Malware Analysis Report

2025-01-22 19:13

Sample ID 240720-fpq48s1cpf
Target 6bCJsJc
SHA256 a6e09e40a6f8bdb2486a5bda476628d89512987b99301d822b6a72836e3f8100
Tags
macro macro_on_action
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

a6e09e40a6f8bdb2486a5bda476628d89512987b99301d822b6a72836e3f8100

Threat Level: Likely malicious

The file 6bCJsJc was found to be: Likely malicious.

Malicious Activity Summary

macro macro_on_action

Office macro that triggers on suspicious action

Loads dropped DLL

Enumerates connected drives

Legitimate hosting services abused for malware hosting/C2

Probable phishing domain

Drops file in System32 directory

Modifies registry class

Modifies Internet Explorer Phishing Filter

Modifies Internet Explorer settings

NTFS ADS

Checks processor information in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: AddClipboardFormatListener

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-20 05:03

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-20 05:03

Reported

2024-07-20 05:33

Platform

win7-20240708-en

Max time kernel

1565s

Max time network

1566s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6bCJsJc.html

Signatures

Modifies Internet Explorer Phishing Filter

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\PhishingFilter C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 60d2e12762dada01 C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{61732011-4655-11EF-93AA-46D787DB8171} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "427613668" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6bCJsJc.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1924 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 js.assemblyexchange.com udp
US 8.8.8.8:53 ced.sascdn.com udp
US 8.8.8.8:53 d3c8j8snkzfr1n.cloudfront.net udp
US 8.8.8.8:53 s.imgur.com udp
US 199.232.192.193:443 s.imgur.com tcp
GB 173.222.211.129:443 ced.sascdn.com tcp
US 199.232.192.193:443 s.imgur.com tcp
GB 173.222.211.129:443 ced.sascdn.com tcp
US 104.22.74.216:443 btloader.com tcp
US 151.101.128.193:443 js.assemblyexchange.com tcp
US 199.232.192.193:443 s.imgur.com tcp
GB 18.165.158.24:443 d3c8j8snkzfr1n.cloudfront.net tcp
US 151.101.128.193:443 js.assemblyexchange.com tcp
US 104.22.74.216:443 btloader.com tcp
GB 18.165.158.24:443 d3c8j8snkzfr1n.cloudfront.net tcp
US 199.232.192.193:443 s.imgur.com tcp
US 8.8.8.8:53 imgur.com udp
US 199.232.192.193:443 imgur.com tcp
US 199.232.192.193:443 imgur.com tcp
US 8.8.8.8:53 c.pki.goog udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 c.pki.goog udp
FR 142.250.179.67:80 c.pki.goog tcp
GB 92.123.143.169:80 apps.identrust.com tcp
FR 142.250.179.67:80 c.pki.goog tcp
GB 92.123.143.169:80 apps.identrust.com tcp
FR 142.250.179.67:80 c.pki.goog tcp
FR 142.250.179.67:80 c.pki.goog tcp
FR 142.250.179.67:80 c.pki.goog tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
FR 142.250.179.67:80 o.pki.goog tcp
FR 142.250.179.67:80 o.pki.goog tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\CabCAC0.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarCAC3.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cd099e0e4d3d961543944d4dd9ccddb0
SHA1 5feb159cc0bd501aecca0574562a05fc3cc783f4
SHA256 9c0e812be86e14c8e378b41ab1ef78c2c545836900589a0db4b4b5f28201868e
SHA512 8825ed531f503611ca2867dd421b1207486efefc009ffaf149753967f327235795204e8c6298c57bac2784850287ae858fb5e00ffae042610218a5840c678cd1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 588b78d3438162aeefb1264cf2093032
SHA1 b81a6c53b124d3c34214a0d2877141618f2db86c
SHA256 7f950acbd781559d235325a1b431ca3cd511300c4e02121d6111f3e99fec5e4a
SHA512 19a97ec3bc831a7cce8a9ce3cd344e21484438eba21e5e5e7bc64750bf2b3c801c754da03f38c4ae7f9c79b484a5220509a9b34e101c5d777209eeebb2b36a73

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 e8b3933fad5e57fd857654f8852a32a3
SHA1 50356d9a4284f12808b94cf0474ef9642e916898
SHA256 34f7031375ef848e96ea0d4039516ea70101812db124fac8ece4421611345f47
SHA512 8b459579e93f1d0e94301b33a39cefaf4fb60b9861b2cc7771fffbcc4d0f99ef07ad6f6621189828d6846b5eb200f628bb823eea509feaed7718462cb4d62898

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 36a63c319f18d3f3649977e9c4a9609d
SHA1 51085fc6576a7d443fb4cd60fcc624755d8e675b
SHA256 aa44892ca6582eab70a00b960b0f7abe6015372c650965aa0eb9d6e206ce8944
SHA512 1fd5317ac5dae925b6dc2ad3eb4b16566d491cd46f956017182a9b16ec49335b6df50ed7ded690f71b11b5d7c1a727cece86f987f1cf048e2297b94116637d70

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E

MD5 688ca3bccc923af2799fbd8340d212d2
SHA1 4a2a986d35de3dd3db439a819b5534b9099385cb
SHA256 299b5c73ff41b4d3e336e8b50f1645a4fc354f10bdc2d5870b12b11d5f23ed7f
SHA512 7929186066983d5344f18e65ce77f9f3fb43e419a2657d61d6baf287d996dbdffa65b35e4cb0b08fb92db89ee12d9eef384a97b955e0f33c1727fc14b0b9d40e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f0f5d3b5170b29e47a5dd8c453b6c07f
SHA1 0184fc39ff4953748fcd4c6931af05c22f4070d2
SHA256 d697de4d67e99cd1a8cd01e3453e322476710a98daa484735ca04c9ad73f1542
SHA512 92943f22065c325400d2f714d12571a4ee2873b22c61922d3f4ebecdbe0d9b9a970a02c33a8c945e3e8efb49c3dcf670fefdda5350aa5e6deb6f13ec670b06b2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9cf0144ac79815d4da1e8fa5a6b2f0fa
SHA1 62843e3b36cf646c983d4bc65268b46ca98ce1fe
SHA256 5e146378432abdcb770c7c2bc6780bbff2d14085f5c4ee3c5d49916edee289a8
SHA512 a12a1664c3152fc2d3189be53ad0012b74e18d5341dad1698cf87814b7a5b3857263abd4c98b6374e8157a4e6455cb3924905a78ad34b6d4c75b0463bb1379b6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D

MD5 2ef536b782506bd7ca8f1b364dc244a4
SHA1 099952e0ec47e497807a425bc83b9721f42d7c0f
SHA256 78081ef9b6b0840d1b47a9a4ccd439ebab26250d45bc0843700aa5a904742965
SHA512 cd4201f203efc03bec54cf761ac489781a1964fec997c2179323fa37fb59ac8c10dcaf92f2cbeedff01bb577c17fb7ed5ae676ee9ba1b9f8f2be527b433229d2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D

MD5 b15aa8e661114b4000f3f180d9ba50e6
SHA1 e7a98e30a03528392b4e27078b6a2b9b8fb6b643
SHA256 cf701c897f7dd2904dda74c021c9fdb804fa285c782c74c7211be308ac7556cc
SHA512 bab164b3fc8baea733e1db7fce7ea44c480ec6eafca102b2b0f0ca496fa7519380050ecc187f90a6c9b4b6be28d26996271462bf0fbc935861cbca1f0f374d76

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 232937e9a9cbb3e8736ea7ca48ce8d57
SHA1 b0134fc556fc4ac193e5e28b1c219f65364a9f76
SHA256 7c284005cee12ed60eec38ea8fca8438f4ece35ef4fc89fde12268ba99ff71a0
SHA512 208ee8e5d89c77642825cf7e96c96fdb91f8b72bc12f629237286e00d7a7b3f8df66ce2cfd5542667309b411cf602ff4db61f5f2df6d25a20b36ae580ecb01d8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dcee297d87afa56557d11f140fe1c344
SHA1 f388afc97b73db53d5c4a3b45b5d4b634fcc49ee
SHA256 c172726b46b5b1a8a0c898cc92c578c5b0d4002c0de4cb9b4969f65f445d7372
SHA512 a6b57c0f4f58deded0966d6e71d592f51bc3a32000aff32927dfe171ef36870179492195795b9c2ec1df219908097b20a83aa5152e16366a359d1f6b0c28184e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 26194a46fbdd7a89128186e2febea6dc
SHA1 5ec0b4e22fe662c405cd56142579135ec07a31c5
SHA256 f8f393949c1cd1e292ad5f04881b6614ab938df471d6e533199566f1d5aa64dd
SHA512 fae6d45848f5e7001610daa5853032905930c56f2c82a6028063aa786975a2e501653e715da0abb7ee106c7c255a07db8f8ddd45a4b1fb8e98acf859a584c3f4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ae3a6be6234351391ba1193b67a7c6a1
SHA1 43273b7a43abf21ce191efae11c05aa0011f2651
SHA256 1d088ca560cdfb35edd164bb37a05ac1a521f15c884bc2a11d60d50c77fe0945
SHA512 0b9050eae47ef0f3f67b620f65432009241eb2a5eb2c3ec1c2a615fd930618c586be1c87caeb152a9c273ec3a07e55b7c014a84101b4ee1a3ea94048d904c228

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 957d957b3c8e1c2f1adbd8d74bf809a4
SHA1 b125cd4053b50cda3d4bc3ea676d3867c037f877
SHA256 a101ad1d9cfa58db9d818ae3f98c6273b475ea13eb8cb0ac73b74173a51444ee
SHA512 53a5f7c57603f1d1f4696172b817b669ac9f65ec77946b32fa52e6c02ec1a111897c34cae74ad6f270cc510e9019f9e565dc5ca06f0441fd8682f63a9d41176b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1604a8235035cf2d0427ae37ea0b25c1
SHA1 56675bcfe7112c53e9cd4f2be774d840ad2b6647
SHA256 a681f336e77e1ae3d21477577e2d1350cee9efe996e56a97129e319fdf29be7f
SHA512 c8e420c7f6027d949a08e38474315d13e03c845269d7d6100ab159f33309394372f4ea6a1bd7633104f1781ff14e4551c7a3f022fa3652e2c9107003cc8d930f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 feb36b02e226657788c62cbd3841116e
SHA1 a6aa5396778d8783f871cd6a9d9427c931e5ebc7
SHA256 73fed98053774434b449e8999623a31c127c1671516868eac00e6c6037ad24ba
SHA512 f63eb13c70e38cca37932a199a898050d562e69e22be72ed5b1a4d91b371bd1e25fd5e1dc8150501eb316e1af805ec94cee65b08444704ba02e0314ea065e119

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 70997a1dbef4d64bcca3a2c03536cc7d
SHA1 abb75bcae0e6bb2698473c80681804c79a050bdc
SHA256 c9bd21224c41bcd0bc1dd093319f2debfa7534b06d35bdc17046717dcc4e0a0e
SHA512 4d8491d7b15a6b3b75dadd4aabe0771274c8137cbd2e2d8b35167f614646cab88c0bef86f3079407166a6e9d481830d3cb852a7afb8aac1ac7339bb0fedbdbc7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8e184daa76d627c8472e54c37943f888
SHA1 72029d552363c7c59213a98f66ab818dd1a32bfc
SHA256 e4699a056a8fafb68e3f60438fc10eccb53a687638a14da61f3586832bc5f89f
SHA512 cc8d1e55669a90c6b84204f64f606fbc612b71a73171f17a716b5f9ba0dc45cc1b7496a27b4e7a30ba8dd8a8574548b2f2ea5b5d49d13fa4615078c9f610e0d7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 68f5d281bf8a89c5fb37981c1b41c479
SHA1 5a7dd9938eecf78dec4d59d958418e7ce517ab1c
SHA256 f777f3f032aa8963313b75a9a0f1b1c67b7fd994b161cd57559240838ae04227
SHA512 4a0c030ab2903b78f657292ecf8357bf15d1b568fb75810782e81259ec1877510ae5329cbd7c244f46ac1ffdb506ee85aa59761cd4cef2d683cf0411cdec0800

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 702a865041e2f4c82c7286e3647bdae8
SHA1 ae971e57c55b39da9a79ae3c5de88e9dc1c745cc
SHA256 faa1f63e7e87967d850d3e16169a4982980fec28e47f34b2e46d14a55190010a
SHA512 5a591a718c1e05be23fa00707005ae5152b8f1a83b328a6e77a317144902d9739befea521a67a0e33e17015e98cc2b0db02664180fd2c173ada970d56e63ce65

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-20 05:03

Reported

2024-07-20 05:33

Platform

win10v2004-20240709-en

Max time kernel

1799s

Max time network

1796s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6bCJsJc.html

Signatures

Office macro that triggers on suspicious action

macro macro_on_action
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\K: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Probable phishing domain

Description Indicator Process Target
HTTP URL https://bstlar.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8a606cfe8bf46fb4 N/A N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133659256928217676" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1705699165-553239100-4129523827-1000\{9C93B9C1-C216-402D-A38C-F7FC2E81E7A2} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1705699165-553239100-4129523827-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1705699165-553239100-4129523827-1000\{E2080C37-3257-43AC-A17A-45F12AEEB87F} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Local\Temp\{8D5A7289-5C54-4E02-9FB4-AB14B033FA83}\8tr.exe:Zone.Identifier C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 594605.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3224 wrote to memory of 2168 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 2168 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 4068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 3768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 3768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3224 wrote to memory of 5060 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\6bCJsJc.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff842eb46f8,0x7ff842eb4708,0x7ff842eb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4148 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5684 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3720 /prefetch:8

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Downloads\metrofax.doc" /o ""

C:\Windows\splwow64.exe

C:\Windows\splwow64.exe 12288

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /Automation -Embedding

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff825a4cc40,0x7ff825a4cc4c,0x7ff825a4cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1868,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1860 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1940 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2284 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4600,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4588,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3152 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4156,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3564 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5860 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5844 /prefetch:8

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\BabylonClient12.msi"

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding CB2C9955B375B0A049CDE3E0E3F501AE C

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7888 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x50c 0x4a4

