Analysis Overview
Threat Level: Known bad
The file http://google.com was found to be: Known bad.
Malicious Activity Summary
Chaos
UAC bypass
Chaos Ransomware
Deletes shadow copies
Modifies boot configuration data using bcdedit
Disables Task Manager via registry modification
Deletes backup catalog
Drops startup file
Executes dropped EXE
Reads user/profile data of web browsers
UPX packed file
Checks computer location settings
Writes to the Master Boot Record (MBR)
Legitimate hosting services abused for malware hosting/C2
Drops desktop.ini file(s)
Sets desktop wallpaper using registry
Enumerates physical storage devices
Command and Scripting Interpreter: JavaScript
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Modifies Internet Explorer settings
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Suspicious behavior: EnumeratesProcesses
Checks processor information in registry
Suspicious use of SendNotifyMessage
Runs ping.exe
Suspicious use of FindShellTrayWindow
Opens file in notepad (likely ransom note)
Suspicious behavior: GetForegroundWindowSpam
Kills process with taskkill
Interacts with shadow copies
Checks SCSI registry key(s)
Modifies registry key
Uses Task Scheduler COM API
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-07-03 04:07
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-03 04:07
Reported
2024-07-03 04:27
Platform
win10v2004-20240611-en
Max time kernel
1155s
Max time network
1166s
Command Line
Signatures
Chaos
Chaos Ransomware
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin = "0" | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Windows\SysWOW64\reg.exe | N/A |
Deletes shadow copies
Modifies boot configuration data using bcdedit
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\bcdedit.exe | N/A |
| N/A | N/A | C:\Windows\system32\bcdedit.exe | N/A |
Deletes backup catalog
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\wbadmin.exe | N/A |
Disables Task Manager via registry modification
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29Cry.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\International\Geo\Nation | C:\Windows\SysWOW64\cmd.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.url | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\covid29-is-here.txt | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\mbr.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29Cry.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29LockScreen.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Temp1_ScaryInstaller Source Code.zip\CreepScreen.exe | N/A |
Reads user/profile data of web browsers
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\OneDrive\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\SendTo\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Public\Pictures\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Public\Music\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Public\Documents\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Desktop\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Contacts\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Music\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\AccountPictures\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\Camera Roll\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Searches\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | F:\$RECYCLE.BIN\S-1-5-21-2080292272-204036150-2159171770-1000\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Links\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Documents\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\Saved Pictures\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Public\Desktop\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Videos\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Libraries\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Public\Videos\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Favorites\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Saved Games\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\Favorites\Links\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\desktop.ini | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\mbr.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Local\\Temp\\o0f9xjp8n.jpg" | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
Command and Scripting Interpreter: JavaScript
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Interacts with shadow copies
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\vssadmin.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\crx_auto_file\shell\Read\command\ = "\"C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe\" \"%1\"" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\.crx | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\crx_auto_file\shell | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\.crx\ = "crx_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\crx_auto_file\shell\Read | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{18156CC7-37F9-4330-AD16-17929417BDFE} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\crx_auto_file\shell\Read\command | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{9B6E74DA-B3AE-4A75-B4E0-F2066E2A5CA8} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\crx_auto_file | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2080292272-204036150-2159171770-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\WorkFolders | C:\Windows\System32\rundll32.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\shutdown.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\SysWOW64\shutdown.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29Cry.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Roaming\svchost.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\wbengine.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\wbengine.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\wbengine.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2552 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5944 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x404 0x38c
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7946023687080557834,11092024714883730094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5492 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5996 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6044 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_rick-roll-virus-main.zip\rick-roll-virus-main\rickroll.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_rick-roll-virus-main.zip\rick-roll-virus-main\rickroll.exe"
C:\Windows\system32\cmd.exe
"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\19F9.tmp\19FA.tmp\19FB.bat C:\Users\Admin\AppData\Local\Temp\Temp1_rick-roll-virus-main.zip\rick-roll-virus-main\rickroll.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=iik25wqIuFo
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=iik25wqIuFo
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=iik25wqIuFo
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0xf8,0x124,0xfc,0x128,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=iik25wqIuFo
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffefebc46f8,0x7ffefebc4708,0x7ffefebc4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 /prefetch:8
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\AntiRickRoll_1.5.crx"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=7D9405B9694ED872E6004EE3322E9469 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=BC9B21621068DA3DC3FC863A1E991332 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=BC9B21621068DA3DC3FC863A1E991332 --renderer-client-id=2 --mojo-platform-channel-handle=1760 --allow-no-sandbox-job /prefetch:1
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=9F79BDC55363105ACA4822CF4013193E --mojo-platform-channel-handle=2296 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=E73D7BEF90CC682AC66ACEB410107FAD --mojo-platform-channel-handle=1924 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=83946BFEFE080467E10E177517B8AB92 --mojo-platform-channel-handle=2380 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:8
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_AntiRickRoll_1.5.zip\content.js"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_AntiRickRoll_1.5.zip\content.js"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_AntiRickRoll_1.5.zip\warn\warn.js"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BabylonToolbar.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\BabylonToolbar.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6692 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\Temp1_Covid29 Ransomware.zip\TrojanRansomCovid29.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Covid29 Ransomware.zip\TrojanRansomCovid29.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\TrojanRansomCovid29.bat" "
C:\Windows\SysWOW64\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\fakeerror.vbs"
C:\Windows\SysWOW64\PING.EXE
ping localhost -n 2
C:\Windows\SysWOW64\reg.exe
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
C:\Windows\SysWOW64\reg.exe
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v HideFastUserSwitching /t REG_DWORD /d 1 /f
C:\Windows\SysWOW64\reg.exe
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableChangePassword /t REG_DWORD /d 1 /f
C:\Windows\SysWOW64\reg.exe
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableLockWorkstation /t REG_DWORD /d 1 /f
C:\Windows\SysWOW64\reg.exe
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoLogoff /t REG_DWORD /d 1 /f
C:\Windows\SysWOW64\reg.exe
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
C:\Windows\SysWOW64\reg.exe
reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\mbr.exe
mbr.exe
C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29Cry.exe
Cov29Cry.exe
C:\Windows\SysWOW64\shutdown.exe
shutdown /r /t 300 /c "5 minutes to pay until you lose your data and system forever"
C:\Windows\SysWOW64\PING.EXE
ping localhost -n 9
C:\Users\Admin\AppData\Roaming\svchost.exe
"C:\Users\Admin\AppData\Roaming\svchost.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C vssadmin delete shadows /all /quiet & wmic shadowcopy delete
C:\Windows\system32\vssadmin.exe
vssadmin delete shadows /all /quiet
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no
C:\Windows\system32\bcdedit.exe
bcdedit /set {default} bootstatuspolicy ignoreallfailures
C:\Windows\system32\bcdedit.exe
bcdedit /set {default} recoveryenabled no
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C wbadmin delete catalog -quiet
C:\Windows\system32\wbadmin.exe
wbadmin delete catalog -quiet
C:\Windows\system32\wbengine.exe
"C:\Windows\system32\wbengine.exe"
C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\covid29-is-here.txt
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im explorer.exe
C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29LockScreen.exe
Cov29LockScreen.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2176,2705972789292870722,17005189441304054779,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6856 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {3eef301f-b596-4c0b-bd92-013beafce793} -Embedding
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\Temp1_ScaryInstaller Source Code.zip\CreepScreen.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_ScaryInstaller Source Code.zip\CreepScreen.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:80 | google.com | tcp |
| GB | 142.250.178.14:80 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:80 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| GB | 172.217.16.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 187.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| BE | 2.17.107.98:443 | r.bing.com | tcp |
