Analysis Overview
Threat Level: Likely malicious
The file http://roblox.com was found to be: Likely malicious.
Malicious Activity Summary
Credentials from Password Stores: Credentials from Web Browsers
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks whether UAC is enabled
Drops file in System32 directory
Checks system information in the registry
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
System Network Configuration Discovery: Internet Connection Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
Modifies data under HKEY_USERS
Modifies registry class
Modifies Internet Explorer settings
NTFS ADS
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-08-05 03:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-05 03:44
Reported
2024-08-05 04:36
Platform
win10-20240404-en
Max time kernel
465s
Max time network
467s
Command Line
Signatures
Credentials from Password Stores: Credentials from Web Browsers
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\counters2.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaApp\graphic\gr-avatar mask-90x90.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\MaterialManager\Delete.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\RoactStudioWidgets\toggle_off_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\fonts\Kalam-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\StudioSharedUI\preview_clear.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\PlayStationController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\PlayerList\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\VR\toggle2D.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\icons\ic-pin.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Chat\ToggleChatDown.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Emotes\Large\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\fonts\families\Bangers.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\ErrorPrompt\PrimaryButton.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Scroll\scroll-middle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\MaterialGenerator\Materials\Glacier.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\PlayStationController\ButtonR1.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\TerrainTools\icon_regions_copy.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\xboxLSDirectional.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Scroll\scroll-top.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\DesignSystem\ButtonR1.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\fonts\Bangers-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\configs\PerformanceConfigs\rofiler.js | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\AnimationEditor\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\AvatarEditorImages\circle_gray4.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\AnimationEditor\RoundedBorder.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\DeveloperFramework\Votes\rating_up_white.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\ImageSet\LuaApp\img_set_3x_1.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\PlayStationController\Thumbstick2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\DeveloperInspector\Close.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\StudioSharedUI\radio_selected_disabled_dot_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\RoundedRect8px.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\DesignSystem\ButtonR3.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\graphic\gr-mask-game-icon-48x48.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\Controls\DesignSystem\Thumbstick1Horizontal.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\avatar\compositing\CompositExtraSlot0.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\avatar\compositing\CompositShirtTemplate.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\AvatarEditorImages\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\ImageSet\AE\img_set_3x_2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\Debugger\Breakpoints\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\TerrainTools\mtrl_cobblestone_2022.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\PlatformContent\pc\textures\brdfLUT.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\InGameMenu\GenericController.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaDiscussions\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\fonts\HWYGOTH.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\particles\SquareParticle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_19.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\VoiceChat\RedSpeakerLight\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\AvatarExperience\CenterPoint.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\sky\noise.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ManageCollaborators\FriendIcon_light.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Emotes\Large\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\content\models\AssetImporter\bonePreviewMesh.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History\CachePrefix = "Visited:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content\CachePrefix | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\OnDemandInterfaceCache | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\LanguageList = 65006e002d0055005300000065006e0000000000 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback.1.0\CLSID\ = "{77857D02-7A25-4B67-9266-3E122A8F39E4}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ = "IPolicyStatus4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ = "IPolicyStatusValue" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\LocalService = "edgeupdatem" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "http://roblox.com"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url http://roblox.com