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6716 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8412 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5020,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5016 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4536,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5188 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4936,i,17863563017119253796,15970460229033901760,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5284 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2052,9313341842727623182,1539893695009215007,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff842eb46f8,0x7ff842eb4708,0x7ff842eb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2012 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3740 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3740 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5284 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5040 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,10573324641577770518,7777641194219054692,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 imgur.com udp
US 199.232.196.193:443 imgur.com tcp
US 8.8.8.8:53 ced.sascdn.com udp
US 8.8.8.8:53 d3c8j8snkzfr1n.cloudfront.net udp
US 8.8.8.8:53 s.imgur.com udp
US 199.232.192.193:443 s.imgur.com tcp
US 199.232.192.193:443 s.imgur.com tcp
US 199.232.192.193:443 s.imgur.com tcp
GB 173.222.211.121:443 ced.sascdn.com tcp
GB 18.165.158.24:443 d3c8j8snkzfr1n.cloudfront.net tcp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 193.196.232.199.in-addr.arpa udp
US 8.8.8.8:53 193.192.232.199.in-addr.arpa udp
US 8.8.8.8:53 121.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 24.158.165.18.in-addr.arpa udp
GB 173.222.211.121:443 ced.sascdn.com tcp
GB 18.165.158.24:443 d3c8j8snkzfr1n.cloudfront.net tcp
US 8.8.8.8:53 js.assemblyexchange.com udp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 stretchsquirrel.com udp
US 8.8.8.8:53 ced-ns.sascdn.com udp
US 151.101.64.193:443 js.assemblyexchange.com tcp
US 104.18.24.111:443 stretchsquirrel.com tcp
US 104.22.75.216:443 btloader.com tcp
GB 173.222.211.114:443 ced-ns.sascdn.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 i.clean.gg udp
US 8.8.8.8:53 o435357.ingest.sentry.io udp
US 34.120.195.249:443 o435357.ingest.sentry.io tcp
US 8.8.8.8:53 36.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 178.36.239.216.in-addr.arpa udp
US 8.8.8.8:53 api.imgur.com udp
US 8.8.8.8:53 193.64.101.151.in-addr.arpa udp
US 8.8.8.8:53 136.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 111.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 114.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 firebase.googleapis.com udp
FR 142.250.74.234:443 firebase.googleapis.com tcp
US 8.8.8.8:53 sb.scorecardresearch.com udp
GB 18.165.160.78:443 sb.scorecardresearch.com tcp
US 199.232.196.193:443 api.imgur.com tcp
US 199.232.196.193:443 api.imgur.com tcp
US 199.232.196.193:443 api.imgur.com tcp
US 199.232.192.193:443 api.imgur.com tcp
US 34.95.69.49:443 i.clean.gg tcp
GB 92.123.143.169:80 apps.identrust.com tcp
GB 92.123.143.169:80 apps.identrust.com tcp
US 8.8.8.8:53 i.imgur.com udp
US 8.8.8.8:53 widgets.outbrain.com udp
GB 2.18.109.60:443 widgets.outbrain.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 ads.assemblyexchange.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 js.media-lab.ai udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 234.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.160.165.18.in-addr.arpa udp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
GB 54.230.10.66:443 js.media-lab.ai tcp
GB 13.224.84.18:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 169.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 60.109.18.2.in-addr.arpa udp
US 35.201.64.137:443 ads.assemblyexchange.com tcp
FR 142.250.201.162:443 securepubads.g.doubleclick.net tcp
FR 142.250.201.162:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
US 8.8.8.8:53 xeno-soswcrde4a-uc.a.run.app udp
GB 2.18.109.60:443 widget-pixels.outbrain.com tcp
US 216.239.38.53:443 xeno-soswcrde4a-uc.a.run.app tcp
US 8.8.8.8:53 66.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 18.84.224.13.in-addr.arpa udp
US 8.8.8.8:53 74.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 137.64.201.35.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 mv.outbrain.com udp
GB 13.224.81.65:443 config.aps.amazon-adsystem.com tcp
US 151.101.2.132:443 mv.outbrain.com tcp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
FR 142.250.178.142:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 g.bing.com udp
US 13.107.21.237:443 g.bing.com tcp
GB 2.18.109.60:443 widget-pixels.outbrain.com tcp
US 8.8.8.8:53 53.38.239.216.in-addr.arpa udp
US 8.8.8.8:53 65.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 132.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 mcdp-nydc1.outbrain.com udp
US 8.8.8.8:53 images.outbrainimg.com udp
US 70.42.32.63:443 mcdp-nydc1.outbrain.com tcp
US 70.42.32.63:443 mcdp-nydc1.outbrain.com tcp
GB 95.100.245.166:443 images.outbrainimg.com tcp
FR 142.250.178.142:443 fundingchoicesmessages.google.com udp
US 35.201.64.137:443 ads.assemblyexchange.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 34.120.133.55:443 api.rlcdn.com tcp
GB 3.162.16.219:443 aax.amazon-adsystem.com tcp
GB 3.162.16.219:443 aax.amazon-adsystem.com tcp
US 216.239.38.53:443 xeno-soswcrde4a-uc.a.run.app udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 63.32.42.70.in-addr.arpa udp
US 8.8.8.8:53 166.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 219.16.162.3.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 162.214.58.216.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 34.120.195.249:443 o435357.ingest.sentry.io udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
US 8.8.8.8:53 168.142.123.92.in-addr.arpa udp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
GB 92.123.142.168:443 www.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
US 8.8.8.8:53 89.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 179.142.123.92.in-addr.arpa udp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.168:443 r.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.168:443 r.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
GB 92.123.142.179:443 r.bing.com tcp
GB 92.123.142.179:443 r.bing.com tcp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 www.babylon-software.com udp
US 174.138.88.129:443 www.babylon-software.com tcp
US 174.138.88.129:443 www.babylon-software.com tcp
US 8.8.8.8:53 129.88.138.174.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
GB 74.125.71.154:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 154.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 edge.marker.io udp
US 104.26.14.104:443 edge.marker.io tcp
US 8.8.8.8:53 104.14.26.104.in-addr.arpa udp
US 8.8.8.8:53 s.w.org udp
US 192.0.77.48:443 s.w.org tcp
US 8.8.8.8:53 48.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 46.28.109.52.in-addr.arpa udp
US 8.8.8.8:53 roaming.officeapps.live.com udp
GB 52.109.28.47:443 roaming.officeapps.live.com tcp
US 8.8.8.8:53 47.28.109.52.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 208.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 metadata.templates.cdn.office.net udp
GB 2.17.209.123:443 metadata.templates.cdn.office.net tcp
US 8.8.8.8:53 www.google.com udp
FR 216.58.214.68:443 www.google.com udp
FR 216.58.214.68:443 www.google.com tcp
US 8.8.8.8:53 binaries.templates.cdn.office.net udp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
GB 2.19.252.143:443 binaries.templates.cdn.office.net tcp
US 8.8.8.8:53 42.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 227.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 68.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 143.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 67.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
FR 216.58.214.174:443 apis.google.com tcp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 174.138.88.129:443 www.babylon-software.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
US 8.8.8.8:53 105.142.123.92.in-addr.arpa udp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
US 8.8.8.8:53 t.ssl.ak.dynamic.tiles.virtualearth.net udp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
US 172.64.154.167:443 www2.bing.com tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.dynamic.tiles.virtualearth.net tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 146.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 dev.virtualearth.net udp
US 13.107.246.64:443 dev.virtualearth.net tcp
US 8.8.8.8:53 landmark3dweb.azureedge.net udp
US 13.107.246.64:443 landmark3dweb.azureedge.net tcp
US 8.8.8.8:53 t.ssl.ak.tiles.virtualearth.net udp
GB 2.19.252.146:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.tiles.virtualearth.net tcp
GB 2.19.252.146:443 t.ssl.ak.tiles.virtualearth.net tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.105:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
US 8.8.8.8:53 75.142.123.92.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
GB 92.123.142.75:443 www.bing.com tcp
US 8.8.8.8:53 youtube.com udp
FR 142.250.179.78:80 youtube.com tcp
FR 142.250.179.78:80 youtube.com tcp
FR 142.250.179.78:443 youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
FR 216.58.214.174:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 142.250.179.86:443 i.ytimg.com tcp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 86.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
NL 108.177.127.84:443 accounts.google.com tcp
US 8.8.8.8:53 84.127.177.108.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-5hne6nsr.googlevideo.com udp
NL 172.217.132.72:443 rr3---sn-5hne6nsr.googlevideo.com tcp
NL 172.217.132.72:443 rr3---sn-5hne6nsr.googlevideo.com tcp
US 8.8.8.8:53 72.132.217.172.in-addr.arpa udp
FR 216.58.214.68:443 www.google.com tcp
NL 172.217.132.72:443 rr3---sn-5hne6nsr.googlevideo.com tcp
NL 172.217.132.72:443 rr3---sn-5hne6nsr.googlevideo.com tcp
NL 108.177.127.84:443 accounts.google.com udp
NL 172.217.132.72:443 rr3---sn-5hne6nsr.googlevideo.com tcp
NL 172.217.132.72:443 rr3---sn-5hne6nsr.googlevideo.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
FR 216.58.213.78:443 play.google.com tcp
FR 216.58.213.78:443 play.google.com udp
FR 216.58.213.78:443 play.google.com tcp
US 8.8.8.8:53 78.213.58.216.in-addr.arpa udp
FR 142.250.74.234:443 jnn-pa.googleapis.com udp
FR 142.250.179.78:443 www.youtube.com udp
FR 142.250.179.78:443 www.youtube.com tcp
US 8.8.8.8:53 consent.youtube.com udp
FR 142.250.179.78:443 consent.youtube.com udp
FR 142.250.179.86:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr5---sn-q4flrney.googlevideo.com udp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
FR 142.250.179.70:443 static.doubleclick.net tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 8.8.8.8:53 42.131.217.172.in-addr.arpa udp
US 8.8.8.8:53 70.179.250.142.in-addr.arpa udp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
FR 216.58.215.46:443 suggestqueries-clients6.youtube.com tcp
US 172.217.131.42:443 rr5---sn-q4flrney.googlevideo.com tcp
FR 216.58.215.46:443 suggestqueries-clients6.youtube.com udp
FR 216.58.215.46:443 suggestqueries-clients6.youtube.com tcp
US 8.8.8.8:53 46.215.58.216.in-addr.arpa udp
FR 216.58.215.46:443 suggestqueries-clients6.youtube.com udp
FR 216.58.214.68:443 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
FR 142.250.75.225:443 yt3.ggpht.com tcp
FR 142.250.75.225:443 yt3.ggpht.com tcp
FR 142.250.75.225:443 yt3.ggpht.com tcp
US 8.8.8.8:53 lh6.googleusercontent.com udp
FR 216.58.214.161:443 lh6.googleusercontent.com tcp
US 8.8.8.8:53 225.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 161.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 rr3---sn-25glenld.googlevideo.com udp
FR 173.194.0.136:443 rr3---sn-25glenld.googlevideo.com tcp
US 8.8.8.8:53 136.0.194.173.in-addr.arpa udp
FR 173.194.0.136:443 rr3---sn-25glenld.googlevideo.com udp
FR 142.250.75.225:443 yt3.ggpht.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
FR 172.217.20.206:443 encrypted-tbn3.gstatic.com tcp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
FR 172.217.20.174:443 encrypted-tbn1.gstatic.com tcp
US 8.8.8.8:53 206.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 bstlar.com udp
US 172.67.75.185:443 bstlar.com tcp
US 172.67.75.185:443 bstlar.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 185.75.67.172.in-addr.arpa udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
US 8.8.8.8:53 d2izcn32j62dtp.cloudfront.net udp
GB 13.224.78.201:443 d2izcn32j62dtp.cloudfront.net tcp
US 8.8.8.8:53 201.78.224.13.in-addr.arpa udp
US 8.8.8.8:53 ghabovethec.info udp
US 8.8.8.8:53 asnothycantyou.info udp
US 8.8.8.8:53 getrunkhomuto.info udp
GB 18.244.140.102:443 ghabovethec.info tcp
US 172.67.184.28:443 asnothycantyou.info tcp
GB 143.204.176.11:443 getrunkhomuto.info tcp
US 8.8.8.8:53 zemydreamsauk.com udp
US 8.8.8.8:53 pogothere.xyz udp
US 172.67.184.28:443 asnothycantyou.info tcp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 www.instagram.com udp
GB 99.86.114.84:443 zemydreamsauk.com tcp
US 172.67.220.203:443 pogothere.xyz tcp
US 172.67.220.203:443 pogothere.xyz tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
DE 185.60.217.174:443 www.instagram.com tcp
DE 185.60.217.35:443 www.facebook.com tcp
US 8.8.8.8:53 102.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 28.184.67.172.in-addr.arpa udp
US 8.8.8.8:53 84.114.86.99.in-addr.arpa udp
US 8.8.8.8:53 203.220.67.172.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 174.217.60.185.in-addr.arpa udp
US 8.8.8.8:53 35.217.60.185.in-addr.arpa udp
US 8.8.8.8:53 osfultrbriolenai.info udp
GB 18.245.187.103:443 osfultrbriolenai.info tcp
GB 18.245.187.103:443 osfultrbriolenai.info tcp
US 8.8.8.8:53 103.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 csp.withgoogle.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
FR 142.250.75.241:443 csp.withgoogle.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 142.250.75.241:443 csp.withgoogle.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 241.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr1---sn-25ge7nz6.googlevideo.com udp
FR 74.125.168.70:443 rr1---sn-25ge7nz6.googlevideo.com tcp
FR 74.125.168.70:443 rr1---sn-25ge7nz6.googlevideo.com udp
US 8.8.8.8:53 70.168.125.74.in-addr.arpa udp
US 8.8.8.8:53 www.mastersmzscripts.com udp
US 34.149.87.45:443 www.mastersmzscripts.com tcp
US 34.149.87.45:443 www.mastersmzscripts.com tcp
US 8.8.8.8:53 45.87.149.34.in-addr.arpa udp
US 8.8.8.8:53 static.wixstatic.com udp
US 8.8.8.8:53 static.parastorage.com udp
US 34.149.87.45:443 www.mastersmzscripts.com udp
US 8.8.8.8:53 frog.wix.com udp
US 34.49.229.81:443 static.parastorage.com tcp
US 8.8.8.8:53 panorama.wixapps.net udp
US 34.49.229.81:443 static.parastorage.com tcp
US 8.8.8.8:53 d29lduyskr59p4.cloudfront.net udp
US 8.8.8.8:53 siteassets.parastorage.com udp
GB 54.230.10.98:443 static.wixstatic.com tcp
GB 54.230.10.98:443 static.wixstatic.com tcp
US 184.73.73.222:443 frog.wix.com tcp
US 34.149.206.255:443 panorama.wixapps.net tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
GB 13.224.78.164:443 d29lduyskr59p4.cloudfront.net tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 8.8.8.8:53 ndtheyeiedm.info udp
GB 108.156.46.40:443 ndtheyeiedm.info tcp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 34.149.206.255:443 panorama.wixapps.net udp
US 8.8.8.8:53 browser.sentry-cdn.com udp
US 151.101.66.217:443 browser.sentry-cdn.com tcp
US 8.8.8.8:53 81.229.49.34.in-addr.arpa udp
US 8.8.8.8:53 98.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 222.73.73.184.in-addr.arpa udp
US 8.8.8.8:53 255.206.149.34.in-addr.arpa udp
US 8.8.8.8:53 164.78.224.13.in-addr.arpa udp
US 8.8.8.8:53 40.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 217.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 34.149.206.255:443 panorama.wixapps.net udp
US 34.149.206.255:443 panorama.wixapps.net tcp
US 8.8.8.8:53 bundler.wix-code.com udp
GB 13.224.81.34:443 bundler.wix-code.com tcp
GB 13.224.81.34:443 bundler.wix-code.com tcp
US 8.8.8.8:53 34.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 duplexer.wix.com udp
US 54.69.236.124:443 duplexer.wix.com tcp
US 8.8.8.8:53 124.236.69.54.in-addr.arpa udp
US 8.8.8.8:53 app.visitor-analytics.io udp
US 8.8.8.8:53 www-mastersmzscripts-com.filesusr.com udp
US 8.8.8.8:53 wixlabs-adsense-v3.uc.r.appspot.com udp
GB 54.230.10.42:443 www-mastersmzscripts-com.filesusr.com tcp
FR 216.58.213.84:443 wixlabs-adsense-v3.uc.r.appspot.com tcp
FR 216.58.213.84:443 wixlabs-adsense-v3.uc.r.appspot.com tcp
FR 216.58.213.84:443 wixlabs-adsense-v3.uc.r.appspot.com tcp
FR 216.58.213.84:443 wixlabs-adsense-v3.uc.r.appspot.com tcp
GB 51.89.164.44:443 app.visitor-analytics.io tcp
US 8.8.8.8:53 sentry-next.wixpress.com udp
US 52.86.130.31:443 sentry-next.wixpress.com tcp
US 8.8.8.8:53 42.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 84.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 44.164.89.51.in-addr.arpa udp
US 8.8.8.8:53 31.130.86.52.in-addr.arpa udp
US 8.8.8.8:53 loadbalancer.visitor-analytics.io udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
GB 108.156.46.40:443 ndtheyeiedm.info tcp
US 8.8.8.8:53 url.giveaff.com udp
US 54.196.173.211:443 url.giveaff.com tcp
US 8.8.8.8:53 visits.visitor-analytics.io udp
DE 167.233.8.77:443 visits.visitor-analytics.io tcp
FR 216.58.213.84:443 wixlabs-adsense-v3.uc.r.appspot.com udp
US 8.8.8.8:53 211.173.196.54.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 77.8.233.167.in-addr.arpa udp
FR 142.250.179.70:443 static.doubleclick.net udp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.20.206:443 clients2.google.com udp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
FR 172.217.20.206:443 clients2.google.com tcp
US 8.8.8.8:53 66.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 216.58.214.161:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 zemydreamsauk.com udp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 8.8.8.8:53 sentry.wixpress.com udp
US 54.69.236.124:443 duplexer.wix.com tcp
US 8.8.8.8:53 204.201.50.20.in-addr.arpa udp
US 44.218.1.12:443 sentry.wixpress.com tcp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
US 8.8.8.8:53 12.1.218.44.in-addr.arpa udp
US 8.8.8.8:53 169.142.123.92.in-addr.arpa udp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
GB 92.123.142.169:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.74:443 th.bing.com tcp
US 8.8.8.8:53 74.142.123.92.in-addr.arpa udp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
US 8.8.8.8:53 fpt.microsoft.com udp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 8.8.8.8:53 171.30.167.52.in-addr.arpa udp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 104.18.33.89:443 www2.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
GB 92.123.142.169:443 th.bing.com tcp
US 216.239.38.53:443 xeno-soswcrde4a-uc.a.run.app tcp
FR 142.250.178.142:443 www.youtube.com udp
FR 142.250.178.142:443 www.youtube.com tcp
US 8.8.8.8:53 110.179.250.142.in-addr.arpa udp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
US 8.8.8.8:53 80.142.123.92.in-addr.arpa udp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com udp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.122:443 th.bing.com tcp
GB 92.123.142.122:443 th.bing.com tcp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.122:443 th.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.137:443 th.bing.com tcp
GB 92.123.142.137:443 th.bing.com udp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
US 8.8.8.8:53 137.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 122.142.123.92.in-addr.arpa udp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.122:443 th.bing.com udp
GB 92.123.142.122:443 th.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp
GB 92.123.142.80:443 www.bing.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a499254d6b5d91f97eb7a86e5f8ca573
SHA1 03dbfebfec8c94a9c06f9b0cd81ebe0a2b8be3d1
SHA256 fb87b758c2b98989df851380293ff6786cb9a5cf2b3a384cec70d9f3eb064499
SHA512 d7adcc76d0470bcd68d7644de3c8d2b6d61df8485979a4752ceea3df4d85bd1c290f72b3d8d5c8d639d5a10afa48d80e457f76b44dd8107ac97eb80fd98c7b0c

\??\pipe\LOCAL\crashpad_3224_BWSXIVJVAOENHAGM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 bafce9e4c53a0cb85310891b6b21791b
SHA1 5d70027cc137a7cbb38f5801b15fd97b05e89ee2
SHA256 71fb546b5d2210a56e90b448ee10120cd92c518c8f79fb960f01b918f89f2b00
SHA512 c0e4d3eccc0135ac92051539a18f64b8b8628cfe74e5b019d4f8e1dcbb51a9b49c486a1523885fe6be53da7118c013852e753c26a5490538c1e721fd0188836c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c84fc5c483b564ec588dfb447d7891ba
SHA1 611a11acf5ca17684b2bd1a7791ac83614b461bc
SHA256 e3c5d8d0223071cae29753e16347ca41d187922eb220872170764498fd820e2c
SHA512 2698467f2532e382a23352ef612bc8a412b89e73953f21ae0694eabe77a71580c2f57516ecb1fcde01dd0dcfc1ad54f7912e7d7b8cdde19762af377967b078ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 522a20259ae0150347a72b40e381af6a
SHA1 311daef1f1c82f3f54b9e156525e59ca2d6307f9
SHA256 769324c1613f47d968035922d993ffac1329e666fce55166579102d2c43cd754
SHA512 e1533239f76b32c76f78a2c2342e0c7ac1f3768bf4c4be074a8e35e6ba96b80b4b0c1cca3ce2a2d46f93319c85245c5a0cdc969986f73d3d2a8fd2199b2ce9cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8e71f26f26c4a2dfa85ce9db28abe358
SHA1 25112c038abf8753c6766af79535e2beeedaf48b
SHA256 2a1c9e196407668e4a3e35dcb002635b411a7c80546a147a9be8175b92fae9bb
SHA512 ff658de12e9805a9c7965cb919360d1f086bea80945affdf1b91846a263d5b1698973740cf186df2214a11d00d07b6200a8cb04a0f8a171162dac4297f11a00c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 84bc9e3443bda76e5dc82c837cc0e89c
SHA1 d962ab3b48ed89d0a5ce270cc1b288734c18e2fe
SHA256 6674f86438e644ff239ac54e4443827b897af7dce9b6a4f6c13625a1126abfb0
SHA512 8ba32ff3bc38dd03cfdf55984bf40cd2afb25903dbadf44b79b2b920ff5148fc5d104b801a8121b709eb36928131419a2aea1fd09c29e6d57e2983d53d705262