| BE | 2.17.107.98:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 98.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | tcp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 134.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse2.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse2.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse2.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| BE | 2.17.107.98:443 | r.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 101.58.20.217.in-addr.arpa | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wordwall.net | udp |
| IE | 20.238.3.66:443 | wordwall.net | tcp |
| IE | 20.238.3.66:443 | wordwall.net | tcp |
| US | 8.8.8.8:53 | wordwallapp.azureedge.net | udp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| US | 152.199.19.161:443 | wordwallapp.azureedge.net | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | wordwallthemes.azureedge.net | udp |
| US | 8.8.8.8:53 | 66.3.238.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | wordwalluser.azureedge.net | udp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 119.190.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| SE | 2.21.96.104:443 | assets.msn.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| SE | 2.21.96.104:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 104.96.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 20.42.65.89:443 | browser.events.data.msn.com | tcp |
| US | 20.42.65.89:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 89.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| SE | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| SE | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| SE | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| SE | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| SE | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| SE | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | 12.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| US | 8.8.8.8:53 | 239.60.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| SE | 2.17.251.10:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 10.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| BE | 2.17.107.105:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 105.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | tcp |
| BE | 88.221.83.187:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 88.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| BE | 88.221.83.187:443 | r.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| BE | 88.221.83.187:443 | r.bing.com | udp |
| BE | 88.221.83.187:443 | www.bing.com | udp |
| BE | 88.221.83.187:443 | www.bing.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| BE | 2.17.107.98:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.187:443 | r.bing.com | udp |
| BE | 88.221.83.187:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| BE | 2.17.107.105:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nz7.googlevideo.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | tcp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 22.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.168.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | rr5---sn-aigl6nzk.googlevideo.com | udp |
| GB | 74.125.175.106:443 | rr5---sn-aigl6nzk.googlevideo.com | udp |
| US | 8.8.8.8:53 | 106.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| GB | 74.125.168.105:443 | rr4---sn-aigl6nz7.googlevideo.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 216.58.212.206:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | rr5---sn-t0a7lnee.googlevideo.com | udp |
| CA | 74.125.172.42:443 | rr5---sn-t0a7lnee.googlevideo.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.172.125.74.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | youtube.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nl7.googlevideo.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nsk.googlevideo.com | udp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | udp |
| GB | 173.194.183.198:443 | rr1---sn-aigl6nl7.googlevideo.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 102.105.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.187.194:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| BE | 2.17.107.105:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 88.221.83.187:443 | r.bing.com | udp |
| BE | 2.17.107.98:443 | r.bing.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| BE | 2.17.107.105:443 | r.bing.com | udp |
| BE | 2.17.107.98:443 | r.bing.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| BE | 88.221.83.187:443 | th.bing.com | udp |
| BE | 2.17.107.105:443 | th.bing.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| SE | 2.21.96.66:443 | assets.msn.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| AU | 104.46.162.227:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 66.96.21.2.in-addr.arpa | udp |
| AU | 104.46.162.227:443 | browser.events.data.msn.com | tcp |
| SE | 2.21.96.66:443 | assets.msn.com | tcp |
| AU | 104.46.162.227:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 227.162.46.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| NL | 104.97.14.209:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| NL | 104.97.15.58:443 | aefd.nelreports.net | udp |
| NL | 104.97.15.58:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 209.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.15.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| BE | 2.17.107.105:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 2.17.107.105:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| BE | 2.17.107.105:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56067634f68231081c4bd5bdbfcc202f |
| SHA1 | 5582776da6ffc75bb0973840fc3d15598bc09eb1 |
| SHA256 | 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4 |
| SHA512 | c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784 |
\??\pipe\LOCAL\crashpad_1004_KNRNRCDXWJSNQFMG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c652b6268afc03d07dbe8d0081df780e |
| SHA1 | 5238807d814cc0f8abd737f36ddb422199099872 |
| SHA256 | d3dd88a95267f82d5e76247a6069fedad69e81ce092a36bdaf6b825391aaec40 |
| SHA512 | 2e15716b6771785ed978afdfe9d8a5ca08044e1d889cc81bbf0d8c591bc451939d5005cc5aece3781779e4e796b5528b81639fdafb7831ae17433687f03c1655 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4859ff90bb4ce7edb6fe7cdae876b6a0 |
| SHA1 | e3f36b0767dbc8177cc6dc3b269488f26e54c022 |
| SHA256 | f1d3f52792bbe0259d07c82a164016aa4e6e11976d0df7e6d5575238a1e7e6da |
| SHA512 | e0ebfcc18053355a792e926f1d23bc5aaef03a733d3695290a3772bacc7ec515f6315f83c6d152d9d2200cbdfe0453a39396157e7ac1e0df583ea2d29552fb57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1266693b7c9b6bdd9e43ccaeb490aceb |
| SHA1 | 9d36145bba53f4e37f129b52b0fb1013b43aea78 |
| SHA256 | 5917132110a58b5dbc062a8711e8ae03d0b8335b9eb707bd13b97baafdc2d48c |
| SHA512 | 3f1e988d97e801862ceb00e7481d5a32369157901804071fc9721c5d961dc34fd1a6dbd6cce01e264b40298864f246acddd7bae672e14338ed4abd0872605f9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6e7def952f058fd5dacaa27730a42b2d |
| SHA1 | 9e7cea8a340b525ba872e29ed7695bb781490274 |
| SHA256 | d39282cad2cee1e9f1500d673a608e0c210e84bd43917f5d4e78856caeea8539 |
| SHA512 | 798b44ffe60aadb474588fceac851ca21a5628738673fd91c9889dc7981559cbc83b7f32dd271909a894c588c9193764705d1a0c391d7f2cbd98821d49f1833b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579eef.TMP
| MD5 | 2d34c86e02be6c60c5bfdc8255466a76 |
| SHA1 | f086a7b1de4e029f0fe4b12796c7ce78a7aabdbd |
| SHA256 | 8ed291888d70fa2fafe1d8b5ad6a589662d620abc923a59509a9831419b51826 |
| SHA512 | 6f1ee06276a8a3cbac0ad3d0b184592e004d1b448270296c6ca24d8414501ad3af626759f6d2668257cf765e049f998933b888e1d4f2bf35b31f77080a76a81b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b091f9c0cf272260aa9803f90bada55a |
| SHA1 | 11a28da9fe272222257e1e22c3b83f106764c38a |
| SHA256 | 0df3a8a33dc3fc16128f0f2a40efcaa4f0a4edbac4b9cf74d825d064db6a54d3 |
| SHA512 | 0992bd4292775ff5b9e9a766ed8e7c56a2e9278d511c8088ec8f9b7ab48e477c7453befaef521aa59e2f7613d6af1f7c827ed2bf64fca70ff57aef652c1e166f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 977f2111fd77dcb9588fea33e9f0a0e8 |
| SHA1 | cf4ad5a7736ced42038f972ed664919c1df3ecdb |
| SHA256 | 641c1b63793a85b03e8b14f5c603b03988d3bfbd6b73795c94c2592da75e923c |
| SHA512 | 6083f3cde92c6ef97765671f22693d8f0ffe68dc8ccb44cf514606f323cccfd48298955cde3727143bb952e7ae2bfad775784d0f0ae9cafb0c5375fc603a470d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 9e3f75f0eac6a6d237054f7b98301754 |
| SHA1 | 80a6cb454163c3c11449e3988ad04d6ad6d2b432 |
| SHA256 | 33a84dec02c65acb6918a1ae82afa05664ee27ad2f07760e8b008636510fd5bf |
| SHA512 | 5cea53f27a4fdbd32355235c90ce3d9b39f550a1b070574cbc4ea892e9901ab0acace0f8eeb5814515ca6ff2970bc3cc0559a0c87075ac4bb3251bc8eaee6236 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | ddb8bf0444969fde4ffd0dd3036d9dda |
| SHA1 | b77ba856c51a72a40f69637a9c7980cbbe859897 |
| SHA256 | 3e634c7e24539826f9f228decb932e1b9c3139c6505bbf6a9d15cc206f1cc6c3 |
| SHA512 | bca01e2dbf2b8aed3a08ddd51d68029296175b7a2f2a601a3c3e522ccfbce6c397b3c9a109db07abb053cd812865d930b097888ea58a772a99d4a67821d02f5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | e9260f3d081cf9a5d5c7551fbdc3d234 |
| SHA1 | 0cc5b721c02dab3301207880871fc97e004c3b88 |
| SHA256 | 81b05795af8af16e41a86d022730747b7b59a8e96951ec3053f34f91d66cae4e |
| SHA512 | d4445200865a3636e814fcddd9ea21dfdbed943deb68a12279d715879693921e94ca8dd8570853bbed657f47cc8d034f931f500b3591a2001185d9be45bd109a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ba2be8d299630e542dc7f26439f4a0ae |
| SHA1 | 291fa59d8d1b014e39e8d131b4a47c6463e2002d |
| SHA256 | aa859ff9368de153cc02dbba40a03c0ef0949929d1295583e78a13c0b60387bc |
| SHA512 | a998df5bcd1af800e6deb078eab1cab517687275d7c2f28d5d4a897495c3d0ba14386d49385550715e02da0adec639d072f436d230781761c4b5bd0b29897d14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d1f697771c6005b21f8d1852eade1aea |
| SHA1 | 339147bf86bf564552e1fdcd874b1ac786aa54e7 |
| SHA256 | ddbad3c799ac191e61acf373655333c82f60908b4b5183d1a419819b0a428ea1 |
| SHA512 | 0fea182f49b8b41c4d21b4debbdbd1c5b762350f95d62c2d934619fc5ec3943e26515a5b642b5d94b8737a7d9b52cecb42886ce7ba01a935b4d99869c38fbc56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8f656eeb594f5cde8446bec69de95b48 |
| SHA1 | f16b874a6896778f672e82a2857e7e7307c65d69 |
| SHA256 | ac5b531c1048a7dcc9c9524b62f42fd69139554d329527f4bd368d36ff0c2283 |
| SHA512 | fb1c311410787a394a1370cd2e98ffc7c606112b2ba7d4678ea95fde6bccb83843c2bb23b7a6d11c38a105a46247a17f5ee7a0475c47a1f8b74f07fefcb06db2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d053cc7a3d2ef3108906b0cdeeb0f036 |
| SHA1 | c041e348ee0af4e4c4b2343953005d7bba264638 |
| SHA256 | 4a5f75a909bcd8dafb7ede858f55a46b83f24b4071af38b6671ff42823e7d75f |
| SHA512 | 4d84396ca71aef2a4f321fbd05be4a8ffefa1d273d50d5095f4a267b2fd0e7960789357181f45eb9b5f4bfade6c138dea6c3a9110fa42dde118cabaf9656acf0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b3e622d5bc6892e8080a822a58df02a |
| SHA1 | af695a696edf6b46c5509c7c4abc4261c95893c0 |
| SHA256 | ba95bdac239d8041b9f8fb780dc459cde609307b0750a995dcfe11ee23ba9991 |
| SHA512 | 98f986b671c49dcfd9c70c07266c0a8af2d530dde18c37dcd3e681cb1746df01d4e59f46ad04b426f44dcc5870bc6c13c6cc5ba6445ce8d995553c89f4b67776 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fd1b4d19b04fe5ed40fbeb35ebd97b6c |
| SHA1 | cff3e92d2350346589faed3b0d517ed5ee39fab1 |
| SHA256 | eae626e0d0f7d07a72c3f378ebf1d8030261fec8a9de3972318c0adc93d3a8f1 |
| SHA512 | 920ca7574e9b59e497febfb30b83faf42348314621bc39c2f07dadffd5468cdb5d72ea06bc0bca3ef38093b7f7700585b23c758a751c02b878d84f41ef32b663 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d1af2a8dd4cb294f547018284d911ba2 |
| SHA1 | e3f9b4c1120be4ca43ce3135b536a7e6447a5c6f |
| SHA256 | 5c78609b018ba0ba181c98c633426e10cf472b88cd8fef68674286853c83e5b2 |