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.0.2074517961\1181989071" -parentBuildID 20221007134813 -prefsHandle 1696 -prefMapHandle 1672 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {dc3a9e27-ce0a-419b-b017-82619d29c418} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 1776 1adf04db158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.1.1613202300\806468095" -parentBuildID 20221007134813 -prefsHandle 2140 -prefMapHandle 2136 -prefsLen 21608 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a541ad8a-0f4a-4276-b2fd-b2de46a04897} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 2152 1adeffe6258 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.2.599598958\122908078" -childID 1 -isForBrowser -prefsHandle 3012 -prefMapHandle 3008 -prefsLen 21711 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {310679da-fb92-40eb-a96f-c7784a6ac29b} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 3024 1adf0460658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.3.337234017\1998858334" -childID 2 -isForBrowser -prefsHandle 3572 -prefMapHandle 3568 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ef2a2780-afeb-4cef-9501-7996da65c9a4} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 3584 1adf52d1b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.4.1096768180\2138538423" -childID 3 -isForBrowser -prefsHandle 4744 -prefMapHandle 4740 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {5aaebe51-f9bc-4472-bf79-b04c2ceb6694} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 4752 1adf6807058 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.5.1235817728\1496379273" -childID 4 -isForBrowser -prefsHandle 4908 -prefMapHandle 4912 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {8a830d71-1d6d-48d1-8e43-8f986e407f0c} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 4900 1adf6891958 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.6.1495688258\1626294694" -childID 5 -isForBrowser -prefsHandle 5096 -prefMapHandle 5100 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {e0aa82e5-f1ad-45ed-9076-0d6e2bc0b0b6} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 5084 1adf6890458 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.7.576045320\1920098643" -childID 6 -isForBrowser -prefsHandle 3036 -prefMapHandle 5392 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d31d9aaf-d88d-40a5-835d-c605191e87ee} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 3048 1adf0461858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.8.195225327\1056747493" -childID 7 -isForBrowser -prefsHandle 4844 -prefMapHandle 4540 -prefsLen 26503 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cf629714-8c4e-487e-96f0-d4442b809068} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 4808 1adf6891358 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2740.9.1001481000\97372790" -childID 8 -isForBrowser -prefsHandle 5044 -prefMapHandle 4996 -prefsLen 27781 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bd7c95f4-f93b-4d90-a49b-d4486837961f} 2740 "\\.\pipe\gecko-crash-server-pipe.2740" 4500 1adf53dcf58 tab
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OURENzE5MjMtQTQ5RC00OUU0LTlERTMtMTI3RUM2REFENUMwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNEI1Q0NFRi1ENEQwLTRDNEMtQUVBNy00RDVBMTc5Q0U5MTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4MzA1OTgzNTkzIiBpbnN0YWxsX3RpbWVfbXM9IjM0MiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{9DD71923-A49D-49E4-9DE3-127EC6DAD5C0}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7OURENzE5MjMtQTQ5RC00OUU0LTlERTMtMTI3RUM2REFENUMwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntDMUI3QzBGRC01RjU3LTQyQjktQkRCNy1GMUNFMDFFRUY3NUV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE1MDYzLjAiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iUUVNVSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiIvPjxhcHAgYXBwaWQ9Ins4QTY5RDM0NS1ENTY0LTQ2M2MtQUZGMS1BNjlEOUU1MzBGOTZ9IiB2ZXJzaW9uPSIxMDYuMC41MjQ5LjExOSIgbmV4dHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMyIgc3lzdGVtX3VwdGltZV90aWNrcz0iODMwODkyOTQ2OSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.0.1458653001\1845300499" -parentBuildID 20221007134813 -prefsHandle 1652 -prefMapHandle 1644 -prefsLen 17556 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {20d6c5cb-3749-4f81-8f59-34dfd07f9231} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 1724 23d90df1658 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.1.1361523883\375207643" -parentBuildID 20221007134813 -prefsHandle 1904 -prefMapHandle 1900 -prefsLen 17601 -prefMapSize 230321 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e3846cf-9146-4492-b35b-0c40b0e85486} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 1916 23d90c3e558 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.2.1600905317\2123339606" -childID 1 -isForBrowser -prefsHandle 3236 -prefMapHandle 3232 -prefsLen 23735 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {00866e28-6b27-4fa3-93cf-c4687e05e721} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 3248 23d95e65258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.3.580731645\1142477575" -childID 2 -isForBrowser -prefsHandle 2828 -prefMapHandle 3592 -prefsLen 23842 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {0a309e18-fda3-4570-bd04-bb7a4429a6b0} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 3488 23dfd371658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.4.390740328\1230984482" -childID 3 -isForBrowser -prefsHandle 3568 -prefMapHandle 3932 -prefsLen 24924 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {3d8ba6ed-988e-4cba-8279-0591cb4d43e8} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 3448 23d96cf7f58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.5.496060212\406919333" -parentBuildID 20221007134813 -prefsHandle 4284 -prefMapHandle 4272 -prefsLen 30664 -prefMapSize 230321 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba644938-f36c-4243-b397-571056e7dd3e} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 4240 23d99554d58 rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.6.1807841612\1638715098" -childID 4 -isForBrowser -prefsHandle 4092 -prefMapHandle 3300 -prefsLen 31973 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {718fd800-baa9-42ee-9255-6f6ea0a42147} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 4656 23d973eb558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.7.864303331\293855063" -childID 5 -isForBrowser -prefsHandle 4652 -prefMapHandle 2788 -prefsLen 31973 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbb0dea8-ce50-46ac-bde0-78c1bb0601bc} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 5116 23d9a175258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.8.1688274390\998713251" -childID 6 -isForBrowser -prefsHandle 5240 -prefMapHandle 5244 -prefsLen 31973 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {62d7e081-2110-4e74-8510-95dc2c4f5453} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 5232 23d9a175e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3568.9.2060150047\1148896302" -childID 7 -isForBrowser -prefsHandle 4972 -prefMapHandle 4968 -prefsLen 31973 -prefMapSize 230321 -jsInitHandle 1272 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9b44b603-58fc-40cc-9ede-867a38eab392} 3568 "\\.\pipe\gecko-crash-server-pipe.3568" 4684 23d989b0858 tab