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b4df9ee18c70619b28edc6d45f76f205
SHA1 a75d7664fb0f80abf294d1e281e4662342325c7c
SHA256 c98211c8f574b0ca5e9f21761de6e70620bc7d278a6f10fb83244d7154420e70
SHA512 826b75752a3023cd45050efc144c17322dbf8dc31d0dcab503060d3286f8400c27fc0eb015e356abe5f7a512733c26e7f18d5818dfa267476bc80e24ad1274c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5839c8.TMP

MD5 adbc13307a0c47521f882ce79d6f7db8
SHA1 821704b9f23113370bee805b933ab22b698ede2c
SHA256 92bbdbc4f03b9ca8921d8d22ad3b9bbf12573dea8d994d606a7a433a26b9cbd5
SHA512 89b30d241e351e4dcac95039524bc9d9af330398361242875c46fc6fac3ec7e2f0d60eedbc6dd9598a17cb3b1393026ca40dbe5b9112ef3c29346054023122de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 08119c8fe17057882ccd24cb11e44ced
SHA1 418679913f25f99bf7afebd9722d0ead04298c65
SHA256 c3c3328d323a5878a0ec205a440180a2a576d9b5455deb8ddfa86201f8aa400c
SHA512 4308e097e40886de086a56d1e6729948f3bea1316dd05744881285e1e84978624463da8843373dc68ef0c88916288874f00236e154c515e11c712f6593effb90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6a40d0cf490879322eab5399c248b0e3
SHA1 410e0fb977120d6acc152efa5ef331259fbe7268
SHA256 5eee6d9d5ace516b0ba83dcd83b2e52fbb1de8c257058681138d54035d8093bd
SHA512 05bb8f35fa5b9d169fe2f3ac97ae9330a7c5e3cad82bb190d3ca4bcf40cefc8e2d7b698f7b37423fcb346f3beaa89617e4e31969044101b3ecc51047dfb93e88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 1d9097f6fd8365c7ed19f621246587eb
SHA1 937676f80fd908adc63adb3deb7d0bf4b64ad30e
SHA256 a9dc0d556e1592de2aeef8eed47d099481cfb7f37ea3bf1736df764704f39ddf
SHA512 251bf8a2baf71cde89873b26ee77fe89586daf2a2a913bd8383b1b4eca391fdd28aea6396de3fdff029c6d188bf9bb5f169954e5445da2933664e70acd79f4e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 78b45f66500680832e342e6fb8f0c7a0
SHA1 457528aace12ab0b6487a490d7b8a6adb13dc8f0
SHA256 5cb9b5d3fb0be382aa00936369c7589c938a438c3942c9883072dee465458c00
SHA512 6c1aad5408b7c02a828596f5030fdd310b78b79dffdf3b3dd997aa26802b55026bc18d7fff44a0e3fadef8087b43964262a9894fd4fc06de1b229bbc6d3b2b1d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 931d16be2adb03f2d5df4d249405d6e6
SHA1 7b7076fb55367b6c0b34667b54540aa722e2f55f
SHA256 b6aa0f7290e59637a70586303507208aca637b63f77b5ce1795dfe9b6a248ff3
SHA512 41d44eafc7ade079fc52553bc792dace0c3ed6ee0c30430b876b159868010b8676c5302790d49bed75fa7daa158d4285e236a4be3d13f51ff244c68ca6a479ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 466451568bfce6bbe8af078f5f72edcc
SHA1 732783ee545d482cc16f0cb901579fe8fe8dbeb8
SHA256 b347b31caee776e351af71dd62af68d29d03c44c5b99fa14563ceff903290679
SHA512 e99b9668475d702b61519a035e6ff97d8dc25cf99f82cc83c1c9c4b59664351b8d78605b43d5ac69bf9684e7ef4c62ca1a762f9ec2092767474cff0fabe6b1a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

MD5 f9a90d58144602c12373f3a51ae11c3e
SHA1 50930fadc719a0cf689f480f053fe55eaab64817
SHA256 477adbd55274ba5f7057f114fd4c4908fe46d7f486c7cd6dfe452a80ff0b7c82
SHA512 0f06561a943bdafdc0f6355ce4a5dd2a3daa348d621ac8c0d95632d5bf0458b4068803af0f3e9819496ed750299a63e6eea88c53bd2816c757a0e4c721d7e4f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 f379276efec34127fed6f06101a024d3
SHA1 279e8e9dc86c622343e5bba17043d893c9224086
SHA256 1f92cc266344c34ab3ba73fd7107c0b7d53de896e47f3683c9e7ea4b1e74b8cf
SHA512 a87e994179341eedf39393fd4b7a57e8ac341f43bcd846c3bc16da9632921c08566be9ccb1b3afc0a1b9a9152c6a1339bff584401aaeb7f1cff7a36af66db5a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 1d360b4556cb737bc22f87dc83cdec12
SHA1 2401ae1c316e52652ec9a309d5db2e0801ec4bd1
SHA256 5bc8f420585a110767d782fc3bc079c38cbbde4cae27e7c9ee0f4316e2c75805
SHA512 305d885a19fd8fbfbd7b9c13de9461dc07392ecf1a351388c60bdbf51862ed3d7ab995b578f884de4702388d332a5a8b6b8204cf4519ffbf303642b401dd3562

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046

MD5 6f0d8c2d86b40b21934ff819a3961667
SHA1 2e411280d2191d0f9732fe01ebc522aa87363b34
SHA256 8ef59cad09decea1d3b42a9ddd4a9b25a6c7d7bdac03d0621b4bef1448276c88
SHA512 b9406b8e4f3ca0fb1a45d3ce677d12a84c83c9c1039be109b0002c4a42435d68107cacaec2e07474b7e9d48e6e00df1734e33d1b18d6aac7a604ea6500e01024

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

MD5 0f3de113dc536643a187f641efae47f4
SHA1 729e48891d13fb7581697f5fee8175f60519615e
SHA256 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8
SHA512 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

MD5 883db639bbca3123c523cc7e29d3f8f1
SHA1 dce0983b3bf9c7609bee34e61613ad77416d66d6
SHA256 fea376c85578151c41dba3e47f73358361ef059464d657ac944e3ae98ed37622
SHA512 7c72b0954283b802fa89d25f06061132d5456383930ce6db4cc1decd33c9864a5d3a5fa0227fdeec446ea59649ace1440b73082857ec644d3f5c31cf7b416601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

MD5 d7580dce32412dc9d53e8911beeac7e4
SHA1 fb93b2d7546f30ded645e40c4ad2ae962bced731
SHA256 136b2c40697b50198694dcf1ccae005f9a5dcd15b3d67bb48745df477a49df06
SHA512 2440ddd41e5d17fae4ff5e261d2d4694937f27d94292f1424c398585471f71cd20131f2babdf3332176ca2aa191bde920aeadb15705843fed3d4183fbfbe6e43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

MD5 681b3fc333cae54ab17c3dc34a8cf707
SHA1 071db9942e4b9906a67f1af7541bb039e6816cc0
SHA256 e6b305df0502b1cbc3d021ee9458ae110695004559ddb1604c86ddb5fc8dd8b3
SHA512 0d4609fc0bd421d8ca30847ce83e2b594169226b13e6aac75ab0b31e0268139ffe406eb277c5511f09cb7809d5d848393ada19d57a319c15ed295b7f033fcde9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

MD5 8fcb818bc23425964d10ac53464bf075
SHA1 396f40d25a7d38eed9730d97177cd0362f5af5d7
SHA256 8b56333cda4211c50ada778d598348b8a846d557ed9117d8b265e004db31e9f7
SHA512 6ec7588257bd1261f9b2876c3aa57fba2b6bdc33a2a68830c8d8d539f449c552cf6923a5e8afb5e665d12cad253a10d68ad665d9eb74ff8250c6daf2f61e6da8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

MD5 01088b35a7144b96e1c65db9ecf5aeab
SHA1 3d5b4a4fafdc3867adca4a4a640d6296bba06f82
SHA256 66616d0b8be2030b1f40d1da2a80bdf930172335226111b7965a4480bb584f1f
SHA512 bf639e6539792c3ebab0ddb646b795a1cb14e4359fe97726db69ba2e082debdb920c15d5eb96a552613ead61ee4320de0331c02aaba3f14dd83956cc7affba89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f1dd865fc62680d57264ea19000e1fb4
SHA1 1d1ed3c1894379078982a7514c0e42ad6394d1e9
SHA256 ce8dc2c7ede1ea3af28c3c0f9a7af36bb1adbb12983b6537f28454bbc90be805
SHA512 790aa67c870eac6446135f3d5ab00c1d63d1d03a889696ec6e87005429c6044e10c103694ea078b4b276426cc3e5b1c9d242636ee269547f1061e62741d26808

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3826b4947b3afec972f908ce2157edd7
SHA1 20912ffe53106dcb2707eed3164d86d472868b5d
SHA256 2a973e4a35af12ab8c55c29fbfdb0abc31021828be8fc7ec7ff19fbf181f2ae9
SHA512 93bfbc1183775d854696f4fea601044c90c6548f9322061a2403035bd503defea34df7d4eb443863a4c29bcd68e18285c5aff7c9011a3e33dd253f5d6dbc6ae1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

MD5 015dfbcf0c986f99bc0c1d6ab9fc162e
SHA1 6dff455e6dcdec9ee55ca25edb5f8edd1803f3f1
SHA256 291c3acf9855517f481cf0d64ba43f4e085381d857589ed5fc75905c82133951
SHA512 1d34e7bd775cc7b70371a579de085824a0eee0c6ae81dda89d51500c51eb0163987055a2dbcbd9ea191ee8b35ee0cfe4813bde076bfa5df0428ba7e043a6522a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1f241e5e93793daa8b8a8162a6c5b1c0
SHA1 81fcf2b35f416199986e356d2bcd2ddcd82e4b34
SHA256 df5c00284c1af6f97e2de8fd85472735027c2d64892a92faea4c0529e446de99
SHA512 28aed9a73d4c2f5f44180a4b2407f4f08ec9b2062892c855ea51614e7dab3068919bb871b2248d86286bb3c2bf226417d5da63181602e96283d996c5f626372a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c51b61155edc27fd0613141ec28c6a9a
SHA1 c6c78b9256afa35adf03a21477dc36986bf6cd47
SHA256 c104f612f76e75739cad1e61c0309e8a7eed6381585ea083d7ec09e1d1bdd131
SHA512 2d6f5e942220b1ed1a7139cbff2a0516af915752b1bed950087904ee880cc4c20a07625cd1ca8b4b2fa6837f2e091314e8ba282ce3ba6739ad29cad6a0019de4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0f7132201d8812aec03db8ec92c7be09
SHA1 1c3645345c015a252b257bb4f4c5964ec73ed76b
SHA256 fec757131dc6052f5ee3ca42c91dc8ceae2c7b27b102ad75a0c77827e8242461
SHA512 117391b306e13add4b969edb3f149c5ac6dce581c92458d9d780e198b8c427e086284a7b10ff4eba10c915ba98a5898e79bc88e6280e78b15c37ac4ce17cc130

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e2270ca1d506268393f499298b8d9b51
SHA1 8be164fa00936cc7855205c1b9d17814ab11172d
SHA256 fc49224841317a1b38816763f896ddcbd4fadd17e3a190ecaaa7899197f1eb29
SHA512 761ef47eb949453f740cfdb4e4567810c38b65b9451a382ed93eaa6bf4edc1617f6684107cc082d5e0e2beabaf8f11ca8be00c2583d5b20bcadb2e681f05ac86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c18bfb613fa14d378fdfe2580e8e5a92
SHA1 178fa465745c40638552e08c4a6553af8c2a02b2
SHA256 36ec2dc3a3d5894591a186363ea83930d14a5633752a2958b0f1f3d8f260641a
SHA512 d15bbfd4607ec4a2dfa0d3bd235e2cc763ee80af4cd6ff152b4161ddfa8b1c122231efcefdf067fd038c8327612efe73c3a204913b058d3ecb4731e3dd49429c

C:\Users\Admin\Downloads\metrofax.doc

MD5 28e855032f83adbd2d8499af6d2d0e22
SHA1 6b590325e2e465d9762fa5d1877846667268558a
SHA256 b13b29772c29ccb412d6ab360ff38525836fcf0f65be637a7945a83a446dfd5e
SHA512 e401cbd41e044ff7d557f57960d50fb821244eaa97ce1218191d58e0935f6c069e6a0ff4788ed91ead279f36ba4eddfaa08dc3de01082c41dc9c2fc3c4b0ae34

memory/1028-1254-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1256-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1255-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1257-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1258-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1259-0x00007FF80F2F0000-0x00007FF80F300000-memory.dmp

memory/1028-1260-0x00007FF80F2F0000-0x00007FF80F300000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat

MD5 ebbd8d15f2e388df83131c958fc80314
SHA1 8ad64a227ef78dd001041df0a94e8dbc3cd7f6e3
SHA256 cf86a6fcc58271bb8c80a65a9c265c6c22baa458f0974c03992cf6f003dc7972
SHA512 fc9b31f06cd0fa569e7bf039666c909a537329a728d1601c969628e3964cd4ec34901ac9f4ea1e09d30ed5d85989e6057ff10e249461f380ba613bf3e068119e

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres

MD5 112ca57f7e8c43179e9a2c021311eac9
SHA1 f3942630e205968af97fdceff6e65394b65bb711
SHA256 0dd3be3c5119d59a74da0b6d3948f04adc107cc045fedb5d61d701f10d069ad6
SHA512 3045bd944b09ee975e4164754fabfb067c689e197fab97bdc9ae055bf618464957acce2ecdb0784cba95704913a692c4f40e83070bc7aabbc8f975240aecf222

C:\Users\Admin\AppData\Local\Temp\vbhja.rtf

MD5 53071c6589903e3df4d79381548e1383
SHA1 27775d1effba0e3e623fc0b86a7c4f3a0487380e
SHA256 bb998cdc8296749bfefc24924ea7728fb33180595d4b91d1eea54f56a35dde13
SHA512 9159b77cfea2b7437f9f1a588bc64af78221baae64b4473b7250af1c7aa83028525307a27ce5b3b316562e90137c83fb7b04ca0e570ae334960b130e10fe3234

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\687EBA97.emf

MD5 0ed5bc16545d23c325d756013579a697
SHA1 dcdde3196414a743177131d7d906cb67315d88e7
SHA256 3e430584cd9774ea3b21d8e19b485b48212fe356776158dd5f3c5f63a5bde7d3
SHA512 c93072d11058fa50e3b09ff4da9f3dbe2637c2b5df05e616bd8ddd04557ea1e8b0db106b1545fad334619118c467776f81cf97ca52d3f2fcbbe007f30032b8af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e74a5e8de7354b0a9295f5141dfc74ff
SHA1 3c3190788bad423575868e00d78e05d3d6b5be5a
SHA256 8286cccc165e45186e5fdb741ad78b90e8e9980d6ec2542557bc392b47b30825
SHA512 5324d14422319d5cee28a6f89d7b48cdf9d6184d275dbc59480bef7d57ad35be7a90e0601388fe2301526dc3664f8b1ac633f43b8c3959d23aeefe495ae6776e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a14f3dfb-811c-448f-934c-3338b8176f20.tmp

MD5 c4389362b7dd2fef500b6c46acc67995
SHA1 f0e4b490a7ec72c19a4c36695c493ef0143fcf20
SHA256 2a9a53126f9ad7bdabc5ad64fe91ff91dc76b79c50769e626edb7a165aa6b8d5
SHA512 67b3c12130cf8b3558eea957c64461df54c2ed5f768fa62aa446ffa0e5d8fd031b522b32edbca1b9065ab11febdad754b21cfbb07d327fea4fb014c5ea6e11ae

memory/920-1384-0x00007FF80F2F0000-0x00007FF80F300000-memory.dmp

memory/920-1385-0x00007FF80F2F0000-0x00007FF80F300000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\D6A01AEE-8203-446C-B208-F88F17B93869

MD5 4948c66dcc8a727ce3863ae0a471b41b
SHA1 146e59c34e11e0c57931f13ad5d5475ea944bc5f
SHA256 37a2ba36d83ee5152dc166720562bcf58edf993d4ac8626d5e1204241ba9bbb9
SHA512 bff8d4fac9cf54c6c2ad751edbfe156916647e57dcc13302479328be4fa9a31b54642ca928d31f76406770a3a5e1648d090e6c3240de6e8702393e349c7c2b7c

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\49dbe2955480c7f6ef8cec9c4320c9868d9293fd.tbres

MD5 d2fe27e8d8f1c5804dbd21c2fce0b0b0
SHA1 b21962523dfb7649627f2b637a5bc5598e6ed59b
SHA256 2301a3970adeada2555c6718cec9676cf2be0e28e564dffaad9b8cb5bec9e017
SHA512 232de0560d1a78a9bddde7703fd321a7d858a1b7bb9b689517c3292911ac44c8ba251e0a22ad2b4ac8a3649d83c1a2f127be7e554a22278e6e23cd8d7a7f42a6

C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres

MD5 556745daec38f4d68bf7c6431041b82b
SHA1 b348f87b98d50025fb3cc5e6b54a6c2354cf7a5d
SHA256 e7c2729b34c5a5094a76a926c2dd22aceab191ef3cc7c99941913ae604185007
SHA512 238423ad6ee55fa42277f5a0aae407792b7541970bffa22e61a2a6e8ce4318c9cf519f86fe8fbd2123b798d81a3a0e98d1f3961fc740e0e56d41de09b59df31c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5c223b7b7e63deda981147dce80030f1
SHA1 29a8bb8d182d6a3879cc2219163836640e20806a
SHA256 0029fedbe8dc5b898c5e28b0e19b65d2adb1ec5925515832ece39b7ee2ca4ca6
SHA512 5b3e759bf23aff8b5e1658627b36c3a17e0d1fd972b3e134448fd71a2b2a47676125ac1f37fc00e21c2b32591020e04151a8a27013782b5713a3abbd8fbe0882

C:\Users\Admin\AppData\Local\Microsoft\Office\OTele\winword.exe.db-wal

MD5 f9ade69a8b02548618ca04d74eceb8f9
SHA1 66977bb6bc3ab2d81d4695d92969be398944f00e
SHA256 c5cba08917ff02be8469da3150aaa471df709629f83157e97591e97f4fa7e6ca
SHA512 93d08edb9e4162a84dd3694e9a09a5645fc134ea255ce261567c13d6d39bfc7f1bed64b25fb25d9fef4d5867be958911bf479ce36a6cccfece6d4285397c8719