| SHA512 | 2965b71a2e9d418dd630650ee92351cf39959bdb6f780f7f825f3b0216d7dfb5ab91565afbcedfd73cc0a6801ebb9fcebd0d7d67af7374052d52196cb8c01e0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6f573d7e98f19b068ea70db4648db93b |
| SHA1 | 86eb80be69c530c3a3713f754cefef9430fdbc76 |
| SHA256 | 289b883724f6b3ccdcfc92cde6ab6d2af13bff9afeb20c7352b6b7eae93c5af4 |
| SHA512 | 9a8084f7ff68d44e85403b16933f143b59dc9bf0ccbbf17c729852cfa14dd90cf9077f88b7bb1530fd12cea25b646222a4c01e654f18a33f0a70d16e7dc3bfdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 936f495fb2ef9f7125ef99e0ba86bcf1 |
| SHA1 | b29dd371d613363ece79676859f0205c87f03abd |
| SHA256 | 05a810ccd36e319c0b593dea917ece721057f7aeb298d2c53d299f9cb3a36b78 |
| SHA512 | 90ae55b226671b5595b77fb36192d8607cc476d75b9ea100c243feb903812c1cfe38de12dfd02cbe027744b8d913717efba836109ed5d00888c8d17d297758e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 751e468dca506343e7ff4d51847878df |
| SHA1 | 697a83e53b70d0b8bec3990e375c7b303c8911e6 |
| SHA256 | 174a67c59239033aaa215d852911e65e8011bd4240a8b75b9eb8346987f4611e |
| SHA512 | 3246fd67bcc2f399caa49db02dcc24f238e6b5197c41aecf00b6eefa0648e7705da2b031c807e75a6a69b5d3a51b4b136cbd0e851ddb49c8146470bcc4eec984 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e5e56d66c5575a66650cd9642dd04f66 |
| SHA1 | 04cfe43f68d2a7e256b34f3cf48509aebedcfa60 |
| SHA256 | d364d1e2d5f2a950b2f65f044ea5e8136d252521735bf4e23ccb4bf4497e9e7f |
| SHA512 | be907bb9d569a84ac64dab28ae945bbc56c647f3d9a8571115a0eefd092aeb1a5cef0ab30b99eaedfe37c51cc177583d1e2d139dac555c1cb036b3319d631868 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 2448f641fbbbdd88f0606efa966b052e |
| SHA1 | 25825aef444654fdc036bb425f79fd1c6fc6916e |
| SHA256 | 03f060bf37ba360360d6a7413d98e485e7d8e6f69e6a1de300c788d439b78d02 |
| SHA512 | d56e3b19d3f4c6d6663117000b99071cc453b6fd93f708bb8cb92d5adfa0eaab749d8d6cef4f19fbba548d31edaecfd0a74ca55dbca7d5f5f1fe66879b27b9d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | b07f576446fc2d6b9923828d656cadff |
| SHA1 | 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103 |
| SHA256 | d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496 |
| SHA512 | 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067
| MD5 | f0e681ae4382b6940a98cb2e4029c0af |
| SHA1 | 8d09b097502343201d8b20c1a70f25f1df514d3f |
| SHA256 | 841d8b2b43ca81aa73739187cc3b6af4641e65f3be5165e3ae55598f5883c89b |
| SHA512 | 3678f7d0b0ddd1205791b29100d1e55627c7b5cd020d5b94d73230998e6c5aadd548aeda955e867a2998b7754cf93a0877ddb2f5d95d7c59fd78188bbcdbde08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6db501e484ed19afd7bbc8db7473ea2e |
| SHA1 | d34514aca288b7e92f9b1c9b3fd81b0d8da5315d |
| SHA256 | 55606c0a18b1223252a456caa1c0c6f53fab31af227e00a0732eb81141579605 |
| SHA512 | 957ffed6e8f0d9cf1727be002450a33135970a75bba4022e4e35a7d284d4016c462bc4ccd4b0d300e8d6bceba7c09d157cbe1073fd35631e2cb79e1f7f4b84d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a1971f0d73ec0faecec8b4481bfee9e9 |
| SHA1 | 572df6e750bf989d771d1643995a51f617f5199f |
| SHA256 | b86e1bfe9117b36858881950cd31f706688f4607a8af71ae3317639a81c23517 |
| SHA512 | 7a74ad67eaacff536df160b35053afc602e7ee8d2b0b18699b3ac49582f018313a501cfdc6c36996ddee5b7edd79f35f67a56ef2faae373f856553eeb2bf7eb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c
| MD5 | acd930f675fbbb882fd863d2992a7168 |
| SHA1 | 27b21f4dfdb9deef9745a2bf353a9fa796185886 |
| SHA256 | 3fe43545990b9191fe9f4caf447d39efb8c7c63859c64b946d57b0d5c76102f5 |
| SHA512 | 32a7360c0736580683af9e4f6c102c29f82951a5d33aa79d01498481be58001a898165bc12c7881c4b34cae7bc920a3994542d1723f6bcfe6e386dda6717bb87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c98e4ee8513173fa_0
| MD5 | a72a92993fdf0ed18aee4834a16c2946 |
| SHA1 | d9dbe75e52fa2c8117c9e97f3ca8640977f08ad0 |
| SHA256 | 95735e3ee54802b54c8269d9ba0b681638369bbe57fd61006eff17463b06a2ab |
| SHA512 | 90858ca60645718d3b24d91712706a8c3ee842e494b1e268957c6763f8b3b604717d79e467dd8ac9cf569e0a48770435ae7542466dd0f941a806e08a7d18078e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | faa8bc78b029a0622899ace6fd2511ed |
| SHA1 | 8c97bdaf69211c34a967f615ce7d15861e535a03 |
| SHA256 | 8a8e203373bcf2bd2dbb00d2e4e76f67aa3436334fc0792e56f66aa7d0f6b065 |
| SHA512 | ea207063dcfd3ffebf2def26bd83464af48e6d80303dbbdf84f34d266243a4d9a2dd392eaec8942fc997dca1d72c9e6247572bb5a1f12a6b23bd4186c38b08da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | 77e89b1c954303a8aa65ae10e18c1b51 |
| SHA1 | e2b15a0d930dcc11f0b38c95b1e68d1ca8334d73 |
| SHA256 | 069a7cc0309c5d6fc99259d5d5a8e41926996bbae11dc8631a7303a0c2d8c953 |
| SHA512 | 5780d3532af970f3942eecf731a43f04b0d2bdb9c0f1a262dbd1c3980bcc82fe6d2126236ad33c48ea5434d376de2214d84a9a2ccec46a0671886fe0aa5e5597 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040
| MD5 | 2923c306256864061a11e426841fc44a |
| SHA1 | d9bb657845d502acd69a15a66f9e667ce9b68351 |
| SHA256 | 5bc3f12e012e1a39ac69afba923768b758089461ccea0b8391f682d91c0ed2fa |
| SHA512 | f2614f699ac296ee1f81e32955c97d2c13177714dbd424e7f5f7de0d8869dd799d13c64929386ac9c942325456d26c4876a09341d17d7c9af4f80695d259cfea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a44b1ed95ffab15525cb571b3d5dce28 |
| SHA1 | 895b49439922a356499d7c52d867301f99d429aa |
| SHA256 | 3a05e7838529b5fc0398b75d131d3e1ae09cbc94cf6415245ab400e5c3e764a7 |
| SHA512 | 3f67a2eed27538e92709c5a797bb9a58c04e4c6fcea6b0931dfd4e4d71c662662fab16e8924018fe3923dc39949291de87813941f3bc74aeb2d7a0f53d7577e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7dc06cf66b89ff5c40e7f15519ec98a1 |
| SHA1 | 714c4f73041c096096856c3cabc1ff8ef24b4110 |
| SHA256 | 01c12003eb5c68efcccb59b74773edb3442c6fce98c0c38797f67ad583015f8a |
| SHA512 | 06986352134b0b36a18761c174b5a4bd61c9d664cfd3a69182a85434871edd74f7c625a8390e652fdceadd4638d1670d1a3a07e5ad934588a30f7985be8addf2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | db72ad2747817a1ddce74903f1b133eb |
| SHA1 | a25aa1cb1ca88127b9cc9f85b9c539e5a6b50185 |
| SHA256 | 56145306a4c70ab884f9239e0093d40c12b69d872505ccd558a98c4464dd0ae1 |
| SHA512 | 861821a47e61f63667c7ada64131659213d74a05e6953530e6f352edefff1628f78dcdf98434aab913e6ec88ea14cd35f0296bd2b12aaa36170d299a7a2ecd5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6bbfac73de87ffb988fe38d1f3fa7b68 |
| SHA1 | 12c329559206cf91f6a13372737594e4197ea80e |
| SHA256 | aeb3df4225caaf4b620228d2d34215cc844b392a7a7627fbbc2612d4f4f7d306 |
| SHA512 | 2b0f108daaead0394417cecc0bad99da00dc07ebcd2868ea22679a76b044f3731ea8713b3791db31a887881253d2d27cca42620db82b3cf3e55168598194965a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4b4522ed9c2c82c85da3f8d3a5128dcd |
| SHA1 | 2d33c9ee26ab9df63a9f8adec7a3123be9a63516 |
| SHA256 | 2b452e14ef68655fb2fc7dfd29cfca51f1687b47ca54b904323bdb716fdef63a |
| SHA512 | 335dd6135c82e6ad00c9c1299e1ad7d4565d7dff4cc419601dc8d60a18938cb0e2552f1a63d61bf186420a213aa0b1bfd89d226fd614ba57b4c059572311c4fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 355b5ff828c144170949334e483c85f3 |
| SHA1 | bd735dfdaf09c4ecfbde296e3e777f74c7f64139 |
| SHA256 | 5aa50ace7fbc04d04067dbef5793ed768da032bc9a4711399b10b62f556be68c |
| SHA512 | 5788d6e2016338778f61cf400d6ffdec1a8fbfbbf2ca22a73e9f1d1f4511c92e2db18c74e336623294bcc4df6d1618a04efe5d19b3db96ce41e44e6f84ca2cbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 03fde4d7c43577047a06fcfced9a9584 |
| SHA1 | 98724a6908884e666358cb0997e627ed91d68ff6 |
| SHA256 | 62987f860a5370369369e8c6c913eabd8377c57b50d8e56b841929151ae1770a |
| SHA512 | 489e67eedbd1327f2647fdc3f631599b4b4fbd37bc9fbcf00e2b70dc6e47b2713a5e326dedbff5b867818c88867d70cf0521e8dda9d1a5796bb01921b9df47d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 5b55fd981458bcf04a85e314c122c407 |
| SHA1 | ec04095c87b6239e8caf6c277f02041754afd3bc |
| SHA256 | 7c98920c436f0a46db9f5fd6fc898a69e498955feba72bb49b93fc4967232728 |
| SHA512 | e24917004b4b0a74bf3f819d49557dbb7151f63214d6275e471a425008254cb2e20f97ec21187bfcdecd972f91e06ff97f29a1da7fd2d268473d2602e1e182e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | a25fbf4d45cbf9569b435ac3f2fa955f |
| SHA1 | 44cfaed6b41c7b1da4d0be5940ef6201b3ce3aad |
| SHA256 | e5735727d2347d389a96f5c7fb4a028ebb3b8cf7598d27265d76a7a50a05b38c |
| SHA512 | c0a1f9c37edcc6a8a7a190059d6fb6d52f06c262b8856e86ffa2d19ec9201b7bcc23b741aa2d9a2b832a636e8bb6f3e249b8c6a995a9c188ee5f7d34ccb21a69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 309d480081b3c47b9d49364593b90d42 |
| SHA1 | cd5d16c7170477337798affecf23cf3f135c8313 |
| SHA256 | 071426724c80cf649713aa0d42dd061b6e01dcaa34abb449fbbd5c55cb01158a |
| SHA512 | 3d0604391c024ad20d4cbd282901ba6cf77dcc2d39c6ff52db14daeae55b543b928bce20f71a61a8882d2b5d0655a3b2b15c5710c1ea3cb0e092e5bb93f319cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 11bfca18d20af7024bf48c768fb3c66b |
| SHA1 | 27397bcd0c94a55b8efd6a28205aac3d3041d16b |
| SHA256 | 3cedf29d4f79d4a193c69b2a81ac286302ef88f6767410d5e51f7c4852472759 |
| SHA512 | fb826339ea9523fd6757cd68d79490fe7b34a6dca69c2bf86295fc8f3d7659466dc5ed30c092b4b016123e6bdee036cea3c8224e58d37595452dfd3503f02ec8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 62a5b3d54cfd6917b7bd6ab5c6d51179 |
| SHA1 | c101ad4a7d7d90691cb978589b0a9eba43486e41 |
| SHA256 | 97c3091ad1449b16089faf4a35a2afda13c9499a15e66b1988f289c4d4c42df2 |
| SHA512 | ef9ef302db28aa7bacdb8f43b48e40330eb75bd35a4b24149c188949245d2e67884ee851cba024af2ea698dd4682a70dbab990f26907f8146e2920f41e41a06e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
| MD5 | 424f33590cfa09d6af80ee009247ce82 |
| SHA1 | eed39251803a32f8cde3e82ed56d6df6946a4c3a |
| SHA256 | ebd78ec153dc58465ffd37fe49a756ce62f9b2c2640e4b1dd1be7fe6fad9f97d |
| SHA512 | dfd9bfb4477208bb2443ea195eaefec2ea51d57870dfe4f125e439f69784be704d46834fe516ba5c0b08d3925d4833efd8432d10cf9db52f488c116a3a78c719 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | f477fa3e560b8b0483653e745949829a |
| SHA1 | 7f8e4ac5f38218d8908569a2bab9aa469152fa0d |
| SHA256 | babc418f8d91de0188d3d9b35a33408dc9e9a5baf34ccc26c51368f9448cf8e9 |
| SHA512 | f874a5a800cf7b02282ea6fa7ceb37f9bfde8112742f2b62214e64e65ad47ad0351e1bfad4c13a47280df616afe26e7112674744bff37a7a3cd45c1c06beb115 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | c9075754141d20195336d696503b02ce |
| SHA1 | d0de5a9f762a519097627acf07ef5b4631606648 |
| SHA256 | 45609a07b37f6a5c78b4dfe990a520174f60c52c6fe9fc5545b932f0b8018ab9 |
| SHA512 | 29aec8151f4187377c891816b5466c5f436198834556b41861009bf6a9672656b997bca3f79926675af586888e733a1de4ff903615b1ebf6b2a9db9b8994caa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | 6eca659ba85531d2ed29282b2676af2d |
| SHA1 | 8d81cdaa4358891a2c69b3a13a14d824cb1438c9 |
| SHA256 | 3b6d59139624e3f898dec60d8bd7f33c2990e5225e5fd9bb7b28658aead07262 |
| SHA512 | 89372c784227cb24695907db40a91375e00c7b18da9b54e1ec5295aff27f7f5deb0a6ee9752b6107af7bc03b2ebc5116327d5c178f7a852a5d23f28e245e5ac8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 8c20bcef380f1df4502370924429e1fc |
| SHA1 | 53f6e07c11a5d5d07ea507c1028b90bdca2d27cd |
| SHA256 | 8d2eb6c1667f697f337c138551452ac7183dfaae45466c55b781ef153afa3b15 |
| SHA512 | fd0e6c890f899ae7ea06125e89afb3254bb71bbc382947563d4b175f35dfe5195c4e7c1fb2d72021a28e75102bdaf4df15e76656b4a8922d1a5ec62cf39fdd94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c51429cd2212d9d64b0a2f085a41f58c |
| SHA1 | 74eb0757c77b4fcf5bec2c52a3873e52dff3f3b2 |
| SHA256 | 5e1fd13113391bba631bd9718657d92411a94f3e9d8a57bb155c1994f81cdd25 |
| SHA512 | cc77aa318dea967594874faab9a3d825af1cfba08d8bdfb5953c9e8100a1548044b24274a79181b95ecd21fb7b6608cfebf3c0d9645e16acad3d142735a55682 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | 8a6c8fe2792a05cb018b047679f438cf |
| SHA1 | c5e7d330c7e6ff0f78bb56b6b86663a69c543db9 |
| SHA256 | 416983e7851d6f21e18c045c4e55f07e072b881ec1da9b8442841f779fba62c7 |
| SHA512 | d926f9d2723753bc1cba03f7b4139235438aa20d54e3841a84565166892a3cc9bdbe8326e0942a031ece784d69d5751e1fd21c16f930b6df872c3a269a25e19e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13364453277262831