C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller(2).exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 127.0.0.1:49757 | tcp | |
| US | 8.8.8.8:53 | roblox.com | udp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| NL | 128.116.21.3:80 | roblox.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | edge-term4-ams2.roblox.com | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.86.155.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-term4-ams2.roblox.com | udp |
| NL | 128.116.21.4:443 | edge-term4-ams2.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| GB | 108.138.217.65:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | d143j4fdqe1jki.cloudfront.net | udp |
| GB | 18.244.155.22:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | d2w650xp5tniea.cloudfront.net | udp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | d143j4fdqe1jki.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2w650xp5tniea.cloudfront.net | udp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| NL | 128.116.21.3:443 | roblox.com | udp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| US | 8.8.8.8:53 | 4.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.44.137.216.in-addr.arpa | udp |
| GB | 18.244.155.22:443 | d2w650xp5tniea.cloudfront.net | udp |
| US | 8.8.8.8:53 | 65.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.155.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| NL | 128.116.21.4:443 | locale.roblox.com | tcp |
| NL | 128.116.21.4:443 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| NL | 128.116.21.4:443 | locale.roblox.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.8:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| NL | 128.116.21.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| NL | 128.116.21.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| NL | 128.116.21.4:443 | ecsv2.roblox.com | udp |
| NL | 128.116.21.4:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.4:443 | ecsv2.roblox.com | udp |
| NL | 128.116.21.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 8.44.137.216.in-addr.arpa | udp |
| N/A | 127.0.0.1:49763 | tcp | |
| US | 8.8.8.8:53 | edge-term4-ams2.roblox.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.200.49:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | 49.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.46:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-aigzrnse.gvt1.com | udp |
| GB | 74.125.168.199:443 | r2---sn-aigzrnse.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-aigzrnse.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-aigzrnse.gvt1.com | udp |
| GB | 74.125.168.199:443 | r2.sn-aigzrnse.gvt1.com | udp |
| US | 8.8.8.8:53 | 199.168.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| NL | 128.116.21.4:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| US | 8.8.8.8:53 | d143j4fdqe1jki.cloudfront.net | udp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| US | 8.8.8.8:53 | d143j4fdqe1jki.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | d2w650xp5tniea.cloudfront.net | udp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-ams2.roblox.com | udp |
| US | 8.8.8.8:53 | edge-term4-ams2.roblox.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 128.116.119.4:443 | roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 108.138.217.62:443 | static.rbxcdn.com | tcp |
| GB | 216.137.44.28:443 | css.rbxcdn.com | tcp |
| GB | 18.245.253.89:443 | js.rbxcdn.com | tcp |
| GB | 216.137.44.124:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.23:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 13.224.245.39:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | d19ha9ylcjiuiu.cloudfront.net | udp |
| US | 8.8.8.8:53 | d19ha9ylcjiuiu.cloudfront.net | udp |
| US | 8.8.8.8:53 | 39.245.224.13.in-addr.arpa | udp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 18.165.242.119:443 | clientsettingscdn.roblox.com | tcp |
| GB | 13.224.245.39:443 | d19ha9ylcjiuiu.cloudfront.net | tcp |
| N/A | 127.0.0.1:51110 | tcp | |
| N/A | 127.0.0.1:51114 | tcp | |
| N/A | 127.0.0.1:51130 | tcp | |
| US | 8.8.8.8:53 | 119.242.165.18.in-addr.arpa | udp |
| GB | 13.224.245.39:443 | d19ha9ylcjiuiu.cloudfront.net | tcp |
| GB | 13.224.245.39:443 | d19ha9ylcjiuiu.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 9.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.7.47.135:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 135.47.7.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 199.232.210.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:51559 | tcp | |
| N/A | 127.0.0.1:51562 | tcp | |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | getpocket.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.120.5.221:443 | prod.pocket.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 221.5.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.110.239.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | tracking-protection.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | tracking-protection.cdn.mozilla.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | 37.158.120.34.in-addr.arpa | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | edge-term4-ams2.roblox.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| GB | 128.116.119.4:443 | roblox.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| GB | 216.137.44.38:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| GB | 108.138.217.67:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | d143j4fdqe1jki.cloudfront.net | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| US | 8.8.8.8:53 | d143j4fdqe1jki.cloudfront.net | udp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| GB | 128.116.119.4:443 | roblox.com | udp |
| US | 8.8.8.8:53 | 38.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.253.245.18.in-addr.arpa | udp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| US | 3.163.158.14:443 | images.rbxcdn.com | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| US | 34.120.158.37:443 | tracking-protection.cdn.mozilla.net | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | udp |
