Analysis Overview
Threat Level: Known bad
The file https://grabify.link/2AG3WO was found to be: Known bad.
Malicious Activity Summary
RedLine
RedLine payload
Event Triggered Execution: Image File Execution Options Injection
Downloads MZ/PE file
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Suspicious use of SetThreadContext
Checks system information in the registry
Drops file in Program Files directory
Enumerates physical storage devices
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Checks processor information in registry
Modifies data under HKEY_USERS
Suspicious use of FindShellTrayWindow
Checks SCSI registry key(s)
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-05 08:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-05 08:50
Reported
2024-07-05 09:17
Platform
win10v2004-20240704-en
Max time kernel
609s
Max time network
610s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2753856825-3907105642-1818461144-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\e5c92f1\winzip28-mf.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2753856825-3907105642-1818461144-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 1844 set thread context of 2868 | N/A | C:\Users\Admin\Downloads\Valorant Hack\ValorantHack.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
| PID 1968 set thread context of 1424 | N/A | C:\Users\Admin\Downloads\Valorant Hack\ValorantHack.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Drops file in Program Files directory
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "143" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ServiceParameters = "/comsvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ProgID\ = "MicrosoftEdgeUpdate.CoreClass.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3WebSvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\CurVer\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32\ = "{0DD41A78-E3D4-44A8-9EAE-697BCF1781A3}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://grabify.link/2AG3WO
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd43f5ab58,0x7ffd43f5ab68,0x7ffd43f5ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3060 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4404 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2712 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4836 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=936 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5088 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4976 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4212 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3260 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5076 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3260 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5148 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5344 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5568 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5856 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6100 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6416 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5716 --field-trial-handle=1716,i,14165640152040701843,3886405780746638493,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd43f5ab58,0x7ffd43f5ab68,0x7ffd43f5ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2284 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4376 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4792 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4668 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4892 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3076 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5288 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5496 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5628 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5008 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3500 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5000 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6344 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5024 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4188 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3976 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4772 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6320 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6220 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5508 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5960 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2736 --field-trial-handle=1748,i,13090621193370372882,800101953005795857,131072 /prefetch:8
C:\Users\Admin\Downloads\winzip28-mf.exe
"C:\Users\Admin\Downloads\winzip28-mf.exe"
C:\Users\Admin\AppData\Local\Temp\e5c92f1\winzip28-mf.exe
run=1 shortcut="C:\Users\Admin\Downloads\winzip28-mf.exe"
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
"C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe" /install
C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUA0FA.tmp\MicrosoftEdgeUpdate.exe" /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7N0E2MTQzNzEtRENCRS00QzJDLTkyNDMtQTYxRkIyMzVBQUJEfSIgdXNlcmlkPSJ7NENDN0QxNkYtRUI3OC00RjdFLTk2RjQtMjJFNjlDRkQ4MkIwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFRTZDRkMyRC0yNURCLTQ1MDAtQThDQi03RjkzQUJDMDE4NzB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny40MSIgbmV4dHZlcnNpb249IjEuMy4xODcuNDEiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwODM1OTAwNDciIGluc3RhbGxfdGltZV9tcz0iNjI1Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{7A614371-DCBE-4C2C-9243-A61FB235AABD}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7N0E2MTQzNzEtRENCRS00QzJDLTkyNDMtQTYxRkIyMzVBQUJEfSIgdXNlcmlkPSJ7NENDN0QxNkYtRUI3OC00RjdFLTk2RjQtMjJFNjlDRkQ4MkIwfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QjVCNTE5MTMtN0U2NC00ODc0LTlFRDEtNjJDNzEwMTBERUE3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2hWZkRqTWRGRzZGZ0tzME56NmVtcllDU2c2VFF2RFBvbW9sUmF5UVhCSzQ9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MjAxMTIwMzciIG9vYmVfaW5zdGFsbF90aW1lPSIxMzM2NDU4NDI4MjQ4Mjc0MDgiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIyMTE0MzI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MDkwNjIxNDIwIi8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\MicrosoftEdge_X64_126.0.2592.87.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\MicrosoftEdge_X64_126.0.2592.87.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\EDGEMITMP_E4FAC.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\EDGEMITMP_E4FAC.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\MicrosoftEdge_X64_126.0.2592.87.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\EDGEMITMP_E4FAC.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\EDGEMITMP_E4FAC.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AF0539DA-9849-4847-830D-A3B86E56C87F}\EDGEMITMP_E4FAC.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.87 --initial-client-data=0x22c,0x230,0x234,0x1cc,0x238,0x7ff6b360aa40,0x7ff6b360aa4c,0x7ff6b360aa58
C:\Users\Admin\Downloads\winzip28-mf.exe
"C:\Users\Admin\Downloads\winzip28-mf.exe"
C:\Users\Admin\AppData\Local\Temp\e5d9de8\winzip28-mf.exe