C:\Users\Admin\AppData\Local\Microsoft\Office\DLP\mip\logs\mip_sdk.miplog

MD5 7dedda664affbbe96d0488cfe2cdb64b
SHA1 5cbb729ff9c4d9124052f4d97cbe23d6d8a01c0b
SHA256 8e67814628095df86052d2df171aa9a80cccc0da656fbe510be6598dddf6b5bd
SHA512 9154269e0eadce9e0e6738d3f295aee966ab15d830cbb5776af8fc92b430783ba1effe869139d9d658ca6f311ec11480eaefbd5a4f84acc5395fa2d2282968b0

memory/1028-1442-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1443-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1444-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

memory/1028-1445-0x00007FF8115F0000-0x00007FF811600000-memory.dmp

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

MD5 40b8ad05c461a58e0328f952fe80a409
SHA1 2b46025b10e2513fcbc9681b830bec10c3f5894e
SHA256 98ea4630ba382e38355c1721d9439bd6ec5224bba7e1639a46b0179126e941bf
SHA512 964571fff24d15c872fe43c76a69dd038cdd8305b312e80b70c2f575e139f5f7c19add5ccfd27766f799a0884a609f6792da312d1e422e2d441e48b14c105251

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

MD5 90eb28485d46cca6290ee6dcf4df8c9c
SHA1 36eeb20e338209080896a56c718ffc2805643b00
SHA256 eebbd9b27e68a604b110c6c25738ff73d18d1ebe3fc9e596d3dd03eb5aa3fd52
SHA512 a870db435b8b5d79d64529bdc5b0aa3c3a5cb25ee34a28c5d76034f7270132af45624286abbeaf05f67a3aada1e71cb198d5f96b85e47c6998b6cc5bc9d84a7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dcb9cc894027ef4df46297833ba41ef6
SHA1 9fd1f57eaa58ac716a5bca5a696d79257dee0b52
SHA256 4e51bad7187240d725cc973f48235a753c3388385179c8d3d9ed9a1c6b41300f
SHA512 1988427c1e775a1d02d5522862fc98c97524bf747488618ac1c5047e7aad33c79aea383670d4116d72aeba0461d8434f48d73b1e6291856cfeb0158fc004bdd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\TCD6D5C.tmp\sist02.xsl

MD5 f883b260a8d67082ea895c14bf56dd56
SHA1 7954565c1f243d46ad3b1e2f1baf3281451fc14b
SHA256 ef4835db41a485b56c2ef0ff7094bc2350460573a686182bc45fd6613480e353
SHA512 d95924a499f32d9b4d9a7d298502181f9e9048c21dbe0496fa3c3279b263d6f7d594b859111a99b1a53bd248ee69b867d7b1768c42e1e40934e0b990f0ce051e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 944809a96df24c9bbc44173fcb28235e
SHA1 df8796b8b5c6f433608ca7e315aadb17e1048b87
SHA256 b28cb7f7eb48757c2670c0b75212ce4e0a1ba92a5fb54618a8ab3e3dee56800b
SHA512 eded86a2d5b4f8fbe8437d352ab5cd5c00affa3c1a6667f156e749091c5f7c7ce54fd21a233a76eeadcd9f1d4d221741825937e97902209015088a50ff7facd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 27bb0e1b22bcac725bd65f98a7fbc73b
SHA1 b4d853e48ccddc85008e91bcc96c6bb01291a7c1
SHA256 4fb3c25646a2ce7c5ac80aa2adf739eb07140172cef02ec4117c1c0adf61e8b6
SHA512 c05705de906b32ebd6e88ad2983de65aadf32406110ea53c2e2d4122121c137ad285870b5a1e0bda5c4057b87439ebc05a109c5947ca5a043bf83af5b489d0f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 480e764445cd7937b8406dad685d27af
SHA1 181353217f18e0dc8762979d797e9598272df811
SHA256 f57c5eb1658e2cb504fc7e3488fa9e9196aecbcba05b27e728c0f018c9219aa5
SHA512 af3392788ca049cfdc5e6c052463c9152d1fff6a790d3eb3c2066af1ad2698c2c787c194f984ca5e7e035c6fe427e4f46770f8997a1865195cbf87127986af33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a13763d34397ae48d359c4acb8affade
SHA1 a8cb9e513a956d60142120eed7a48e6d2e0964d9
SHA256 2212fc3eb6be5780cd466ee3a5ba90db491ee2fad296347ad101e5cd1b0b7a62
SHA512 cdc4d5d04cc6ea68fa3055a764933f74194cf2178b4a57ff77785f0aabc987f43d58d9fc70e72bdea6fb0961e9790b01823486b69be5f5d2509d476d412115f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a098801b77c8d2ac4067056c661ceff8
SHA1 7181c5874caf0737c07116ad97b1bc1d6fa51fce
SHA256 ead35bb918f74031538744a289e91b68ef119c44b5cc952972bfbc9c9d4c1274
SHA512 7584eb9412816a154dc8483c0a70870b92fc4d06b899185e5d59fa3047e224da0dff96e9c01678a25e590e7422dcae825eabfd593e7a2de66be6540daaa5fa24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5016957e28953d4c198ea809174f547a
SHA1 7cd05b948650ba71b12209f29059c9a42d9f361a
SHA256 9c850aeb90d76cced7709104e4ddb58920000ff2fade6be9f6eaeaf241d5a983
SHA512 551ee2f25fa420097736a9ac22f17735ddf0142821f6c1fc83ff6966d9278a40d77ab897e30051161edceac626f7cb15653166eb9facd722f9ad459777e828ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6fe2008565dba2f17ee703ef5ec67b2c
SHA1 506aaca4f4e94df94f43090bb345505130815943
SHA256 15e5ba305f615a363c617f1696378741e9d4103e1dec717606629f8f65a12529
SHA512 bd0472a0f557df4f69b20c7b82ef8787c249cdc2adbadb4863c52aef2b1525b657d3a4cbc79962a5ee93e90049cc435991cc865af78adff56f2550e20271727f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8687c1acd0b9394a29468dc9f15a9d83
SHA1 c22ce713d10b87ed79fdf9e724cc58f49781d3a2
SHA256 5054e428dd9ff3b2aa82a0f1cc8e692b5b08c390c7c0b1778977f572c440add7
SHA512 6a1806b65d48d6d23b344f903a8bb65fa31966c059f5b9e37e76c3ea3bca78bd3783ab9c9b9cf8bb2bd2fd30e73b008496a0569e896eed6953109f83149852a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b15d2be94ee12fbc6c4ac97ed1ea138c
SHA1 0a01a825d9d4448478eddc99530927900db5c2f1
SHA256 1ba6e29e04cc39a8d283f8af1a7b0adf76992db338d098486eb6f7251172a5ad
SHA512 c99c1fe656625c688b155e4ff73142df07c60890f10a14a279408568e693b7d2b3e38a95ef7f6316940da03a880099f6d15fd7d986c35a9b285c172a1f746b1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a07da09e6ea02a1c91c7462f886ca7f6
SHA1 8d2e66dde6263c93cdac3f5922b515bef971b5f5
SHA256 0958c996cc4ea8bb304ce3b05cb8ac530d2c34e9bb9e7ee94350279f50805b39
SHA512 97a6084191d3328d2abb5d2570d28ebec2512597ab8681f7676d3ee41cf17a9fdfed8440d6b1fae0bec9e8f77a3c47fc6c9ab47582fc94ef794682a5a4a22ad0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 414c033179d20c74debbdd7567b24848
SHA1 cac0cf83a714032a586913f81b15d4aecea8756d
SHA256 eeea1f96345a8cefd804eaabec6cca8e6fb3ccf5e3b1db89a2e433f489b23f5c
SHA512 ed88f482d0a53b919fac456262878c9316433b24c4eda77c054fbbd33e30f54dfd3d455c9710616493a7f678c6efc4d8caf75ac7cef6c066addd2ba6c6ececb3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_2E76130AF11138F39D76E0D756C0740A

MD5 a1ac5a275ef6e73fd4e2b1b28886f4ef
SHA1 a29ba10d34fc8e68993363be1939e47f89d8859c
SHA256 a55c6a6505bbb22b89e74efad1a821913fd6def11f7c44d7bd26fd37c7d0739b
SHA512 7cb8a1f37a6ad9197182e47185b075597f49aaf108f4b9d1517963b6d229244638e2bb410ebc88d2028542e65049458f297e74180b771785e28e5174dea7208a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_2E76130AF11138F39D76E0D756C0740A

MD5 4f6f26f8c205eed2543e0d6dee56fc4b
SHA1 658d30eca2c92b6b3f9399d886dd953a28d7ce79
SHA256 1a79dc9752b303adf96a00efe5895bbc8d3a764ed2445ac807b9d14f42d3ae5a
SHA512 400474f449a3bb7a8dba69af87a45ecca5ea0a7c67c2d18b23cb69871f1382d29799e505dba8906ce62f97d75309c8770d34f38cc08e551a0c728321d75cf6ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141

MD5 728ce38378a4f6ca78bea28470a29ae8
SHA1 b061660f8a03bcb4189802a541ba7b611f286231
SHA256 d9f85c177c79f8700492f468aef7f647eae6b344da735f1793569b80d222d78f
SHA512 48bf130d803d653b07f7baf7baa0b72f66c0a9363e6f3a358ef7851d19614d35a68ece0a1cf5afd8f749b27c048467f63b099f47ed9b1be441fbc166b969b0a7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141

MD5 70d3cba4c56bcf2766b1db015b4ef4c3
SHA1 7c5b76ad4c41838db1af44074b04e33ab61c3879
SHA256 4df00479467df05cf99796b8ccc65841d72b33d77ccf42f25b7adcbd78e3f82d
SHA512 da86362155f52bd4c5fa89865dc7895ffd6f745b3cbc750474e4173ab685b63cfbbe93459b697736820d6096b559aaea775d0c077e822268f68fb238551f82a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB

MD5 f69d531c1f62ea2376cb0c0d19e76d59
SHA1 b62947409245baf74c2b506ad51c4663074c4277
SHA256 f0736b52e3e10349d970cfb41f334d24a48125c5791dc268ec0c8921705a40e7
SHA512 3f2745d3e1772b36262381c6bcee8d2e6d137a9bdbd6ad7f677b161c3944bc4313fd6e5bfdf8424a115b35cba4b792180811c65ab5dfcd9d79dece809d96c38b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB

MD5 12fa917f30ef2a5c866fc62a02501a7d
SHA1 dfb54b1f244c7bbdb1d4293d6945e0dfab9b9906
SHA256 177c2457489796e91d3a2e8def181c6cf8c542157255841c4d619dc5762a6939
SHA512 652ba03dcc84ee51ab41e593d6b7fef61d68901cac357091f8786e284d00a223a1bdcaba4e090cbb0155f2bb3f9cf79e05194dd6456be14a06587f95ad95a43e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0825882540c9a908fde33cf9c80a8265
SHA1 0927868ef7fd1985a58f3d6596d70caa4b267002
SHA256 adca0db7ce593ae6f9e5f512768b86d42730770bafc3acbbc6a29000cbd5c855
SHA512 8f74b2e7295ef5e2def17fb03113980617295e33a5a8f293bc3649f4a47a594ae43d2f5110aae67c45f4c1d43347e0e12ac439ec10591ca40777208cb66fc257

C:\Users\Admin\AppData\Local\Temp\MSI1F60.tmp

MD5 6425466b9a37d03dafcba34f9d01685a
SHA1 2489ed444bce85f1cbcedcdd43e877e7217ae119
SHA256 56f8ca5b2079bc97a7af9c015ed4b6163635baef0d9a287d19fc227fc330c53d
SHA512 62f4c79d165282db14b662d4242a065af4c8a642f2023032ab5a059e2d6001f0b80e9a0562989013acf01a80a67491be9b671e6bd99220cf9d4fb44a17719371

memory/6456-2075-0x0000000003450000-0x0000000003477000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\{09EAD19A-804B-444F-B17C-15F8C5837E63}\BException.dll

MD5 a2d4928c9836812735b3516c6950a9ec
SHA1 01873285eec57b208fa2d4b71d06f176486538c8
SHA256 79ca108d5c51259d8fb38ed1cfcc5a70e9cf67a5954e52a4339b39ff04fa20c8
SHA512 d03964a2bb597bf0fdefb787de3b462010c4cd02d286b16587a03b5228553a307d1b8f472c312e0d8bb53f21570aa5b112d85193cf42b83ef33fb7905855eba7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2cd218a75433b63d19f9cc9c43a82fa5
SHA1 16c6d546ad0b85ac955c3c07a5fb2cc8e82ec0a5
SHA256 8e999395d35cc845b6aa1d26f77f333b0c37723d461720cc4733e75c9000ce28
SHA512 44603150ec33e8c50e23f340136637016c0d3d1e540fc0d24f2da2eb3f47dd9dee067193f38fa86839d3ad697be5f046b5d86e613daddb4d3d671c7f5bbdc20b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c2dcbf6f104bec62738cec0db299573e
SHA1 26a1f86210ce66bce2dd2ada529767a2dbfeeecf
SHA256 864b82469e81e8ac75fe646013285935f134b54e35e291064e31dbd593301b3f
SHA512 819b5344b58ebb6b5bd8fc10c1aa842a7dbd2caf5e02e15a0110cd8ed0ad128cd42cbd6d57ca2cf6c5e27b16a23b8a2b9a3fcf85a5a41dba05b3a37fe5a0c635

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 3e3255d10a21291b097a041d0dbe1f04
SHA1 e01c16b933d21b7a88c51fe091713aca277940a4
SHA256 ff45dbea7a990af5229d7bb97669ac53ed050fe167c0472167e2720602602c1b
SHA512 ccccd5782fa45890c909da6416f4f18403d03580d42f5043ab94adef2e1de0524c2521a08017eec16785729021a77ee60ed6553dd6e5e0cd235a16ce00808744

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f507b782ee9c36559dd6eec04323cbc
SHA1 db3d10e6c74bac14da7eb9951577d30bb4220d13
SHA256 547058999dab00a483b385370ad474f8efcf516bc43ccd1c7e79b03e72ad08b6
SHA512 75952296b06023b5e16cae8f1a0e2d1f91dfbf11d7f6be00918e3b90caf91c3c0c076f52b7201b5274f37fd4aed2a78feb0139fde1c51852c614b141a79daec0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 79dc53735a7f064c21eb79bd83ddcedc
SHA1 2efb8c5736858c2a8ebc2f467b5a214eb0cd9064
SHA256 f76baa14ec7e817b4a90836735838dc87060fe340010f98245da72123b93dcce
SHA512 6547f95194d148cad3df826218fb075d6eb72f13bea456f20122bae5a00dfc28a63626d0941642a175b02d84aa3dde76f210211fccbcec1d4e429c9313fbdc6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 209af4da7e0c3b2a6471a968ba1fc992
SHA1 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f
SHA256 ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403
SHA512 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 b07f576446fc2d6b9923828d656cadff
SHA1 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103
SHA256 d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496
SHA512 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b62625f36de4220a41dc29ae7ee9b107
SHA1 052071824e46e623b92c6805cfed3aa807b82997
SHA256 7ed14b31b993361f521df328d710abf274845d409c71c8ac871c299109d89c92
SHA512 ea4f057485a89130ca7e72bbdc60c84d47d4ea9360269c60f973213f42b480af9dea30d2e943539627afedece277e4904117daa562c80be8e7320d9802d91e3f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5d63e8bd8afd65f84910ff7b78d93ea2
SHA1 780a2ca6bc280b55561e7acae0f2f5049c76fe60
SHA256 5c912244c80aa57bdfbdea124967c4f58add1e7fdc5c1ac4f70ffe817fe9d1e8
SHA512 e25c79246022df8caf03f675a92315ffe5b8fed11329f32ea243d8116186d4ddb2c0b47ce6018050271665b2d14c9f9457254dc2afb7f16ea131e82b285e50c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d083672cb945b81f6d51ad295249f357
SHA1 898a131387042faa2a8de886bc449413dc8bb5a9
SHA256 bafda7886d948db5d70fabfa36c96cd7b8a021b2f1ff83e99073bd39ea954f98
SHA512 55b66ae4eb23be975eef20da79639b8309e07689682daeb87007530505fe61225d5f964ce33fb95c12d480440b1282bdc8f1448916222eec837a2e654e353cdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2358b24af86611ba166ea218fab090ba
SHA1 5228c0065bf928f72807e5bc910929a16fa488f2
SHA256 7397c026d9ea86e06e674cb0ffddec223cf18e9383e7a0dc8607bb5ef0e91e1b
SHA512 8627466c68f6c17ac0dd30bfad44d4302e96b6b32cc138b151050ae9f68a3d68da84137683d72705ec5624402d0fdbf4b7d20319703827e3e7d372e837dfe856

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f2fe73990121a8e3ca6fd25adf5d778b
SHA1 6575f8b1f82a4cf4a35014ae76e5ada078d7bbb5
SHA256 bea1f776c979b2afc44de6c41d20a6d8468a38376c67dd111b676c16e8efde17
SHA512 016fc6c46da653888bfbccbfa353d16125651553089496230ca2769d91033f92a8b82fd07b56266dbe092ea041014ab8c712c109da215cd5dc816885cc4567d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c3798ec43069e530fa66ef9dc5752c75
SHA1 48053b05cd26473c95997f24a87f1f9d05e449bb
SHA256 05dbdcd77b34d96136a17e01a6d2faa90d4ba26ec3a0c0b564f85acf6efe4ed2
SHA512 faf4b495d8ec7a2adf87e04916593843d02010c643b2c307df538ce860dd1bb2e02331bec3723a75263b9074c6172ae2e18524ba8c2d96fe5dfe898335817129

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 66feca9259a74250b4663a6fe378304c
SHA1 c89b8627ee0a8523364ac9578bb06eff8050ae11
SHA256 b60dc17a5bc6877a8e4c24cf2b1fb96c636db31d6e629de8f529ed0ce486b5fe
SHA512 89e8459794dbe59ea7222697e97154b25c5834496be0ea49484284cfe28113d396193e023ff1efe4960110ade569f27bf6e187384170850b38a9efb92d651d75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a4746a41-2978-48ae-9f0e-937f5a923ddd\index-dir\the-real-index~RFe5ae783.TMP