| US | 3.163.158.14:443 | images.rbxcdn.com | tcp |
| US | 3.163.158.14:443 | images.rbxcdn.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | udp |
| NL | 128.116.21.4:443 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | 14.158.163.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 8.8.8.8:53 | d19ha9ylcjiuiu.cloudfront.net | udp |
| GB | 13.224.245.62:443 | d19ha9ylcjiuiu.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d19ha9ylcjiuiu.cloudfront.net | udp |
| US | 8.8.8.8:53 | 62.245.224.13.in-addr.arpa | udp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| N/A | 127.0.0.1:52271 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| NL | 128.116.21.4:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:52290 | tcp | |
| NL | 128.116.21.4:443 | client-telemetry.roblox.com | tcp |
| NL | 128.116.21.4:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:52320 | tcp | |
| N/A | 127.0.0.1:52324 | tcp | |
| US | 8.8.8.8:53 | d1kpbbfl4rco16.cloudfront.net | udp |
| US | 8.8.8.8:53 | dw04ej0wrfjel.cloudfront.net | udp |
| NL | 128.116.21.4:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:52369 | tcp | |
| NL | 128.116.21.4:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:52372 | tcp |
Files
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\3d580255-8f0d-488d-a3b4-c82f10927088
| MD5 | 1ca3985e22f390106573534da5a3bcbc |
| SHA1 | bfbb61285270b291add7ea674333ebfe03fe427f |
| SHA256 | 4c55a9bf75f6f90173f87989997bab2e3a06240ddc23719f53327de1d7ade20a |
| SHA512 | f1ffa7a7bbeeacfa14716f912b1518786d03e2c99a918484d776c2728a628a169d68b29c246b33918f49759c547917e68b6c8af7dfaf2428d54334c6154ca4cf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\e4751afa-1bc3-416c-af60-46dfa0d4ee75
| MD5 | c063d72822ca2de932924fcf6ed297bb |
| SHA1 | 483137efa4d279130f5ca3f3093cf84c96a611f8 |
| SHA256 | c83b0f7f34f8bece646aa5f157740924db459b1e5b3ebf1e6042b7c7c3b05bbb |
| SHA512 | db4eb69c9b6a14d1443a10a23e57d72c2bd443a2c0f0acf673c42d9589741202c5c03ee635cada9e93f50987f1ce25eb861919c44ca93784a163029299e9b10b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 1036442c3d670706f5ef582539e1076e |
| SHA1 | 80b3bb89a3b3ee63ba039d3810ffa2b815a67a0b |
| SHA256 | 5e4c846b6d43e21a292f733120f6202dbea2c80ae9c1eb81f98506f43b94b17e |
| SHA512 | 55326aee56c529fedc80a15d75bde9e64a6c72c27c9f9858c8e0b6e6686eee462e2d0216097f74e497bd14d6c5676041e6a075697f939c8d71834dbb894e383d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 1fdc13de64cfdb8ba3fcd71aad9d33d3 |
| SHA1 | b7649cfd66d751435fa56a4b4b20daace452c692 |
| SHA256 | fa890605b23aecfebe4300d159f10096cfaba982a942c8ce829617b3de36a783 |
| SHA512 | 3c9dc261a1f0a96d4433d60de03423d58f0bd63dbf5db48962372658103f16991f6da06c1670deea1e51efd2a15aae699d1d287ee377e0a457299a7dd9f691a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs.js
| MD5 | 838f1b7f73f76e282598be752cfc8eca |
| SHA1 | 89475a96df1efaa9384ae1fb8271864280677d4e |
| SHA256 | 639e7d5f318310b929d1c590a6650d5d2aaaf37d16df4ae049b4e6618d7c35ff |
| SHA512 | cf73155c7d58df8ebb0497910e9507c3588c8a5a9ae8a4ef7ff488e311cc2c3814ab3ec87e9e3663b581304b384e6070816965dff134f223a091f208be7b674f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\20148
| MD5 | 4f397e6fcdeb875ed457568ef07558d0 |
| SHA1 | cbbb7a3c6f2c98b2b0d82423687c4c31c64eb68e |
| SHA256 | 6c09fb8d3487230091efa54ba1d3e450348be807ec1a09c1b4f144d4cbf916bb |
| SHA512 | ac0365e1d7e6241312ee1c1547819f6bcd4b85d5d44d17a41ec3b4789e1d6560404da303fbe0ea34a7cdd5cdab8d9534f2cb0e1da71091ced9be4ce2bfa81e38 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs.js
| MD5 | 5be8e99acfb23f151c9c71fc55cdf8bd |
| SHA1 | d7119a9cfc4d01483190ce1f6bd7eff3a71c373e |
| SHA256 | 78c516cf51329d5e62434a75ffe80d33436197b08b762e23f1eb2df1647bb22a |
| SHA512 | 7e5e81de14da255d9a9088b60d7628b7c497d06519f2dd6d8f5a1366ea3cdf10c3473d64dad806d55ffb7f5ff32c6a7798dcfa168e5e5b12f0b0112d17def1d1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\13376
| MD5 | 77896df52547bd4cd3a9262fbc1cba03 |
| SHA1 | 2a240dc6b9ab809ec9dfd70a861eab30d7e3de30 |
| SHA256 | 1d9c75fbafbcb33baa3cc5d2f8cca45560820e9e506b67a173c501001f2fef4b |
| SHA512 | d3f8e57e688c232b1a3bd760229f1984c48a33f9b3c4c9358f6aac73f7dc0a2eb91e78a62d38249e6e533af25019ae572c334a16b9edd9ab980af915b4eb4cc0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\20604
| MD5 | e3a837e41fc4ec217ca99494cc189960 |
| SHA1 | 380b95f6cd35cda7dd5fcca7bb1251d830dc1138 |
| SHA256 | ad06666e7698dfd176cfcfc328a7b63ec40d2858c37399c0f028556f826bdd15 |
| SHA512 | 971cae9003b4c230a7edcabe2220d5ee9374fc60d71af8ce150d5ca223921605d15ee6a99b370afa6d247f45a50db7551ec5aa97a2b6524b41198710c06327bc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\5073
| MD5 | c09133933cd7307975f998aea9516994 |
| SHA1 | ff2d9a54dd0e43ace9ffc86387681ad1c855ed4c |
| SHA256 | 6c312f12fe3ebf7055382f45733291ad8491e1c1e120b5495c7b25c246ffbdd1 |
| SHA512 | 8bd89bd546633ac8fedf9ef9d4cf3a81bfb01c377805e374bbcca18368abf92db538b63bf90c71d2a9625dd6df225c610f2864dd68e9cc5025d16ba39f2f0d8c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\9472
| MD5 | 1cc52866d2cc6263e561accad8dfc313 |
| SHA1 | 5e4e54e6fe96618524d1a71746bc1493a0710d51 |
| SHA256 | f1f9fdb2d6479a0e694cc56e46a6da8da2748b3944646183fef332f5e5ffa4f6 |
| SHA512 | 77398833589795be01f067399f58377c5c23c116e931f96e8996706f9a8610e5b8f7c9635bd344af17f8f157df55eb8dd0a0265103d49ef8455265c903a72e7c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 8dc436a580dd048d447c351d45678f0d |
| SHA1 | e25c994f4d31b37435820e931c89b854447b6340 |
| SHA256 | 84c51c89f1d014a75024a725add3dc082d2a65ddac07d3db79810aa5161cad4c |
| SHA512 | 11047b9d023e729f69a3a54491a03adaa6df735f250bdd5ed445093a5cc794f5f6a2bef1a928c5e4002168d95ea6b114d9256ff9cf415b527f44a6fe83e90b55 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\entries\9357B92D7A82DC731CBB46EBC4F197AB314C7C11
| MD5 | 1454a66f3f912de5ba15b227ac9d17c3 |
| SHA1 | 16daa8f143c7cecf351c47a375ab6a04e10867fb |
| SHA256 | 5fe86986c418457a5a9903766d9694852f0b64b128b11c1386fb1589e39953c1 |
| SHA512 | daa2f29108cd56d49687ac30cba0c3f8cc0c0f6ef6cda047c7434065a114d6727e6c26c61891fc702c698e4a17a7b2df0fdc8ec01ec77f99c6e02d40f12074c4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\entries\8009AA7615959742DB0E2C888BACB228D61FBA60
| MD5 | aeeb7625398ee0a56eb302cefa092e8c |