run=1 shortcut="C:\Users\Admin\Downloads\winzip28-mf.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xODcuNDEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7N0E2MTQzNzEtRENCRS00QzJDLTkyNDMtQTYxRkIyMzVBQUJEfSIgdXNlcmlkPSJ7NENDN0QxNkYtRUI3OC00RjdFLTk2RjQtMjJFNjlDRkQ4MkIwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyMDM3RTYxMC1FODFCLTRBNjQtQjI1Qy0yMURCNjhDQzQ5NkN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi44NyIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODEwNzgwOTcxNyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgxMDc5NjUxNTciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4Mzg2MDU4NDE4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9iZGU2NGY0Ny04ZmEzLTRmNmMtOGJjZS1kMjc0MjQxYjZhMmI_UDE9MTcyMDc3NTU1NyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1KNUtzRk9XUXNOQTV4UlJ2V29WelI1S1EweXBXT0d1bmtubE9ERzRzUW9Qb05jd01va1loSG5MSUJZOVhmS09Dcm1vaWQ3UmUlMmZ0VW1OcXc3YzNrSnFRJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTczMDQxMjI0IiB0b3RhbD0iMTczMDQxMjI0IiBkb3dubG9hZF90aW1lX21zPSIyMTUxMiIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgzODYyMTQ0NDAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NDAwNDMzNDEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4ODM5OTU0MzUwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTA3OCIgZG93bmxvYWRfdGltZV9tcz0iMjc3OTQiIGRvd25sb2FkZWQ9IjE3MzA0MTIyNCIgdG90YWw9IjE3MzA0MTIyNCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNDM5NTIiLz48L2FwcD48L3JlcXVlc3Q-
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Valorant Hack\" -spe -an -ai#7zMap18838:88:7zEvent1129
C:\Users\Admin\Downloads\Valorant Hack\ValorantHack.exe
"C:\Users\Admin\Downloads\Valorant Hack\ValorantHack.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Users\Admin\Downloads\Valorant Hack\ValorantHack.exe
"C:\Users\Admin\Downloads\Valorant Hack\ValorantHack.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault645d136dh81a6h4a43hba9dh4ab21ce0b1f8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd343346f8,0x7ffd34334708,0x7ffd34334718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,8403720138093649332,14358801204096525598,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,8403720138093649332,14358801204096525598,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2568 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,8403720138093649332,14358801204096525598,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultf914c80dhb93dh400bhbb4ah82e26b1bb312
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd343346f8,0x7ffd34334708,0x7ffd34334718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,18390648230666986664,4359142353541854987,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,18390648230666986664,4359142353541854987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,18390648230666986664,4359142353541854987,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3883055 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | grabify.link | udp |
| US | 172.67.68.246:443 | grabify.link | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| GB | 128.116.119.4:80 | roblox.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| FR | 128.116.122.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| HU | 52.84.106.10:443 | static.rbxcdn.com | tcp |
| HU | 18.172.242.12:443 | js.rbxcdn.com | tcp |
| HU | 18.172.242.12:443 | js.rbxcdn.com | tcp |
| HU | 18.172.242.12:443 | js.rbxcdn.com | tcp |
| HU | 18.172.242.12:443 | js.rbxcdn.com | tcp |
| HU | 18.172.242.12:443 | js.rbxcdn.com | tcp |
| HU | 18.172.242.12:443 | js.rbxcdn.com | tcp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 4.122.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.106.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.242.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.242.172.18.in-addr.arpa | udp |
| FR | 128.116.122.4:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| HU | 52.84.106.30:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| FR | 128.116.122.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| GB | 88.221.134.235:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| HU | 52.84.106.30:443 | roblox-api.arkoselabs.com | udp |
| HU | 18.172.242.59:443 | css.rbxcdn.com | tcp |
| HU | 18.172.242.126:443 | images.rbxcdn.com | tcp |
| HU | 18.172.242.126:443 | images.rbxcdn.com | tcp |
| HU | 18.172.242.126:443 | images.rbxcdn.com | tcp |
| HU | 18.172.242.126:443 | images.rbxcdn.com | tcp |
| HU | 18.172.242.126:443 | images.rbxcdn.com | tcp |
| HU | 18.172.242.126:443 | images.rbxcdn.com | tcp |
| FR | 128.116.122.4:443 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | 30.106.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 126.242.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| FR | 128.116.122.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| FR | 128.116.122.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 2.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sites.google.com | udp |
| GB | 142.250.180.14:443 | sites.google.com | tcp |
| GB | 142.250.180.14:443 | sites.google.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.238:443 | apis.google.com | tcp |
| GB | 142.250.187.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 142.250.187.225:443 | lh5.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.180.14:443 | sites.google.com | udp |
| GB | 142.250.200.46:443 | play.google.com | tcp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.204.67:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 104.16.114.74:443 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| GB | 172.217.169.78:443 | translate.google.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| HU | 18.172.242.4:443 | cdn.amplitude.com | tcp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.52.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.114.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.242.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.73.67.172.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| GB | 142.250.178.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 52.43.141.4:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 172.67.142.121:443 | g.ezodn.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| HU | 52.84.106.27:443 | tags.crwdcntrl.net | tcp |
| IE | 52.50.240.62:443 | ad.crwdcntrl.net | tcp |
| IE | 34.251.46.222:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.141.43.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.240.50.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.46.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.106.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| DE | 141.95.98.64:443 | id5-sync.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| FR | 99.86.95.82:443 | cdn.prod.uidapi.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.95.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | tcp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| DE | 142.132.249.188:443 | ghb.adtelligent.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| HU | 52.84.106.117:443 | hb.yellowblue.io | tcp |
| NL | 147.75.84.158:443 | prebid.a-mo.net | tcp |
| US | 104.22.30.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.30.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.30.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.30.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.30.209:443 | prebid.smilewanted.com | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | ghb1.adtelligent.com | udp |
| US | 104.18.36.155:443 | htlb.casalemedia.com | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 23.227.151.242:443 | ghb1.adtelligent.com | tcp |
| US | 23.227.151.242:443 | ghb1.adtelligent.com | tcp |