MD5 8648fee29b830aa159e24f9c0d6f82dd
SHA1 a4b3786a6f098211d83e0c5feb4de185b17123bd
SHA256 ae134732ffec4313423323bbb788390f506d11a3f4c9f2a02f2532eb2097dba9
SHA512 a02a5fae430fcb143a1b6913808c25607c8be2b076530beb1dd3cd80466917e82f0296de9979eb1eed6fd699894287c6f8c87cef265940520dce18feb2b7966b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a4746a41-2978-48ae-9f0e-937f5a923ddd\index-dir\the-real-index

MD5 1c8c05966017f5e5288672e2f8029133
SHA1 c3a322d38676db6968f0a24000e556ae0cb97ce4
SHA256 66a604f082f41eb7b4232204f49c2da6d4bc6cb05f487cb0934d7f9f313903a7
SHA512 ca07a779043747c1ad2e4823d7d7e4b6118194cfaa1b0c445875705eeb755f9694972172bac14f771e84e62514d274a26827cf2c8e2f0940d4527923c3112769

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 716b1bc5ceb41f3639e315247402b19e
SHA1 5b053630f1982ef4656b3667b14fd08fe22d8b4c
SHA256 025cfebafbd5a6d7d7717c243bf953fe319f9fe89f7c16915eb19f539661e9ab
SHA512 cc3cf3ae4b99e1213f73edaa44b86eb1ced3c2ad33dd39fd1e887fa068705d034cb6b053ef49710186f139db2a0261d083c1f4331de46a717f33b22d0cf4df59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\46cd3424-010c-4373-8b91-f5770de9ef4b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fd2f7b08ac8ec13a965db3548dd37b2a
SHA1 154f65cc532aa5c151156c5bb75290473a074725
SHA256 e2f00e3ddafa7d5c91689b2238c50d7873857e2abf448d546f8ba97a797c3d49
SHA512 e9c9b3c3bccbb8aa063644e507edcc7d422b9dcfca840a42d6f31703c00916d2e91dbf14011d9d37578be13814bb73d0f2b46bc028d319efea91e95431067050

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1945cec6b692ee46b0574693a5681a09
SHA1 a0900830b2308f059013d4d3209486437490f63e
SHA256 87a74f545ef92e11f27bd07f53171145c42d4ac510f2161d31bfa0f685fc98fd
SHA512 df8f1a72d97626e8b123e3ed5bd49b3fc092831079185948faaaf0d044b0f4574dc984a3aeeccf45b6034f4707a5bc42c2ae11bc232a723212479a64ba82e2f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1324adea17e11510685bc5b008eeb527
SHA1 321cbcedd6962525f264d22111ac2396736e7e55
SHA256 0b052ff6e0efbda8e013e290f13f1e2e88428d989b4126a13b480c656a67124f
SHA512 53e7ceec6cf94fcd7316ede91b6afb9330030258bb245ce0783918f05a0be167a55b04baa03ff6e99c0dc374f8aeec06daee2b7f97d03908945b6ab8832181bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 624e823f116b5a9556d4c9124bbef75f
SHA1 31dd565cb2a0ea16b62c2ee4ee72d297d49f9b8b
SHA256 8104d0f5e99c73d7d866a2305838cb151a6d2d7e004b377e674423f717b846a8
SHA512 dc856f7fd8ca7bd6f6283bf38a311a3523af25ae7481c4cf755ec629b7f9aa8e736a0547738c8ec2f27033191770d43ebea781b3cb37c266f312d81ae8e0c24a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

MD5 a277dba1ffd7ce3ecbc852667e01f15c
SHA1 a27e1e9c2a5fe88cdac2f737a33bb2537d4b537c
SHA256 4fd6fc02d95c915b14678d9931837fc72b8507e8ac4f44e856160a9fbde35d1d
SHA512 8f0e251dc1b73ad429d3f16eee63ec09c30ef3548019cea921120531a73358f06fdf233e1db5fc584d0d95e59dc1738143b9dedef2ef47c8c03aeadee1e5c8bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000094

MD5 2a3c7f08911cf09ee40d780831e9f7c2
SHA1 90e953007666471cdc4d641a74c58122cc230d14
SHA256 7a46bb2cad4c2a7e23ddd544b6ce502c25ef56d317493dd91ae32881071ce1a1
SHA512 f270d7c7bbc799840491c2e1f39eed3d447fe502ced7dac6f4033efb7cbe37cdde582755b6ac89f553b035c4c05524b23466fbc0d55c938224e2459dd7e8d6f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093

MD5 b9400658387efb96b4f53ef18bafd18e
SHA1 03e9ddc38a17e4da4a4ec04d869cdadffaf81860
SHA256 029ec346019b538d20e2b2420c384b3a6c91a31f8e9c3ce386f7b111675a2e44
SHA512 1f094defa20a97eaaf696d7c9138bca987da80875901d25ae05994618b624e1df5a4a8dceb9331f122ace807187452d3d050bc4045049425f681000c100a2c0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000092

MD5 e85fc907491dd8dd8f269aa7b9bde3f6
SHA1 868bf2616ae737c617a1ddb8d8c8e22d1c329997
SHA256 8ba6f5b6dd1474e18863e346423d3dbfb0662c46850675b91351a569cf8a7b96
SHA512 b35c8a46f0c22b63c88479bc809b578a620803df1801cf9ba4a34b4bcb9d1824cbd5cc78ada36bb24ca3427e35689bc78cfafebb88239b657a4e93921dcd4c57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 8636d80f2834a9c6dd473b0e97a368d3
SHA1 184a2845c9a4e295df996f2c9b720df977aebf11
SHA256 29b1148e2ffb35b0b7c4cb4488768daf0c4f7ec0026bc212a624ff71d319b6d2
SHA512 e32185ff9645912b17090257c7997267fa3edbcb64f89315d551d293bf44cdd665a34ff846a0fcfdeba5e787cbe9c39f1a9071abf18bea9065ef45b324ceb5fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5288e036a6cbf50e59248457339fb091
SHA1 03ace3883c0d91eacd0c03a17de8f5e4bd6b6c38
SHA256 f68774d5ba0d0f2d29d80ea66904bea99f02d60241f89faf9feaca9585caa60f
SHA512 be9ea5d761dc62acec6e57d35da0ac855291f60678276d99e279a8ca7a0c6c9c46af5ff556a902f01be59d62fb4c797ede8d1ca891d33cec03a89fb701e1d4a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6936d218fbbcdfb01821ea46c7dab967
SHA1 2c521bb8eaff1a90bac600f058e433b43d078b45
SHA256 308d1b7c889a67deac00938272e18b05384f07b21a1e8adbe5b746fca6e387c3
SHA512 1ee5f1540eec9897b6c26b0b43452682c937361f04c93517ff80f589f68373c0f3704c1932f18530bde2bed98c9f93d64fde9bb196fae8f0d13900db60f3bae4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c55bf42513233936707ef853ae403fb2
SHA1 77c17850e93bacf4dec5685f254fca0e068d9499
SHA256 36921a601b95a0ccbf4606bb88f3607eb6f2f356152925ff70cceee911450715
SHA512 3dade489ffe087314122802e5d6772f34153df34eaf0a3cb67d4be54a9e7bca7c70ab51bbcd55a75bbcf6a256c3c72871f51374db7de55ac893f57283d1e8969

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 40049d0dfd7d3da51d90ffd0968ff987
SHA1 62574f5436a0cdcca72b0a7e61bb2bd1af9c2a66
SHA256 5e996d1bc1a257e5b30a41875284a53db55eefa1be69fa65f49c35bc9f4361cf
SHA512 b5f1f3996ed74026c14b8f3f409c019e00a6703da782229ef0d6493148880aef016db319151b56021e7cb150eeab0ace70eb8e6d2783b32ff40e349ce7fe2967

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b395c.TMP

MD5 6ad3620a8f89774f8a19164be7f5cf3a
SHA1 d0379ebe9482182286390fc540952220915e4c5f
SHA256 52020400c528ce30b1acfabe8d5b40dc943eb78b610d20fcd2d671e732e2c6d5
SHA512 c6ef8fb92e8195c8f4d8b333845554fa16bf092b9f30f27ba4a3265e596f5df2160549c603cb2c637217319f073bf748b5bcb8b9daa60244fc826d929a6848b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2a0cc9e696bd73bddefc2a88e466ea56
SHA1 fdafe47c215e4ae6353a9102db44bed193f074c9
SHA256 02aa078b4ef03540287969702a9018d58eeee807dc8a67be5ea8e9e31fd63c4f
SHA512 bb68d17893f51dc3760dc138320d36282f3e2e9f943ee1d083e6b126486f10c05be7d494e1dc15e2d2e2967ba99fafa91624b9f6e251df40e32b5ae805f2c3db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 491c2ca1169efda072baa0254ee3226d
SHA1 e9f09ea0cebd3d655a5935307de1a0544ffdf864
SHA256 fd26bd501048dc68d0bf082a0a84c573adf8de99d7e1a50f121fc3859c891205
SHA512 2e4e8d6d1531b247bfc8c79bf93f466a639fd910b1860f3541afb6471b241df143e8898b7ebd3bb227c6f01734b72a04c31f9c8cc23a7f7af2492ce66ff4cf9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1132e9b2-9243-4c8f-aed9-185e9950484c\index-dir\the-real-index~RFe5b3e8c.TMP

MD5 9d45534be904102619827d58e4121163
SHA1 6c8159d91ce4a7a81e8153e6ff4d08962d4350b4
SHA256 9a5f84313b1ce9e0843232ed537c314d96f59c4083eba5cba4dc24eee8c4f57a
SHA512 2baccf0ab9ca0bf05e31b6ad6fbd1d8c529b0a2addf2916c536d47be9b66b5c21d1de1aec594b240fa330820fd3970fe3c357a63d19773293b6e68768402f943

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1132e9b2-9243-4c8f-aed9-185e9950484c\index-dir\the-real-index

MD5 53b0758e63e85b24e7dd9434b4b6fa6c
SHA1 cb26f26c91db1d8e757bab21e3e2405418b4406c
SHA256 06ae3435f9063e9215204407aa51347a3048c85bb60a3a06f2417d29d9d2c074
SHA512 2d5b299bee7242558a04a7c9f38ae02909a536cb8265efaeed5395157d2b28dc9bc12f46e7b1989a0f1c84001b67381e2c4577a0dc403a74ac8b5b0c09e9ce72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b633655c3768ffbf3a13bc73aa448e2
SHA1 70fc500304855c1e1c2193d7afc83dc7b44eda02
SHA256 6911a4d8b5a263f76e5eaa6e0f3d2d9cf37201bd2925d784711ee5f5a28facd5
SHA512 32d122f0ffc58ceb0448394b07ea8d4157a30868f0eec065c870ed8980488e2f5c18c48f6903c77806045c6e3f3b910c0d866709ac9c66d5f5cad221219cac47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a4746a41-2978-48ae-9f0e-937f5a923ddd\index-dir\the-real-index

MD5 4f2bf14c8041d1f29e25b88f2d008a32
SHA1 3c620b8072cebf32e8ea8ea5a386e78a07202539
SHA256 c8f29200c4caa89dc1b03dd52fafda88d172c9f9c5ccdb42e02f35653dc5110a
SHA512 36e251f5cb01ce894ead1f4aed329a5599fc64839c83d51311ddcbc06027f5c4a74035711322eb483361d199fd05b471f406c200d0f66343f50124fad23740b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

MD5 0c8e4a33b6592c3d19c38f7a5c836c3a
SHA1 6e8e77e5d656e7a3ab14fd4eb909233756ef031c
SHA256 92e7b42953ad9d279d3da02d159a2ca62dd19fe1579391fc8548171eff7baea4
SHA512 be8bcd9178fae25f7252af0f947b6946fb611e39cd4d79bc55216a5272435938e5764cc360070a10c1b576f04b60824cbac520481e4c27b2a0734de026ed586a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e2d54097bcf1c8ba36c07439997d8c21
SHA1 37566dbccab66f83db097adae87a56a5a676c216
SHA256 92d0aad2e4c51eca33248a7ed7128918dadd67f73bb4bdd3909bab6f1f02aa9b
SHA512 6a01bb1d9a3b506d080e9d28353f366daeed845e4ea9cf8af8efb95f9c5b74e913f4e5c2f5a85103f9835146658b5fd5dc9303c127b0f6c69f03795d248b6b56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 286409ada6cc613fe8f4127e130913da
SHA1 98fd0b78ca25e002e5b2e42e3710a889e07983ee
SHA256 f12a332b55d626985671cf8864b97c86c691727101e70b77e5a1306108d52fb0
SHA512 631db3d97c1cb5ef827ff5e946eeba8f1f6d7f7ef4152e68be9cebc0e28a9c86ada6afa54b70aba9b1e0e883a70e3e8c76150ca3bb32b6baf6dd4d86fe699572

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f30475ea11acd6076d0f274d4fba9a0
SHA1 184341ce5644477faf4965260b8fe9b7db83e76e
SHA256 5cf566bfe32ab3f4456c5670dcb62a4293129f4a706f37b439a7dfb7b04b2c21
SHA512 cc5d1d79f5828e6132817ec138aa05248240599542ee85b920c64f4fa6036c57262523aedfa673f802d8d6db1e97b111e7d815d4f863b74500b6a857b75e6771

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 bd1f06a8a8256b50e7740e86b506da14
SHA1 eafa8a83aba15764edf5424d19db7220e814db50
SHA256 baa007f7903a63c9cf25a903c82605722ba5c88a92104df5014b3ca6f72efce2
SHA512 41f645d0f4a6de5a79c28977dfcf11124e947c72cfdf484b3925ce8ebe0f8fce1dda5395c76b0579c0d096b2b480f06e8f700fe345d81dd421ea9c27a6329bdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1132e9b2-9243-4c8f-aed9-185e9950484c\a90c64b0589b1262_0

MD5 9a97ca7622671872d377cff42dbe3e28
SHA1 1f13c5cfb355e8063b39b7c4ea5d48422747ca44
SHA256 6c6434824b1328c20c1934cf8dd26353038220d90101781f92d9c7c3275145b3
SHA512 e133a77ca9973361624440d66aecc81d705d2811f48f37d699a80f11b7c12af90aebdba5df4661e52eb089762bfa036cba42b2c9953e3aeeb89f60329ffde598

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f8ce9f0e36e120defed27ee8d2d653cf
SHA1 7a262e904cce7eb9f9842f4b064b83e2f4ebb02d
SHA256 74b7f4f73ab7da4496cf9fa1e94c0080fe921c7f46ef1e121368e466ca4b3300
SHA512 c81e4a1c70d1f0b0d8af4b52ac65b4d8fd350344f5499e4584efb70aa61b8f4795066d88abae0623ddd3d7b64e969cad4a501100a90b21ea1cb9fb780cf5047b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12f8051135d03c3b6c79fd2133d1805e
SHA1 c88a226dc32ce5d5e7a4604401850597496d999c
SHA256 8065f7ccfe10a067397db33af0fa9757f75cf86caf703f79926e4410f666a6b1
SHA512 0032d925925436161ed55612a088d17a97db7c1fde66067d2477c105958a97e235d49662696d5146cc997478ade5ddd4fca8d63df3fc33c49c3f10f15666c302

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 a788fbe09215f323509fe515a3d21b3b
SHA1 0af59cf2dc8ed523980845c571a7049a745614a7
SHA256 0f3ba5f09a01bba597ad2f7bc47aa9f865f0ee8205f6be5687a05b822aec03b6
SHA512 bffa9686cac84ed2fd0765d62ad234ebffcd29b01e1c748b681923f244bdaf12658595ac7a8f7cb92af7b7aabcd28b9b3c9a78341967dd3541d6086137885196

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 b61c027b6149e816ad6191392235c64d
SHA1 6472d52cdca0d8a26e5eec64fc141f49c8a8c834
SHA256 7fd1d6dd58d7fd64f121cbc89758ce5153d6ba8f310f366790d0a5e24ae9fee5
SHA512 0111c7df3f707d4d5abde8bd2bb93f151ca5da1794554264847b7d19eef015875e334b9d59fbdc6edd952187eb8acc485eba61e819e4eda5b4d7d88a043caf79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000095

MD5 4e18de954f2614f5b72d36418b9f92b2
SHA1 da72a0e922a1ee52f5431826bef7bd95b47bc8dc
SHA256 5ea70373238a6fced10380872804ff0616d714580047f664fcdddc2512af3ffe
SHA512 fea28f0ac4a7300b609573ff2f07410535b9c97d9616310c186c05dfaefdcae5406e0a91d2ca774ca5c651b1164552f8c5922fc21f2300130eda09e666349607

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5a644aadc97fcdac126ed989b0f2257b
SHA1 b1a9778f1fd45418742443615fd2acfe86444037
SHA256 29a1cb1ab766eb2c66078e52cd5733c1c4c67c6fa3a8a788b1079cadf47cb326
SHA512 9aa6bd2cb80744c309c3cf50c8be4b9c48b19d439ed1dc406c575507d1c958f4bf48da54ca97c194a5409be914fbe31dd76a453a3490fcd5962ebc4ede304e13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5f9a4e886245b5aaf127d7559bf1a43
SHA1 b090b7635d50242c8ccd83875d825fda32ceb1cd
SHA256 9db8f35fa5de25657e757293f03eab72f579c3ce089cdcf1c4fbe21c64e5f388
SHA512 9aeff53ae712bf38dab8327a953fba9382174a7f999dd2057b9a3ccfd77d1d26085ef627e44110f5d44671798b3f24eaa43defcbd8bfa99044d352baa87fd43c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ae354207899776322797083e4202f188
SHA1 6c1799d2bbc235cfef200af1e4451609131a0924
SHA256 396a60cd65db1862fe2a757e9345ef3bfee3e589b6da9d8f544142014378fcc4
SHA512 a79088a02e3d5752eb9163d8fed69007535cca4b50caa86189f8ee44da11237fe405dbee91b85882dc023ab204ff53f40cb2cc6bff30eab517dd07b7dae75785