| MD5 | 0ec92a5314214cec8557cdc1a4e27957 |
| SHA1 | 0e0ba433b853e3575b8fed49f986bfb5637d7578 |
| SHA256 | b75ff7bc898629ad8498ad30dc55ba12136f8591c08c45746fc7f850e508b541 |
| SHA512 | d311cbe554b06e261315892f0e18ead59a0fbc813f9bcbf228e1ab707d5607c088e971bf40f4da9cf29fd4d7a72b5bef6dd8a4de74ca45b6bf199e952e340c33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | ab4b25975fa94198e733cc76ba970d05 |
| SHA1 | 6fb134e981106bf5fc5453e8e28397988ce7f2f8 |
| SHA256 | 2de68627cbe2680ec2048208a2e6a98a2af1990819a2ce7f7209b4006b00a7a6 |
| SHA512 | 00dcba58f76d85de1380c5af45ec89dcecb44199b590c657197437dd5b02f5cf6db866dc92727dc945a51562936fdbf5ebd2d4895b5ed510bea5660d56069819 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | db4bc251ca6d77fb26232e760dddc91e |
| SHA1 | e151c6bfa67d728697cefc64bfc981c6c75f09ff |
| SHA256 | 71bc05939be81146e6c118a4be062f4dbd916e5a5849435b6fc17c1475310969 |
| SHA512 | 9447dc0162a6e76a6247c5a1cbcbdece1c3fe5169e5a91261ed003047f6cf0912e505cee3394859e0be61beb526bc0374951a00104724f7cb2014e8806919f2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | 77ac0e89546425bc0d96ed9773eb2996 |
| SHA1 | 42c5a2dafd294a74a77bd5d1fc0e41713507cd44 |
| SHA256 | 12f60eebdb06f42e5399c9be1fa6b0cfad61c9724d8dba9a1ccbbd6e8d503be2 |
| SHA512 | 45e329670f987980b2d7d4863fd30b37c9cafe97724ef05b9da85999ca6fcb115e98ad1dfc9f6e51ab77213b9f316b5c62147cada4ec2e38b83b825840566e1d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d39c726c89be711a40dfa3fb5cfaec94 |
| SHA1 | edc266d3cd477527abb1df5e3381f69ecf2afbef |
| SHA256 | 1d54a24c1fefa8e8adbfce20802446b6a3da11bec36cb53c437159b4cca15c62 |
| SHA512 | 4354c0ed1333c22e9844816c556c4cfe8a88d48628330f239c883e6d83df3a97f86c14e30a4305d6b83f5ace0c36a44957c799df1bb5be5b4c91f420b2942b68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 3579d4028fe91adf9e89e204a445d455 |
| SHA1 | 71d2ce12a875cc3871aa2c710690f98b161eb57f |
| SHA256 | 0b955949cb61edf5ae5f4b30d41711b1af9032b96d28fe8552304a321c969cb2 |
| SHA512 | 6c39f4fc575162ec1689a4b24535eec332d5b43c3fdd07a1d7681ceb3979ddb13455f1df894a31e4cb163544962a83a8b5ccdb4f21a8597d1b5a6cb65e0e4bd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | 7fe5d5b0cc1695aaed931e172c9c1392 |
| SHA1 | f8a0607ba4ca4c03dbee132309c4be9cc995cd8f |
| SHA256 | 7094cd51bdac32b48b55be73d9fc6e99307ea71d6d56dc9180ec73105015305d |
| SHA512 | bef59ae83b0acc198f765fe3cda378bbf3441e03c973237660e579176f42b8396da2f8e7b96717a3b3d113c9991df78270aff4dc4e148ec35ebeedf2dce38882 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00001a
| MD5 | dc89af7df9c6ca650e310b1f298f8d77 |
| SHA1 | fe8ce0398a5746cf2db4dbb22f366419c184d1d1 |
| SHA256 | d8df757e32e39db47931547397eea399545586775010ba5f5e8f6282cd3d460c |
| SHA512 | 93314e0a31d7e607d31d7aacb73ee2579506e4abb672c536a6d4f64d13d0b48fa3dd17987e98ad3a9f4e9ebf8679dd2daa70934b7dc98ab3c5de5cd338f1f4a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00001b
| MD5 | 303a4b69a28d0e0a803b8a541ed74fa9 |
| SHA1 | 87cd1440d4dfd1b3009ea361d822cd1be57960a1 |
| SHA256 | 969adad92315c6139b0f9f978b44e31745b3b64ad9fd0a0a3acde2d97cd664df |
| SHA512 | 966a785f28af20827c1156f72c8fa894aae8ad69f568586528bb56260b899654dfc23f4bd605dd00b211eb92b85498cf4e61d361602faefd40523db01fa94251 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00001c
| MD5 | 7e0f8968f32b43a04e282f9b778137c6 |
| SHA1 | 567004091f3ac29620b5e750e7e7ea673c308970 |
| SHA256 | 404229cec2e8019c49beca3516bab2b2e915a616f482ae2be199bb510e3e9760 |
| SHA512 | 78c94874b613bae26220f4b7535e5a56c5c06609fbb53c9663042e9886cd83c6b628ba59506f7d496592d8b45a300f01a64afa394376f5f4173da59af3e98c31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 691d88f77fc25ec09fee2c3bbe3c7eea |
| SHA1 | 7e92974f616d55d3eca7bce775da26c27598aaea |
| SHA256 | 2c14380df873c40bb20f048b50dc086fb2c21767a23adb7fdedefd0f71f326dc |
| SHA512 | 5cd10ee9a79f1c3c6b944de162eed51a14e8f5149b6a5ee0a370797ca4db62d9e128d9944b66ee8c9c9c4586a7883444350a7fed81ded92a62a90b14ba37e59c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 8a1ecb9fd6036971e2e6fbab57362b92 |
| SHA1 | ba1b914a995b19172624918827fe4a61fb97af81 |
| SHA256 | 87c0d198e1fce91fedfb41b2898386033fb4a0450a6dee45a3d5caf6a9429fbf |
| SHA512 | 081e10f4e65b79bee30fe0154a0e525d6f1ff01831db8e2a40c9276f4b31ba07c790f101494dafb32c41779d71600857a3b6678a2b71635370203fae6c5f66e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 72fd1ba1c823a8e7f9a9855a32fecc37 |
| SHA1 | 4ea2ab76241c566b37aa0f1fcbd95c5e46e72fa0 |
| SHA256 | b6653f4c51375281e0664af63ca64faf1434a1d76a7cd3459eedf7ba4bf5d7a9 |
| SHA512 | f817cde696dc187fd6d25c2b002f0a06698913882c524b3620471ddd9b4a99fb1af997afd9f1ba7e357b6be38d0ce34f20f48c1f89dba9d7a833e797412f94b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | 2b34d2e634ff1f032aed5e5c20df1ed9 |
| SHA1 | e87508129a5e47d1cd2efdc0a156ca75648e56b2 |
| SHA256 | 136b4b0e9dbc0f248cef70047524650e76bac78c8a76984f2c2eaf3732cfb47f |
| SHA512 | ab8d25817cf3d2e652b9275ff77d07524706ad1fdf7cb7f47db973c1e9b5ffdd4d553d73dde47233d120f89ff3845e853eb87900931b4f188e791f651fc527e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | c6aec965c0e8ad32e84296f9e93f1895 |
| SHA1 | eea1fcd4fe682900ddcd1e47f260ef277282ba13 |
| SHA256 | bdb7f370867ddecd4f3ef3517729df8a42a848181730c62331ca85be08b5d462 |
| SHA512 | eef18fcca2ceab682b236453a535edfd572b85eceea6d919bd996e58c1c5d2b6597e00434c803e16a19838299c6fc92b4e5161bc3abd3fb5e3affa8f7bbcac96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000005.ldb
| MD5 | 23409a6c0673b665f5a33923d97c41fc |
| SHA1 | c5017279c7bb59be7cf8e34c4fd46a08eb4d5120 |
| SHA256 | 4f6d725c93acd323bf06857fb4b2a627e6fa447c5ad0630f1cc010e3d8dd7374 |
| SHA512 | f4c521172015e4bf49093ce5a0a4c98fb176a6e830a873711391b73ee38a16718f154c13d50f06be72c66c04331f94dfecf056ea8a98a2f83e8916e56acd33cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 5b087ad05df1eb7e8712293eeb1cd3c8 |
| SHA1 | 2691be61e7d466b068cdddc4b45c0de3e9536dd6 |
| SHA256 | 15e08fa0acdde45693bb0f472178ebd557c6706139fd6d404cb9f59344dff97d |
| SHA512 | e5a8a0111a5ad08f72ad8ab033cf9786772ebd7aef064efcf723961f4f89c635857dd155eb3aa18d573eccced5a58421fffcb5bdc30479afb5eb4b028fc27504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 92962b43a043ea47fbf804b34f338369 |
| SHA1 | 51cfd1a7876ce861b75c6bd066fd4fa3a2993d5b |
| SHA256 | e3d8a7077833891b7142facde0422a3bf6daa4551597e2cf1f3042735e2ec12a |
| SHA512 | b42a3b9032b38a1fada75d7cb4490174a3ff22220cb14e035b83e753f8dcaff95d4236b0efbeabff6af9702222fb91135aff4064371aac963945be4acf2c4575 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | e6a8e9b66d13bd98d66d533f1ce72bc2 |
| SHA1 | da6a51bca68251ef128277114688b21ad542569b |
| SHA256 | ae018bc8cdf7567ace76f74067e5f995017ba374c9306ee67de13e48532159ad |
| SHA512 | d6b357805dd98ce6885535b9508d296d13cf391a45cab62a64ca71d2d29d787809c885d8de97a98241a6ea60e1ab78d98fd9dedf7c0b8b748911d43face0e053 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001
| MD5 | c10d8c69bee65b8c0c14ab1cb5a08a47 |
| SHA1 | f90e0440baf75290a28fdfc43e368a9a3110a29a |
| SHA256 | 9c0db7222478aeebec8bff67046332dae092c3d646754bafa91046ac1d34dc37 |
| SHA512 | ae7a50000264307f7969297f4b97679f9c3f2ac4144b5ae797f3ff6385d65b3682373dc964b572b3a66d11de0844226b02c16aeb5c4f990e734c83316abb7497 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 8bdbd2259f5080a69a25f28dd745025c |
| SHA1 | 36f4f8acd7ffaae8d0a590dcc087e9eb738538d3 |
| SHA256 | aabbed77ae63bcf096dc67f877e38bf1defc043a0293625e6651e05f0c23b2b4 |
| SHA512 | 9c9fb469fae389b92311c1c3a6b2266de7f6ccc69842b40632d66ae23b9005db12836b608176f780fdb322fb3f8403d1f82ccd13c3923a1413631ad3dbbcfd01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000004.log
| MD5 | 027c864f04f246ac4829a45652db62cf |
| SHA1 | 53dee9ce76b5c78cfc8edaa65790d36938157eba |
| SHA256 | 30aea40766b4ce4183f314ebc65bb2895bba398d0fd803b6c0eefffcf6f7d8ac |
| SHA512 | 2bf9a19245165b3c73cd4ebd070427e0416706790eb6953d328823de1304411a7010ebc6b10ea2c9797a46cf94045801b5faded70ee17bd7c00c186e3e7058a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5707bae60d6a307f11fc33edc97e0053 |
| SHA1 | 795b18cc8f70c12476df61919fa3ca8dbfb6507f |
| SHA256 | db467cc765846c7072a1757fe8b5f2278dfd7852f12e8e3463119a66f1919025 |
| SHA512 | 0cc7279ff563254f606db0cb1778e9d50e802c8e5554a7610bee70917253b1fd8717f0db7e46a2ce2632384a41ae2be625f1045056302277a9c6f263b5a6cd6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84a8e8cd0c38d816a4177c604b69bd64 |
| SHA1 | 5d9c6f328ad622de1955b4438af8c98a98387744 |
| SHA256 | 07efcd4c77aba08544ac8f2e9124a71b964e1fec378b5c265c76f4d396808e6e |
| SHA512 | 5cd32e96ce14d6e841ff7517ae2c3bea37818601f29692590f82a78307bc0bd3e9ee5f3f649ecfbcc3a2592147f1540d9752c2a2780c1ebe4e3be57ea9cade16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3cda75ef922c0237b3e6bc35ec563d9b |
| SHA1 | 2017c766a5a55f9a3c6bbdc4dd691c69c06875dc |
| SHA256 | f29e8c1c76c4b6202b74cf08053034d933efe8676e77359cfdfde9c3c8c987cd |
| SHA512 | dcbdac736e4d5321bbd58be0b21abb217c3d1aa45d4dd1d22e3daf9b63664c7a9f66e7b40ad701073728fa77ee9ce2cc7322705d619937259ae883b901f2322c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e667f2b497b612160ca8202fceb14659 |
| SHA1 | 7dcc673d78b74d41948244605288e44bb4a02cf0 |
| SHA256 | e0582bcb80d07144817cfc9bb05a5e160129aa48dcabc5e0e87743fc6bc2eca8 |
| SHA512 | b8d107870b0d1d407c7d7333ea6c1e2bf082a378c1620ed715adb84d47192c346fce1dd34c4faa124020ec8edf492aa93fdcfd80d2d288fc07a1f188158ba8df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4668e196120ca984d7f1ff31a50628ce |
| SHA1 | a188a5dac8848590a267f8d94c77f725c71e0793 |
| SHA256 | c6a0fe3992aee3d61497a5c26472cfbdead0aa26f407834a4802a4e1626751c2 |
| SHA512 | 28b15a336bfbcf1f697e5b2e0d7732311b93f290881a0baa94527635777354c952774a6da1d2a498dc1b90da546169b96599d6dbab879fe117cca724fd87e662 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dc6ae072e4468aaa085a5894cba3d9b5 |
| SHA1 | 5572d28d673fd1e88a769fc7c72b9fccebafde33 |
| SHA256 | e0e3924f6c88e28d96febfca3fe34cdb7b574d1d5d10663e2d625efff64fd0b8 |
| SHA512 | 95b50ec8a055a5808ae7f8f84af9c3a60eb9d4077c614a33e54e8746604c93e55d456722f915f2de3efbadf5d6766039bc646ff6a8dbd26f51b9eaac6a06b902 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090
| MD5 | b36f688583613bcbd2b3e0b155e73eb9 |
| SHA1 | d49e15311698187efca100dddba4e6f0723f8012 |
| SHA256 | ca05f1a76fa9d81044e0aa3f9d92d2604c48bfc022c1954046b88462033d076a |
| SHA512 | 3d12d6cc2b0464d0c71b6b5281bf7f57f1bc9153915a578a8786029d15f2a03b8ec771938a07acf442c6331716c19833b49cdfc4213414b3cd3a968c80062145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ef6943809bfaffb078c90315d1550935 |
| SHA1 | 648331534721c94a8fd634812c3ce642bdbce29a |
| SHA256 | 50d2c0c7bfa0550f2c7d71ea0acc06f3b51917465976c89860840394c90f4db3 |
| SHA512 | a3dd38100d1ba209f09c537e2671bb413309df87747ca60fb7221efb3629f9c45496a054b4c33dc5dfd25633ab0a4130db8a923b44cb9890beb337ea04a92cee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ba892d5b66b60c94438d65c5c2810246 |
| SHA1 | 662b50ad771fc56c11d351e4f9a7ae7fa3202317 |
| SHA256 | dc6191507d606daaac50e22a03b869844c7d07bd61f81ef601b25a26d3ba4e86 |
| SHA512 | d33b6e48cb6758d3e0257eb6ba766272abea06d32cd87905fe4a2c64d1b2d5b7dc01d8b6ebcece2e0fa16c1bf4be0f592727d1c45e64d291be8e4e5f74028807 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a22a1da57a6eeecb1860c88e1321f15c |
| SHA1 | 3ed6545ab26d401f286a7874b65089480d5de76d |
| SHA256 | b059c7e0a53235080387dd77ffc070af9c564b01a3f3cc638bd6bb250f3254c8 |
| SHA512 | 99cbb27c70f06a3f7bd254350e6eb392b719284a12409740aa2d28b0794beec359be8d8b9687dbfed3c810dc25b930ebfc7c0054ac162170450b06a605c9a5fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095
| MD5 | 90854fe908877c4c0fdc8866ce6fd56d |
| SHA1 | c9a899f9ca263153eb7483869c85d3d4eb5ef3b7 |
| SHA256 | 25a2708cdd9af21a07e7525a3a5d433df747389ade5d932b2493e3852667219f |