| US | 8.8.8.8:53 | 51155b6e37c6adbf78340959205f12c6.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | 51155b6e37c6adbf78340959205f12c6.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.30.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.249.132.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.106.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.151.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| GB | 216.58.201.97:443 | cdn.ampproject.org | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.187.230:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | download2287.mediafire.com | udp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| US | 199.91.155.28:443 | download2287.mediafire.com | tcp |
| US | 199.91.155.28:443 | download2287.mediafire.com | tcp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| NL | 185.89.211.84:443 | ib.adnxs.com | tcp |
| GB | 142.250.178.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | bucket.cdnwebcloud.com | udp |
| GB | 142.250.187.230:443 | s0.2mdn.net | udp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| HU | 52.84.106.123:443 | bucket.cdnwebcloud.com | tcp |
| GB | 142.250.179.226:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 28.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.106.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| HU | 18.239.255.56:443 | woreppercomming.com | tcp |
| GB | 142.250.179.226:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | neural40.cdnwebcloud.com | udp |
| IE | 54.77.129.199:443 | neural40.cdnwebcloud.com | tcp |
| US | 8.8.8.8:53 | 199.129.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.255.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.chancial.com | udp |
| US | 104.21.79.34:443 | www.chancial.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 35.156.44.176:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 172.217.169.78:443 | www.googleoptimize.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 34.79.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.44.156.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| GB | 23.214.143.61:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 61.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| DE | 35.156.44.176:443 | www.opera.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 142.250.180.14:443 | sites.google.com | udp |
| GB | 142.250.180.14:443 | sites.google.com | tcp |
| GB | 142.250.187.225:443 | lh5.googleusercontent.com | udp |
| GB | 142.250.187.225:443 | lh5.googleusercontent.com | tcp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| GB | 142.250.200.46:443 | play.google.com | tcp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| GB | 142.250.200.46:443 | play.google.com | tcp |
| US | 104.16.114.74:443 | static.mediafire.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 172.217.169.78:443 | www.googleoptimize.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 54.71.186.72:443 | api.amplitude.com | tcp |
| US | 104.16.52.110:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 172.217.16.227:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| IE | 34.252.32.189:443 | ad.crwdcntrl.net | tcp |
| HU | 52.84.106.104:443 | tags.crwdcntrl.net | tcp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | udp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 189.32.252.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.106.84.52.in-addr.arpa | udp |
| GB | 216.58.201.106:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 72.186.71.54.in-addr.arpa | udp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 141.95.98.64:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | ghb.adtelligent.com | udp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | udp |
| HU | 52.84.106.117:443 | hb.yellowblue.io | tcp |
| US | 104.22.30.209:443 | prebid.smilewanted.com | tcp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | prebid.cootlogix.com | udp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| US | 206.189.233.111:443 | prebid.cootlogix.com | tcp |
| US | 206.189.233.111:443 | prebid.cootlogix.com | tcp |
| US | 206.189.233.111:443 | prebid.cootlogix.com | tcp |
| US | 206.189.233.111:443 | prebid.cootlogix.com | tcp |
| US | 206.189.233.111:443 | prebid.cootlogix.com | tcp |
| US | 107.151.11.18:443 | ghb.adtelligent.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| DE | 51.89.9.254:443 | onetag-sys.com | tcp |
| GB | 142.250.187.230:443 | s0.2mdn.net | udp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.230:443 | s0.2mdn.net | tcp |
| GB | 142.250.178.1:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.teads.tv | udp |
| GB | 2.18.109.35:443 | sync.teads.tv | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.187.230:443 | s0.2mdn.net | udp |
| GB | 142.250.179.226:443 | googleads4.g.doubleclick.net | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 2.18.109.35:443 | sync.teads.tv | tcp |
| US | 8.8.8.8:53 | 322cd912eb67b935a54fc3865bf68412.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.230:443 | s0.2mdn.net | tcp |
| GB | 142.250.179.226:443 | googleads4.g.doubleclick.net | tcp |
| GB | 142.250.180.1:443 | 322cd912eb67b935a54fc3865bf68412.safeframe.googlesyndication.com | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.233.189.206.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.11.151.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.109.18.2.in-addr.arpa | udp |
| US | 199.91.155.28:443 | download2287.mediafire.com | tcp |
| US | 199.91.155.28:443 | download2287.mediafire.com | tcp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| US | 8.8.8.8:53 | track.wargaming-aff.com | udp |
| NL | 35.204.130.99:443 | track.wargaming-aff.com | tcp |
| NL | 35.204.130.99:443 | track.wargaming-aff.com | tcp |
| US | 8.8.8.8:53 | track.wg-aff.com | udp |
| NL | 35.204.130.99:443 | track.wg-aff.com | tcp |
| GB | 142.250.178.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | trck.wargaming.net | udp |
| GB | 142.250.178.10:443 | translate-pa.googleapis.com | tcp |
| US | 23.227.151.242:443 | ghb.adtelligent.com | tcp |
| LU | 92.223.23.231:443 | trck.wargaming.net | tcp |
| LU | 92.223.51.163:443 | join.worldoftanks.eu | tcp |
| US | 8.8.8.8:53 | 99.130.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.23.223.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lms-static.wgcdn.co | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn2wotcom.gcdn.co | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| GB | 93.123.11.62:443 | lms-static.wgcdn.co | tcp |
| GB | 93.123.11.62:443 | lms-static.wgcdn.co | tcp |
| GB | 93.123.11.62:443 | lms-static.wgcdn.co | tcp |
| GB | 93.123.11.62:443 | lms-static.wgcdn.co | tcp |
| GB | 93.123.11.62:443 | lms-static.wgcdn.co | tcp |
| GB | 93.123.11.62:443 | lms-static.wgcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | tenor.wargaming.net | udp |
| US | 8.8.8.8:53 | 163.51.223.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.177.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.11.123.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.17.123.93.in-addr.arpa | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| LU | 92.223.21.16:443 | tenor.wargaming.net | tcp |
| LU | 92.223.21.16:443 | tenor.wargaming.net | tcp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.21.223.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| IT | 157.240.203.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.203.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.213.2:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| GB | 216.58.213.2:443 | ade.googlesyndication.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | store.winzip.com | udp |