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6fa70f719e1485fec6bd6cf565ee7b24
SHA1 7c5ee047769998ad56036c772dd723184d5cceb3
SHA256 e6316b80d7e4eb08318328cb427143d7f11268686c5ef0517d46fe7a0c4af90b
SHA512 1429df1b8b822cab5f1c7028de9f9108d4d3b435012e4cb0d2c4a2792848bd5243f46ce9228bafc64c7640292e31dc70de8338a356228b8bcdda1b3d25a4976e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 18a621550be465d4ac0d2454cec150ba
SHA1 b4bf969fa84c9e41685a0dd173963c81dabd3f2e
SHA256 27efae8efe71710329f9156fa0ad4fab5f3b0915c7b46c29a79c54e736a874b5
SHA512 b17504d56ae94a99559e29d8b802af37c9e0d35d24991e761df5a57dae12ca9812a2b6865b2f6dce8c7b808ec0396a4c0f3582767c4a289a6e932115e880d89c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 85fbaf6d7b011f3d34c324b938dbbde0
SHA1 4ef757cf549a4700b5ba158315b526cacf57befd
SHA256 cb61c3ba0c191d861ff2865b43b37426a3658b4bf1152397be7516a8e9309058
SHA512 fb91e4ad52a0e0589e86e98e3811f544e20683b24a8228b0fbd06eeeb992c6de429f9989a67b05c71856ea7d253835206f1a41d481a3eeb13d919c05769f19d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 651f3bb460b0c253cba697e9bb189bd5
SHA1 658786cffa2ba47c6f76c60348632693a0a6aa5c
SHA256 061931bff5057f6222e503cf513f2d710d2a061ad027b6a3035e813a48ca4f23
SHA512 fd4ea531fa88f5a5552f35825de2f9f8f25ace2ecf1893c24f5fd2c86bdc9f8c29571e60cf6e4457394d5bcd0cac69d60b8cd189262e3c384251604ee0e64046

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 aca1753c6181b0770a7ea91fd865fd69
SHA1 2465ab7803ce6472d751e8b1fb7456a3767f9bdf
SHA256 c45c24d7a01b23a837d47bc99928f7746fe41c7136bdd6ff3a89f04304cf4f98
SHA512 2daad5848627dc6316e04405fe6feebbc1684241ed00d9c9c1f9e887332c1321d67af96bcc5fe96a4eb60dda2d11d39e72bee72a041c644007ed115561537ab5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5d5e840196cbf16e0154cd8f045c77d4
SHA1 b446f9a439067225138de9a06d6f29266cf37125
SHA256 a636e20b828748c8432f802598c5daf36e926bf1e89a3e980154c0656bbd56d0
SHA512 68c171cc1a70d0e97936fca25e45c06e3c40349ffe895f03dc6137de32b662ea11286b6c267bafd96f72eafc9b15bec587bfd9bcece2f8f7c89075476839988f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 5ac24dd4559d536a3b165b29283e0570
SHA1 fdc187a0ff656c7095a71e6ccd0bb7bea63008b4
SHA256 c1fdafada033fb6f25df95b0b92f41bba9356cc09ec3abd232dc0d71ec608143
SHA512 0f4782f7ad4302d2b6de69a3e821ef910c75aac8cce604f3be0e16ea7bf4f156da027c687107016fdb83fd1620ad0055b18e7ff08a3c76082420cdb5a32c2786

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5b1bee5ec5559b81a953fc8aa71e38d0
SHA1 d8b68c95b84bb3fcf1700fd6155c059341de2959
SHA256 bb9b5950e0d83bc53372ddff169fbe8adf3e8bf0e0a782688efe86b8757dd65e
SHA512 85b230ef093f78bd6be771227673cc396804ca551e00209042d023cda8a9ade5a0c841669dd3cff0555c526bd614d6dc7a8f2fbd5b932645dca8bc250bbeba98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db4ea130866188dbc71ec82d175878ec
SHA1 7fcb3e622ac5f94ee920a396146fec690eb08c3f
SHA256 e1a88e600b99ec4bec91f714bae90087a255325053634087f9c2c199f3b21ec9
SHA512 ab8cb493f304fced8be4424f67d4b011352e4991d67e05bd452fd95fed321f8cc3569a631c233c61646a42578f789b74d5094504ee8060053e6732ba3fe786dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7dc7b9742200cf3378563cce6f22d393
SHA1 93e817a6c29213d9d370e7e7298f1e43f5691568
SHA256 1046779e6f77da91f1fa2c13010792ffe530ceaa2f503f833dde0de96b9d0a7d
SHA512 47cbbf71f09ffbd65e57e1ce8a1c354c8f6391052b3f946d7406629d61e8d39d9de4a29edb605991768cbb7c501ef62ad6082e6adada9eb7e3130aeb9072384b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 d6efbf2821e80588137794d804b9e755
SHA1 f696312f15519c0c21256aa6a25cd96925af3168
SHA256 5e1d6f1bf6f4e0f397e19d42d63196f6e70a4a947d1c6c5a0e1f3fdb3c5ab0ec
SHA512 83b61726ae93cfed990a9675f7646592db805043dbf494733b6ce7ab35c201a5abda6ddb7401b765874b7c92277a8ecb581e004851074717fd129e23b1405ba4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ea38ea51c7433c42c38cde0f8712da48
SHA1 6f767e62af84efc409352df0eaf2a348db707328
SHA256 0ac552125d168005ff5268d9966628133c014c271baedd4fafa9fa1dec0282c3
SHA512 ca23ab25d06918f8b6fe6c5b01c6e1a722573d91769cef3329729954c2c51373a308a54c00b26a0ad3c39d96715f4c3b5183fa229e77fe532f97624e2bba4db6

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 5f541b375ab31b64cefd0c2067cb5455
SHA1 c5c25a9c0431742dc0d21999618420126ea2af6c
SHA256 981238d9757a962067c37b04bbb877888d22f82c6baafb1d452cf853ace375ed
SHA512 1a40e441076e032d1cd7216d21cad729efbe1931722840abe93aa4e1cec88e7cae618b494729a21e0e3a3277ba46385853e441cd4735bc09e6843599ce5988e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c689ae916d48ead20e79ed96de60cfba
SHA1 063628149da3034881abf9003785d6849abf6e83
SHA256 1306fec0f7769fb39270e03f3cce6945e72928a94852ce68791b71884dbd00ad
SHA512 4b5629f87bf8abc1863c0d2b38e046b7eaab0fa83241c8aaa39e733ecf8bcc336515a531313cd73f4b9a7e2f8d3c954d3975714cbde23ce580c24c60d9aa04de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a9

MD5 bd71e96eafcb23b4381171143f48611c
SHA1 7d4f3ccf463282f6a671e797d1d609f061667c2e
SHA256 5778e3550595d9a7cb6cea1d0096cf85bfb4aadf1e6014fabdcc848f85386596
SHA512 af308a21bd789c4122e0e244319ae51b3233cb8645efa1a03b159eaba7a21cabbee45d322f42a8010423bc20ebba80e44a4345ff7ff5c8038dbff9ea6001d298

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 b0b6fad789fc86dcb714bbe71da34b52
SHA1 024bfa6ab59e4e8f73936ed90b16b18642bc936e
SHA256 28f329fc65d3ae5de76549816ed643f4031c1f0b10477b7a6e7f0d912e69ebd8
SHA512 6f66c1d7627d62384ae8de96e3eca0925e9ed0c6b27fb6faeb330529af5109b5e49f6fa5db2fd198e563641d99dce449b8e5bd029bdfa8a9602d4ca7a1096abc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d708b52849bde6b9ac11a4a2e33be61
SHA1 640feb6506bb5ae29466f000a4f7a64dff3596f9
SHA256 e95ae171d147129c1f6d2ceafe7a0e826847e8c30f48b707496309c1433937ed
SHA512 ee6b8951e605e51d7e70779421ef0913a2997fbadbc08fa33a34d383d83ffa985463615efaca49ed8484d7221a2ae12bc42e3cc5163f29665ccca8e3df9a8ff8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e41a70d35de0d5492daf07144d170137
SHA1 56bdc10db26b7f104b362b0c223443fdca80e6cb
SHA256 38bb59346c985d62e57235579b6fdde82b0f717921ae09561876704264689b21
SHA512 e088485cbc6baa0f1827e195e2f56e81c0fdda3f684ede474957d23716ae1691000a26b13c57b45b7cc29fb981a65c28b57f9769a25406b728119298f2c5f903

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 64e43971c10c72366fad4016b2b9f810
SHA1 b2bca359b7148c69c230f5019355d20036008b20
SHA256 fa28e005733ee8e7bdd02c4ee34e97047e21b29378c8da210a87184c808ac7be
SHA512 0238a3be044a2f9c19f834198415941b86ee31d3c2a34d825493288ad5cc9f3af2cbb7913cc0cf9750474a08a6ee0352f4a8ad3edfb3fba4f22ac3f92fe298e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2a2ea4987d45e0f_0

MD5 0bee191fab44795397d7d3963505da5c
SHA1 14fbb27cb369d0f65ad69a13e9df20cf004c7d5f
SHA256 c1543eb3c4f1a9c8716a4ce78eaa3c8bab42fbd6e507b4c602c14772483673d0
SHA512 26e26ced614f316629e31d7333a7de1270742d37c4ba38b33603c475d0b00601fe74d5bf771a7615d96fbeaa2382dcd3330e8614466d8507e04b4f31b9b08a2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 8efed78e2f00ee6e1a876557477c3568
SHA1 a58819e7de90764657aabfed092a1bf7d61fbff4
SHA256 18f4813855606ef4590b07d015985ffb1086cfe81118a50093c080b504e2b732
SHA512 83bdf88a6789aa9c443a6af0ab22a7b221330373f4480bf4eb4ee5de7e4181090c93abebe124f65e4697ebb8766c68e62c291d28eec528f32e147000305a97b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dc

MD5 9bec7ab07aff1c0f1a773961821d5f75
SHA1 55cd89eb571059094954131a0ee279ad25d7a4a6
SHA256 d16a21a63de4777f78add24fafa3684bc72eaea4d6c08e117ed1ce1b9b6abc73
SHA512 34330ca8defab65a7d4e75bcf441834bdbf4e87873bc9092cfe907f71bd1f4b648e8d34a97f5c5b143dca2626a22fda7372edae3a9a0132368b3ee1039121208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0

MD5 5474d16e6c58057027423ab069e3d0b4
SHA1 9f2e5dcb7a2c26b585739fd5dedc6e8b58ac1f43
SHA256 d3b137f6acb138399855e6fa13effa2563a7637ee3ae0f9ff569ddf3e390af90
SHA512 e8b8047bc8da482dac736b5b7d4d32ba3d6f11b301af3c580ce9a3a920504cf92406a390b569909057664f54d0ce290a7c6391cedd623937f72e12f508a898fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 92a727e3b25ab438df3ca7ad6bd582e3
SHA1 c061df993a09d22c10371981481eb6b5b244f1c0
SHA256 6a03a79279b35eb9cf641e8ee5b4723da8fd1ec8c8bd43c8e1723d115baf51ef
SHA512 8c3b49452af303e71bf65a7d72ad83cf12b252876f2a1aacf172de706ca8decfe22f5bbb42ab0e02cfd221e38bfe89f0b8f00433e480e182e7b970cc10244e7f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 7e1c7728c137095164f831d3390f5126
SHA1 bc191d76f4ce3ce518b191a58209c0af7a44e2e9
SHA256 d5d69f9ceb9da01e0f743501f256a15b0271efa949d7825524068ece13ea8c97
SHA512 017e1df0f2a09a54d6954f1f6dc15aa143115af5fd81f5fe930d2b3e9c05abce1267aba176d107e009b44e692b3074e844ca312d238d8226db288b0939a95a8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 da454f92fd0cec9ba671125fd82b2279
SHA1 44bb575f0fe72f3f785e0e3de540a9a2db498ed5
SHA256 09003d9e80f422487ca2f484ccebe1d1229d57d860d3770df08d1f7283819c83
SHA512 47e35050027fb53112764b526840fb874bb49ce61904821cf37ee863f648a8b6e7c8466c4fa82af832b11b3d3b8cd850ba95231e9d369871cc0c8e7ce7186364

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0a4197acc215d7a27e073e5524e038f9
SHA1 3fb79e952c1d7a5a8de06ca8ec43d73730640386
SHA256 363aa1aa94bfe8294e15df0c364492e481a160bafe6a884a59155cdf21af5f3b
SHA512 e8261ea689e7ebfdaa6f5858c303aeb54192160484125cdf5c16fb90e0ebfb408a00ba16cb7fc2bca3478d79ea368964b723ce2f6050a4eb2083c58bc457f327

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ded31feea5ce6ad8b079116d2425850
SHA1 bbce209df3ea4f14178d949c6164c5c16a392d3a
SHA256 c3e758f2445837cae7b425d4f67f30bf713967ced16a727da86123b8a77f3dec
SHA512 d65572c491edd9285ce2f017ff419d8ce53e50531e2867cc5721f3d84c122b47a74bb3d9091f417e03ab49d7f9b08d686da52c2a3f3dc997051491e71bde7198

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 d1312af5c9c27d04141024db432e6171
SHA1 8088b2c248bcb4aff4e1c4b709c00cb6a354eca7
SHA256 9bddde50c64ec14adeb22fa7c0ba9e7d90e21f753af1c6d135c4906049e2843b
SHA512 66894df75a95f7e3aec9b299dee20b5826f784595720fcf6169fa77fce2990242ed78cd54ddbd544641762bdcb96fa9ed5da51b3835dcc683736b2e43135ae54

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 f7ff4a33919adba720f5fa29882d67d9
SHA1 294ed68e70f37487343c3a7be7be992e08200157
SHA256 808f76413e7f97485d2a797c1b694c3c24fc9f915d93ba0ae6ad15c7c785e721
SHA512 dfdf43cd7cb85870465385b1a72a1a98937d0a9d1eb718dc7df150adc84de01b416ff608f7a6759be305c9c0bd94937f11426ff7c647ad52240aa0e41da625c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3a76911b2b7cecc0068d4038c50c3d7c
SHA1 233bdf481457bf924fab6a1b5cc37cdcfca03196
SHA256 d086ef52e30869307ff3a39dbc38eb9639a673563612f6ae77a9db8b815495d1
SHA512 5d064503cd2dd4378e927ecf171d61e9179db83cde66b906ae06bd9f2fb31247fef729f6d64321879b9c7c2abdf5ece951e8cc153e7777f87f02d807dd5f95e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bcba75e5e272696a4de69a78a315d6f
SHA1 54b099e2f07f0adda3acbebe8e5a662212bc3888
SHA256 e1bc24b988cd48e417ec0f09fe3cbebe0bdbecc0dbbc4fba690fe40453f4049d
SHA512 5d78dbc6c4490562a29174b73004fb7f27524d25c50e63dfea7fbbe411fa871420eb934c8b908ff0e1e466b764aa91742787025a77358de560b2b21fcc2e5f70

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3622c713511c32cdb7b34e2f91a0a16d
SHA1 f931eae4377808bdcb40f7952de0c0023dc9f2d8
SHA256 7d602d08ed01f29786b8435ebed8e6ffd745c116caee2936a0387936ce4a5f2c
SHA512 657fe6538a45128563d920cdf2a04287bcf1a122c65b9868a6bbbe4f5052eb1f88623865c595110273fc74c3a0dcfedfff17a04c5a2ca84b1d1646ccfa8a03d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5ee8add3d6eb91d43611d87481a1e6ab
SHA1 a0c2a06319cc4ae200598b82b97ea5ef4b6e6480
SHA256 49c19c4f109ed5eb6a5dd2b683892a6fac3a8e1506023b74401d707ac2cfc394
SHA512 b0e546cc65383f197a5631fdbed9ff8ae4115b31b9fc9fa68711787de29b446e0e370b49ba273a0830623ae83f8478c4e4fb899ce6d4fd3f1372e74eaa521663

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d82befdf4aa3088512e66baf74a79a0c
SHA1 213026725f8275968c56d017b37ab35ef2250c1e
SHA256 4c585127f2e6ad0a7dd1d00126b64da94585a13fa1d569d944ca028cd0ddc756
SHA512 8019e0c5668f336320fba1da6937d873927155d75ff8e487055b188f5c58eddc31145683fe87bc85022fcd89ea7714ca1a5b802961bae8d1a84bef3ac20ec233

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6b187937b760739f890c3653bde1aed5
SHA1 aa20061247659fee9fb5d18ce65dc8c2af5a3d90
SHA256 c7a2522edcbc26831b98b27e5dd8565cb76494126ceb2d8fba851d4d5edefa0a
SHA512 c3b96bf6e6610f5da09cd568701bb36bad46b7465eb39894d40dd0f72cbd4d62de10bf7a3cf119c65519924a365317e34df1486a77bdbe267ec968c09bb779dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d7c5af46-7c38-4f81-b08c-83a127962974.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b66734c1052c4f66e725054b3a65ed57
SHA1 3ff026122101dc4a83dd16cff73576b5c2fdc8a3
SHA256 17810d2752553f0c387cb0c50b4c625e27fec48d73e9c7934d7b8d100ccd0b9d
SHA512 3bcbde3bd581d7842de895e846d35a0cc84894e3d460fbf26565cf63d9634f14ab913e41885fac7f41e5350ca0874bdbc544992c5575b54ae93d627968c194b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bda628369ba69083d42613c38dfd0194
SHA1 ed6dc22fd208f94e27728b7f96453b08588eaec4
SHA256 e68a834226f56ef05cf9d3b1ef536e87412db6603ab7f84333ded1762702f8ae
SHA512 9af2e8bbda14085a278dfe13e6d46a373b6d2fb89af1d00466857279a70ae0ac3186cd26011dded33fa0ec7debb6fa55be721df481764efb68e1ed314ee0a10d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6fd9ce980b398c8a499dc36b5e082403
SHA1 f0526f7773c17131c0450adcd1f80a288a009a5c
SHA256 ca5825633b76eb4b54d6040a793c3b10115e7af79c944bc66ff9855d653f27d6
SHA512 7442bd273441a197b614a8ddeb12bf3db78682be2c78c1287f3860e1510a29c69dc6e265e1ac5484cc785d2543ae506458b7459b4ed2606d4ad3aa3f293bdef2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e4

