9720a643e33295871e41233b64eb4397e0b4bdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000af

MD5 cfd2fdfedddc08d2932df2d665e36745
SHA1 b3ddd2ea3ff672a4f0babe49ed656b33800e79d0
SHA256 576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536
SHA512 394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\aa336f3d-c52a-4c50-8057-4e67715a648a\index-dir\the-real-index

MD5 b1239edf036d52f341d65e33a6cb6e6c
SHA1 c8597f7441e8d05d4fdf8cd445fcc576c2ed7de1
SHA256 d22de52a246f3b59b7206c1fdbb6c23910f58d0b0d7b1fe96816e0e7ea3fe152
SHA512 09e9db88307c2a9cf94679988b4ab57496cc567420d6ec07577d9aac47e52a5407d6707c6b7643dd9117c61ab2b9216e30e84fc5592c91a92c375031f29b172b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\355690543901cc08c45dface808d8446dd9e58ee\index.txt

MD5 491e09ac0fa9d5723da59ca260b00fd2
SHA1 0e35c829f18a3f49c55a06cc63c4a6b6cd0f5a2f
SHA256 e27d6264224f2858c247eeee229459988b7b508f86e07b528801635866693983
SHA512 6e429cb99f604937def2aae67d82cc8c8094669c8a9fd6a69de985b7cbe9d291cb0c8d6d2d2acab98bb63117be1a92e90161e71869d9348b773870298cb2a7ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 d2750ed7bfd18d3c390d33bdcb0be4b1
SHA1 0ae3c9bab711e525a3ac0ff941dd77cebf70fa2c
SHA256 6063c9c18025696d920942affce902242b67c0b95726eb46cea3be180c07d583
SHA512 dc68d9d68279ec9f9f46e651c13fbbfd74742472e46723ec850faace25f0ecaed92cae0d239a1d35f622ab541178a214d1d415f6c959d596021cd42a74de90f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b70bdabd8993b13c1b5d90e826098d81
SHA1 b9ce91300c8aac7c8e56c9ff2a0ab45f694fcf64
SHA256 2f962bd2ade2878628db4de43e0f868e3518e7a482111a2d3da849d0deb2f8dc
SHA512 cc143a5f1d5667953805e64165ebbe41a9f1fdfe630a66361652475818f9d552f448c392b48e4c121b491d094dff413145c6d6a53c4b696bc56a460982586b51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b746001db9fac6a00772d38c28982933
SHA1 39511cb025660b132e6364c68402c144ff8f40e9
SHA256 033fb98e27523f83ae2171a21920c8fd7482f2da3c1fd4073f61c64dab9aabb6
SHA512 2515f68f3b963d706feafc288b76724b5f9abe9200e3952204a82f8f5af52d4043da94339c3a21bfa4ac887c594907d640a450796adddbefa3d381f448684f2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 35f23887373b629a8916e6ca0327bfe5
SHA1 171b983f3b6d3a4eee40fe579b01857602e2a92c
SHA256 46948dd1ee65e368579662e7474bfeffebbaa8bbd4525c565083af3938126f04
SHA512 c8081924b40c278f0e79d26a43fac7b7426c0d0f039a923de0d69772b7b410f58aba7084a06b32e4c89ba2af2f57713df1848eef9cf4f9b8bd4fb6ac9d3a9c6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b4a4b935cadb4c0379ca857939d469ca
SHA1 863b321485e67f49688231020ba620bfca78597a
SHA256 481eeffa9d7ae9db6d755f4d686bfc63f8bf0e3310f9b07a2d82f71c13180811
SHA512 196b84cad462490efc032bd5e6f71f906b06d5e95159b85cc4325701044569be780fb8cf09ddb81eec5db61a068f84fff7f551ef13fa49db9cee0c0096d7de24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54d18e3ec55b86a98417b84e85f392e8
SHA1 353815fa5e6f9ed3bbbb8abae23de4e829087d7d
SHA256 211713729ed6e4a384609ea0e29d901151c38eddd7ecfa284b9f3bda528b7e44
SHA512 0ab7d63fab1e85d2bd3533f46bcd4099d40325952d177f1167a5009940bf8af5293371509e61d85c982e0e20d155ce8f7c95e4c44c69d82ffe796b45ca98a310

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f576ac1ad94c01e7c1768aebd16f45d8
SHA1 792e6f3f1c61f1767ec5d1539bc44c9da1d92b1c
SHA256 4ba4e821c747cb3f06c2a698ebdbf58e5b14c4fbb38115c29e00dac369b3b4dd
SHA512 67e46c906639b12cdfebc31f6e722ad1b68d1d9c2d4fd6221815a3ee67c6e98638d1759233ba42cca5588dfc1418e017a3725e97c3ee7161e990b0ca2cfc8270

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e9979b0a144266070f483f1dc30a93a3
SHA1 a28e23f44fefa14aa8deadcb29d2a0d65231319f
SHA256 5c3d74cf9101e47dc2a305fd10904b7894c2c93e0176a18de15e4f222b999148
SHA512 e76e852d8ff3c0c54b992a78f1538e1baac124e29ec9e88fcca471352f91916cc0af8ded5de1587b616d8ab849c78bdb22594d754482ee5f73791df804c56697

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9fadcf71421a87b924901ed7dc2208aa
SHA1 95cec5bf07cc16cac8adb3b245353bf18f390794
SHA256 cccda184865e5d1560c2191ef992595fe2353ed8f906fae2d3d92a51a7287a3b
SHA512 cdfdd715df0e21fbac07da4fbb97f8bf988309e3b3eb25ffa32127dee3a4eaa2185d770017a50aed614e03fdc0dc7e77bbf22c43ffda77f2992536659fe3af5b