| US | 104.16.243.229:443 | store.winzip.com | tcp |
| US | 8.8.8.8:53 | www.winzip.com | udp |
| US | 8.8.8.8:53 | 229.243.16.104.in-addr.arpa | udp |
| GB | 23.214.68.208:443 | www.winzip.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.17.248.203:443 | unpkg.com | tcp |
| US | 13.107.253.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | installer.corel.com | udp |
| US | 8.8.8.8:53 | download.winzip.com | udp |
| US | 8.8.8.8:53 | 208.68.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.248.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 34.197.152.105:443 | installer.corel.com | tcp |
| GB | 92.123.26.160:443 | download.winzip.com | tcp |
| GB | 92.123.26.160:443 | download.winzip.com | tcp |
| US | 8.8.8.8:53 | www.corel.com | udp |
| GB | 23.214.68.208:443 | www.corel.com | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | 105.152.197.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.26.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.optimizely.com | udp |
| GB | 23.44.64.144:443 | cdn.optimizely.com | tcp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 104.18.32.137:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.64.44.23.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.installportal.com | udp |
| US | 44.236.1.89:443 | www.installportal.com | tcp |
| US | 8.8.8.8:53 | 89.1.236.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| US | 152.199.21.175:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 57.110.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 60.129.102.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.214.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| CH | 185.196.9.26:6302 | tcp | |
| US | 8.8.8.8:53 | 26.9.196.185.in-addr.arpa | udp |
| CH | 185.196.9.26:6302 | tcp |
Files
\??\pipe\crashpad_1552_AYZUPJKDDQIAGYVL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b1fbbacb7b5ecdd4c66f9b6400623789 |
| SHA1 | ff689b2fbd2ea25a0a522e74b2951ba6d6bab8f6 |
| SHA256 | 4f30c703cc0df1f0b57208be430f2dc4164a0169eb3030f5e28285c07698266b |
| SHA512 | d067018cd74bfc885641bb9b1d3c4c1129f8e942826b8d51ddee95feeaa74994f7ef8f25ad00852de51de548b1f15d5c580e6b1362fe06d9a357590d2e3ad4d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 499b42713b194ca15279c89b27017473 |
| SHA1 | a3fdf6f6914cb2809c3536c1d4f9644bd360a3b7 |
| SHA256 | c5f959bda8fc60acf8bf1f7aa42ebc96c323a1b082ce425e32c8a769d2701a0b |
| SHA512 | 6c76b9ac533622e1bb24f7379013d76a2dcd7ab91c18183eb5a999c557580147cae2e1219f25d51b6f66620a1010c5af5c69c7719b7ca07c5b8957507d6b66d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 95a1cababd411dd330e6ec332aca47c0 |
| SHA1 | b746a0bb3f003468e89a7d1c6628a86f4c34e96e |
| SHA256 | a497382cd8d77fb2b921839cbb96c47ebccbc6c9265ad7609bcd31accdec5df1 |
| SHA512 | 6cf2272c2e9017c3c94a6aa9cd017f0f6e7efd0da0815912e8123b996d596877a11d9650ef64403af602ade9651c03748159202e2e8a2777704ac02b4f6e1387 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8350b12d9fa096ca724a4276fb0e6ae6 |
| SHA1 | a2af4080cbdc19592faf3902368392f059967f57 |
| SHA256 | 330bdb0155b0aa0b7632b99580e52683b7f5b8bcfaa505f195709dda722f482d |
| SHA512 | 6113b7d3a392bb5a59417a9e4845015b79bec4db88709bb3147ace646503a73c07a4693cbfecd078028b92f58435e6ea60089cfed14a6f5fd45a6d2c4d81071e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0b39217014848c73bbfa01950cb115e3 |
| SHA1 | 731519a35711d25763e550f836cd74195fa956a0 |
| SHA256 | 33658a5ce7ec2c2efed3c05e89a57d419da4f41905fdacd3de93f39bb7137665 |
| SHA512 | 0199c81c6a07b78dd607109d0f5545dd196d434fe70e889101c890f2966e5c17857b45f8ecf1fe16194d777ac79e62ba36b6264b5c107025dc71115e77ca1fd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b8fd15ce40cfee715351730109dd488d |
| SHA1 | 96601f04d54b06abd406ece844bb17049ed42840 |
| SHA256 | 8a94b9491b1c628d32ba004e12dadc34fd4d71d469de6f051f4eb430f60a53ff |
| SHA512 | d89e48a896ed057390a73cc59386ee3b289683a1572b1733290b664d860b682bc12fd65605532ea2627b554030e901e3fb6b2378a3a750e5c7da7707c2fd54ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 72ba8f1e54faad31315613809ea26c80 |
| SHA1 | 04740cf2d9ffb4f9453caee4fc0a210ea13af6d2 |
| SHA256 | fe3dc2457b90aafc58ac26ff197106a0d61f3f0562f0d5428572d44aa9cd8e9d |
| SHA512 | 2b4a47749e02683420e20f7947e5e1e50fd900f558e37c68e42af5441283f0235e82f33c8dfd56075b8bc348afddc243cdb58c72267e9438d45a313b42c1237d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 48dfe88d7c2db1ac84b9cbfeb165fd20 |
| SHA1 | a07b74e0c2d509b0d73ae6784cbbb164c5dcd1aa |
| SHA256 | 954bb796b82389142362b6d82d1588d6c429646880a9a6ee927f52ac2d8481f8 |
| SHA512 | 095b1195d3c09695d2e5479a0b487d9185f1c671222c16e20917ecdef21fda32bea0722f0b2b097c1c489c4590b3a6e6e9ad976adf072e18a51a756c57d96179 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a4b44b250d24e2d55524b4d7a66d42ee |
| SHA1 | f62120110ca80553ab1ec69f30fe7170baa7cdb3 |
| SHA256 | 1cafd73c3b9f9e62cdc910f26b1b3127823ef71dc0f896091eca4b7135dc187a |
| SHA512 | 9a082e478f987cc46e3814c0dd427356d21dc84f5fdb547c17b1af32355c3ed42556bf7a8a4248ece7fe1bfa24e46554bf69e21244753d19a3a6ee6ed38b8475 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae0a6c2fc70c3de37229571d64670750 |
| SHA1 | 7d3e888aed386deb2a56ce6b49752806b1941223 |
| SHA256 | 3b338b730dd2a029b9b3804e634f1d4d97a79c8adc9d30c44204b0e2795944ad |
| SHA512 | 46ad051df6b6530dd93de510b090ae32904a2d4d69a26e049bab7316d7f127ef6e579157406d7b8a5a74d1f6795db1546abe3b04c0d350b380c415598a77272f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ed9e78ca38fab223dccc8ca0339878a |
| SHA1 | 8775dbbd1a1494befc1dbb2b2a2a23a31894472e |
| SHA256 | a093a0929e8d333db834bd6264858cb163c283ea0737e5b796c5e553c9e0268a |
| SHA512 | 5d44c0dd9036b58928d61d62f4251394e851320cc63138f381aa2c222678ed7758d7b9ca1f78f31074d184843433e22f43fb47699e55c927025173dd65d8b7ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 10e692cf6e5f06bcae63a20571ac86de |
| SHA1 | 545c7928becd1e9c6812dfc6fa860ab715764da9 |
| SHA256 | dfeb6e1665e1e5c2cb254664b6d3244ab2a616116d04533ee960ff7cdc450bdf |
| SHA512 | e703e63cdf27f4dbc638a599e7c22146c35417c6e251143d3dde4ddbccc97f2a7defaa72390cd54ea618e5c0a0891e2a3fd438a305a7f2538f34a6cf5aa6bb4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2f386e4a6ec495fa26a95b22c6d7be44 |
| SHA1 | 16145e8c55aa2823f2a9c2596dac7469e3d4b76c |
| SHA256 | ee363961ffec0e4ea07ff4079890cd955d6db3832822c85cc9f1219d300491e1 |
| SHA512 | cc610fc6a38d0e84305e0777542742e350fe6c63e94a3374659456b5c263f39f3824a39ef2f1b077c1325e8cf7f42268decb7735075b1b57491ad9373133d455 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5b0ea2.TMP
| MD5 | f421dec1f32583199c5497e440a4935c |
| SHA1 | d0e8fe96e37ea877fadb1d93747ed7a77b730917 |
| SHA256 | 9416e1e202eafd66bba7eeabeabd8a0665836a5c8083553ff2d95ed749eacbd9 |
| SHA512 | 597c99569bb233f527549b71ac1ae69e4f89d6055d4b84e66a079a82bb9433a2b7f3c5f64c9d4961d273d9a39a3cf663b8f46c67c303900d1a5a9766ae12f3d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3916404aed91fe2e4567e63f5a1d049d |
| SHA1 | 37d6c6609bc46af6ab9daeeb9fd6df80af978a6d |
| SHA256 | c3f8325c42c39777d0af280e67335268403fa9e4b1303f4b7c15ec0cac229741 |
| SHA512 | 0f47f8a7796ac77dfd6a4e253b08f5a7799ef38204ef16bc62f0dc166fd51e0ae8b10aa808881a90c25fd9c5b4e2b918901468be29d41a17f89a4f74d48c169c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9e73c230869ffd1329db47fe833c67ce |
| SHA1 | d8438ce3dcb9e27d2ef29462a2c16054f5f51420 |
| SHA256 | 46f1994a780634ab3e3db8d7efc1fb26d9964e441300616f5b98e518de222107 |
| SHA512 | 959ba21fc548fdaeaeec3eca6c7feb99aa8870f3d117d0b60406a396d783df7e626ae73e489ae9626401bef5c5f7657f2df9e2bb57c8eec41b58c8447f0bfd2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e