MD5 f23d58a24b7fb09b1a25b21e312f90da
SHA1 5a6e0f4f424680eff057967c82ccc74ef952181b
SHA256 0f6dd51efe89166ce185df0ce728c0501e7da4a03600a0f62db2841fa371544c
SHA512 3f2e784210ba5906069f61a5fc68956aac43ba8457b995de401e0c27f90f0e27928fd023b8f3dce57aa960b4a15efca09c70d99a02b40c02934ac325d4afcb3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b9256f6508f5c0a3787bb1690792100f
SHA1 053002f398a2fc738fc47efc056a4cf1c37d6563
SHA256 8a98b3f98fc60bec75c2342386afe7975d3619f41527db069659a99b8e217191
SHA512 26d6a70c49c0714706c28711e15106a6509e7d0384fcbd11682a8510e6df110c194e1a89ef71c52d8f658f4788fd97cf85e88a3c9f701f0e984f058f5c9f4d09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83ee284c863b19ab7a03840c3d752a61
SHA1 ed2764faae1fe584a7dbd32840ce4f6cd015855a
SHA256 171c77b0eaae4df4d5e76819432b3720110c438e207105573452eb41541e0e3b
SHA512 3597fb01a036ac21d8df2933758db6364034fade677fdfd27ef60d799c1362f8f6a98594dffdd77d2040a0b63cd58a28be4f803e1b175735c80ca7c52aae3e3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ddc5f53d29bde73a7074d11766868f1a
SHA1 17c8799d14e7fe67ad5ef0ef0f9c3836098d9e67
SHA256 0b420a9d81d6950b63847938df52785cac0a306adbfc402f2d5ee317727fb12e
SHA512 0bdea93a84aac6ac7ec783d9e2af7ca3f78c03f305be6d236ef5a0952feecc385f2b12573257f72ac6f312baf8fccbabc692ef51149eee26f4e776695b8a3482

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e490496a85445ffe1379f47d3e21b7c5
SHA1 440e37fc32e843174313901331e129da38307d7d
SHA256 467087edb734f1a2d2a081b7666f5a6e363d2f19e4b6a71f446c6b68f8252107
SHA512 95daf6d5f6d58d4eb5cf7ea22d49f3fe4c4b980e18503af807281a8cb0499f9123139cdac70e9467ae8cf23beb15c279abacdf3a93fe0eb4ca18c358809f2fa7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 867415c7e484e88d1289d6b2726b9ee9
SHA1 bde2a12d86b32887b89ba194ccd8565e0638a28b
SHA256 3faf7c8c6ba71a02569b0e43e57f519d45f4423a5b78d18f7ad0a47ef3b97fee
SHA512 dd555187cf2eb3306392228dbbf03f167c0f416172246d62d9372a23b107736e6dd759a541108d6140bf08b2f47524c33ba6503a81c64a1c0acf326787bd01b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 690e9d4475f02b458ff164ab912882a3
SHA1 030fa2392adf453dd156f21181ab97489800792d
SHA256 d9a7c27ff5fb71bf16d3e490091e62bbb858f18c91902e18bfb1ef527ed5e080
SHA512 729ce296545ca38da387a7c9b850cfbe15f74b9e99ebfc85f75fd767574e7fa12d69a91989f952aff860acc0dedbc37a243a3a58acf2ec3e2e1079e905dccfe7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b5359061affe855b0cc4ec28b7f36fca
SHA1 38e70857df3759baedd8a6ae1a007e6bd7e3fe57
SHA256 58927b7bb4b83a2c92981c81445a0c86154ba1a856de46157644bbc7e837a818
SHA512 feec9ae198e032d81cb28271ca113f17397b3f537b927a66bb305de6d7baf65736fdb6c677554d547bda445f483d177558fb4a992e742aa264b8f716afcc564c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 88c563a8ea296441b9f88eca5efaaad4
SHA1 86d34eae057b9b72300379ae6e506832153e9d29
SHA256 201c9e4a68e6cdf22668cd550f6972520ea8c7641e950a1ab4d039c5875c8c81
SHA512 133c3040732a7c7095c426dc5d8006ccee7110dcecb8eb77ed8d977608149ef90aee9d8eb564667bec0de433f7d7e719b56b18c7628db1c2460df3d83a50cb15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5abba55b70dd7b8e3b81c475c6524ed0
SHA1 4f246786d4f82a72caff616db2e5b56a907287fe
SHA256 d4efafc031d67bc6f6336ab29fc153948d66e105364cdfc2dbcedd1aed846560
SHA512 f555869b3374b73c48e5cc4acdd66dcb40d6826b5a7ee2d797d819e7aab4800ad680ddd54964b7d136078a1db244c0305b3f739c5416b34fbd9a3394aae628fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 98d8eef631ea715da60c02bd4ac97c87
SHA1 0cc1dd377750ed23a4913d5dee84fb86cca23c27
SHA256 88d52651c9b1b1b1f5e1b995a09889f7be115e8c390313dfde4fa5306a7edbd5
SHA512 4a328452a95c49796756c17632d29e46e4b0104c93632ec90f76fa3e0216f58d6411864cbeb90c19b4ec1c50fb00e862f5d34b8ec05d67e256c3fa5f1a751efe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 97be330f2b8338942de216a148c8ae8a
SHA1 09cea1946e2653ea45b8174201cc0686aeab47fc
SHA256 da66ae02d45fc971cf0721a9effaf7472a1c1bec9256de71146f252c68244c1e
SHA512 983990a277d6f0e821089169e0e0637d0f3d25c0675d1cc43997855b466ef6ad69846addb9c9cfeef9557ca4a813d54e8c67397b7cfd4f45faf41123ba90c958

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b0cb1b198ae0948648baa8c596d9ba75
SHA1 3e60befea055e2545af3fb8ea506c151efb127e4
SHA256 671922c8d2927a765d5e5f28abdd7c3bbefbcf94234839f4ceb4809c08864889
SHA512 328fb72e6fa3252b09a0e7d1855cd54d0157f902d26bb80d06e01ef6754775ee7d97d85a827dd9883b7de0b04f4b2e2ff2524ad04e250924f3770e3f76e4ef20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 daf738a491278dc5bdc3d8e4422efcc2
SHA1 9762aaedc4c38ea223ff75d322215e46968314dc
SHA256 2a3c4a7344ea61718a2db407388a5caddd479e6a75c790d7b826f5c71c4e0162
SHA512 c00b774c62880d4bafe075e85e9b94d799775b29f8ad12d89b4c1f1cafbe06e9e305c07e86809fb5c049b1798f2807980f570bc640dababc0e26fc6929572ef9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 563c7326ee7a1360bc5e222dad0ead2e
SHA1 6a5e7af4e090893e5718537b64e94e54c19d0bbe
SHA256 adebea9840bbf6f8f8c87dd0d97a2e508145099264c55b82bc00ccd0be3612d5
SHA512 af522806528e14a697434ba37cb66af93b560bc4b12a361db8ce120c903abb7cee09272fa72fad1d9c69b9b70181f0042f61c0c1d62f26c387ed0bde0f7c09ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59f046379146adf20f031cb0a71ac519
SHA1 c05e3980edaef88244890d89739e155c756f86cb
SHA256 f19a4c8ac22779cea790fce5494ac5319f658fffbf5f0e3fe29fb854f7acd5e9
SHA512 fba42165504575f3de7db8780a6c671f697020cce2e6a5c749d75389fa821523d5a81a776c9d3c4aa838ae95d47a7035f6544ca7e2b414efa0495673fea1fa84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2f255cc7460784992e5a11f46c770da8
SHA1 79ad438c1fc13d8de4e10643e01930504e958dec
SHA256 84e2624e567e92f7a15792f1c7966edbee78e2c82a2b01879f952cc7a85f7b41
SHA512 5cd224e4ac26f7ca814957cf916e3afe888f93c4f72743a3f8d820701064dba6998b4e734ffbafdb890493221e6e47e85f4f56596ce04cd20d98216e52a02d36

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0990914434c66ee161a04f76ff01dc72
SHA1 57f12df322f63738fa9e5b91b7f48bffdd1f3f66
SHA256 ca50b15b6ddb3eb920366b423b37d349a4474abd42b064b115276797d5724f59
SHA512 545fbc807e49babc3915a1e2f2777431873eac1e3802d24a2fa541b24160fb292442e6b1c80f6604ea7dca8c37bc559efc92095521ebf1bcc53d5fcc66584c05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf758e463e0025eb8bb5efcf2952198a
SHA1 39afe207a00eb9bc98e18ec09d8e1886025d60aa
SHA256 6cfeb4f1a0e254fa240562f4490e1d0f856639878b6fbeb1ae71283609469f4e
SHA512 854efc36fad5211d592af6153096cf0b0f637c6e809aa675e9a2084045452503d8114f97216c4bca98e574d21ed5221d4b280e6537d2c0c32070623d5c7bfbd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5366fc41850143eb8a582bac2ad68239
SHA1 70ef504684b6258f5b93bfbfb945f33beb3d5ff3
SHA256 ffa5479fb90726c6a595584e1251382d83ba4e17c1f8e93cfe84a1838a792bbb
SHA512 75bc6cce22b3256583f08d9ef99bb23e4b6929bbc7df6d444c4c5c1020e72469c07cd85f6791686eec6db7737183dfbfb43e355e7337de480935f1dee8fe5541

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b9ff5e699fd6e7c641c8eacb2723772
SHA1 8bf9f3daa25fabb4c4fec59588b5782e178cc088
SHA256 b0285dcd19727f427861f431e2c23b2073a8bdc0de462fb59dce15dd81e1f910
SHA512 5a10a60663cf28e599ad6361517508312516c3379401e5d25421a53277df1aa2651bf6af38f510f9bfaea928bc842cc3e26d98a871891395fc5b377c57e9c656

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5191fd720a5afba110c2ded05877bea
SHA1 e10ba1175481ebe340435e5bb6bfac025bae79a5
SHA256 83f7d75348732e12307e1f0c707552187d88569b4c468bf9f4e8c6bd6d3b689f
SHA512 5ef796e0da64377a15a43e304be52f257e444ef628ee0d1fb03f6f777fdc1c9a563a77e8735054b3f4b6b5057b93f740273defcdd3ebcd0a86c6fb0d24dd543f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fbaed0e676702bd064fc0fbe4c3c8587
SHA1 ee7267160ee70e8372435b151924e95127197e9c
SHA256 4ccbbdf3706309b67fcc329d541e55843acafbb9840856236e8d2833050dae37
SHA512 8a6f7a28ee402db9bee58efbdae7e8a2868ee29bbc105df55b7cb5fdcce52851c0d6bae29fbdee926d1f8bac7ffd047264fb1e83c8b824c99144f480f1c2025b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a308085fd2ef2941ff8934c0950f45a6
SHA1 f4c45c3eacafc4caa5f4921984021122be69b379
SHA256 6b73f31203d72ba58ca641cfef0398fea7ce0dda5be7604dbc03c92c650cdf0e
SHA512 cd929457bd3c75f17de3b23a001b4ccbe31a338b85705a38e2720e1f628a1b47cd797f6d3ccb0752abc5252bae4df1eafcf3dfccdd04567a2dcb4fb7d41fb537

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54d87b81e356c9a3139ae85efad2a020
SHA1 fa0e3d4096832b31c471fbea6c3762aac7c62033
SHA256 13391f650b6de7b6938f89817a085ed5220e3b11980aefa8b02ac9389beda049
SHA512 4e2c68899f1d74d562c37123d8227c145ab2df0cde4b4adadc761d4bdb4cfea7ad32c700e6ae0b9e6916dc70ce1f1b8520010a537b78fed931d199b7487768a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b03e96c74cc6eab243d2f5c1fd020ab8
SHA1 21c2ee69fd825374396ea32508c2668153d05d19
SHA256 1c4a8e270531dbfc9d1109c01a191ae3773af4b90e5b227aa64740d15b354a35
SHA512 46d154bbec10cc8098785cd0dfc466f09bd86a2fea519df4ef7e749b976e6db7272dea759109b790d4fad97c58f51097958deb8edb54ce859ce414a853c9ac7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 171d456ec2a6fe32d94ee4971638d7a6
SHA1 0d207378656f1bbd5e335e41d854745c84218cfb
SHA256 08cc41514f03834c649c42a5f66afa8adeef56606073db891a24ff4bd302cf9e
SHA512 875e42b7a827fe8755d80d311e6e77830366e324b16a042eb90564ac32f26308e8527cf3299611c628de8e9932fda064a1deddf898b724426ef5e237a5826d0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b29bb289ed596c0dd72a3a380bc8de0d
SHA1 942a6fc659e0ede97cf64cd21f9013fde162f973
SHA256 8887dd89673b5c9134edb2e8656245ab077baf8e52bf6e244d0fd136448a21dc
SHA512 241d2e7b2e0469ed2e0ba0032b6af95f986763359d7df76d700cdc1c330e5b0e2d4d28ebb115fcdf46fc1381a018f1192b96a6f34fec933b8591ff256c79763d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad7ebd6e8cbb105f7745d78898c9f20c
SHA1 f1cd9e7b886a40bf1dee0faff781c5446e81ccb9
SHA256 00a3a4b02ec2897631c1d6330c79e4bcd82bed60d0f326d37fb84a9a2fb3fa86
SHA512 a06914de2dedc751a753c3b032d2a7311bc2f56671f399428c65e84274504115e1d16cdb7540b395f3c99456a7c3475a23a6ed6eb20353bcb980f4335fa2c3fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e87f3bdd3d521ce11c162580e0306979
SHA1 ee113786e7a4cee91a767d94aaffbd6d810259ee
SHA256 33557941a1b8caac189b8711e7b82f0dbd0cfe9991dd24f9a12334d41eef14d4
SHA512 27be630e94518b5efd744b6ef6e435489104ff6baa93f666dff02eaf9b264db11676ef4e7e293bf02866d8b6dd7b8fe72adc44afe19b36d5ca9bf30793587d6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6dfdbe5d15f0168afb68e780265f4f1
SHA1 628f0e45e51c8457963a24ee6211f86220203fe9
SHA256 7689a73d048cf718502d52f7485e751ee6691f03448763be71b0f390a1baf23a
SHA512 5f8193b24875081e0409df7cfffdd6d9c584d6c6e13979cc2d718ef600b8d11d077a59e25556334d2e823975cf2455a145e9a3b4eb020c9022b560c9c9f25b2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 542e807eb60ce1ee8e2e68e82fe03ea5
SHA1 a0a4c587cd15ff7e45ed4424257509bee3385bcc
SHA256 8310590a378f51036118182a9485938fb506d7c97dfce39c10ff89213bad7798
SHA512 b231c6a15ea73f1dc5a7f9ec6575df589db707e4e75c785963fd8fc56ce716a45296c76540263d59677f5121b2203a873ce0110ca2778034e7d056e8f88998a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a8bbcf09f934093cff88db16b4c89aa
SHA1 10ff6a3a6ab9d744e3da78485c24c792dd0e97eb
SHA256 763b175cfa35a481773909c2193dab4dd2425998e38daba09e7af2360c93edb0
SHA512 c29d05c300b73664ca0095ea775c9c2655a5fa5c18b145b4b9be3d131aee4239ff8dab29ba038bfdd585cd4dc44b72987eb9a283fa642cdbedb72cec3fec4786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34e55bdfe5c139ead52b52625d3affa7
SHA1 d8fbbeb6be0fb6dddab61ae85323b376f84756d4
SHA256 8b6af3b6314ae02c64a0af4df9e8766313b8a33c8ca9e6414756eb748f747aeb
SHA512 af94bccae12fc68aeaf38af3c2edd03518879f729ce2acd3183d98c61436851794da2a411ad3695ffd69e523e12bdbd9c29c2e1ed848dc0ee34570e562c88793

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5851c8790fbccde0a3cca5c42915f7dc
SHA1 537f1d31608c9cfac40088d9d0e52dcd61c835fa
SHA256 04b7ffe91cc9df5c4eb44815a80e9ab0b1ae0de1f17d949ba95e0a4baf698d98
SHA512 22a15a6b6788ee0c7948ea0a33c010be096abbe7078c4e85b628455f0a22252adeb6a6a7083f7603cd2277c46ebdcd87c99b591da2636aa40188eb73fcb4aa4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db036c1bcd4feee7573f1715a00982ff
SHA1 ead804a5bea3d3ce81969d3c23769a957595c20f
SHA256 8a596caa90bd66b1320a72cda999663af8ee77b478c73eff05bf2a887a6c4da5
SHA512 434483087332f467d09e6a2beb300d8a3994e30ce6c78f750451c12fc909fbeac8dbc0e633357b51ce53e8c2267d7b758c3922a718c119015d25403d9349dceb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79d3ba3f2a6998fedab5adda87cc5de4
SHA1 28389785bf34d77171b77a234357bf93035e8d9f
SHA256 c459104ee1bc6656e991ce7eb068d6ff54f60377d71e035540ef258b57ae3e11
SHA512 b6ff04906122cee8e2fd70c2843a98fac059a86b3d73b1c73f1bc9c0353a00638afe7f9ef369b1e7950ba4002f8498becf6f5cbb72d76b250994c211956254dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e34cd86c0cb2ca67e1a3512e7e2259b8
SHA1 bed9aa3ed8c9b1d8f9ee48f2a0b51fb59e7e826a
SHA256 4e8b6e7ff7be7b68e730e74d627f1f9b673e87743f30a9647ad314f2ba8acb3f
SHA512 9ff8312eddbc3041c6d928c2895568834c96947aced9b924c54d589e5a2fd2b8bb4df1a945125fa5faeaa7c01596591dc05b3c714a4bba0ae165a03ad8cad56c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\53386dfa-ed5f-46d7-933e-132c3a15de42.tmp

MD5 68b4132828209bcc766db48c2ca4b672
SHA1 980895a3fb66cc5844a11a8fc7553834aaf008e5
SHA256 880373a760cb5a000bab31003c5a4b76d6f5508142c540aa1c10cfa02565c58a
SHA512 2cfb8789009b7576a6681e8f44f26b42fdb335b1b42686b4202fdd5ec03c35d6c3857696c57091c39bc40dab5fadc12cb20f3c02f4e70ac959fa53b10de7371f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50b911eb30ca46338ea5d7526d8f1e56
SHA1 b5395f8ec1b66dda12ba1c69459eb5720f7f00c8
SHA256 83b89f098ce778adb0e401ff5c667854ae5695c6f1b89cbd08832804f981b452
SHA512 837431c935eefe638feeb6b4682fab8a0012db6e30938b4f2648d63edab5b3873e941fe524bfdaa4d6672f029bda2be19093c55cfe19e29430ad614f27103884