| SHA512 | 81e2abadadbdbcf59a74697f343dd24c34c8960df713aceec5b2169b1d9a64192ca0807f27f2f3321ad0928a3017a28b5e6858030f4e922249d6961550a169e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b4e7492d88dd1a11e85f85d635e391f |
| SHA1 | 8f00ca3b4bd0e3eecbb0d2440728e58cadd7b7f1 |
| SHA256 | a9c7250348460c96e28982fa3b16dd57d1d9d30020c175a8b19999526f592e93 |
| SHA512 | 8a0be8c9bf2b3479a1f240be8d0107439b596e8d79e01c9660b8eb70cd674b25e415b8a9d2c4611494779ec0782e83d8b17c9d4c03e294def8925078c18593eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 36c898f20f2929fe30e1af9349e9e242 |
| SHA1 | f061e7d09563b205ed6824274c2e88c947590e89 |
| SHA256 | 180a20a42c198f47453ca30f888d82f00381f153188dcee542ba473a35bba3aa |
| SHA512 | 958a543ef93e96f642cfe317e3207c1b0c14830bd4fbcbc35c79844c9ff27685efba89a9cca9940b677490b1e3167711f0c5d6e0a1488b232710127ec74ca6db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 306f2d214af8edae5774a5f314893808 |
| SHA1 | 7960372ed913e294e02b991460af5c1ce9ca3990 |
| SHA256 | ee1b4a9db3efe18cce79bcb21a844e31b73573d8252d179d9b3fd8b339554424 |
| SHA512 | 41eccec44de527778d2916cf39630157be4142539f29578161ceaea434597482bce0f5c002df141b4a8408b2dc86c35844853cb0f08f874ece00bad660e35032 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097
| MD5 | 9f7ca92d653a7223f1a9af8bd1acac2f |
| SHA1 | 7bac93474d7f949b3cff5ca5eab04d42155c5729 |
| SHA256 | 50884768208b0eb213fce07654f4b26ab08836ea00f460afacf6c3894b549821 |
| SHA512 | 24e256b3999520a43307355590a289d2f98796365557ab7a24f9a3ace8c02a7bf83425bb7e9cbfeae57ca21581d57f9f184faf3883b4346f45adb65a3564fed2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 198d49f50439f7f82c77a12a8be470de |
| SHA1 | a24dac410c9d1fba634d3318851860ec34ee232e |
| SHA256 | be25435bd124256ce003d1ece8e7282673de53e00c24dc61a7bce27ef4141950 |
| SHA512 | d9f154011fc97847088151ce1a74024212361e882e73bd78173ae1e37e721240aa3a54ef5e9ded3df3a194bdf6d3c1e04e0f625bebbddf500546436cf932d54a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\dead6ab2-0f8d-4db4-94af-9882ed6ff483.tmp
| MD5 | 66de4c7c488a725ca1c2426df07796f5 |
| SHA1 | 7bd1274f10593a31fca7c19f2a68ef650df6e1e4 |
| SHA256 | f933dbadafba9e3a7026c13302a924333dc2b18e276a26b3f6e1fad058d72e5a |
| SHA512 | d1de767ef6336a05abf5c3b368723769387df435441d21c3b7cc99dad57c07e1202071faef86d89a913473b132e57b0b336f1a771c00ec3637d371ef672ab885 |
C:\Users\Admin\Downloads\rick-roll-virus-main.zip
| MD5 | 5aeed06d370bc56ce121122857053926 |
| SHA1 | 47d17fd6f869849ae8902ceee17be8227e05d952 |
| SHA256 | 76a8a9119f9d2b0b79fd2b5d822e668c7ff62a54c668bec974350b59d9f091ad |
| SHA512 | 36661df574e2c73da9831a037a76fae9b68954f5543d8e4dde6c5edb37590a62d167c6cd44370d85186c01b0e3b473826b11c93f04093506fbeb16efb90837b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bc4fcaec1d9f12f2bed694d955682a31 |
| SHA1 | a1ee27c674469178d28184ea80df17d8851437b5 |
| SHA256 | d1db94ab8b05717cb4f06c0ed20300c6d4debda2df2a1a86cdf0892f904af67a |
| SHA512 | 4f2b48cd29930eda5ead701add7be7db51aed2f294ece4459ac21f13b957ebff7b909e25f539ac1916b606c0306f075d6cb8ffad44393283b4ce29d640e4c182 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 04bb31cb1c0203f1bd1f0085511b9706 |
| SHA1 | 21ae6d06d92dd285d0d540c3def8f2648c9eacb4 |
| SHA256 | f97f02630deb750a102ca3853c5cbb0d9e06ea7944a74ba4753b28840579c967 |
| SHA512 | 69e0acceb10bcf9d6350b2da5b4b8537c9b251b46dea5865a68f62201e004065135519a3fab1c5c025b481eab896de6af237e5760037dda2cfe8050cb0d68371 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b3661242eb43ea846042abd82d9a8d9a |
| SHA1 | 5b2a44db757fb6c902536c583c92bfc731e55b5a |
| SHA256 | be16a3597b020b53bd39cdbf420b146e4cfc7471a54513f42eb036dba21ed3fa |
| SHA512 | d589775d15dd01a356619d4ff4a5ae0e78e902db73f69bb59470bf076e1da4eb18afaff09fef3d4a34611515ca3f21072808e4263bb830c42f5a4dc595d05bfd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0d098e36f2452266ae74c762a119dd0a |
| SHA1 | 489a3ca0319d2bd0eabaaa9cffebed343073fa1a |
| SHA256 | ae67ada268c9811e087c2945b986e296ec1195ed4291965579f3e42b6e6d75bd |
| SHA512 | 7f12389f8ea853ce9c351b45b4bc6f0d343c7bd8adcf6aee40c573660599dc4674646898be181d9c8aa202cef99eb0865def701ffe30e5d4374c59bebcbb376c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6fae1781f6d5e9599f796036b217139c |
| SHA1 | 29848b358fa1088000fbea60f57b18eb14f8c123 |
| SHA256 | 51adef7644b88634d625b9410ff7ad718607695676cf2dff36eabedbad0ac952 |
| SHA512 | f8015cf075c4edcfbd6b625ca79f68411710b2552b90bfe64d1cd4fca495f6e2c76fc09d2f39bc5fb301da557bed731be05162f66bcdd2e9a8ab68fe9a3f0f86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 51464f85bf0ab7757db826bfca6f2ba1 |
| SHA1 | 19cead4600910f8bef4905e8c0579ef6dcefa337 |
| SHA256 | 05c3b18bc3edb6c4d9f72a6280590592fba1a1cd46d4f4c6030a5290d7c1e2a1 |
| SHA512 | fe50222033b3f468e31bd02c737ae82e458200fa6419175272c378c4dc149c88b4a1e53256663638e00f8b2723ce70d8abba1ed759b3b9e7480ef08babe4c49c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 821e4567bbce944c540602632ca42f40 |
| SHA1 | ae78446e8d4e0e37540a7e0faddaaf9d9fb82114 |
| SHA256 | 0df0b16c28c39b39f48fb647b0009458a370c01dc4ed89b2a699d26bcd16fef1 |
| SHA512 | f42b2e848507fd9e89c513a57d3ac03b8971e06d102b7748069213fa108f23dc0c5ebbcde07455e68bad97cd3c3959e49e28a1835171bc3ad4eae22c72ddfac3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8
| MD5 | 127b7a9f7009939d0ae5dd1a48386985 |
| SHA1 | f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac |
| SHA256 | 9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962 |
| SHA512 | b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a9
| MD5 | ba9c7c5431eb9c06edd8bd9bde086276 |
| SHA1 | 3d838e70739306079505f55c3c518623ba3d4c7e |
| SHA256 | 3f32d3435cd401d96ba0d6a9748d33a4112feae087a590c5e4f5da01366a8b5c |
| SHA512 | 73ddb52c4f316b17a2569c74d8532e4b680365e6a17bf01f9fbf23f4da812cf752af9e6b416a988a179025d923100d5a6e53f8fc421881b68e72d78c9db73386 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a7
| MD5 | 778ca3ed38e51e5d4967cd21efbdd007 |
| SHA1 | 06e62821512a5b73931e237e35501f7722f0dbf4 |
| SHA256 | b7e1bfadb8d9c061f17a7234df012df7842ab1aa8fb6f9579fa3f0a3b4a75bc0 |
| SHA512 | 5f6f02099ca8079305fb7e7f43ae4344d522271fe30379c0854d6a81b7d8adf408a50a4b799b5f52e6ed162ba6ce7fe97e24a2b9719df780e75683d3aa103d09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ff049696d65e710b8abd1efc0b2efea8 |
| SHA1 | 92079604b8f0f2361e754954558fffe94e7e19af |
| SHA256 | e7556ae8c132faba7eb2fbd5c5d0794c807c6652cc7b9f6bd4f0186f05a4468b |
| SHA512 | f69bd09cdf07667cdb2499cfb395f0da7f0c38f27d225f4f35ed8aa7efdc4df422cef0c9eab8a9c15b394452d7d2328706180e43235ed6d11462d555d4a2e726 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 74435099fd1e28078ce5f962f9811572 |
| SHA1 | 87bea16b413d89a0d0664d1939a1272e626daf1b |
| SHA256 | 4e15b42b73ee3d9137343a4f3b79f4c8afdd4874cd54c701c4b88c8803d1e280 |
| SHA512 | 736f90ca1f4c90afb3cd93af8be659634952af06114329878c7e38a62474142b2e02ea27ffa0d6016761106ef81e95043ec3b69a2eaa1acec5f0c1aa1c1d7f3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 100a6ad23582860addb89b2cf9bd0a56 |
| SHA1 | 8cd5359554aba6a552a218ca2684ed5a4331f1d7 |
| SHA256 | fd31571c2006214b1feb7f61d4dfd414601a78937e6c8f52530f1cad86b23c36 |
| SHA512 | f5966d13e6d41fd2c706634e02cdd4aec439f911146c46b73b379e4be6d1bc7beacb156f6c9d0a0348fcd77b807c651d0dfa32b8e5fc89020ec09a46b5e86349 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a174ae1f9deebbfa1e75712031569373 |
| SHA1 | ac6f1793a21cfe00fe894de16ab99bba324570c8 |
| SHA256 | c9a42aedcfceefd2cf19e37273048efb3105cd89c962519b3886d96a06cc2bc2 |
| SHA512 | 9f441a614e47ea29593eb834f1576248c55078659295620bb4c8c79d60e1bcea313053b68dc722eaa0ad8b44784f38f32d21bf499150a2e8061e83603365a5fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7c629c569f1c543492a523c37a0ee77a |
| SHA1 | b76ef4f1626dbede47e2df86bde2bf66d367aebf |
| SHA256 | 421dbbf79dea1a02a093e1e3966720ba82a3fb197c2b526bd5ca07cc635be7f5 |
| SHA512 | 25e9589dbcbe9b355adbc8d5583f19ddd9593c7e783a2f7633528379d999d645d69fc0e1cccf81f70428709964e5137c9f4266bdd202af5e78558ebddcc72064 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1fa5d9de-d4c0-4f2b-a0d8-52af9140dd0a\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 22ed782be2546b036243ecacaa7ad443 |
| SHA1 | 70361b5d5ad3bea1ab713fb45b0ecfc7b289adf9 |
| SHA256 | 559cd590ca3d29caf477a5f0743b4e0c5f25dd5faa1cd31a2642f9d4b64d8f1f |
| SHA512 | 37169248c10e33dc92f1a52bfc5da5c4954a46243e95fc40c0928a6db0adddd30ee68cadbd4c8e2037f35ec58bfe437d3577bdde920c2a65311748353bac7537 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000af
| MD5 | 7ebb8f114fed69b44acb41ab0591457d |
| SHA1 | e1f70b395e992b384c727a8b399c44a6e5dfef7f |
| SHA256 | f54ca2b5c60100f0305795f8e05209ac1c3ad00b2e6347bde2b49c8c9252261a |
| SHA512 | 4451daa722cd5605257087fe3fa6dd311466349a0d7db3a78899cb5b117ea51cb55831d9f641de6a92f83b08cc731d5d5deab9e6f5317aec02c1f3aae5eba7a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b4
| MD5 | 33ad2290cdf2487f6dff9bf512cece28 |
| SHA1 | b56e223cea17569e13c5dd72aff3e34d40f114a9 |
| SHA256 | 2d01340947a8b8ff697bd0176aa1dbcf81e8fef67acedaf3ede3c71c179007c9 |
| SHA512 | df14b0d6217da08012a6571be6bf1eb3ec8ecb35197e610a32bbeca511c23075f7514de79a7963ff0e4be46cd1f3f1440b84219ed37a6d12c22ecaffb6391d7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 578c76dd3b9bb2dd0e6043246224a09b |
| SHA1 | 7326331620763408ba6340c7476cb840d2631a24 |
| SHA256 | 55138459990beddd15de77b12e5877219bc365a7728d2299a86f18b379e3176c |
| SHA512 | e65bee257ed1675b24afe0fd6b273859ca34bbd98f6101bbb2415d2975413bc3ba6b86832940e67dbeded1faca98eb96b065a4fd63c6439a389fb590e45e0955 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0221bf5e75c62a4cf5d63409a288f4b9 |
| SHA1 | 7c774a06f81dbf251c626f50281ab5df94f43a0c |
| SHA256 | 2875d42219c7e6adf357ffd00c54fca689d52dfdc8288f7c00b57e8d587feb3f |
| SHA512 | 638e3c238b1ae135b304e93b20855c2a612c849677b9c6f813af3abe2e8756f04828c708d2da84a55b05c2a1d513514ad1dafa7b670b3e3c86a73cd82420dcb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6063be0e8db468f9_0
| MD5 | 5880ac60a81c133960a0e71d6804d6a9 |
| SHA1 | c2bbed732d687c96ddacd6a5b486563ace43eb89 |
| SHA256 | 436ee9fcce57accf08bd3cdd8c6314716c2bf20c6119a8703bb4c4a9de33da5e |
| SHA512 | caa95ecd8d06d7eaa2aec7527fa35c3700ed92e6c9462bd1233ee9946406bb4f285368afb35037b2a0b23e3dc44e2e2ad0ddf3b48b8c832c961ee1e76deb0370 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 343c478ff4ba4c80104d97f163b6fb75 |
| SHA1 | 95602d69bc4fc551c5b8fed5961e8e69a46dc14d |
| SHA256 | 16a576cdbfb7ea74e297efb8654656af4986635d9f1d3309d5f83dd0034a4941 |
| SHA512 | 053a39bb7a12e576fe776f3b43be431cb88f71c26a1e7e9cfa4c0f56fae386977908fe4b0816739b4255805f30028d7c5e6b69e2b796467c7adab962c8637960 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5f76a0.TMP
| MD5 | 5916593853317a233ba63e5033607a9b |
| SHA1 | 3835078c20f50015bcb285ba61b1955c324762ae |
| SHA256 | 7f9237724cf0401e8910f7a91c42c74b70267f4aa991eac39fa7aeb0a6ed4d05 |
| SHA512 | 8d8fe7b983e02d759de72416ad5c11c58a6782a863f7a6891e565849633bdbc75981774a5d3f8012e834750327491d11c183f928bc96b4d9bc10474489ba19d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 83233422e2b7f74a0687e542ba6c2ea3 |
| SHA1 | 7aa97bbfe298bc12f2b14cac9a2eb7896970be11 |
| SHA256 | ee192605db2b2e8fc9dd8b5b712127c5904dde98604f7f6a7f251c750af42782 |
| SHA512 | 0b031bbb85a812debc84b654214ff9b715d9980f74bda6304ba58d0dc1eaa7b7b9bf88eb1d4890c3f4f4d54b7756313d0e42693f9d5115fd28c004996500dc22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1c68660da509b392f373d0117e947912 |
| SHA1 | 8cc14961a8262e4a91c8f2118616dba7e7b3631b |
| SHA256 | b59d47a9e632fee5e0000c74a4abfaface0314d96f11a3d4dd13daa8feade777 |
| SHA512 | bd4d0bcf07e9d20a2ac1dada5ef7b82a59542e8161424ec37089c96f3f57b94398e0aa101ed466cd1b32b1331468d22be9fc1a7fce6ba74dc869cd3dd128fde3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5ddfb9d7-12a0-4cb6-928c-2b8d73f13077\index-dir\the-real-index~RFe5fd9bf.TMP
| MD5 | 770f99ab62a402a231f72c5c7fd60874 |