| MD5 | 39b7e0d992290c41da06068bfbfc7c77 |
| SHA1 | f6a4d0d93047d6cadf48b2bb752f89bc9bbf6806 |
| SHA256 | 92d3d1073c33cb7ee8711bde6ac3c519b2b5f0044e5a2582aba96b14ccfef01d |
| SHA512 | c67131ea3093c9863d3c7dffc37cf54d4b17bee7abae3fda9195535bb8a736ab19115fdd14591c7fd1966014891f9b140b8763695a80207756bf01c534388a1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 12ca6cd89247651b4da95e372c755f11 |
| SHA1 | 7537a34cec87da4b3250927fd8eb45bc2ddfab6d |
| SHA256 | a2aaa72a8c73d7e7c1202fa0e39b783dbe5b9f385ad9f4be732c1b0901beff88 |
| SHA512 | a1d972fa4d745a3fbd1c9eaae388c72094e61ba6d5f87947e5e1467a91e0edf4b083f4bce33f52371042664a21bfb9aa55e2019c954946c014144bfc45ab2c68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0de040121da60d9b0c30038e9e20417c |
| SHA1 | 670b738170908ff4ff1bfad9f62ee27f4a2306da |
| SHA256 | efd26d9a7ba3cb1b6f36039a54644ba1ad1c4a5f3eac79cc59c33b9a7e8dda1a |
| SHA512 | e888a9173cff6bf84ca7ef2a17ddd0f8fb03d8c42f18c2f6e4e47fdb552d04066e8409c28f184b1bdf74d96d31587b18937078b74c8cc8a1e896ece66e2e5943 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 1030d0994c68044a5086bbd3f66d4b78 |
| SHA1 | aa71a5d7d0a72a86db91a185af0e7e148982d610 |
| SHA256 | 9babedc60618dac0c649e687630a0a48f603932817a2282d8bd2dae6cd06bf98 |
| SHA512 | ed7a5fc22db88ce1c1be3c9d0c54e2da24c42f7b86ffdcb0174cadd0ade82d4084b91258420fc571bc0203e0595494cb9f61c339348103b9b92065d5ecc85772 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d5bb2d6c6b23aab384936e679b70ee46 |
| SHA1 | 99526134dd295878c3b67ce21e8203d5858c9a55 |
| SHA256 | 6c92dd0478e51c6e13fdbca953d3f1f27c65a26518dbb73bcf8b2cc3e805a60c |
| SHA512 | 35a4548226dd4e797db6ac84fd57b42e88859824275d216a212bad9c89f8c3ce59d734b387267e3651ffcb84a66cf656c81c6f04f8a1871548b6518cf8a96590 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0a2f4c28f37a70f2e1d3667b823a76b1 |
| SHA1 | 41deb760c8eec5de3816726d62ae1526d3d41c2a |
| SHA256 | f8927f70b541dcd5e4e990a8122d3b95a5cab8e16b1504f4f732561d6890251e |
| SHA512 | e95fe36e44773ca386a6ea8683545788e04c841cebeb02cbda715f6b184ec8ae7911e775b5f25d03e28f2bad59ed653a60b7a90f0fb1b739d256ae1d8e634864 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ed03542523e052d6a423e9b8c6ea549f |
| SHA1 | 2565d4596831d23d60325dc360d1ac3637177d87 |
| SHA256 | ee83c7d4d5847ac41fc3bd9a4573d2201ae2e878d63852388bcd0ad8fe6cf232 |
| SHA512 | ef617e2600bfce7aeb576174812e189d841c47fe07311c65f94ecd25889d6d21b5110132b15af79ae8e9be77f4d35df10345446fb598951b6708505bfa1dfd26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6bd0c585b8b08823292d05b7b7272bbc |
| SHA1 | 3cc49404a0ae432a60d9b07825da231822baad23 |
| SHA256 | ada7f73e28dd932c727949945e6a4b2e1131c107fbb21a961999641e7137a496 |
| SHA512 | 0ec958adc3efd4d9c7765225a3e832520b435977e5e6816211478dd0993fb4e380bb405787c32cb806b1eb3d6f1fb3fae5d731c7c130eeeac8d2019af5afdc68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e1f00019b776f64f6f3529173eae601f |
| SHA1 | 362ee8244ce3e4d18ea943322f917d2497f950fe |
| SHA256 | 7e4c73383b0a5c48d95a620322746655a622d21825b6382432a64bd7bd82ff5b |
| SHA512 | 843471e85a96b8da6a2aef1451e47262cabc854ae104266100273f2ee8f9293cd3408526ef49f20c68422978ad3138b85081fcd1e6fcfb182f2f2bcab0cfce67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 597e00505c4e1015728e802830d5730c |
| SHA1 | ed0d810747153ccdb0b06da60c4844cb9424f4d4 |
| SHA256 | 0e2f68618234720951bbb707df3b8dd6b5998790f8de21b8df81dc000882d0e4 |
| SHA512 | b847b573987d18c5e0da8b83ab2cb3154f2521e8e147e6617373a301c4abedae6d1eb7ed767d75b80580527b5fbbfba46f1e76bfa1ce798d4b268685d0d17219 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 2343eb572cde3a8d722077838515af32 |
| SHA1 | fe311e96ec29bd581cc6c2c260e738940480a224 |
| SHA256 | 301e5810b09d911e513f31fb97bb457eaf4451a3735f7ab3256be5b3877d7aa9 |
| SHA512 | 375143065fbf537db09e7cab8353acc636cc7898f4b896b238be2310a879c0395b3784f68f0def2a907ec3234c497cdaa0a8fc6e5ae600e3b58a05bf206941d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 746ff580236c1a0c9b1757d9d1bf1a94 |
| SHA1 | 49d504079fde6a43d797ee7fd079e6acc29560b0 |
| SHA256 | 425dd31f2c2fce73f0800eeed2bf3fd7b07a050bacd1a8c86cca2d3038f2dff0 |
| SHA512 | 91462dfea4676066f34c8b0fefc906630782bb4e10528c5d6381f00d796f0d6574aa6915e36eab5d237d7fc0a93c0ea2daedcb9a9b2ee46dad05c1f46e6dd6b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 60df02cbc9b6a531c2d3cf32025a4dc8 |
| SHA1 | 71ce31d6e0f59f98855a01b3eb9a37a86352189f |
| SHA256 | 2d73eefd868f115745117f76888a9b0124453918522046796a55c3621ad2c15d |
| SHA512 | cfc2d4bc147bc757054c07a7e347091922d4ff9b7a0f856d0a3c278f5a98fac1a539d05ea5c375868b372f006a530d14558ac7027723f83f3b22087bd12992dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | f1cad4800853bba09a023250de102801 |
| SHA1 | 76e1a6ae10ac4db2a3e4e8bf6b7edd692c4537f6 |
| SHA256 | e73ceb9052ea848498daacd8a9fff37846cce47324b38df12e9dcf0bf25d2e3b |
| SHA512 | 4e869ccea434e71f03ab513b3aa6212da3326cb9625c467b782df48367cbf5c69fb8a073d68180877cfde2510dbe74670046b897125b55f013fe595bb7d3595f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | cc7ad65e0558327d8fbe8ade40ab94e8 |
| SHA1 | 6c153e9bf971f196db25cb2cb3b62f77f0a1299a |
| SHA256 | 956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30 |
| SHA512 | 0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | e1f6e032096b2924e561c3928b9dc73d |
| SHA1 | f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad |
| SHA256 | fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8 |
| SHA512 | b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | a1852b5323e1e4948f64c40799dc605b |
| SHA1 | 45799a41d7d105ecf1f20ddec0b858f0023701b0 |
| SHA256 | 3dd244b14869619ad7208852d0cc32ca2ba0440bca1ca593280710c91e40a2c5 |
| SHA512 | 83ff1136339dc73e38444fc3f9e778b007245979c43d5e0bba0c4261489cd27004239b760fdd6ea462818b5a348c8f323b854df5a8116e1bcab23abab185d1b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | af433e6a65a18856a23c392ed1d896fb |
| SHA1 | 39fd3d21431fd1fbdceb96adc85866e7822bf4e3 |
| SHA256 | b145161eb8f4a58979e90ce9667e3ffe1d8690ce45235064d02dd8abe2848508 |
| SHA512 | af614f6722a26f5545da2987177cf5bd01b93d2b3db7193fe6d5b661a0cd710c3665d79103856c6bd6d46017cab6bfbdf2ab333a161f103cda7e32a748bcb9b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | d5ec7aa896024ba39e86a90a5b54ad21 |
| SHA1 | c71b571593089a5b3e0572a0a521e3403111a837 |
| SHA256 | d4cda58a844b6ca09fdfdcbf4b646799978192e60015855e1664630768ca02d4 |
| SHA512 | 557ea062755137c20ff449e5426d2b689d0f6b53048e0980e8151fd4822c2ea3ba140567af86f88aab55dd2242bc24e44cb18872254392250d0d3c5adc70de02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | b4ee14c921b507ce30b95ed5b1fdde1c |
| SHA1 | c1f398dc5590849bd9b1cb6f021227b4c7dbd0a7 |
| SHA256 | da989b8b56c7098cbb64507a143b2d7486b345782a2ce505ea0fbcd05fbbca9d |
| SHA512 | f19413de7c30590e36b56e51d2c4c4dcde6be71478cacd539a0867ca50d4f994b8a5c394161a394628969581bd37de95c9e23974631d48817f2df0b1609d6180 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 1b219ce0f6836215ca58355774a57582 |
| SHA1 | 536b5def28120e8159d3ce8cedba50890c4ce0a9 |
| SHA256 | d67365e79c90c42da9380607ca24e97d988475a79cc5cc9fc7b779a0a600087c |
| SHA512 | 4858e922d299e7eb1740da5652287f2c70860d681346e46499e974f3cfd19e4148b7d14f215382bf9f14d405360730b825f9c3ff784d54c0de70e356f09f117f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 5856e4918f648815ec1e6b8139255ac9 |
| SHA1 | f8c0b6487381489915adcacdf47fc062fa2f9dfd |
| SHA256 | 2b8eb85228f25ff08fc65eb060c2825362543d0457e2ab4c1d4a5b793dba97d4 |