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db495d31b9dd9d78358e355fdde53f27
SHA1 7fda58eaad511ae564602f123f5fda1e48157f49
SHA256 3d5009fec42d33b09efff405a7eaf49bb8a08db7f13dd804c60a9e7103ee163d
SHA512 50c9c97fd061f65bcc2f94a1e3038439c671bcdacb8f51c87407ccfa7c81b1ea631700188887878dbf785e0dddd6a55e8eaf05e579d26580e6b7c4f2075b3121

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2a0d254b8df30198b81e4c2bbbd8bdc
SHA1 7627a3e087e4c63f3952789a2d5e08912a89c274
SHA256 6935738b9a0cd1ba474c4ae1cbedf197fdbc6a0f13f946164965e8cfacde22fd
SHA512 e8907af948a6c545f57e1ac3e3c1a7df97741016488028efe234d68aa4e0c935497cfbbb35b1c7903b188257d7eed2a6da43fa7c6d28d55ce5e39afa82aaab94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9907937225375e437bf6b9812611bd0a
SHA1 075a59aad80dc5f42a0d9549da4d646addca5ad0
SHA256 55e2e1f5c1183a3fb1412a501adaf2ce5c05b46fff04f25ecafd25132a98ce92
SHA512 e48b787ffbc0000ddb98bc595fa3ca9753794fcd98d3ac87c150dcc55d1923e0aabb362d7f0a4b8c86dd9d81275a528a3aee9213a4ed4497ed1a6ca0c1d8eb74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc26eff8bd283b63b94eabbf86e5f24d
SHA1 8a88c04afd76cebf4011c2ae5379a2f9c5b672ac
SHA256 7c26fbf43d93cf65ed62a7811560c71648d1aaf176c30b20ddf67eb66e97661c
SHA512 6b03e8d68801b1951d6ffc4e6286210e6f1b2745bbd7e1e4325177f2ab0169af7f0e5f55f4ab39cd64230c48c90e0048ed89ad1e7c4aa085c47c936993927558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4640735d6dd444e771fce65ce80ac194
SHA1 4f31eee8152d6e8885b993c45b59f21e596fe689
SHA256 93d5f3e5d6ecf2fb9cfb093ba2493a4e63fec9ff18d88abf48f8fe5abea68cb2
SHA512 17f948fccd1905e39e68b5af11bcdf37fd3a4cc97685c5cb398e0b1b5890c723bcffa213d50750345be59f485b1dc17e7402bb832e13c0b7d5fbd4d8b40f56ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91bd2edd2ab10ee42e04971d969b6cdd
SHA1 3f11e2de8ed2445acf57c9842c14f83ba9302b25
SHA256 8b6f02c918b90288c1ca79172df460ee0840e4e68fa02de6f66b8d6ae2348682
SHA512 edcb9e13edd0be30000893bfac5165b2ee7df28fde3fe671ad00408e10e329974b1e6048e110f47f70f214036f0c4e39384db2f4289a264fe47b7c9c38184b86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f938ac5d-488e-45c6-84e5-fc9da751b3e8.tmp

MD5 92ba7f13a8a46a485b411fc166e1b367
SHA1 25f70f458c602688d37300698c0b4c582100dfc5
SHA256 94588e6aaa89b18dcc05356d8e69b499c3c9189accff32edc60cfd6f3148aaa5
SHA512 76aab5c26ed30f5675a56b21eae1dd56af3f4048caa7d1d42d95ab79c4eb282429aafafa146fb8614713af31462670c152c1328b3e14d5a6346cd911d9241423

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 387916ef0957d82b7875dfe5855cd7f2
SHA1 f4385123e2ccee53f0b58a703a7fc42d460b0f54
SHA256 12136d4cedcd2dd3bed996352c48f6bb4e623961fe7ba45de202a9c89ae930ee
SHA512 4cd92402312e49b334dead966bfbba640e59056ebf78ced3553e3cd0f799b72ffd6e754345407eb37b84424e579acc66ccda4482e58ec60db273c2dc35ce9eb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5636a8bd22ab57db0ae93c07ed221b90
SHA1 e9e0611f7b840798b696a14bd46687123527ab33
SHA256 530393d1efb78201f515c118d22c65d114fa645a79c0887d33d54690441802bb
SHA512 1499e5fee3e83991cac797cdd9496c62ac7f38fd664fb3ec5203730bc7e3e25d461046eca3b8fc437e4ada6c56cfa2232d9aec2502559532dd6ebfb7f6f6fb63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b260b15821dd93acb9eee41900f2b35
SHA1 a2b0abeba7755dcc4dd4c4d25d577724e6e3db2b
SHA256 df9a8ad875c8c6a4b64b1c875979b3a5c86f6c06d3e74c47eed9d6d8d737ac5d
SHA512 5f580526c794e1039cd79ef98a8549e10d8982f60e9329f73a2a3f093727226ef42fbd1210a56f3c83d2b690b7b36b7f5ff73709d1114a9bcebc71c05ef577b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3dd7f1c0b7a01728df2c82f3c2b71c78
SHA1 87e186b52d3418e8240037f219ba200f3461d73f
SHA256 3e8ff1fd07e52c58edd34f7021a736e7d2834c52733c319b2c6e572046bb5443
SHA512 fe7d4f664b333cc487e7b07a079229a488a6af5189b57da9e5f1207f155d7dad85c5f41e8e45f142b385b00f5a4772e53026add77c007f2fddd6d65c5231f2a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e91a5a76a09e3f862a87e361a9d242da
SHA1 50c4cd9ad1abfe8a57d19e3b47c0387b5e9a012a
SHA256 1764f84d8aead27fa3922255bedd4f4599e2deec1b7365414153dec4029dbfc1
SHA512 40b8a3839927dc4b92acb0ccc2ee933df69e6069f4446bfc9199e6976e41dbb12bb1999ae8ea019e28e5e06f40b3b0b0b39ee34a98ea1e06cb70dcb4cb9cd774

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4864cd7b686b224f75dfb8d2885e676f
SHA1 9c545cb20f0017a743d75114010bce0b4bc81baf
SHA256 2f9d8ba5f9b6abf46053f9d81ccc3626bf3563f9a53d7a67c18e383b3c7a0c80
SHA512 56df11d023e15e2c1d8db17699ad482dc33e4d52461267fc698377167a4a0a53a647a26ec55f6683bfcddf12bef08ee38b4fe1a7bfc68d52f5e41a63e1816bd4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94e0ff3ca90b5260819f71b44078328c
SHA1 779702d3ef4e26087d9e3fe944fc32516493053d
SHA256 59765338df8de908288587245c897dd52d6132d1eff93c93e86fc335e4ef7faa
SHA512 ef2b6b7873cd4f1bd9529e613c866e740150ced4c753a48b10ebfc1586a4e8357c73505eeda1d28174212eb23df04b26f3454062d8603d360613a9446a9dc9f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7966e0e64f34a52b53abdb170169a93c
SHA1 50a37954278553abeeb1b606118efa4628ffb0da
SHA256 67efc7edeb3b473d9ee5056049c31c437af06b7f7c4db810ad5368833fd7dedf
SHA512 e889c6c3d4df39f217d3123dc8641941575907475b7a5a6865ab54059d5a50e8747c10a5840e99537431c052447f8e28119cf65a87c51e2bc5265914368ee373

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 484f98fd8045a6244df4d24ba01a04df
SHA1 7de0bcb2b47ddebf2a5cb6070022a41e7c48e323
SHA256 67fa71e48af3f32c10368d40be51e17dfb4a1b0f1f83c52d0f692fac84768864
SHA512 a4b92c26e2283ff474ffad38f6e1802e98f585b9d632c10086df604257730a06405c414b67d32999c93c2c7752454dac8d607fc953dcb3e0e80125c43cd83cab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3861b2889fafd8ea31fcbc848a79260
SHA1 74e5d9b624b5375602aea9a4ca4cf8fea1c86019
SHA256 eb88e2bfe658f9040b5d6bb74fa1de9b1d8a9d1fc6a65701db7649b3074f5106
SHA512 049f55a1bc00fb7e30f8e899d230dfdfcb6bb5d016f19908c1052e05e74746570061211125315f9cc7e5a33f81b807b38b9856daac9c4c848a2f0102c63a4320

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4344614b921b8fe0db4c093a8451f256
SHA1 b2071a1da5a472545077361fa1b232c43913f456
SHA256 3f3429903fef187ca0c7a04fc0aa0ea75f186e041f926c4f17eaa681c8e89060
SHA512 f686a993d59e35643dfc6d0dee2dfda05bd3ffa37f1134d0a199853e581c83ac63dc78a34ee045ecb46be7a1388fc1b50362398529e9dbc97d5040585cdd5ad7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f5935284c733dde632523a14f58ffe4
SHA1 0ca9d60e75e591e6f175299116b5573968f5438a
SHA256 501b9c66948b98897027c61ca38f90245453618d14bd75263699a6ca0ac65a7e
SHA512 4284309f4b1c019d21d238b930ef016a878645312ae19d4c0b64271e949ef5eb9c125decceb9011a8391f260ce2d529e3d75a7199a2158d39f150f8e99b21ffd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce57acae1bc8e17ec38a06042acfc3c8
SHA1 727aea41cbc190d562b475eadf5835b9c4d2a65d
SHA256 f623f8c9593572afee4aec400b4692f45604409cccc08b4477e1c0f087f9c4e9
SHA512 0b566331a7d865d54af259fb3bfea1d4fcc534a8d818b1a03558826fb69c20ed3ab35600d26c9859f23bfabacb6e8bf3252784695ad42eb13bd6339b4a4fd4bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2d9f4a234c31073118e6c3e75e9a6340
SHA1 f501840ba6fbd36afd718ba64c7f62e956d9bb73
SHA256 bafdff2b81fc673867c69f63ca3744874d615d3894e53e21c211361f60fd1717
SHA512 e17c461e69d71fb2ea200181ad9ecb1b39586347b8f807bc289e1d400d377b3156622544cf33c62599253ec180cd42c2e9fc096993cac3899f8d1bebf19d9d55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a909e4eac798ace07214149a38477877
SHA1 789c057b73287b03740ebd7f3ab09d07e5b8c587
SHA256 a3e89d541f4a3579288a49e072509a837fd3492bd7befab8ea95a59506dfa9f4
SHA512 5234a679720cfd378e6a704db7e8d3901106a16481cc726aa97c4b8d44afb49df2548a193925d93dce85e7d1fcdf674e80acbd8fc0003eff66582a8048433a25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b1d616f32cdd39968196d0e190c6efcb
SHA1 cd9a77a5405e76a07b72ff884dbd84f6fc0f1853
SHA256 cc6f5acfeb189f565aa4013074db97b7986a0c35af328787e9a5fbea495d4ba6
SHA512 17642250250a6d957490e19364f8ac4ee6812a080d7657182b25b954842afc623c833be8a3365ee61ddf9d3052e5863bc493a15261fb90aa6ea2f4c2c32823f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 139703f31cce35aa527227851a7f7b5b
SHA1 d0df26887ccb08c8e5a5d42233d5b291fb42a434
SHA256 137336df8b7f413849de5ab43ace7719e27a1b1c6447e77aa99d7637a41a6693
SHA512 9ad46d6d9106632f3de3d1e90a845d2e52314b3d1ff9321ac48c2d26ab703d64d3f0e971ffd00cfa7591c85e3fd58da8d0439fa830cb4808349ea85ed341bf21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 97091c50fedd12e531d7616a49130a15
SHA1 21c113f75143fc1d2ef02a51260a1a860ccdf35d
SHA256 6d22d4c61dd6f330a72b7da0b6aeaf9230c4bc69f72da0013a6e37fdf0246c6e
SHA512 a78ad023ac58b5f663e01af675f6b4d3ad1712a1fef6dc2e0c22bd80040799ac816b84278da8e5ab127773eed521ccdde71164947cb7fc36fc0cae80126e7c73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\20066a22-a9d8-4af3-b09d-9fe48c18adc2.tmp

MD5 1bf96532e84810ea776bd8bd312b938d
SHA1 8169b4dcb2c38f7e49024623fad912d97f2dcc1d
SHA256 0f56094d1b48ab2f14faadb6585c6f5b9e253b4d305fd644fbe2ed34201f0416
SHA512 f55b87c396048d49d42ef2d6c6160633ff01d93523640ed03e3fd8172e1d27ca06a1702e81c0fdf5a59de290f5c3bf982759815ce386cd554d6666beb4670313

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d32badb89ff9519c8bdb4353ea412f95
SHA1 ee9edfb0b6088251b23d390fddfa893bf70ec211
SHA256 0af23949e2277e1e7338062188043b879a7f99de6aff6c1ce46fc75dd2b8b41d
SHA512 a92a0f45be1518b9435bd02a46d0ba69a99138e45a50523e20d68b68225c3fa205030f734c1b2d3d56814570259e381ee9ccd8e13a7b17f87e23c9262aa507cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30fe59bb1cca207b21045e5d0891f515
SHA1 dfc828f1cb36aadb0de9ab6ba5255a8b5355fe0f
SHA256 7ee0ed17d0f2b8ba50b23e1dac3c7ad058b8da4eaa6b27903e5dc1dd140fe48a
SHA512 476a8f79bb9261859f58abe859d279d1eae6b8f408ccba145a67b63bd826dede36567e9f7810c7f7c2d3a782f77cf370fda5a6d6858a339cbb2ca7e5b42cfabb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 492283090dec3bfdb34a4259ac391c0a
SHA1 4747fc2e9157fd070982f0f40d2b1934161e2a1b
SHA256 c6782e744ba01acdab5debd1212c5c0f79e2cc7a8c21b0a20c94c797a9cf1653
SHA512 064942edd0be56702e6356f91c3004e36509c7b010071d7b4ae71785e63001c1fe92b5a42c3bc6f14ba4fc3f32279830fc735e442e621a75ad780b12591f4c87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e27c972eb80de7d1fe7c1378a0f6b019
SHA1 d3e1b51035124278d349633bfd574f3ceac7d1a3
SHA256 bb7c935fd625528b66d0418651473a9257d5bd02897cca8c213a7f829f3ec12b
SHA512 df918df2b6e9377c5086edd4d1e093f76e36e70d081b8d08226c8ac9c460069fd3c54fc075c5e446d324f9ffabfc418c58993593ab2f3be0dce99520a26595fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17a9f8e06279b108644fdae6fb907157
SHA1 9fab65cb08584713e5b296ff6061b48bc762020c
SHA256 ec6df535e29ed33bc2dc3a9c434470bb5f919fee12752e238e576cd18cc1215d
SHA512 4df4eb38e34c2c33d521da4eff7ff3976183979ee7a0ba3b6226939c0fb237f61e8f5d8c80ce4e354cd1a530045e5ffcb56a0131cabf5d139ddd2e6b72701226

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eefe3e5b68b1d77d44fa553c84be615d
SHA1 84ad783e24b52989769501e0e1b93277feaabcc4
SHA256 0c00d0ad0f7be3064466e3bf715247e031ae0fea2983b5943a39949f2a8a8d49
SHA512 ddb1f36c7047f0fbdd5847e0d10f781d417820d19d4e3fa9e2a1f323d74d40ecf5f35965de42da5416bd1059e5a4a39b1eeb700bb74b0990dca7edef9600114c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ac16fafec62b44e1ac22757984943dc
SHA1 389e785009b99724c226915a4c465147b339db87
SHA256 b17d6511a50055af234c947d4827716eac01a2a60fc547845d078fb7d157d794
SHA512 a38f5368ebcf25738a66d0e4b918cbd0a20c6fb03006dc908b24b6db1befb6f45dca64191b8ecc88689ed144105db669d29161863af7aca9f0bcc93df3b2adbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f42b8b5234a7b3902ff8ff2d4e63577c
SHA1 9a289a315e51b31535b580fa028e3373d16d98fc
SHA256 efad8b4c3dafe9fcf6511b4af3df276fad7a2ae637e4dcb915f24c99aebd83bf
SHA512 c0e9d6db27337c76a543a52e1578f2ff8c29866a965c63c9a5f286ef01c31438851dd114844f11e7ecd9941f238ed37bc374357a1250d4b0299386cc94fc39e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f126fcc62504248aff1d5f88420a713a
SHA1 1c5862c6fb414f8647d91d80958c50825eed7b17
SHA256 cdc8bdb40779a2948f56d601f74040c7d35a4ffe04c2d8c9f1d4cf75e3208b04
SHA512 492f6d44a27f19f531d5a42b12ab665ff9495bb05e717dc7ca030c9eb3a4bc174abfb38ab8d8d3de2cfc1b75537861c4027ef6c9d85de0d26aafabe57766e51e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 396cdd7c70d1411ad4da7de84cf37f59
SHA1 8340a19dbab1d648afb037b4e372f79d89b0d454
SHA256 6cfc1cae8900363530d253e9de9f7572c9055a4fbdd3538e7c7cf6215bfe4acd
SHA512 f5dccaf1641337ee78770eb9f3bd8febde3bc4231bc75241778e1db75ee46d9c4bdb9cfb0a8223e72993b010f6da501e0946324c996500f4d2d0247c8bea0947

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c19925596be15dbd337145cfd8a0d4ef
SHA1 23887d0f160577ee865553671656357dce55c11c
SHA256 1bdb1d291939372b281e64273d3d31d1db1bc85d172ad20463dbe36e3f261192
SHA512 60eaba64080b0612403cf7dd7c39403a3b2e2fa41768073c4c0b7b259b2536a754d7d6b1c1cfb26e75caaa3fbd8f662a3208400e043635983e2be17444194936

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66e1e92deed0b1cab66701771109d84c
SHA1 282aa5d9f09993426d51bd1b2f0b562daecfe210
SHA256 6a19533c7770d2d02bc0acffe6c961f0a49b2a5ded01d072284f0e0857e83526
SHA512 c257e4edb527bcac99cad874764c1a7d0a01b7569f6d33c59a9c65e56d803faff80a4f14cf5c2b01afff1905e5184ea24433e0e7d490525a7e75bf106b2c9a88