| SHA1 | afdc5c5b6bfaf98a82b933be7af8a505f7cd5e01 |
| SHA256 | 995c6a24e9467847e8a6530a1c9a44eac2a8267c81ce2633565a0e15db75144d |
| SHA512 | 56d49c2ece874d9798c888d55c243e62e349b3dd53751f9dc867f73cd15c267ccc03f8e5167a4930e5cba34583bc8f515da7283333493a2300b8502ad6250382 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5ddfb9d7-12a0-4cb6-928c-2b8d73f13077\index-dir\the-real-index
| MD5 | 98afd7b1ac0f4e48fe720128129de96a |
| SHA1 | 62fa7733e1491abf60348d1d56fbd22f1e795c50 |
| SHA256 | 62ffa689acb3ef57a6273d3d95fe61876237794be0f85a48b27089f673b633e4 |
| SHA512 | b68db6b13ac3e001adb2a279b11bb64bb00ba5d8b758f2c4d737945c64ac3c01eedf95665ea59eae06db355673abe712890276463f403bc92f05a0769fe8efea |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d2afa8da0806e9dcc85325065e9eab73 |
| SHA1 | 08ef088b1606e8fe9c00c4439734fea7e124733e |
| SHA256 | 8ee7a0132223ed2a23b2d9575fda5aab8c4a08f2e757dffa0165eee0359bf519 |
| SHA512 | d31c5f3c649343be12c699cae6c22e72e3e2174b450f2ee9b53a67654d25b94ec600a0fa9e84e12ace2ada9e49c4dc9ae72395581e649702bdea3f893819e055 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1317346bb863c7455b5c335a57ce9b26 |
| SHA1 | fa65a1a4402015201295e6aa954bd2f367fdaa29 |
| SHA256 | 20ed9c52b65cd7aa0cd820dd56e98f3c84cd402503a1eaabd2c17c7a6e1635ef |
| SHA512 | e3f863252c59e7caf01b26d2a4bc69511ce62a14b6232fe647721c109a5d8bb830846ae71d032856f28445a5f2bc9ef727c16b6abbd48b7194a3d8959717fc85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3c626940a241362c87173157723382bb |
| SHA1 | 40ad79149fcb35d0cc78ead1994c9ae9e6efe368 |
| SHA256 | f1bdb894b9b2e131e8184e5f1f267feda6e76ce7ec7855a293b9de4eb5666a53 |
| SHA512 | ae0b968b5c3545f6773e31320fda22c2f3cca84a94dd96bf06e3a2fb47f6d8805e4d4b87b7dd2900d717ac26059e770ad54af799514a684728330bd9ae71e2f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2
| MD5 | 0cf46b822c8317ae029241f41cb289e7 |
| SHA1 | 04ce3c93f12b84cb2cd0beac45f85caac4183712 |
| SHA256 | 52f1f21a2cb495a12299742d4b6dafcbc75d90e89e3a4144e605848eb3d2f768 |
| SHA512 | 6da21f501415fd4b987088228028f74ac4b6997e93979a87a8905644772f8bf9f564b85d54c2c1d48167be450c9111c6a37a841df3dba75166659c0c763dd9e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 45c6684dcda0702cc83803dbf663ddb9 |
| SHA1 | 03525f49874a52850a364c978f548488da45ecf8 |
| SHA256 | a5cbb1b779bcb17543748013638b1b96db2d84b13ee3720d01a84409697f39f7 |
| SHA512 | 8b3989d1f3dbee5d6e37f0b63813ece3706a4f164e80e797439dd265175c6ed0e1f42a56027caae1292957554fe5627269bc578400be48110d488213cac9aa8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7c46cfbd2fbe0614231630088421c41d |
| SHA1 | 3b620e35767bba4c38cd4586bb963df680c39af7 |
| SHA256 | e3f467b519576af197bc7a7fd2e541f62630f19c88bbb7192e53fb44b5bc24f7 |
| SHA512 | e73bf7bc9f0329c40bc3e047493e249eb3d5ec6684406216c2dc8c5099b0b1edde1db55835fbd33f7d88412fa1c7299d2ec305b004e10cc3c59d5504001f6a4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c41886104f5f19c89aa30cbda9346f9a |
| SHA1 | 6711fa7d2bc238e6380e2a14821afa578a23c8ed |
| SHA256 | 40852591dfe8d1a1a199b3f7afa505a4104b95ed879108f4cba6ed1d8f65e868 |
| SHA512 | 58e904073e206e1d010850f0a534955d81d9c43722c3bc14651d299d5a7c56bbb39a43be3542d308b7f40ccb8455dcd8626fec032bcadff6d07fd8276c81c9f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ec4910691fb47d81aa8348c8e4a5754e |
| SHA1 | 46bef85d80ccb3b74e703549f476ab336a560857 |
| SHA256 | ec33bb5a8208dbe818c725976929b503618e7798db0726b3466c8b2712ced62e |
| SHA512 | b31d802ebbf1041b99efc30b64c87db397847ea34a00ac81c0e040c3a6ea77e89edc5d7de8080322b87c313d7361658de99c1ce1336fe0d41e806ddc951a4114 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b3efd44f85f6a46d1e6a8b3fba06db38 |
| SHA1 | ad013e6cd776d840feb497924f216d075578a7a8 |
| SHA256 | acd2d708135fd63d23a4557c929e21edbfe112893aa79ea746408adebe3e8416 |
| SHA512 | e567a2ce2f5d24b40d12936b36e1da676f52a443bca437e35256848de9c41d886018bb2f33e2d8bd01b2982008535fd614f57e0a146cd0f2aa50609e709a3590 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | cce81b000cd8b6fe242156fd5eac53f9 |
| SHA1 | c6e5d7c2e7505c51478d949677b3347d12e98731 |
| SHA256 | 3b5a3c3e74ac4933a88d0dc1cefaf29cb997948860fc69ca4926663ee51e5443 |
| SHA512 | 5ee5c3c64c33b6544576b626b853100e640a2dfd39314cf27a40bfb824cc9a6dca6ae5198498071f491cf9cc42e286a35e6b3e1aac1d2c6de41829c78c9bf6a5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 0d3f283de975112ecca97fcf3383e212 |
| SHA1 | 4f14e8309f19918402f2e3f0ad62ffe75d38a15e |
| SHA256 | ac00b9e1295a6a2624ea5bcf4e47e36f4220c15339042896bd0d7d21c9dc485e |
| SHA512 | 16d85028efce707d75a7cf038dfbddffc93ccc8b49ad3d3b4c13e29ced1baa4b630ca94e52efd330822967b89fa6000e8ba89bc0536cf2ec048f3e596921cdbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e66c20888217dab5ea6f117c8aee86fe |
| SHA1 | 609e04034fa096b7227018857358c6ed5d4f5899 |
| SHA256 | ec6b85b4280bb708c163e77f318ffe9656e11cf02cdd7b447eda60588b794cea |
| SHA512 | 206444f1cf2a48e4ed13e792f4470b029f24e25d9e45cc57c95249984628f602311b020e1eb8f24374b9ebfb533788ae71f10cbae362624b2772c539e42ec40d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c1e7a69fbb54ddcb9d211fa31edbbafd |
| SHA1 | 216aec913b1f1e14c498a9214b2ae5347dc5fc64 |
| SHA256 | a052fc84f6367294d5349bdc3b813e701a542e10baf6f7dc24ecb4ad1c4e79aa |
| SHA512 | c9c49404ee606832f7288896630210c983d51573f32fa2b63ad90cdbbaf8c6360426c6d4e2a8c90213e81ed1df03fdc5cf2d14ad4a2ad5326abe41f7881da7bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ca
| MD5 | 2288fe1eef599e1b06f7c6d96bb60cf1 |
| SHA1 | dec39c5527897e6c565650e37ce3508d31b3a9e8 |
| SHA256 | 239022d471165cb6ed086a521252004503c0fdb7c3d2ed80219a2435fe632108 |
| SHA512 | 340fbd0bd4ccab903e7bcca3515c5286fdbd344ef345adb577daf6108143a60696422a527a0ac00466fcd6c3c5083fd59f72bf91cfe6d645a3714185bf47753b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ce
| MD5 | 2a3c2786a12b71c817fd63fe12b511a0 |
| SHA1 | 72b1269876ae96bd59a1bacd99ec563a3469b9bf |
| SHA256 | 690ca0552324c7971685ee3973a5b183a3c70a7b576d40a15a91a031538cfd30 |
| SHA512 | ecf4ab6bbb361ab9ac1d36b487ebcc4951eacc0a322966ca2bd93dbca3d6848574224dadb7ecb74a09a098a890c1da026887a0fa6f717c2d44594cdb281620a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d0
| MD5 | a5b5ca17cfbfd68d8da72d61c6640649 |
| SHA1 | c6e31febe5f126eb1900cbd138a096b91e2d5854 |
| SHA256 | a9b2fa7fe25be3786e81d77ba07bf38890ccef1d3ce5012fc75acb9254ce40b5 |
| SHA512 | 7555ab85b5cf796313f7626e271af85485403f81edd84ff74dfea9a77d4b8aecd6ddc390f179bf8e83b1bf61331e3da87f46febd66803a912e17579518e5546d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\68b9180a-703c-4ce0-af54-513e18c42e56.tmp
| MD5 | 29e71d950bc9bd75252feb054ff30de5 |
| SHA1 | f8f251717bf0d323eaa7c84ba023f281f3b4963d |
| SHA256 | 4952d1a233c988111b8cccb5fc3c98d127b8143cd8bbde8c8c5c977ae594356b |
| SHA512 | 2903705fe3d05b75438fb4930ed3668b03bf7103a6076a3ffc78e961d36fddf0f55d93bb9994a8fc0c41da6316dde3a87fd963fcafef439b683f190d96b1f38e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | b8b4907505b7335aac3528f0960841d6 |
| SHA1 | 2e41cf7d852d02993e40f06a38f10128539a1457 |
| SHA256 | 9e992ad4cc65df3ad7da42220affcb026b2e6a48258c2c48c0ec8e0f7936507f |
| SHA512 | 548cf8e960e110db345e41a5d3a8bb3f712f8449acf45d6b952e4be741844259287168714ccd65dab01fb6f24ce0c633148f36546c955c2014e23ac9a4b3a998 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d186d8f716f22162d6eef28580b27053 |
| SHA1 | 30acd1fbb1c29f1d6ae1e24b700fa4691f03add6 |
| SHA256 | 88c9cb32f472bf24221b15ed9bf78e62ee44bc63b7c3d23da9a439bd07dbf95c |
| SHA512 | 7f94bf27965de3f4006af39c4a39299580afab6bead2a9531268568339d50c9f09053d0900a7788d51dc3f1dbb8249feb8abcca8130aedd9f4d176078616a1b1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9efd10a147ef2fccfe9a24147434fb96 |
| SHA1 | 1fe3d58a69ce00b81f9217aa06848b574182817e |
| SHA256 | ae20b82ac59ceb0f55aecd2530bee14b6cdaffa5324bceec83f1eee314262255 |
| SHA512 | 995c5f9ba13bfe1074af0d322a7bc01a342c7f218a86e633baef79a48a8c73e83b98bc58fb2e05442c52a020b808c9c736c708e1ee31dc063c66615da51864a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009f
| MD5 | 0f3de113dc536643a187f641efae47f4 |
| SHA1 | 729e48891d13fb7581697f5fee8175f60519615e |
| SHA256 | 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8 |
| SHA512 | 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1
| MD5 | 4ca3c9806914acc847891bf2a3ae9b2a |
| SHA1 | 5e6d9ccf79c7a593be586dbb784f1cb8bbd24d3a |
| SHA256 | d8474025add64e3a8b4acade8dd2b0c19b8366aaa38bbfdfaa4b6a6bf45443d0 |
| SHA512 | efbfb42aa348edab459aeb746277a8bb3fe789f28d1c1bbd23b5835bf5f88deb7d245d4824f834d47a7c310a2d68fe4e52b72ba9abf71f67353d3c45c4254350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e
| MD5 | 18afd1da750d6447a8954b3e2e0c446e |
| SHA1 | f8c8a7cbf81af5c9de298e031dfd69c1ec836f81 |
| SHA256 | 446938498d26217dd63160bcd02aa1ee15e7fa76b8f0902b459ec6db609d1cc7 |
| SHA512 | a033fcfacf5f9f74ce8a02ffb6adc4766fbfe1d25f86ee4afc54c5f3ca1ea9655d65f6c29c67e7a86ef28edca1e8b2fcaa362730e8a6bedbdd8a16b52142dfb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009d
| MD5 | 628ba8d31375849e0943894669cd033c |
| SHA1 | 4fa6d50a37fa2dadec892474d3e713ef9de2d8a1 |
| SHA256 | 80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6 |
| SHA512 | d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0
| MD5 | f817e737bd803df8a4f12c1937ab0d51 |
| SHA1 | 24e172cdf9d4b77b0cb4c271aed4a7c9eba98fc9 |
| SHA256 | 17b0202476b336c41e4108aa245ac863c3e19ef8c5e430fe112a0900f0a18802 |
| SHA512 | d417d62e0fdcdfa883d4ffb317546e7ac5258aac538cbfad4eb111b134839750a65c55b5230507ff6912ffd272c0eb6317bcdd95c38cfb81c63b8e85b1359346 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a3
| MD5 | 86983f96fdd4d0e8e99cf6cb99699bbb |
| SHA1 | 731c5beb265ce52186c5862109050890f087f22e |
| SHA256 | 48718f1307a42db02450d31a0723bc32351cac42a0a0a51a79666620c7683594 |
| SHA512 | c315d53ab4390fda1a1ad8611f0be3821793cde590d16620f2f371a0428d653f54e6a432170809ee7bd370905f0a1a5730c8dd134f91552c632fc24f56433219 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b
| MD5 | f31a1ab9f483d9db21349522e39dd16e |
| SHA1 | 01a275d7fc1c4f578fa506c8e0bf9b7787dd4806 |
| SHA256 | 463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d |
| SHA512 | cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4
| MD5 | 5bc90eaf1c40d6b4fb53511e2dcb0112 |
| SHA1 | df4d1b98afd9bbce5fdc44ef8b9cfaf365f76643 |
| SHA256 | 61302d8f11f11e88123be6cdb188e1d148c3e363ef3cdcab22b421dd613c6d73 |
| SHA512 | 24826214035b0ff7426bfbb09fb4a6001385e8b7506c03d89b072e3f6fa945a596863bdc2033793538ac44ffaee8e99e2ea1c490b222534cd84745fe2696fdd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009c
| MD5 | 669b1563b95fce26d9ddc3c7e9bdc538 |
| SHA1 | 275e4ae2606a0da908003b77ea06b24ea8b66214 |
| SHA256 | d46765072d87d9892a0f6f8f9849eafe0abecee9d662e99f8b45d8c5b22ac667 |
| SHA512 | 09e066f5a1974927b2cb607a8b953f2732928c7347f65cdfcdb573170840562de6eae091a61108827b3ae0799c16bfbd41d858ee1a8bc57d9bb1fac814438302 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a2
| MD5 | 4bc7fdb1eed64d29f27a427feea007b5 |
| SHA1 | 62b5f0e1731484517796e3d512c5529d0af2666b |
| SHA256 | 05282cd78e71a5d9d14cc9676e20900a1d802016b721a48febec7b64e63775f6 |
| SHA512 | 9900aecac98f2ca3d642a153dd5a53131b23ceec71dd9d3c59e83db24796a0db854f49629449a5c9fe4b7ca3afcdd294086f6b1ba724955551b622bc50e3ba1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5
| MD5 | 0e52c094a93d5bcd8875cce575d7da9a |
| SHA1 | de9ecbf399f77a497c96c1a4b3509153ad9751a2 |
| SHA256 | abafb66ae53e45e075a02ab40e19bc2dbb0126d83f4da5f1fbd3bed1a4b4fdce |
| SHA512 | b2cbb5075eb1cf84b9b24c2a2f3165675496d506d5e98a8868c18514c5740c366b5a29a925dcf6f6cacdb8ce6e39eb8673b15ebb55c5e9078e0d7eff631905cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3a14128eafa359ea23b3e5c090c46309 |
| SHA1 | 580e79092b9fffc580277a72536aee4d1dff5ab8 |
| SHA256 | c713f4e0c7009d48644267c01757095c46abe731a4301b4cab662b51ff42211f |