| SHA512 | 3237a80b3566889831ebbd730a62230cb288a4bc30fded9a3553b9ea676cfda9d26ee9216b37a47ff3f863c2823cdeeeb54a1f5deeaa43ee0622db6593eb13a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 9e7ded318570177d564d0b009cc90497 |
| SHA1 | a403f4b48448c2ce208a354495a4813869498101 |
| SHA256 | ab6220f3c2c1b559928aaf11231d577b72cbc0697c912943b4f07b0563f33866 |
| SHA512 | 810323258a33c18af7d7720e72e7ff323d4a088c37d7997d863d6895e4344b8e255cdec20104ad4e01166637a3955478273a97851e5a3c3bbf934f40e0795d04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | dd8f2b86cd2d7bd64ca691cb98fb3ac3 |
| SHA1 | 3861f8ac1ed49812dcd430daff361aa77715840d |
| SHA256 | 00988b78bb1b7fc4c344747b8e4a2e802446f1b8b5efa8321704eeb23af11bf8 |
| SHA512 | 339cf39bc769983286d28428aec0b009a98ffe04d04fea950cecaab177c6f2461de3d538113516ed7fd9cdd189909fe63ae02cf500eb3115953dd72935ba8452 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | ce179f88287dd6a927a057013eea2afe |
| SHA1 | ac4907f45c1567880a5e603b0a213811b8d9b508 |
| SHA256 | 287b86a8c45c95034d1c6946b3376f8663da30b8b9a092ac645dbeeee0bc30af |
| SHA512 | 74faf89319642c89d84fd4d3815e039debf72cbe75d1a61678a567b8b989de260db774e26b483a06cd2337b9944cbbc36b310ce510fa8317aeb31d4fe26505b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 0064dee6b4410db6846614fc7c58a7b8 |
| SHA1 | 6b71c405a47236ba3b0a333b747effeed8258997 |
| SHA256 | 2681b7e8471e2522539e846bb105b03318875b9bf259b9161bc95d2b473c04e3 |
| SHA512 | 0812d0df23ede29d571928f3a6a4e89bc5815960f52915fe5dae60be8fdd6167532dd12c344bf433d51c3cbebd8ae08a725a74ee4419b6804f527497f76ecb5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 24f08aeed58183c7a705990764bc92ce |
| SHA1 | 1b7801a43fa54668debeeac99d954bd6b6c0e66a |
| SHA256 | 0dfbebd47a5e9ea04463a34952ef735d6c89ecb4d1df329bdb75fcc7548cdf2f |
| SHA512 | 3b6145cc1f30c738f7d706fa18aefb7ab681a63134504dd8978d0000414e49e99e9812a4b340bba4fbb6b56afbe0630bdbd1dff38f3355b5ac9c760a433a3c63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 658d51b97922b7db113cc94345924b67 |
| SHA1 | 70f18e617a981ddfc8cd9d3acee03d0f5d7df55b |
| SHA256 | e73402dde8111a29dfb725ea97557954faa6a234a3b0a83cef52b9639f39c52a |
| SHA512 | 708502ba3610be85a89c7c5c2129cfb68ca97223cdb426e285c1de36741d48ea9a8969056380267dfe7e393317f435f7c5675f5599931129e4b0c69ce7af0dd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 67cde52688368fa7aba3e7804eea957c |
| SHA1 | e9c16096c7dbc5637f6e72983d4f35d9eae8b9b8 |
| SHA256 | 8aeb62da9a1ad3f3cb618ebaa6ccb4fe8ddec997edbf957b4993ab8ffcd1a3e9 |
| SHA512 | 45a820e2f2a3619b97a939ac38786c059ee7098fe8ed8a4fa513cb6d6c9b93581c7589191ec3408d517290486dbc1675a5d412c1445b3675253a08d3c8296b45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 147e8e59dc4406a4e34f75aa67f10057 |
| SHA1 | d78fa3d76ee0eb96d1cc22c485406f9ee031729c |
| SHA256 | c9deb6d571d71c587e2619d75f5a8baeef53808a2af074a0c6c8b45669106c95 |
| SHA512 | 8b30cd178daab387f15aa14e8da52150ee6416b4bb38f3c641cbd727b0bf2219693587789e0372c71cd7b6f0c2dcdbdfae128c70a8ec6973882191d3840ad95d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | d729945824183c5f7ff4236efc7c8384 |
| SHA1 | 381ea27f4b8df7a703ec959baa96fbfb3b7f5438 |
| SHA256 | 4b87a3e20e875e2e20deedce5b8f05bc792a18913cde8235d469160ac5b875b4 |
| SHA512 | 014155737de9a4e99730798b57a156392031a21fe35b8260954476f92c0ab5f3e68f714180b00c83013d6f4cb9e13836ddf1c179dee55109af97cd721d370cd4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 810c29ee9722355064404b6c468b4cff |
| SHA1 | 1ffdf0a194054c33d480932dc369c9f611dcd239 |
| SHA256 | 879e20dda53795123badb82d3d47e7bef7f62ebb7bcd95a98c46b1d9816234d0 |
| SHA512 | b7332d68f68acebe6c06d6bf97b19cf1efb0970f98bc556db73a3ef59178cd03b0e9b24f5660608447e645595cbbccec551d1030d58878651f8cacd7c3ca45c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 581d81c9653514a4acecf52cf82a344d |
| SHA1 | a8b8adc450c084ed465a48a98eb5377d7997ad32 |
| SHA256 | 7dbd828cbb8aa2cf0a280f91cf7ea02b216e315cb55a3d5ee9c49ff74e569538 |
| SHA512 | eb28bd33d9902a7adb25adedfec07291d9052698b033f83826f5aa9f416555cb27ca41e5d1ed88e28d5bf1629da952212566e765a11906470ed2d52b75d962da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | d15dd29a4d64d012bbe07fff6b6f9e16 |
| SHA1 | a9c04a3f688d672058aecd39e5f5b1e35dd464b6 |
| SHA256 | cf8bd1788c24d9e9bf2fee25f7851f082bf8856f643978a508258da26f4f90c6 |
| SHA512 | f9ef6baaeffd7a76fa14f4bb8c30293ec54cab9282b3310c7ea33a1ed7bbfdbe783f294394b4351255b4f2205a343c077b15ef2bc301e2d14ad2b8b813228340 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 45f858c0bafd6dcf187c1338eb472b38 |
| SHA1 | 7f3632239a4ea6b05df600ce27f01f11a812c627 |
| SHA256 | f839191be177079297b7a9282f3e5b486038af2498351929316a57ef1e209388 |
| SHA512 | 30f5d3030180785e1184ad6bc37807001c0f5b4be5c189bf7a0d55d873e5cd1ef5d4e3f320ef95afbb550ce3b31f292c7f1a27bd166ae44caf5c9529411b92fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004
| MD5 | 9005886543ea7f6c08cfcd657335ef5b |
| SHA1 | 4539700a43863fa32b709dc26bf3e010819a291f |
| SHA256 | 07455f06a23e129495f65eaa08f0c23cfc968915a5dab029c133b7137d4e4b2b |
| SHA512 | 8c5b9f0032b6da17ba6c6597e2114878f6fbc9a83177d1216d2fe19b6cfe95ea0b320daeacf2376334d3df9487e4f1022c85a1d7b4fedb89f965bf2cfe7ab670 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
| MD5 | d3afd167f2ab55f14d335ecd4e82b164 |
| SHA1 | d5de2d5c9e1ff8e0e18614a39a8804fd65c94727 |
| SHA256 | 3cea90412d8dffba318c1448dd4d87f995889461c17363ccaa3b56b235e7d1dd |
| SHA512 | b37e6f674db830d3687765a71e9a21ff0d817d6503f6f2e7993a85fdaa2f9c79b93fd26b628b0f8be8d6198ecf84099cb9a51a32de5ae6de15659c66f35c1d49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
| MD5 | 135d99a3df668fd6c0f18e85837aa7f2 |
| SHA1 | 02907814e4a289afe8beebfdfad878cc52273087 |
| SHA256 | 662a2a582c10f5d5e66263ec823a1ff6a410e0ca5b9be4de56078ef34d776b7f |
| SHA512 | 7155b8bd91686b45d602c893ecae016bc7d8799a39c1a3628ff278a13dd96ad11ac15b40dd9479c8f911bdaa4b492aa349e0c2d4e4dd1f889b27fee45d6bb37d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 1138b1fd146eb99907a0ea3de1bf526e |
| SHA1 | 355e9bf3a2634b69b2d48dc3213ef9b0aa19baf8 |
| SHA256 | 50ed95d37b06032c349bd3d1b6a4cbc92fd55291f44f88710b2ba2227d40e05b |
| SHA512 | 4e2722b3dd70a7f5d883166c9afe9b722bb0264e3619226734b829dcbb63fff95ae9758d9cbf97cf7acb82bee4f3cc6979a10f66536aaa373a22f4f37f60cb3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | f7b64746e0e9c7772d3c2e9d6c32b04c |
| SHA1 | e43470c8eade85199ade11ba3c6d0c36c40ada89 |
| SHA256 | 4b567e14fb8eacb736af19cd8c6e252373aa20ce44081059c17f1bc05ea250bb |
| SHA512 | 5286252974ec5a0f172c73b2998dc9b7375152a22d793ff1ca98bc0232427b6ef3238acdb54b2d76547f28bff560b68ff0b5e0a38e8bb10ef84bb9a5af1cb390 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 7c617d44eb695e6946592cab67a42226 |
| SHA1 | 52495252fb8cb763a39eea6fbc2d56b0fbc44fbd |
| SHA256 | a437bb77af2c8118dcdc3f591edf68476835c0ee9a3e2c798f277d1d420accaa |
| SHA512 | dfa84d285677c5d756cf408948c879f37e501ce558c7ee2065cc7169366147ad355b7004483ccdb2f4b1507711da397117ef513d2225d26fa2e6b710cc977f58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 782212c15da0cbac1026141e3053f15d |
| SHA1 | ffa8f95e9279c1299b45a67ff23bd9548ec99b54 |
| SHA256 | ffc92af9e7dddae40929728de1670ae8673a859cec3b0f7afd18dc7377fdb74e |
| SHA512 | 18c7836827d97c3033e4c5638a3a13fd91a0725547995441bfa1c9a9d1e60af49c27cf1ce34304b5aeeea694c98d26c543c0bc50593d62aebafbffda56a6650e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 6336c7a9ce3b76ba32c52c0b4b1b5e60 |
| SHA1 | 2e5e43a894903b9df323cca3639590cf65fc4eec |
| SHA256 | 6fc5019a8e1dff3fa1644f73be6f2e8fa15e12c02e01e354e5e4a63eee181a27 |