| SHA1 | f63d99806cddbac09bd68636b3a04753336ddc10 |
| SHA256 | a18aca2bea5cf87c9a2e0d8799da16613a462593cbe3521f495f4650b070cdc0 |
| SHA512 | 872fa1efd637a129e8116499a63d49a7780228729cf54adaa69fabdc338cf1fbe28f3ed2e4903185323687fc43ea5fa0851867c79ad1d0b25d5e1d3d65cab579 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
| MD5 | 0de35e88128dcb36abfd7dc9d4d6d902 |
| SHA1 | 9753ad1e6d10937c07a103697ff94de00e97f4e7 |
| SHA256 | 1e0f3b66b064c62e9826f9dc7b4fba6e37d9c357549638bd6ad6deab9f2d9c8f |
| SHA512 | 678998ad98a6c2d086334eb30ec9573da71f8b1dac9dc541bf650725e4396bb70cb94c97528983fd939385f27019d1ca9fb1a74f4ec487898b407dd9e407105b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | a864c006a859518e49542a71bc1a154b |
| SHA1 | feb2ac96a2055eb7cdcad231071dd8ce717d4466 |
| SHA256 | 7eab59554043152c12675359b05bdde51053b04d049a9e1b619ff46a15bb57b5 |
| SHA512 | 507f30f276029eeb8adbd7778d1561b35b8778595677114282b1fd99c3e23a2e753a40c5a163e3524065fa7f18a1ae2685d2f8706bb99dffe9fdb453c2c50cbf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | d4dca299d89206fdfbde5adc771ab246 |
| SHA1 | 08121e41bd5d38fd065b4cb1bc75fbfe426ce90d |
| SHA256 | 65b089059d1e80d4cfddffeffd6269b71dce4b877c17d4a98f4c188bc9d47a59 |
| SHA512 | 644ce2015437c5903831407e06608ae612de3d766c0b6e280f0a6680cc75172c7167490849c8514b8b13c6b1e90c1ddfbbab09e074a6001885ededaafdfb57d4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\storage\default\https+++www.google.com\ls\usage
| MD5 | 0fcc9ca45becfcb1c35ee12471dd7efc |
| SHA1 | caeeb53d8599a54963f63697b92f4a280aab1422 |
| SHA256 | 1aacce17ed04ab8a3e30fcf89612ac917351e9153af50efddca91c21eacd5444 |
| SHA512 | 72e234b6522991bc93edf9cdee6e08d91bb4f11f8ea1d9cc06a780aa61161253b32bc07db746e56e911f1dfaef4cf14b95f2132ae4bbea2275be6c9b5ff97853 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\13549
| MD5 | b0bab8a161bc95aa26c0b775d59032c9 |
| SHA1 | 3512c0d6966ec0a36e7d06d8b28259845e727cf6 |
| SHA256 | 5bc6b86eb3e71995e2f15c69bd765b6126e5b26c2ac53bc7f0ecf9d8dc4020c5 |
| SHA512 | c841c183d0bebc5e01c5d0c62e1297b2ed7226888b6aa0109e5cf33d3c80a138d1441d8cdc6485035b1f95b83ec8bf37814f5f44c74316d447119d29119251ec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\268c511b-2368-4c3f-8593-7f3822bd4770
| MD5 | beb52ac8c0de11b1f3cd76bf8def65f8 |
| SHA1 | 624f2e54f9a3a55e3ef226b6070b0381ec2b2b8f |
| SHA256 | 364361e10b3136bd38d04b9bc37858f2df952fdf34590958acba7cec533351bd |
| SHA512 | 897f37cb5b4eebd815b9d7b3f412922471c92ef85ddf0a69a764da31b80eb0a6b0e97e99bbe27ca4ce7c94c90a9f74f176a0d77887c6ab66a66703d9214574d9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\datareporting\glean\pending_pings\442ac43b-b361-4862-8c89-0fb66e903785
| MD5 | 7826694d5bd4d8e056897bdc4ffd19e4 |
| SHA1 | eae4612be7caa89b661bd23439165bc031955ae7 |
| SHA256 | 4b7900399037c4fff6f25ca8690885aac600762beba4af817298f8a61121cd2e |
| SHA512 | 8cc090a3ffcad6861ffeffc772c81edd6bbe3e2bbc8f212778aca2a4d87c1ba0da82a8f5b1b88291ba61867154252860fb3bd6f32c952101ee1cc48a958ea1bd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll
| MD5 | fe3355639648c417e8307c6d051e3e37 |
| SHA1 | f54602d4b4778da21bc97c7238fc66aa68c8ee34 |
| SHA256 | 1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e |
| SHA512 | 8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info
| MD5 | 3d33cdc0b3d281e67dd52e14435dd04f |
| SHA1 | 4db88689282fd4f9e9e6ab95fcbb23df6e6485db |
| SHA256 | f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b |
| SHA512 | a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 85430baed3398695717b0263807cf97c |
| SHA1 | fffbee923cea216f50fce5d54219a188a5100f41 |
| SHA256 | a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e |
| SHA512 | 06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
| MD5 | 810c2850a5a811b42c2310d603c1ddd8 |
| SHA1 | 2059b1a086e77ca02b647df0182a71ad1fb501df |
| SHA256 | 02fb3f9cc4f291ee1ac416b3a5088efad291268ee709717dd18a43008b98f443 |
| SHA512 | 25b38b877ab8c15799da56e570f4857c31e98e633ec29b70222c1f51316f74f22af9695bb57cb60c09fde6d1584bf0db87dc8e6a79fa10781df007e020521202 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | a01c5ecd6108350ae23d2cddf0e77c17 |
| SHA1 | c6ac28a2cd979f1f9a75d56271821d5ff665e2b6 |
| SHA256 | 345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42 |
| SHA512 | b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt
| MD5 | 49ddb419d96dceb9069018535fb2e2fc |
| SHA1 | 62aa6fea895a8b68d468a015f6e6ab400d7a7ca6 |
| SHA256 | 2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539 |
| SHA512 | 48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json
| MD5 | 8be33af717bb1b67fbd61c3f4b807e9e |
| SHA1 | 7cf17656d174d951957ff36810e874a134dd49e0 |
| SHA256 | e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd |
| SHA512 | 6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll
| MD5 | 33bf7b0439480effb9fb212efce87b13 |
| SHA1 | cee50f2745edc6dc291887b6075ca64d716f495a |
| SHA256 | 8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e |
| SHA512 | d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib
| MD5 | 688bed3676d2104e7f17ae1cd2c59404 |
| SHA1 | 952b2cdf783ac72fcb98338723e9afd38d47ad8e |
| SHA256 | 33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237 |
| SHA512 | 7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig
| MD5 | 937326fead5fd401f6cca9118bd9ade9 |
| SHA1 | 4526a57d4ae14ed29b37632c72aef3c408189d91 |
| SHA256 | 68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81 |
| SHA512 | b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 197f211b2bd9b26c1ff94e78d149ca24 |
| SHA1 | e095ba6284f528507b8829e16915fbc5d444a29b |
| SHA256 | bfe420e7d04905b84afb26003cd70e71f2576b04c7dfce6b53003d4202581a90 |
| SHA512 | 5057438711060637fb9c77dce94493f8bc32d78ca96e1de31a05b2068c2bd123ccfcb1cd997fbcbb3ec5288b20fe498a8c34e01da9f3c550a94568d9ba345589 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | f7e122b98f81e86ef35331784c618424 |
| SHA1 | 0152b7a32d2f099236459f122cbbe7b0aa976de6 |
| SHA256 | bde3e68e19855edaf77d304578594240d62425e9f0c413dacb135c48fb5bcba1 |
| SHA512 | 700bf664ad1c100a5114a2cbecb1a6706297078bc9c7eef2261cd7bd51018183566a3a5a07626af4263acf882247f84e151a5a19cd951719ef020f3b2e7b011f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
| MD5 | d10c2070d9025aad4ff7a6e8f0e7171c |
| SHA1 | 4e43e2a1d4d380c0341fbc9e13ee6dd14bdece9f |
| SHA256 | 7493dfa8ae458442da3e37963e8b5d3bbf13b03155042ac2285488ba4f42f84f |