| SHA512 | 4d0a7088c43adfc465af48c72d435a558007b36d823e7b55577ba2a81b05e78713d422df6a06164062ba42af4380857b6fdc3d3e79c44270a8d190804cb666ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc44a254b50918f0c53ee2c5f2a83852 |
| SHA1 | b3bf3306d890d5c6a989f658cb6386e842d64e04 |
| SHA256 | 8a7756fd4ac01b12718df9503c232f44b3cfd2b079f22b284b409004bbe42e13 |
| SHA512 | 13d0567abaccd5033e6b8f58d1e108d65887158f8c612db0436250fdc35d04ef10febf5e1f9c9e375471b788934041cca8948b372cabfedf48b07dd211a7cc57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 186b6fd9c232a5bd951ffe08c33d9fb0 |
| SHA1 | 5adf683d14f17d22edab273a239dd7441dcdd298 |
| SHA256 | bd0d2e3098a58b4b985f35794e1f59c671578b26292b20ed76d025cded2b2d25 |
| SHA512 | 09a38656cf35712e80764fffed8a261674d90854cb3b356e71b16c8ef847617314a3065e09271b08e78c4438f06d8ad2b26aadcc1c3826e4fc80b4f5b94da2e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ff0bcad45fb5fbbf837ca438e170d459 |
| SHA1 | 62af6ed293dfd0139149423c82dd1a2e2e0375af |
| SHA256 | 1d45d7d1ce8a6d0de54fae96cd75a96ea6996ba97d4a7aa00fb6df86c09beaf6 |
| SHA512 | a4c21a209f2f2a16eb669710f095db43177bea601b31d0b478683f1441df0ccd7798dce905a5ab39f142cf8cbd894fac5348851376d728303029f161d321998f |
C:\Users\Admin\Downloads\AntiRickRoll_1.5.crx
| MD5 | 162a94830349a52ff531644be18d7b56 |
| SHA1 | cc09ac713b8d69966d84b90dc73e9b1c6c083001 |
| SHA256 | 01595c780ef1d6f1dbdefc7f9170d7212586f2d36ef612a18fca67229fb24d93 |
| SHA512 | fa817f832e85ee609af404d5dbc984efda407d74dc545f0ea5a7bcfd52def999d4f41fe87a50d4833ad6d2d38165235a13cf3aa18500a8d4f4993830b1dc34ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5451d662a3c961508a2f54f117740591 |
| SHA1 | 0a70f7265ad6d43828ddf5f73b7ed860da3e2f60 |
| SHA256 | 622a589cb90e57d991226eacb0e846e683f3bd2daf9d0f793e20a31f13c50354 |
| SHA512 | 8a19087945e8bd77dd56398d1ed817b9366e0777bfb2b1496d1e89d580300b871b21d2ae48287234736445a967c0da15cc62c7a7882a9ff661a35ad02a92bc6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e4d481edb8f20af8f7feb6f93d38dd70 |
| SHA1 | 0e532323ff31e1bbfa20eade1e1eff343393341f |
| SHA256 | cf6fb15bd3e33e73e4f2efb1ce172b2a9580a0085bb72119b12bd45c8eca3b74 |
| SHA512 | 04375dece4f1ee61b0ba0485d679a3a8cc21fb06dd0987392f70a306d73bd2e40dbd0524f930142f95802db1e99311e0d7862b5c1b0cc8ce15eeed3a8fabe091 |
C:\Users\Admin\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Cache\data_1
| MD5 | 599c110a7a951207c723a9cd4d603d11 |
| SHA1 | 5afeadbbe0e6f9d5567381b8bd2f1ef8963ecdd5 |
| SHA256 | 7a32719370b8b7fddc0f3d6038dedf722417aaeddfc79695b314ef4e0d0edab6 |
| SHA512 | 8016377f331263aa24ffd60a10bdccdd865f731b3ff3713c0155bbb6760719730d85c9dd25c4585b4c1061b337e88738ca750d826d9290b7a3a92384eaaeca7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f7e812c4a47c5034ea78aa60dfd7a6a9 |
| SHA1 | 14fe752d04506ae4c442c37f97f078edd664af5e |
| SHA256 | 0561e8239e18e95485dd06b00521c5601bd760ec4de4e83cf13265e9b7c6de55 |
| SHA512 | e9c3f5018d5e98f201e64f7bff9fd3788a686068fb5562fbf514357998c8043cae7356068ff1f41d855c0e66c44d231a0ad906077c4e36b825205c4ede20fa0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 75f52c5d4fddf608330978e44dec82ef |
| SHA1 | 7c54af14866c51d8e857064e340e98fe0db2cf2f |
| SHA256 | 9cc645d061b7f25e07a8a41ae4ec917db38d4075e6b75cc05db87877f054cd45 |
| SHA512 | ca1b1468ba8a15c957614da1498710a6a4e848889e6b30f96179fba09e281092e15924a6b4bc19665274dbfd5c04a3ac97f10c96ec6bcc92142005564b778621 |
C:\Users\Admin\Downloads\AntiRickRoll_1.5.zip
| MD5 | 98b95f5c7d38e7440018443345c21e19 |
| SHA1 | 16910bfeec589633b8687cb48caa390fb237f275 |
| SHA256 | ab7f5afbdb42ff05d9462d4754d1e97bf71fc4128eb6e42957cbebb630efa50b |
| SHA512 | f4ed2f56df753c76e352bfca37e7f318b1c16828ab2c128f613b402c252105b57b8c538c0378e85e584636f7346faba1b0d7b9725191503cf00bfcc49bdc9653 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b5d8e030a968089876f3f892554a1385 |
| SHA1 | 5e81ad2ec9b8573ef672a01a5353e61c4cbee54e |
| SHA256 | 57181fdd8f4bb745fa635638cf000faf34894ce259eabe856d36f84c198204bd |
| SHA512 | 5e0e2fe0a4aedb3f5c2dbab75c7d3dfc6660c7852709fce54bb15f711a8fa98558ee413774eb7a0dcb63524c37830fe94d81d68ac6d89c77d771343c8ba7e1d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5308398f00e788caaebd64b20a7d1656 |
| SHA1 | 1c59f7de7b857e08809c8f9155548e2693bc267e |
| SHA256 | 62777d4d2635c99d32dd2b7be902bdc0c122db5175e02c7d136e1abde4800c48 |
| SHA512 | d91800070da6b2edd838a4b4a1aaafb32dd8b5313cf2cf36392b5aa11557a28a872261f846aaf75ecbfdc62ca5aa343eda41789a176eb76eb8540fa869799fe5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5792df56047b764ea8f43315a96cc2fb |
| SHA1 | 5acf1ccf3cc8b6cb44691f3efa1663466652124e |
| SHA256 | 81f8c0696d4cb5b71ef2aeca64246ea93b1a7512e6e778ce6332ec44b5937391 |
| SHA512 | e643432f5474a6d7ebd5266bc23f6bf94f6e03bdc88e0ea15f9f3cbaa511a968037f2ec3d7539210d6c199ebd3250a7e43eb597574e52e229661dae59ed0ea35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 776924ce0a5bbf573d058f3044ca527f |
| SHA1 | 9a37d91f36375d9cfa26c559f038855c5869fcdf |
| SHA256 | d9e0908e73257037d26c66af1454c95b0d388ea4cfe10fe50cca26f341031499 |
| SHA512 | d0de0554bb52f824d45bf28d56d50b7b1f74cbe685585d21757917eca2b56d32b83a42dfae0644a2593fc6d13b47b8c32840c21476f31d2f8eaa155d6c10d2de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41a4bccf157f3baae05b87301ed55ded |
| SHA1 | 0a41abd490774e731bfa387f1bfef12d5fe4e846 |
| SHA256 | da8548eab2758ee6feafff2ce7227daba5637210282268451c5089bd0c5f4d27 |
| SHA512 | 3e04033f04f4880ecbb2e01fe7b88c6b6a0a153acb90f6a8563556218cf527c19000e5a9e2caad2be1d41bb66c35f1d26826dd71bf65664a3f8fc8a45a85fc26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a6d67c486196ed7b8c3c7af6c2cc220c |
| SHA1 | d50a6d30f63675bcaaf664647bf525e76aafc84e |
| SHA256 | 910682d8b946ec4062a2a95c903c9fb118fff88f64809ec1453d84868640265f |
| SHA512 | 7b46a6b0332ccbdeb04714d63fcef13b5dba9219f2e3019d09d429768430e9e0e12bcc374c87296f3d804838be2ebbabbb5c424d3260840194ad3d613f734898 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f04cd74ff08dc99b70b16f6cc2e8c329 |
| SHA1 | 1dbe79d2026bce2393ebf4982644d875d7ed15e4 |
| SHA256 | 527f5a831a173714727a3b6e690f0d33f3730a07540669e1c21ee25fcada41be |
| SHA512 | a922da0b0763c180ccf3465ef5f029bce63c447f937a92b0c756bc86b53a90d4e35ab8d46f32ea90161e36eec418881c848132e41cea2d22537665c08f4065ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 21ed35541b6ea84cc04199a9286f068a |
| SHA1 | bc8e9d8729bccee9f0f845716cb2cb9f147c9abd |
| SHA256 | cacae8c6ec30c49040afcb740e2602da3a39a2d6f1bfb27a9c52534d9f62ea7f |
| SHA512 | aff00e3caef906b0a7adb545aa3f3ad74ce2d057b6a4b02d61306f15a0c8daa664f36b9b8900876b9f8869508bd2ffe32ee31a2540f47543da40ba79b9dadad3 |
C:\Users\Admin\Downloads\BabylonToolbar.txt
| MD5 | 2ab0eb54f6e9388131e13a53d2c2af6c |
| SHA1 | f64663b25c9141b54fe4fad4ee39e148f6d7f50a |
| SHA256 | d24eee3b220c71fced3227906b0feed755d2e2b39958dd8cd378123dde692426 |
| SHA512 | 6b5048eeff122ae33194f3f6089418e3492118288038007d62cdd30a384c79874c0728a2098a29d8ce1a9f2b4ba5f9683b3f440f85196d50dc8bc1275a909260 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6e3fa10a5ed61c130d7545cd8448a1f4 |
| SHA1 | 9413cf1969521bff10bd4ce045d6c19d1c6674df |
| SHA256 | 7a392135e0f8c6acdd4d393ba0222d7248f7237c414eb614302db45c84ec7c19 |
| SHA512 | 27d2ed3bc276b0a5c02ee66193bf624260e5c01bd3317ffbb468e0bd955ecef3a250fc7a1c572912d2a767ca2b4c67b517c45f47207291a1ab0f55a47955802e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fb0a62f9e93ed94675144c8ac7cc7504 |
| SHA1 | 76c28871d4e3cef98ec36e059be447afbd72e619 |
| SHA256 | a5ec4a9a40c777d4ca8071921ea3ddc77f0d02edb957b865a34f4837d94a18c2 |
| SHA512 | 3eb91b4039f06777b6730ae21ba490241ddb0b773fa377906613c9304b9f99236376856eface606fa555b51267a3ae5161a817e2a267cbe019636569908ececf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6bffe4e145e6cd9a0b9dd81b43a72e43 |
| SHA1 | ed6cd68d6c76e716b71c25c8a13490ad68257e42 |
| SHA256 | 6247ecead8e7749ec4a410f8a7b3b44d118cb42df09ecb370dfec73c1859a667 |
| SHA512 | a66c5513bcc0d67be9510a1e5b78c2036299cfeb7b473d594e99bb86389b63479ef9dd4db43b917cdf06313f79f968d93a18d76a450e2b4ac46a4f31d48d6913 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 23c2cb4eaf4567644d4ecaeb2b1ef4c3 |
| SHA1 | a7b60b98bd1e72b17812b08241a4f36d632c7f3a |
| SHA256 | 4092582d633a1519488970c9c6290923f7ee05c531f0f27e14524a7aa114b450 |
| SHA512 | ed1526ca700dec02b244f8278cace9bfe079168c69185480aaeb6c2eaec93585216201208bf502d14ac8981c68a30294448582785f8cf6ff8590ee807155db1e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 12c34c1be258fb14a29ed3ca23d0db35 |
| SHA1 | 055b84391f5d83fe62762061222cb1eb9888412b |
| SHA256 | cf6f3c2f478c52ac31a9634ad95e297659bd0f53c5aef6355221bc01b711789b |
| SHA512 | fbea6e143f1263e438b0756cb38b9d0bbc6b6a16c6f010520ccd7b05a809cdbfa230b2ef58542be157874071dd43cadab5583fa628f4436673fc2db6b676c996 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8a89391ba13b640b796aac4348d6cf99 |
| SHA1 | 0ac1a1b813365ce9ba5f0b967f61ba922bb72dae |
| SHA256 | 56ae648d36f8ae5930a09250f0a4f15a96023f3ccb55e46ef36afdf7b9de56ba |
| SHA512 | ceeeb01f662544a9fa76bc5b308581b35ebaa88d0e339facc4e26dd44b861fcfd612979ade0bea2ac24e61542653693781b5c4548b84cc43442391e4d7738003 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2899fe540b4e22b5_0
| MD5 | e3b87273d8d1bdb866ee7b903c359725 |
| SHA1 | da6f8b8ff6dfbb66ce73d39cb7c7efb124661698 |
| SHA256 | f7720d515cebfbe47f32c29da7d6bc8435a282dffeb7d9a6e70efcdae248d576 |
| SHA512 | 2c0c0dca1cd8acbb8ad849934fe1ecbabce5f199f8b42099d95a7acde17ad03495a2458395934470c879a57c9e922e4a2f1c4260a64ac4b370bfd7f8f74efd6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7ecef8ce47b955b8_0
| MD5 | 805678e79a54cdac89bb4fdcf263b38d |
| SHA1 | 342237001cd813062f1399248b0d2e96954dfdb0 |
| SHA256 | 653ecae840dba738eb98d54cabc4b875a6617519cbb0d623fb54fd6c9c74d595 |
| SHA512 | 323c0e2842ab6e033c1effd77d9d916e9f608b6ca6dbf40bebf0864ae64bdf7f7fdf6a40a2b2fe206aa350d7cdcba66dfb2fe2b9b42ac3baa6854ab54255dccd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\11c475b3d20fd591_0
| MD5 | ed1aabcd36b9af66415311d645139db8 |
| SHA1 | 73f3ee5bfda9905b49319f4f1a9667630a128eb2 |
| SHA256 | 28930549e062005cd11adf97b38fe19bce7c319ea518b0fa81d0091e92012b25 |
| SHA512 | 03bb9161f73c1c52816893601de700eba34cf9b261eb3598b05891717334955533de50c33729f96a464d96f11f458ed1a3c1ba63cde0bf324bffce7b3c538e9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f8ad7366468e018_0
| MD5 | 9b9a8a95cc00d16c5d207abbc446d9a1 |
| SHA1 | 11688f5f652b303d6a46ff87f63e8c0886b18c35 |
| SHA256 | 4d0ec70ac332b1afb34ef45e6462d5af8fcf65b35fba2cff9d82c954423d5a13 |
| SHA512 | f0102aadbb0f8002b1af4d7b35f738f4e9fa23f045dc9b578163753e8b8ce33fa8226060c5affb9bd2c973c4e8f4761dfcda5f73132ffc1a86126aaa6d91ee9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\44a8c54881110883_0
| MD5 | c0306fc4ca23e4deb51d19d78c152bcf |
| SHA1 | a6565665631b678656380bdc39d95b696a9bc47a |
| SHA256 | 2fef4a873784b687ca0e4e953125019c6df0178fdf08178dfbedb44d50de0dd4 |
| SHA512 | c9d6928a31e075deca1eee4749e54d86a276a637cea1eb571a4474298f16f24c3ab3e90100cacb1a41f6d0dadb6f381e175bf7876141aed1c4a3f2aa6b2abda6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ff15492e2501c385_0
| MD5 | 745c1d69083abd8728bfe79283d18f08 |
| SHA1 | d9c0f7a53ba211eeb6b28e9bb794145f5d0e4d94 |
| SHA256 | 9c02f2656488f2209b95118f03937d488d794246ec0e5d531fcdbad89d31a527 |
| SHA512 | 42db1f8d7f2d53b84d01be9c2823293adbb70c3240c8aee9afa706ac51271ccc26bd925bb7b4505f7fff0da4059c229fae92a79f6553f5b031976e7c9e627a75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\372463e8c7120bef_0
| MD5 | 55ad420a63bb8cc34adadfa046d73586 |
| SHA1 | 0e530f109b5af89bab57a7466b66db303f1887ec |
| SHA256 | 1aafd4046acf71c4bd94212103b40057e4851c3d9c7a19b20e02dde7947be153 |
| SHA512 | df7e379566c497cbc58ef280c47ab1774b95dd1a4920e93f8e6389c2a2c5e5ba6627f3cee05790120a03ca52d83d0c4635199a5ed7ec5cb544f0d3c485c7eadb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c637970bda5d03af_0
| MD5 | 9d0e348572226305edf82a5c4e51ea65 |
| SHA1 | 30ad92f7f9d04d995bfb71c9a504a43457d0d8ae |