| SHA512 | fa48e1e8f55f8e902f93d3dcb6e605fdf5f5e75a4def67cdcf2eb20463921fb05345d8a44f8ff08b020577d3069a7cfd6ba10015b7e52075b70939af49791dc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 754a2c1250f30bec13b590af9733d029 |
| SHA1 | ad819ff2781efeac28f97c020acce009ee969525 |
| SHA256 | 6594f3b86937a69caf96943edca833904a9c7f732ab8411b80bfe1c5901909d5 |
| SHA512 | 142d9aa66d28dd10c08bb2a4d2ffc3ce9f9866e99e50ff76d17f585d8f60b960e80fc0de8ae20ebc0cbe45c5967de26434c842987e685832b71f84b98a454756 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | df6f28e36e8f8396274fdaf9b7624614 |
| SHA1 | ef7ff3b63e0fb8cb260b051931fbc20c03ea30e6 |
| SHA256 | 0c7368868ab3ce012ca0fafd9a0843fd0ef6e714e1a7e4450ad88fe319ad6eb0 |
| SHA512 | c3faf436a8d090c73740d1193547628c157d096555dca93ee0c45c052ce52d3caa70b107dba9a7350946c2b1067e5cfdb435fbadc202abf5733da0f3f17af5d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 34bb1161f023e642f44a72b1e2d383fa |
| SHA1 | b0ce743c1370fd98bdbe142acff3bd825bc3520f |
| SHA256 | bbf7334a0bade30384d5c16853662bd72dbb220567d1070481f60b356257d37c |
| SHA512 | a113fe4ee811e125c6f21029e2e282698bc8a29ec0d7eef12f5bbb4b2375762557fef876c6047146901749d1b57986d84424f461f793bb38dbea1a74d647c83d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 72a9693a8a938192d190f4a98ade429b |
| SHA1 | 7a6225f3f2230733ce2f6d600d786ef06608d20d |
| SHA256 | b8337f43ccf75e0831eb60f6bed655f347114d7cf02039c602e58140e1a5edb2 |
| SHA512 | 8954e5beb442d3ea24e1b74aaa1fe826ed26dbd8d259c3fe413e11f7ab0aaf867d8281d152fe5770b506eb17de996727f36d3542d9f97b8be43206fcf1261c53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce65fbe75578175491cbda648336ec2c |
| SHA1 | 7fe1c679685335ddaec5261e0d9dd2580ea3c146 |
| SHA256 | 36ae4abefc37f2d0d1a69caf30fd938cc224df5e238c6cfb2718004d3c1ef4e4 |
| SHA512 | e326855bd7eaac3ae9dea1014238538625ecadf44c3a16600762e8e09d9c168e622e14e72e61dc3fb7d55277ac668fde619477c6d8cafe29bdd897f91a011cc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 458a37137b3cc087d2f535ebcf251796 |
| SHA1 | 1cbba5864380c9d6ae835b044047df20937df7d5 |
| SHA256 | 8037a6799f4eea3a108d38b03702ad52926c609abe3ac659564766be496b2242 |
| SHA512 | ae13d05b8800565d69dc144642facc252a21253c6f51d05b7c8073a78c36da300b11156fb89385d83f62be261404260288f96e2f26719c113c883eb3099acd04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 74abaaf01c985afab2a87778600add7d |
| SHA1 | fd554490cad48a13da33a0b926c64009313a82cf |
| SHA256 | 5fdd7dafbd12a9d37f31d259463454e85e84253917f7b7b5b034e3eb299af7cf |
| SHA512 | 85992d5b0d39b75eab35dea353e1caba95c7d60a92c25553a1d556b026fec96d4bda50db7f5838dc0d340af4f862b12793efd79f488f821e2691d787e68aa754 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 81296e73be91b8990ef16b9900de26a1 |
| SHA1 | 9442c8c9c7d0d22e75afb94fd4b65acc540d00ef |
| SHA256 | 16f44b6db39c6bfb990c3df5dbf856cd089fd581b8048328def96296f28459c1 |
| SHA512 | 4b74ca6a5cdf65fa8a30d0d1ec501eab368fa56002270acc3940ad1d3c11430d55f261475775b948cabcd4d4229d75631edceb2b7985d0c2a1f694c7c2753405 |
C:\Users\Admin\Downloads\Unconfirmed 592054.crdownload
| MD5 | 7f88c3ac069bd6f6a7134af19b2fa271 |
| SHA1 | 4e834a0aed18e65e3b201ec60972d23dcd37193a |
| SHA256 | b3996a0ae78cca5781ae2842d571afa51d79e04ed07e633973978d38e5b05b4a |
| SHA512 | 5300967dbea792920e65bd86a0bdab6aab7320dc934a76dce6b1276ffb26e68c53ddb1f43d1ee64cd8a527e1ac3f847a3917b460898bee978b2f88aae31b1871 |
C:\Users\Admin\Downloads\Unconfirmed 330978.crdownload
| MD5 | 1228709ffb55277d3251c55ae0f131e8 |
| SHA1 | ab9ecf340385385686a33f434af7c1fbc9c91cf2 |
| SHA256 | d0aaa598eefb6d91c32670f99fdc7e4fd040fd6d40ffe0be173592fb8a3a3a39 |
| SHA512 | 4b77aa0d5fb062c92be39c0eea80df2c31281480b88245db6ed8a8254e777987c6515f8b0091014e274c54832ec7dbcadbfaef3143fd0e517076e5c816d213cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7346f2273c58bc7796b6a113e535e6a5 |
| SHA1 | 4a28e7ab04528ea466c4e349ac5135c55c14b4d2 |
| SHA256 | a687a6f0d0464c368ae6785276d302412d79a4ddfd31718747db8357378db1f6 |
| SHA512 | 404bf3004a695b6da95ad6f7c848f2f5ec31d2929053b975051eecb5348c5b0ff2d248311788c1105112880067a2a6224e7f6e58c812c5edf2ad36134d157cee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e976da0cf1b139dbf1b51836afdb7907 |
| SHA1 | 8c2a82892c4ad750099425c47f4c8f335a172bee |
| SHA256 | dd65f71feaace33d469427822c6fc5f02de44ec71cd10d75d70b09c970042513 |
| SHA512 | 1053e9386e19314528b9c36033c4aace3aad0411574d2424e3b3b50deafdedc9600d94973d715219b3e3c602a57401a375dda355c6e284e43329399e43f395fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c074b449e40803880acba1fbedfc30b5 |
| SHA1 | 2ffb5681f048b6fa546c4a6a33f8430311852804 |
| SHA256 | 413a09234ab2caa4451b7d67988eea7a4e3d68ee0fbca54ad988f72250d644bd |
| SHA512 | b1b9dccf4f2c0365a8fae76ec778c6be77248d07d6024e586ed81976945b9fd8f4729c789472657982d809e281abe57757af2a28638271ba6a36d33bba2deb9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 332fc718111ec41c28ba3c9dbb304156 |
| SHA1 | a3b90ae1a1faf00bd8b0ff56742a7e99aa8d4ec4 |
| SHA256 | b5d5e36b07b8e00c3aec1213673aecd523bb5f67463c164a28cd5a556fed9fad |
| SHA512 | b218e2f5a473cf574bcd4d6264482ba67357bfc39b31040d4251969f324cc14960cde7a7eb96082e1a6c4287db8601eca2c08933f22a22305789aef062df88b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0bf51c7e44cebd8a75691e875647a61e |
| SHA1 | edd3c3d4ea90423f4a167e6c256c4592e3dbb414 |
| SHA256 | 812ec265f71464a34871079486b623853f4baebb967d59589c700d3f6b585889 |
| SHA512 | 52e3feff5e0579c3c7635ef60b4c4a7abe08180105db4dd74d22065945fcfdc590392bb0476d1384a8238386d2838d99c97131bb82564f2f7a1d55c201ae43c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0bc0f7f959cb5ccabff9b0c1f044975d |
| SHA1 | 29f8e49b00c6d69b9a03dec7ab4525e23028d43a |
| SHA256 | ff666c9df0d61864304e18837762750e2d7d66e2ef493e539ea90fb6269979f5 |
| SHA512 | 5b8a47b33539dd8db70bc057ed8adcf3769f138ed24a9c269e7a7f6e51e9f7ed5a1cf0654de9dc07a0625fb69f359a74413a37b440756ab2f423f353abf75a74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 748c58296aeaffd9258d480ea18c3a4a |
| SHA1 | ce4126806855b2fd414968541728bd5e62255e5e |
| SHA256 | ad1bf35b6c8e32cde8c750f8aa66a14a961e4e1fc888e93051c065835e16232a |
| SHA512 | a7132944c74e166ad9ef512053ea298d5e9386e4d8427a262e28af125f5cccb69595a160f8f3caaec180d95d9d35b87ed4dc25eee30dfd726e25ed76b0f57d53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b230c0fb639376d27cf74042c9c5e640 |
| SHA1 | 9408d79f9a4b9f8b897309d0fa381724b2b920e0 |
| SHA256 | 7e7e11985494a03f20bf5f16c350f4c66cf5e7fc567e0fabd5ac5c8891d65aaf |
| SHA512 | 8f0f658a03319189a9b79bdc48c4b65c26094af20cd41d27509fc8cc9077de6f6f58b48c7f18ec56c05a6ad07db5ba89f013deee1c4edf166a65a37bed1821e2 |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\Load.html
| MD5 | 1757c2d0841f85052f85d8d3cd03a827 |
| SHA1 | 801b085330505bad85e7a5af69e6d15d962a7c3a |
| SHA256 | 3cf5674efaaf74beccd16d1b9bcf3ffb35c174d6d93375bc532b46d9b4b4ed35 |
| SHA512 | 4a12a55aac846f137c18849302e74d34df70ea5aaff78d57fce05b4776bedcde9e1b1032734e29650bcbac3e6932dfef75d97931443446a23e21cf5b3072dd9a |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\common\js\jquery-1.11.2.min.js
| MD5 | 5790ead7ad3ba27397aedfa3d263b867 |
| SHA1 | 8130544c215fe5d1ec081d83461bf4a711e74882 |
| SHA256 | 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 |
| SHA512 | 781acedc99de4ce8d53d9b43a158c645eab1b23dfdfd6b57b3c442b11acc4a344e0d5b0067d4b78bb173abbded75fb91c410f2b5a58f71d438aa6266d048d98a |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\config\config.js
| MD5 | 34f8eb4ea7d667d961dccfa7cfd8d194 |
| SHA1 | 80ca002efed52a92daeed1477f40c437a6541a07 |
| SHA256 | 30c3d0e8bb3620fe243a75a10f23d83436ff4b15acb65f4f016258314581b73d |