| SHA512 | 3bae81c3e8806ad575b726ecd8b6ab8aac9bfcc1e836db7916e597024b6c5d8976a281b69cf0dd68814890679d0945f110b2affba207cb2b2efd8358e646e35e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\broadcast-listeners.json
| MD5 | 72c95709e1a3b27919e13d28bbe8e8a2 |
| SHA1 | 00892decbee63d627057730bfc0c6a4f13099ee4 |
| SHA256 | 9cf589357fceea2f37cd1a925e5d33fd517a44d22a16c357f7fb5d4d187034aa |
| SHA512 | 613ca9dd2d12afe31fb2c4a8d9337eeecfb58dabaeaaba11404b9a736a4073dfd9b473ba27c1183d3cc91d5a9233a83dce5a135a81f755d978cea9e198209182 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionCheckpoints.json
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\targeting.snapshot.json
| MD5 | b614818d7c73029f1042428cab6acd5f |
| SHA1 | 5a1fc61f97c3a58cbcf99680077ff12c7134fe50 |
| SHA256 | 88ed0bb660d822edc5bdf66682207175a5f47e0c2ca60d5323479aa8b8346244 |
| SHA512 | e9899ad9270384a6ea7f742b229bcc60fa04864006968b8ed1d8f773acdc80d06844166019ef39e8261621acd33f3f1f49ceb064aa27f54276c9df05273f0c43 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\7533
| MD5 | d3558ed0d3289cf17f9af9bf615c2a2c |
| SHA1 | ede66e1edb83b60bd28ed584ef7bdc74c5b79261 |
| SHA256 | 20e7a3ad58e672322d322267030d265ec238860bb0949efcba3c9730f9f21e54 |
| SHA512 | 1d4dbb4b541c5dafe170e9ae5c1eebde5115acdd2f79581c18dca05736d6321d40f3e1ca5408c2ca8701373284df9f18be69218c72419c0f900c2e04a045533e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\20484
| MD5 | 548204fccd87c117dbb4f23c1b7effec |
| SHA1 | f81aff2d87497fd1920506edee3058a1668bfb16 |
| SHA256 | 13dad35a8e69435633566ed60e6031cfb53a1a3d1cf53eb4c589d3e1ef2e5453 |
| SHA512 | 2966cc568a8f6687d19aba6b48cb252dcfc62db296b68e82d96ca3abeb92bb84dc085428d4d654d1233fa2c700c05d89c1dc6ac94c50166f1a5d12fa2a996be8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\cache2\doomed\16096
| MD5 | bd3d2cf9a0eace6db0c994a0b6c18e42 |
| SHA1 | cf271db44eb28f71e823c8eb9565553940ae27de |
| SHA256 | 301128963078164f947c4c47084e363f4f508c518acac2301178608026a409f6 |
| SHA512 | e6f3f61289a19daf351fd4c5d1960a42640333bc72d3e7a92841a9e3267019af0f2b32b68d1d5a33d44494600924ad63720840b1d840a1156bc9d9644d2f2d98 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 634cc2cd6b74a9db7715abbe8bc5a7a7 |
| SHA1 | 07ae325ec8fa19a71b2b1e24d9dfb674f5bcdeb8 |
| SHA256 | e3e10a2f7db7f24b4515bf229b0e517f4bd264dc4a7d4037ac500036f596b8d9 |
| SHA512 | 53f6791911a1a72af56c9056380a1395d3d192971a3e9d81a4cb16b28d1b376f7d6ca44247e96da90cc51e63c4d6707c5c320d04e83b68b23b2fb63758316761 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.-LqrygQ5.exe.part
| MD5 | 6f5c5fa2641ef7beaca5a2e3dbb3a213 |
| SHA1 | 676481964f72b0eccb4771d0da1fc4612e7055af |
| SHA256 | f73603f3acb76ac200096d6a491b59cc934ffbab324d66f073d3e39c0d6a16ed |
| SHA512 | c63f7894cb4ff744867c8d283c35c1cbff7ab55ab50853026ad14a729c35bcc880b91d4997962e83c558f91e7a71d9bf55a3c21966e92b346dbc7e61d13c2730 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | 6399cb94a0d00b72ffb53432cb26c891 |
| SHA1 | d18c3616da0c6807771c0d7e501e811a9f2e7ded |
| SHA256 | fec985e0648a7d41c434c8fed666139090f7bb5df85939da743a1f8859765811 |
| SHA512 | 5f06f6e235c1e1c68255cf34fa22713ddd8a8667d9584ba316358c785801a0d9ca68a93ff2c2b20d55bca5c0502a2edaa2a06a8f45fec2292b880725f8ee5097 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 24591f85e9569269a3b822d0da2e0626 |
| SHA1 | 62641ade4943b93983b4e59ffd6ee4dcbd77c17e |
| SHA256 | d29bcf294dd77568fd173adac8c705d991482d645127baccb7efca20f560a5a2 |
| SHA512 | d0bfe43ece2c598a12fe7d3f2cd12e0685b639aec0fc7a1bbdf0829b886c22208e4236500d8e6540d7faef1514769b87bbdc666602c5548649e50aa61f2077de |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\4f09eefc418c08f275c2fa3f4b8d4dcf
| MD5 | 4f09eefc418c08f275c2fa3f4b8d4dcf |
| SHA1 | 1eabecb044e73dcfbf5326ab4fae00afdd22312e |
| SHA256 | e9d623c447b1a1f3a279efbc835ce8e8ac396d85e3700b20c5c5ba6a0cdfab06 |
| SHA512 | d5515e3621ed19861eac2683b1409c0e34174920551058562dfa1fc009ec9973567a4109afe75577b960d42f1e876ea9cdcd09354c0d9ec48789767d534c6671 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 5edb0fe58b4ec4afeb1a472cdf5a664c |
| SHA1 | 075b1593e0e0c67f13e534c9643deaed650a33fc |
| SHA256 | 4611310e7114b5de9b4279162f3403d554ba8d4c7556f3b59091e98cf43bca9c |
| SHA512 | 3944dd45bea386286dbe445b7edc09ada702eac7525c83e11e8720f8491fd19283254321b800fde5824b1f91eb7ae97ade5481f74949a526168b3330fb827114 |
C:\Program Files (x86)\Roblox\Versions\version-01a570a3cd0a46f2\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_hi.dll
| MD5 | 34cbaeb5ec7984362a3dabe5c14a08ec |
| SHA1 | d88ec7ac1997b7355e81226444ec4740b69670d7 |
| SHA256 | 024c5eae16e45abe2237c2a5d868563550ac596f1f7d777e25234c17d9461dd9 |
| SHA512 | 008c8443a3e93c4643a9e8735a1c59c24ba2f7a789606a86da54c921c34cbc0cb11c88594544d8509a8e71b6a287c043b1ffe2d39b90af53b4cde3847d891ba8 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_mi.dll
| MD5 | 1866ddadd9397dbf01c82c73496b6bff |
| SHA1 | b210a9df7d6a5e116fe7a9ff8d455b6cbfb5663b |
| SHA256 | 9b4bb2ca3366a1935b4869796efc0601f94356b45e8613d28e023dd516f48d17 |
| SHA512 | 76fa5cade101d79d012e00904bf18692f85967ceea0ed7e81da4df65b85afc125a00127d9e06c8c59ffbfd2dcdc88488157b61922960559fa17d13dedca3ee59 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_lt.dll
| MD5 | 7071c732cf3e4b3144cf07c49d8eb44f |
| SHA1 | 3800bf304b44d9d27ac26bed6ccc899669dc3b4f |
| SHA256 | 9c75ef5c3f53c643d7bb8c5907a0cba6ca2d1d64e6bea39ce06b4ad5a20454b6 |
| SHA512 | be3a0942e2af843adeb8e9b6acc7cd8adec956b761f71d8eb0a02835ee5be115ac064fda7088b0813d40ec3a24e7bb77816e9b67ef0cbdce1562c36880b15049 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_lv.dll
| MD5 | 30849a9c16061b9a46a66e8e7d42ff81 |
| SHA1 | 2d0e86535d964acce8912c6bef3cc12346b22a6c |
| SHA256 | b8075c09d33cc6b6ff22fdb29ccc3dd319ce867f4b77a1d165f6f8d8cb4977e9 |
| SHA512 | 298ee10ff6cab7ff38d31e3a7826dedeab8e9ccc616eae4ca2e5ec333f42e5c6744650857031d8bf35034bd46c7c01a2646362ffbbef1f421995c73ba999ff0b |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_lb.dll
| MD5 | 269e84b82973e7b9ee03a5b2ef475e4d |
| SHA1 | 4021af3bfde8c52040ad4f9390eb29ae2a69104b |
| SHA256 | c3fb0cae3dc5cdd86518d60f998c3adec1c0c5804a74ffbb9a346a73d598af07 |
| SHA512 | db716e2f6527af2dfeba4c22ff00e159d7cc0b482fc126e87b8b3d35b714bb382676066097352b6ebb87c8dfe7f6144e83100f0c9a9990b0d23c810b6c575c21 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_lo.dll
| MD5 | 864edbc77831a64a3e3ab972291233bb |
| SHA1 | fa1f3eb3320c1b1a329cbe786abecf2a8e625cbe |