| SHA256 | 00098c7e40e528458518e898371f87f16b472fa26004ef21f7743c8accc69568 |
| SHA512 | 3e065ff115c0ec3aed3ce55be4d74e5cd51e4db322f7e9d16e8478bc7cb5c6984818409db3ae88b2d09d895b88edca9254f0f1da9f54853b73c76d879df96a27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2b76d7967c518e37_0
| MD5 | 6bce73f4f1d4c38283c479ecfcae9fcf |
| SHA1 | b5dc1597a54089d5868849b52ae465ae6adfe3db |
| SHA256 | 8e7fe7c6d3ab1c28056aad374f6977e51f6bc15beeafe408d742aad4fd39d4db |
| SHA512 | c166a04eeacb97a9f172e0a8484ded13992b1cf902c22f9143981d8f18e91367378f6b9fb6bfa1bfc1edffe4b54dc4506e278abc81c244adc877bd55fbe2d205 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4f28add35fe51c4c_0
| MD5 | fcdadff91966f731d5210fbe510669a2 |
| SHA1 | de29e64bfc86df9f72126f6b435b1a5e380fb8fd |
| SHA256 | 91c358be16e8dbff6823496d021933b69f08b29170883079007c69bfd1a159e2 |
| SHA512 | 97a891f58cfb08fe7b22f2b11afd3e1ca906dda837cba23f3e4f8f4327ec2d0cafcf1c7a74a7f032a17fb0fafa93488fff2b0f4b842f93ebffc75c70b143fa3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bb87fbce55018e7c_0
| MD5 | 184ce1fe0f79ff04f62ba84d8f381c85 |
| SHA1 | 5f40360e6a64096187448faade6c5fd11de8c19c |
| SHA256 | b33090782b2ec144461aee69d5de242a40350ea90ef42ef6dda5074b28e7ce05 |
| SHA512 | d2a0a1806e56567009e6cab339e29f4330f9f28f78d4762ed3a45d18db376789a625894d8515f4c04423c429cce24e3150d3a52e9c750c7aec172b399d0070cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09f4462215482980_0
| MD5 | b307efead120c203dc38ecdfb67a7dd1 |
| SHA1 | a42699b62dab631114821e599ff214d4aee48780 |
| SHA256 | 28f009f56ae5c776788d18636034db273836a6e0a298d9fdbc3f53f61cb27aea |
| SHA512 | dd64fb88057c5a8c95e4ceb059a1eae069c4967bcbc660cd976186e075c433096302e50a33104e88c91f94909e47007733ebfc85bdd534c0877294d63832bc92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a269c370e5d0447a_0
| MD5 | 1594c33f6df39ad357a44a741414aad7 |
| SHA1 | 2a59b91097b7b5b171b427b74481aa27a727667c |
| SHA256 | 0217257449a0bcbab73a86a37a32f0118742b0991de2e552e9c9277f1e46113a |
| SHA512 | 0f5d7920caf5d7911a50ff7bbe5b68684a96cdf9ded57a21448814f9fe3ebf2f12a2408d3af36cd7cd82b6c82f196d410955abcd167573d88e2f6183a67bc081 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a50aad6057e22c49_0
| MD5 | ee3e96b3addbf480df97aea127dd8129 |
| SHA1 | 75e0d05a70249d8d5da41361826c58a0f138cfa2 |
| SHA256 | 91442bebb6b4c0b0e411d86cf9df38abdb93713feefcb0541ed775cf2daae466 |
| SHA512 | 5fd5d4c14d4d6d3dfdd18f45ee2a3bd0a44bd64582d2ed788a03e81b5fd5f95627188ef7c89da222aa39ca257a955499abaf25ce19cd6e6d00d583a96b95cfeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ec0f84f95215d943_0
| MD5 | a47a8ab006d22894bad4c141223cb444 |
| SHA1 | 37039b4d37986f814f1eb828d62279f4bd4fd18a |
| SHA256 | c9c1ae59638a4ed6af78a38277f32071b3177e0b0ed99c5d41288cae55495d8f |
| SHA512 | 4f0cc4b321d5d67fc10a14dfa1e31cc2b35aa9aca30f9c8d4a9de44619498921b99b8019e53d946b08b8d0382a0f70cf31d223bac6abf2fb1f9d7213ec2dca36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e4691d6237a21fddb6f6ee0cd1212c27 |
| SHA1 | be8ad57def49ae906ee324ef21aefe49c4215712 |
| SHA256 | 9ca10cd127ba5740c4e97603eb1353893b9b08746c2cb62d6f6e47e31dc51f7a |
| SHA512 | d5e58c3a9f65d0ebba50b51ec12e75b98d090508c39a1711d0c16d3aa65525765ed50886fc4a826aff78e44594d2a79edfcc489dcf870d31fa29875e0f0d5d4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 93bbf905e091757e2a961d054b9fe0c0 |
| SHA1 | ef0d88025dea03332148e5c2f154ed6727de1a94 |
| SHA256 | 53b455d5125d10ff60ee5bd4654dfd831dd8d54d6f1c7b9ced038f499ee7c578 |
| SHA512 | 24e71852cee46bbc7cd674df2d468ebcbe79c21298340c6e54a90c1577e7f78a2392c8c4a8b23663792da1abf253cd90204740d612eba15929dad4e21e638a01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | eac73da7cfe772fd28c6bfa9de2c0c47 |
| SHA1 | f3da908c4210dae23a1b54475dd2752c50a4898d |
| SHA256 | 020fbe52bfaabecb7f503cda29ff9ef8ed32495ecf71987f9d16f2017e3ac7bc |
| SHA512 | 2723a51fa718e0860fd67f3b08934ec0fcae5ed9e4f8a94a2bc2ca53dca680b3615af2ec436694b4569ae0bac742e256947a19dfb17cc8668ee34eddd39c4762 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\be68bc274cf0fd90_0
| MD5 | 2442d3e00875308658fc0b9f3bace847 |
| SHA1 | 3f690c06e260e059d40882ef57bf6a9f6d904c00 |
| SHA256 | c61e60023e48f9f8762207f14885c8125f6e1908b76a44dd9478d4489dcd402f |
| SHA512 | 88a5648ddabc4062e1aecf7a3dc136751c5b5137318c4f51e43442d0573d43f8217fb8439437f30b5cf92d57f9dbbf4672862fd8f8014d3058a019cc95499d57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ecb64c27825143f5c26f33545e295a64 |
| SHA1 | 8a0c828c86ebd327a931509037d27a1c734c0fe0 |
| SHA256 | 76c655f46d275b7a55e329f5cdb317354408f744fbfbbaed1aa13a46efdfa0f5 |
| SHA512 | a8269769fa3ebe7ee815613124102bf75aa6799d7b2ff114296d13cfcd5573e031f62718efff943e6f1570f37b605e6b97bfb43e2ccc7574a0c6bc4752056a7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a8fa49a5490321ee5d599f4aff0cfdbb |
| SHA1 | f468129e95e6c65cf3f42832a1b6e6200aedc2ff |
| SHA256 | 076a3b3a88936807fdd8b4a767fb8b5f12a206130edcd851a25b995b3ae74503 |
| SHA512 | 2e33b5366eb94cae83262229d48bd1b5b01c5be2a840a0e75dd922709846e2715e7b07582378d1ac14aeaa7bc7e44c89bf573f9dc03c75325afa8703001f88cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ec11aa07a6464cbc6c19a4c6a114554e |
| SHA1 | 4f06ca102d64d03b7c43d15cd16f51fd5d411894 |
| SHA256 | 3ba48edc3bd962601da271fb5815b48ac20fc86fb569e17f66c90e0d14e59fd8 |
| SHA512 | 93d680f39fbbbd8ab8b99b1e327f6639ab20ae931beb5a5e7865d01ed5721ce1efd7ced06637944d76b1bdc914854934e07ea83b477265e8689c8e835e7608a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d1ad4539842bdd62fbe4effd6105b3eb |
| SHA1 | 6160a0a45215bb6789b091c11ec605560f64991d |
| SHA256 | bfa3d52cdfc10aaae667b14918fb6ac9ce3842c6a0f584acc0cac6d658e0cf5e |
| SHA512 | 67b639b19705253467e79e1334eece08b1c92f3122e656eab7ab3918bb5d0ec5ea571a293920317bf48cd88197659c0fa0cabb0a23ca6bbe6c48e420fe1a649f |
C:\Users\Admin\Downloads\Covid29 Ransomware.zip
| MD5 | 272d3e458250acd2ea839eb24b427ce5 |
| SHA1 | fae7194da5c969f2d8220ed9250aa1de7bf56609 |
| SHA256 | bbb5c6b4f85c81a323d11d34629776e99ca40e983c5ce0d0a3d540addb1c2fe3 |
| SHA512 | d05bb280775515b6eedf717f88d63ed11edbaae01321ec593ecc0725b348e9a0caacf7ebcd2c25a6e0dc79b2cdae127df5aa380b48480332a6f5cd2b32d4e55c |
memory/1240-4260-0x0000000000400000-0x00000000005D5000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\mbr.exe
| MD5 | 35af6068d91ba1cc6ce21b461f242f94 |
| SHA1 | cb054789ff03aa1617a6f5741ad53e4598184ffa |
| SHA256 | 9ac99df89c676a55b48de00384506f4c232c75956b1e465f7fe437266002655e |
| SHA512 | 136e3066c6e44af30691bcd76d9af304af0edf69f350211cf74d6713c4c952817a551757194b71c3b49ac3f87a6f0aa88fb80eb1e770d0f0dd82b29bfce80169 |
C:\Users\Admin\AppData\Local\Temp\E5A4.tmp\Cov29Cry.exe
| MD5 | 8bcd083e16af6c15e14520d5a0bd7e6a |
| SHA1 | c4d2f35d1fdb295db887f31bbc9237ac9263d782 |
| SHA256 | b4f78ff66dc3f5f8ddd694166e6b596d533830792f9b5f1634d3f5f17d6a884a |
| SHA512 | 35999577be0626b50eeab65b493d48af2ab42b699f7241d2780647bf7d72069216d99f5f708337a109e79b9c9229613b8341f44c6d96245fd1f3ac9f05814d6a |
memory/4672-4284-0x0000000000400000-0x00000000004D8000-memory.dmp
memory/4788-4285-0x0000000000C00000-0x0000000000C20000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 09af38a972f8e18d311589783ffbf36e |
| SHA1 | 27f31cea7d7ed8145b6fc17ac7a1f2635b1cd3a8 |
| SHA256 | 5c2384c53435e2e6966d1c9d19375ff5b9f38e2c55baa97e947e6faf7957d6ae |
| SHA512 | f0a15eb5c2a1311030001ca009265195f3d19feb64a8b676e8767e4a08790a84048882df4093c0267b451e8b6b8b2d0b54564377069d1c67f90259fe43b61b9b |
C:\Users\Admin\Desktop\covid29-is-here.txt
| MD5 | c53dee51c26d1d759667c25918d3ed10 |
| SHA1 | da194c2de15b232811ba9d43a46194d9729507f0 |
| SHA256 | dd5b3d185ae1809407e7822de4fced945115b48cc33b2950a8da9ebd77a68c52 |
| SHA512 | da41cef03f1b5f21a1fca2cfbf1b2b180c261a75d391be3a1ba36e8d4d4aefab8db024391bbee06b99de0cb0b8eb8c89f2a304c27e20c0af171b77db33b2d12c |
memory/1240-4370-0x0000000000400000-0x00000000005D5000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1069c57d975ad24cd411c9688bc54525 |
| SHA1 | 03919c51e9084ba5fc33a993b8802137a96d9002 |
| SHA256 | 3d73f76dd035cbfcbe1828ebe0108415c816fccc8946d971d1531fea33642450 |
| SHA512 | 681e7e4d1487b4c8f943b09674b64533a3746af3bc11cc99cf1357b7fb07e6e463faf89569c87c013d28f25e77866165abc5d14f725cfdbd7c837c625540d1fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e269bdfc849e275b12cd352deb95a7f |
| SHA1 | ed0c9bb11db3cfde3676c1a74fbfddc934478758 |
| SHA256 | e35f90245f3df029c9b9ebc5059e3d98fb2d285bcada3954564a17dae496aa86 |
| SHA512 | 53ec5e3270ef544a0d4250b54facc393f961b57ea401ed1d45ab1c9d06680bbe567a2b5e0b89b651a367e045990bd1691becae6a3e53dc2c385506efb5ca35fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 891eccb4b00ebe2c254fde9b337c263f |
| SHA1 | 39ec9bfe7ad07d8bf6429e643b144497ab09011d |
| SHA256 | 75f0114cff0025235507d53a7ddef66eb3e9ffbd86350d3b276b27f752e5ed79 |
| SHA512 | c8385df49dbd99d0d515cbfaef89a74429fbf1caafe7bcb5c8431d19ba0608ed2bf62e42b5843ff11205e44455e9294868c57c9c5f19874cdbf4c9d8c72bc85d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 13088949ff66906310a3d7be063ccbb2 |
| SHA1 | d3cdad71980879ab4ce03c2bf356a4257459784c |
| SHA256 | 0f3ed60e8167eb0730ab6b04030219e1ee73a78599177a7d532a520bca8f3c44 |
| SHA512 | 5e19e881d315ded828a33934cbbcf1c461ef07a6f77de6fde99d7e4eee2975b0716c6c0f368a6fdd6430629544c3a067c68ee1da2e62b1296f37c162a847cf12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fe164e9bc8b43f686b1b1c1ec24c7f69 |
| SHA1 | aa2def7e9f505df305d242e0677e1fb2b8721952 |
| SHA256 | e4cafa9ccfbc7026871100b4718dfe5e41a11716fef3fd6340b178332db8de57 |
| SHA512 | a0599b801202dd1d50e90d5bd023af361e70524fcfcf040472fbff2e9fe840fb214168bbcb68d7728d7d697c65df0687b45380153d54093a035f4369832511df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4a657a71a13574344c27e6dabe1c82a8 |
| SHA1 | c37b6c861eeb7c27c74a42f835cee60781dc0b47 |
| SHA256 | 3fa75a1da391d4037ed30f27d540634662f86c7fbb78cbc44529ff7320226ca4 |
| SHA512 | c0d6d2390db633caeb559704148bb16b57e1d804fba2f6ff9f0caf6eb82f10a6a3bd006d913bba20b3195196c00eb3d1cf921054c30bf4937cf7d6cd5d16c2ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\cc416b5f-2c80-41ff-8066-c17c2f9a5751\0
| MD5 | 0b0971f161940a6c7d16f105b44bfe91 |
| SHA1 | c3028fc7082b3e8b14dc79a8ee1bc41ca4c7b3b5 |
| SHA256 | ca3587a92cdce17e60f4bcd7f0e5692d8b0792dad2970b1618665b1d2622359f |
| SHA512 | d276acc39ae23b2c1a27d5e89364625445a748d39c0febdc22ac1709d8e212a55bce11aec9e9b45f64925810e5cd34718bdb9eba546bbda1fb7f3fbae2e50239 |
C:\Users\Admin\Downloads\ScaryInstaller Source Code.zip
| MD5 | faf32ae33cca230fc55dfa68e4d05bf9 |
| SHA1 | 7a4fdd46365d4125905bb0d7b8fdf6e0cbaa08bd |
| SHA256 | b473964dcb08d2c72e233a1c89b114e133a6847e5a683b2f01f4edfce718842c |
| SHA512 | c67644e5c38eea58844c0a2eb4509995594b75258e103ec69731b94210b1145498e8446d45b7774a144d1e6cbb23deb6f32c7ac75e82f90fbc02fa7405593a6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fdc9452beeaecb4ae63c4bf0e7754d1b |
| SHA1 | 6aab96f4d876f3e591dc3d7570e66eabc284e66f |
| SHA256 | c62b9f06d3240a687bc13dc0279d00fc856d68846d37c564d067fb6d30f0f258 |
| SHA512 | c868af61e66f26f5afec7a4f3ad93ff29ab6546ea271f0b9efc47746fc04b146a122c03531ed1e7c11c5e1558da1468b0035f21b1c8b4438075c55fa7b86ddbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e2e46fdc1c2430743669fa704f2349ac |
| SHA1 | 1a4f0add2181c345f3d075cbb35a1e8dbf40c951 |
| SHA256 | a18f4a7d718ce9dcdcc48d804e8cf93449ffea860b5d5420c3d2617077e006e4 |
| SHA512 | 361dc2ecd9937a8719be6d5407a6fe3a3c077dab4791066286db344d4847b99e7ae6d7fcbc8478c40845178cac6d5cea867e6110bf7919c22de81fdc8a81c732 |
C:\Users\Admin\AppData\Local\Temp\Temp1_ScaryInstaller Source Code.zip\CreepScreen.exe
| MD5 | 4ab112b494b6c6762afb1be97cdc19f5 |
| SHA1 | eed9d960f86fb10da90d0bbca801aea021658f02 |
| SHA256 | ec778e79c7a3c88eed2a6931a9f188d209791f363fbe7eadf0842efdbfafee3e |
| SHA512 | 4f7a92834c576fdb55c3a5dc4990c4aa719083ce64ebbb70139d03ba485e7ae0d249afdc6c9810ddae3d106a0bdfc35b8fddb4fb40ad692f21c5c8ce3bbb1b49 |