| SHA512 | b773b49c0bbd904f9f87b0b488ed38c23fc64b0bdd51ab78375a444ea656d929b3976808e715a62962503b0d579d791f9a21c45a53038ed7ae8263bd63bc0d50 |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\common\js\external.js
| MD5 | 140918feded87fe0a5563a4080071258 |
| SHA1 | 9a45488c130eba3a9279393d27d4a81080d9b96a |
| SHA256 | 25df7ab9509d4e8760f1fdc99684e0e72aac6e885cbdd3396febc405ea77e7f6 |
| SHA512 | 56f5771db6f0f750ae60a1bb04e187a75fbee1210e1381831dcc2d9d0d4669ef4e58858945c1d5935e1f2d2f2e02fe4d2f08dd2ab27a14be10280b2dd4d8a7c6 |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\config\installparams.js
| MD5 | 66c9d7ab7cbc6d7e675e7292d0d96aeb |
| SHA1 | fe94c309a9d922a64fbee615fe6fa7108a356249 |
| SHA256 | 87df84ea0794ab4df2ea424febb7eeeef55190e1368f7e148851a428d842344e |
| SHA512 | 885fc647279001d8c8d1b9b881842424082cb284310d3cb24efb04fba1006e399a7a9669c37c9b9d39e474abdfd5e00294477639cd4af8887f1e448df30028ec |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\config\stubparams.js
| MD5 | 91f6304d426d676ec9365c3e1ff249d5 |
| SHA1 | 05a3456160862fbaf5b4a96aeb43c722e0a148da |
| SHA256 | 823f4f8dfe55d3ce894308122d6101fed1b8ef1eb8e93101945836655b2aed1b |
| SHA512 | 530f4fad6af5a0e600b037fcd094596652d2e3bf2f6d2ce465aae697ea90a361a0ffcc770c118102a0dd9bf12ab830ac6b459e57a268f435c88c049c127491f4 |
C:\Users\Admin\AppData\Local\Temp\e5c93fa\common\js\common.js
| MD5 | 87daf84c22986fa441a388490e2ed220 |
| SHA1 | 4eede8fb28a52e124261d8f3b10e6a40e89e5543 |
| SHA256 | 787f5c13eac01bd8bbce329cc32d2f03073512e606b158e3fff07de814ea7f23 |
| SHA512 | af72a1d3757bd7731fa7dc3f820c0619e42634169643d786da5cce0c9b0d4babd4f7f57b12371180204a42fec6140a2cff0c13b37d183c9d6bbaeb8f5ce25e5f |
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
| MD5 | db7fb67fcec9f1c442de25f3ad59f50c |
| SHA1 | b600aa26d1cded59760304c6d77f4ff75722eabd |
| SHA256 | c227208854734bbd38c9f74f39034111733da5c7ce71515b1610aedd79417f9f |
| SHA512 | c14ec7d252a6f201dfea476d302fbc5140713cb4ea7bc8d4e610bfd806b3fa3c141153e2e9b8cb36255fba1fab4d4400ed83f5f5c1228d77d77bace41d5de7fe |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | e3f7c1c2e2013558284331586ba2bbb2 |
| SHA1 | 6ebf0601e1c667f8d0b681b0321a73e8f4e91fa3 |
| SHA256 | d19616ac12d3d536c8fbf034513a4977c88ef2d1676d358a2358fa051c8a42ba |
| SHA512 | 7d4fd7ad06b05d79211144cbaa0047bdb4910212565b79f292a6bea652735dacf69435b24c73bc679cbdad4207f6352726eb297a1e7af4f7eef14dbc8a2ca42d |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | c645ee53dc61e7217c8a1daff22dfc04 |
| SHA1 | f883d1447e9494431bd36a465a187b2007a94566 |
| SHA256 | e2b899528c6c8700c642186e592134982411b962c5551e4983682bb64a68eb99 |
| SHA512 | d3187878499b53b7b6f302f44a535d0e584aa3b0b4a7c76b1bfd1b682429e3d1c31e718e3cc2f4e6add64017cb107791557ea149f283cbca7cd72dac5277fb07 |
memory/4556-1741-0x0000000000670000-0x00000000006A5000-memory.dmp
memory/4556-1742-0x0000000070AC0000-0x0000000070CDF000-memory.dmp
memory/4556-1749-0x0000000070AC0000-0x0000000070CDF000-memory.dmp
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | ede9c95f180e8bba82a2229a594f14b5 |
| SHA1 | c6a713cab5f8639e205bee642ee559db9bacfaa7 |
| SHA256 | 423f819911d8f13d7c36871e33c6feff5f3224a40b721cdbc81d1d0264cfdbd2 |
| SHA512 | 3ee2a9462df4fb305dc320215fdac11ca3dee225a4ef0fe110ac8eb0aeb1c0e45f37dfff32fc8a44321fabb16a748ab8b870ad5c9c4329a03747e6863f1c0072 |
C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.87\Installer\setup.exe
| MD5 | 44bab1ba8bbc80a6f11a59a921ade1fe |
| SHA1 | 71292aa421fc9cefd9eeade06fc5af52f71e8dc2 |
| SHA256 | a03c11b73af7ccf83f2a4bc1995f9083f8415174d1e8f6d6465e9192aabb542a |
| SHA512 | fcb6f75c3367b91da92b3d866ae6b85428d8c2ef13499344e80ddd3bb30f47d1243120aa41eba519756bcb6ff5f9708e7fe7281265c4c32766231765aa8104e2 |
memory/1844-1815-0x0000000000A60000-0x0000000000AC4000-memory.dmp
memory/1844-1816-0x0000000002DD0000-0x0000000002DD6000-memory.dmp
memory/2868-1822-0x0000000000400000-0x0000000000450000-memory.dmp
memory/2868-1824-0x0000000005900000-0x0000000005EA4000-memory.dmp
memory/2868-1825-0x0000000005350000-0x00000000053E2000-memory.dmp
memory/2868-1826-0x0000000005330000-0x000000000533A000-memory.dmp
memory/2868-1827-0x00000000064D0000-0x0000000006AE8000-memory.dmp
memory/2868-1828-0x00000000057C0000-0x00000000058CA000-memory.dmp
memory/2868-1829-0x00000000056F0000-0x0000000005702000-memory.dmp
memory/2868-1830-0x0000000005750000-0x000000000578C000-memory.dmp
memory/2868-1831-0x0000000005EB0000-0x0000000005EFC000-memory.dmp
C:\Users\Admin\AppData\Roaming\d3d9.dll
| MD5 | aabf88ca8b3c7a22e686ccd4d66d1fbf |
| SHA1 | 0155c60607e1b22ecc83f3258827b5285c2719a3 |
| SHA256 | 6e610c03f9b3c785c678ff602e7a546ed2ed96cd1280081a6afdade0512a8f3c |
| SHA512 | aedaaa57d4e8b1059555bbc8b465bf15f9c9f9e390cd7f7e64aacec8817b348f6ff9fbd608778b06984cdf4fe72ba9849bc9786426335e7bb4d2a4c3347d3a09 |
memory/2868-1837-0x0000000006000000-0x0000000006066000-memory.dmp
memory/2868-1838-0x0000000006DF0000-0x0000000006E40000-memory.dmp
memory/2868-1839-0x0000000007320000-0x00000000074E2000-memory.dmp
memory/2868-1840-0x0000000007A20000-0x0000000007F4C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f060e9a30a0dde4f5e3e80ae94cc7e8e |
| SHA1 | 3c0cc8c3a62c00d7210bb2c8f3748aec89009d17 |
| SHA256 | c0e69c9f7453ef905de11f65d69b66cf8a5a2d8e42b7f296fa8dfde5c25abc79 |
| SHA512 | af97b8775922a2689d391d75defff3afe92842b8ab0bba5ddaa66351f633da83f160522aa39f6c243cb5e8ea543000f06939318bc52cb535103afc6c33e16bc6 |
memory/4556-1853-0x0000000070AC0000-0x0000000070CDF000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\695398f4-2d74-4197-8368-2de11a4d18b8.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 93ada7b46ea53f1778d98593103334a5 |
| SHA1 | 2d0873dcf29aa04195134aa086a8a0da28fd8b66 |
| SHA256 | df1d66518fc86b9f5a1e552fb4d155c62401a02241a520128b001cc2a6611d2c |
| SHA512 | e10ca2bcda4c5f9f85c2f046dd4ab0df1fe0301365a84c9356af8efcae46724707188807cded419c8ff7f2b7890a7ff8304a66142c6d68b737eea4b0e55c4fb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 68e6e93f6866ddd66a854662b0781ee0 |
| SHA1 | a2cae126ae45fad305615f23ab9d88ad4217ddfd |
| SHA256 | 9259343169c1f3f4a6649c1614f7994bfe0bee10b1b64e1f26401d186bfd9989 |
| SHA512 | 57fda9bf8b4aa8305d03830b84c5b56a538887490ec082dfe9ba81e7c75c9e33c465629e7a4863a5c0f0b4419a5f5dbb0226e820f580f2e7a8650d406fd0c3fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4df4574bfbb7e0b0bc56c2c9b12b6c47 |
| SHA1 | 81efcbd3e3da8221444a21f45305af6fa4b71907 |
| SHA256 | e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377 |
| SHA512 | 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a27d8876d0de41d0d8ddfdc4f6fd4b15 |
| SHA1 | 11f126f8b8bb7b63217f3525c20080f9e969eff3 |
| SHA256 | d32983bba248ff7a82cc936342414b06686608013d84ec5c75614e06a9685cfe |
| SHA512 | 8298c2435729f5f34bba5b82f31777c07f830076dd7087f07aab4337e679251dc2cfe276aa89a0131755fe946f05e6061ef9080e0fbe120e6c88cf9f3265689c |
memory/2652-1968-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1970-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1969-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1976-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1980-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1979-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1978-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1977-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1975-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/2652-1974-0x00000213D1220000-0x00000213D1221000-memory.dmp
memory/4556-1982-0x0000000070AC0000-0x0000000070CDF000-memory.dmp