| SHA256 | aecab1eb46075d1a1432b3e14537f860a2ded49a13ca82f17fac44b40ad2da51 |
| SHA512 | 3d54efd01d6317fb4746b55db2c847a506f594cff055f0db84a72ede02dbe3aa03d8e65ea06c5ae365f44312a26cdbc45ad5f9a0de46d2b9c878aeeb24566b89 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_kok.dll
| MD5 | ca3465347e57624ee2a5dd2299d4f4cd |
| SHA1 | 551a151a8d49489c90400e18c34633aa2c2b8a4b |
| SHA256 | 5b9509a1ae34d89c89c8e657742495037d28cd03e1cd48aef4dfaa7aeebe29f0 |
| SHA512 | a4bdd458a7628a9f0664e1000512e056718cc924510a21704ff8c69b0b251a5a1c7f6f267d66325cadda1536aaee78440348be128d082112c71732e485ac93f3 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ko.dll
| MD5 | cf91a1f111762d2bc01f8a002bd9544d |
| SHA1 | db2603af55b08538a41c51fc0676bc0ed041d284 |
| SHA256 | baa9fae4fb8939e0b5fe0c7f393ab1ca40b52534f37bf2158a9a36331a221e75 |
| SHA512 | 9db864dbd194885b46f7bed9875f1e531e48f7644ce4494b8dc482c7516a6f783cd35129d2565b272dc674491a08c844a6da88bf9fa7843fcf89c96b4e0af799 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_kn.dll
| MD5 | 60dfe673999d07f1a52716c57ba425a8 |
| SHA1 | 019ce650320f90914e83010f77347351ec9958ab |
| SHA256 | ef749f70e71424d7f548d5c12283be70a6d6c59cffb1c8101b74f37ecacb64af |
| SHA512 | 46bfe77a49f14293988863a8e4dd0543202b954b670940d9ad5dc6d2b46e46104d8d6206be08a941f7e02b8ff3e2e2366b7b795d02352cff18971f8d0df5fcdc |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_km.dll
| MD5 | 2ea1200fdfb4fcc368cea7d0cdc32bc2 |
| SHA1 | 4acb60908e6e974c9fa0f19be94cb295494ee989 |
| SHA256 | 6fd21b94f62ee7474b3c3029590ddf06936105508f9bf3509620c42dc37486c3 |
| SHA512 | e63b80a5929200c85c7a30a3054bd51eee2f27e603501f105073868690906f4619a27a52e58c90ac2ab5d5c34a4739dfdd2a511574afeb7d0118de88c5544f42 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_kk.dll
| MD5 | bcb1c5f3ef6c633e35603eade528c0f2 |
| SHA1 | 84fac96d72341dc8238a0aa2b98eb7631b1eaf4e |
| SHA256 | fdd6bffdb9eca4542975f3afe3ac68feac190b8963f0a7244b4b8fa6382381d1 |
| SHA512 | ecd79ddd9f3e6db1d0471132c453c324ab55bdead21de77392f418281bc8a2dd43e9009912896ffa3d55d4d3ef17b0aa847a084369b619eb04a2d2313641d520 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ka.dll
| MD5 | 3bc0d9dd2119a72a1dc705d794dc6507 |
| SHA1 | 5c3947e9783b90805d4d3a305dd2d0f2b2e03461 |
| SHA256 | 4449ee24c676e34fea4d151b3a752e8d0e7c82f419884e80da60d4d4c1b0f8cb |
| SHA512 | 8df01ad484bf2924892129c59317f3da4f79611be2ca29e208114e5ed2cb96a63f753511dc4fe97e281417366246f2fb576cc6ef2618a67803ae7ac01be7b067 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ja.dll
| MD5 | b507a146eb5de3b02271106218223b93 |
| SHA1 | 0f1faddb06d775bcabbe8c7d83840505e094b8d6 |
| SHA256 | 5f4234e2b965656e3d6e127660f52e370dc133632d451ef04975f3b70194b2ed |
| SHA512 | 54864e9130b91b6fd68b1947968c446f45a582f22714716bfd70b6dc814841fffe939bc2f573a257ec8c62b4ff939643211fb29cabc0c45b78a6cc70eaa3752c |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_it.dll
| MD5 | 497ca0a8950ae5c8c31c46eb91819f58 |
| SHA1 | 01e7e61c04de64d2df73322c22208a87d6331fc8 |
| SHA256 | abe2360a585b6671ec3a69d14077b43ae8f9e92b6077b80a147dfe36792bb1b7 |
| SHA512 | 070398af980f193ff90b4afaecb3822534ef3171eca7228bce395af11ca38364bc47cab7df1e71187ef291f90978bdc37a8611d2992b1800cd1de6aa7fda09d9 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_iw.dll
| MD5 | 45e971cdc476b8ea951613dbd96e8943 |
| SHA1 | 8d87b4edfce31dfa4eebdcc319268e81c1e01356 |
| SHA256 | fd5ba39c8b319c6ba2febf896c6947a0a7bae6aa0b4957bd124d55589f41849d |
| SHA512 | f1c9fccf742fa450be249dbbf7e551a426c050ae4af3d2e909f9750068a2bdc801f618eb77a6a82d13421d27949c9f2a9681a44bcb410ccdeec66b24a70f6a9a |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_is.dll
| MD5 | 5664c7a059ceb096d4cdaae6e2b96b8f |
| SHA1 | bf0095cd7470bf4d7c9566ba0fd3b75c8b9e57ec |
| SHA256 | a3a2947064267d17474c168d3189b0d372e36e53bf0efb9c228d314fc802d98e |
| SHA512 | 015dcb17b297a0aaad41c7b0b2199187e435855fd3977d16402be774622cc4f6b55d04ba9159a89e26e350c5602928c76dd9386be3974437b41888a0cfdddfa8 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_hu.dll
| MD5 | f4976c580ba37fc9079693ebf5234fea |
| SHA1 | 7326d2aa8f6109084728323d44a7fb975fc1ed3f |
| SHA256 | b16755fdbcc796ef4eb937759fe2c3518c694f5d186970d55a5a5e5d906cb791 |
| SHA512 | e43636d8c947e981258e649712ad43f37c1aab01916539b93c082959fb5c6764c9c44979650092202839e812e6f252c6c3eaf66d3d195c1efd39c74c81ad1981 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_id.dll
| MD5 | 03d4c35b188204f62fc1c46320e80802 |
| SHA1 | 07efb737c8b072f71b3892b807df8c895b20868c |
| SHA256 | 192585d7f4a8a0cd95e338863c14233cdd8150f9f6f7dd8a405da0670110ee95 |
| SHA512 | 7e67ea953ea58ff43e049ce519ae077eec631325604896479526627d688f2fa3bfc855a55ac23a76b1c9ef8cd75274265b8238423b95a2437be7250db0db31b1 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_hr.dll
| MD5 | 0b475965c311203bf3a592be2f5d5e00 |
| SHA1 | b5ff1957c0903a93737666dee0920b1043ddaf70 |
| SHA256 | 65915ad11b9457d145795a1e8d151f898ec2dcb8b136967e6592884699867eb0 |
| SHA512 | bec513125f272c24477b9ddbaa5706d1e1bb958babac46829b28df99fa1dd82f3f1e3c7066dc2fe3e59118c536675a22fc2128de916ca4c478950b9992372007 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_gu.dll
| MD5 | f9646357cf6ce93d7ba9cfb3fa362928 |
| SHA1 | a072cc350ea8ea6d8a01af335691057132b04025 |
| SHA256 | 838ccd8243caa1a5d9e72eb1179ac8ae59d2acb453ed86be01e0722a8e917150 |
| SHA512 | 654c4a5200f20411c56c59dbb30a63bfe2da27781c081e2049b31f0371a31d679e3c9378c7eb9cf0fb9166a3f0fba33a58c3268193119b06f91bebe164a82528 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_gl.dll
| MD5 | 84a1cea9a31be831155aa1e12518e446 |
| SHA1 | 670f4edd4dc8df97af8925f56241375757afb3da |
| SHA256 | e4eb716f1041160fd323b0f229b88851e153025d5d79f49b7d6ecb7eb2442c57 |
| SHA512 | 5f1318119102fcee1c828565737ce914493ff86e2a18a94f5ff2b6b394d584ace75c37258d589cce1d5afd8e37d617168a7d7372cfd68dd6a2afcd4577a0bc51 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_gd.dll
| MD5 | c90f33303c5bd706776e90c12aefabee |
| SHA1 | 1965550fe34b68ea37a24c8708eef1a0d561fb11 |
| SHA256 | e3acc61d06942408369c85365ac0d731c5f3c9bc26e3f1e3bb24226d0879ad9c |
| SHA512 | b0c1a9d7df57d68e5daf527703f0b6154a2ef72af1a3933bda2804408f6684b5b09b822522193243fd0756f80f13d3ab0647c90d2bed1a57b4a9fea933b0aa9a |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ga.dll
| MD5 | 3b8a5301c4cf21b439953c97bd3c441c |
| SHA1 | 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a |
| SHA256 | abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0 |
| SHA512 | 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_fr-CA.dll
| MD5 | b534e068001e8729faf212ad3c0da16c |
| SHA1 | 999fa33c5ea856d305cc359c18ea8e994a83f7a9 |
| SHA256 | 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511 |
| SHA512 | e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_fr.dll
| MD5 | 64c47a66830992f0bdfd05036a290498 |
| SHA1 | 88b1b8faa511ee9f4a0e944a0289db48a8680640 |
| SHA256 | a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961 |
| SHA512 | 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_fil.dll
| MD5 | 7c66526dc65de144f3444556c3dba7b8 |
| SHA1 | 6721a1f45ac779e82eecc9a584bcf4bcee365940 |
| SHA256 | e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d |
| SHA512 | dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EUFAD2.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 5a2f0a84403746d1d34190bd5a874b47 |
| SHA1 | dd6c51d0aced960a4a8ddfc846d9b3efe6d1e7ea |
| SHA256 | eebde7383ae8e82813d9d32e511dbf790431f3d57f16ee6689345e92cfc89c65 |
| SHA512 | 4217fc99bc415d9d78f25751110e138304aa3913db2ac76dff65a9a85cafb963ed3c641fab53eb4a0f5f07beff48cc68561306127cbfaa831f2ff1f1b03332ce |
memory/1896-1595-0x0000000000300000-0x0000000000335000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\SiteSecurityServiceState.txt
| MD5 | 786df2686447c3a106a519290193634a |
| SHA1 | 75d15ded0d4f62a6f0b93abdd46764d15bbee730 |
| SHA256 | 028d6b436816a4121722c23bdfff1b972e20a099b8beb43f4067f2cba9a62cbe |
| SHA512 | 33278947148177cb76eccbdc6f4e90b0928cc4204f0bff6add5ee7e449ebfff7ff5dbfb3c63384bf20bd3eb4a1ba3268ba6021924b6f3e8282b2f5e29023ffd7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\favicons.sqlite-wal
| MD5 | ec0167aafb11929612f8d10902ceff5e |
| SHA1 | a42c52796f684bdec140663b1e3c301e0e3cf0e8 |
| SHA256 | 4d48c5da6106c71f500fd3592defc6c5220e1a7a1f15b17ee7bae0cccc2c450d |
| SHA512 | f8be1c094e48b1e0ebc72c0b8d0247fab241eb6979ac5bfe2f8b07d995d3f4002da561802d59721c9ce8cdb82a7f68fb13ae459c2507ec22fc90ad218726343f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\places.sqlite
| MD5 | ae421bd5ed0827eadcff099342ae9870 |
| SHA1 | 7fb3278953a82291d51410f76ade4b46088f762c |
| SHA256 | 7668200552c9634097a6e48eabd59b2d02bdc58136fb8250508b3239868eede3 |
| SHA512 | 76f6c5747b0fcf4629cedb371061b3ef37d37854c2c877aa1fc86809d00ab4b34ad140bf605d542d495e2cfc38f26cddc04c8222b55f5cbfd046ced6999a391c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\places.sqlite-wal
| MD5 | bbfd98db0b92f33ea7a017597f90213d |
| SHA1 | d86eac466f7ce9c9250de4ecbf2f23797f373cbe |
| SHA256 | ac5be5f442f92ac4c8aa723a3c4d609d87d35ed60b6933156a6068c29a94586a |
| SHA512 | 9181d6a3c40eb077448e39bde1e39e0333089b1d22eef0a04c337afaeed53e508e2b9ec8951db1b0bfab769c75a2e86b2d248dd5473a915baac0a43eb8967fa2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs.js
| MD5 | 4fa5452035bd15bebcc3f10e099ba183 |
| SHA1 | 861487500d911a7fe7a83443b953ef59ff8fcdf8 |
| SHA256 | 2bbf7ba44d1735d31031bf1311c9b925adc5aa5891fa6981de3033433c1d1f4b |
| SHA512 | ca64eaf13fcb63580c3f2a093168eff75f9be23aa4595b0b4f07674b22c796550133f188cd5a80c9d6806773f71f6090cabc2aa418c111683cce01a83b5832c6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wjyk7j4u.default-release\prefs-1.js
| MD5 | 8e8dbc9f2f0aabb3fa509e40770192b1 |
| SHA1 | 58155091507ca1dec79ee2b2ba47efe6d191a088 |
| SHA256 | bed8ba5400b0675659cfea3bdc6d29587d8bc9a32755f4e3b3e234672c29aac1 |
| SHA512 | a1aa406c3df591833f6eb5e496a36027421c3e57eb48b4d92b1b68334e7aac41957a0cc664e40d637527d1e3dfb3bcdc09ea1c1b2769ea892276dc49088ee420 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\sessionCheckpoints.json
| MD5 | 948a7403e323297c6bb8a5c791b42866 |
| SHA1 | 88a555717e8a4a33eccfb7d47a2a4aa31038f9c0 |
| SHA256 | 2fca1f29b73dd5b4159fa1eb16e69276482f5224ba7d2219a547039129a51f0e |
| SHA512 | 17e2f65c33f47c8bb4beca31db2aff3d4bbb6c2d36924057f9f847e207bdcb85ffcbb32c80dd06862ffc9b7f0bd3f5e2e65b48bb1bc3363732751101d5596b1a |
C:\Users\Admin\Desktop\Old Firefox Data\wjyk7j4u.default-release\crashes\store.json.mozlz4
| MD5 | a6338865eb252d0ef8fcf11fa9af3f0d |
| SHA1 | cecdd4c4dcae10c2ffc8eb938121b6231de48cd3 |
| SHA256 | 078648c042b9b08483ce246b7f01371072541a2e90d1beb0c8009a6118cbd965 |
| SHA512 | d950227ac83f4e8246d73f9f35c19e88ce65d0ca5f1ef8ccbb02ed6efc66b1b7e683e2ba0200279d7ca4b49831fd8c3ceb0584265b10accff2611ec1ca8c0c6c |
C:\Users\Admin\Desktop\Old Firefox Data\wjyk7j4u.default-release\xulstore.json
| MD5 | 58e240288763218d12bf235d34e5aee2 |
| SHA1 | 89135494b57f590011c09668dec3b90d2c5ee9ae |
| SHA256 | 615f80e71dfde24711e7fefc1b7959f7592c5e5cf9ad0f3aecb4235b93187176 |
| SHA512 | caed2638902987aead199e73cffb90881bf245bbb616cb38c46b281d4aaaa54dc20a54e9bfe17a8d6e68847394c113fb7606e94b64f44ab0b52bf7846f26e936 |
C:\Users\Admin\Desktop\Old Firefox Data\wjyk7j4u.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | d811b93017a3b4d4aa4cfc3e191d48ff |
| SHA1 | 3a5380bd54ea31f3157ceacfbb802539c6b492eb |
| SHA256 | 1600fccdb95df3a0c7bfd5919064dba2d9f05b87b0ff2959cf9d71d778568f09 |
| SHA512 | 9513ec4e3e4accdfba60265b3ea1faf73dfe9b67804f16f99ee95a3ebfb56d5f8df21c112789a051a7b95ba39f0ac08fbef0049b088f088f0eb8d8704ae6c1cd |
C:\Users\Admin\Desktop\Old Firefox Data\wjyk7j4u.default-release\storage\permanent\chrome\idb\2918063365piupsah.sqlite
| MD5 | c45a8a2ffb934e0be940521e1a4f6a4f |
| SHA1 | e4580c877be9de958d5b4c0ff69be5fa0b41a9c4 |
| SHA256 | e3a9536323f1b1c2b5a00628189cece17a840a14d88f1c402fe2b84a2fa47b2e |
| SHA512 | 92e520976be333d5a3dd000cf0f666338941d88e691c79c34430fd82966660227b52a85f341f3fce165bb9e3676f0a3d39e9de467498cf6019ff13cf9527b843 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cookies.sqlite
| MD5 | bd790a165b18115336ca17cbe5603c3c |
| SHA1 | 1fcfb57263eeb09952ed94606964315c5c3c9711 |
| SHA256 | 69b2b4db04efcf2c95fdb6d899a8dd711496498a1e9a78b00f7b7fd8f125fd2a |
| SHA512 | 603896bd6ead20a9989b90db6b53d84beae9ec93d281c4d49083d3e9b792b339599bf1d015948b1f41fa39b655a2a2bdda4f6c005d9a7be00774bd553447927c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\prefs.js
| MD5 | 4975ad0a555ed22e5ad5aaaaf8100e86 |
| SHA1 | 63ca75b845088fb227cc48f77ef940b3aafa479b |
| SHA256 | 191c36b735e89340fed0439669b8e6ddaaf1b531a08dd1d02245a5c648411c33 |
| SHA512 | 4b529efb5a6f31b8830ee618e8858d94a1d5ed0e1452c49c578685ba7a3ff224752bb728196900a60cf10f0ed63a553a435fa597d22632af2136b1ba281c20a0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\sessionstore.jsonlz4
| MD5 | b2bd55434e7f3bf7dbca88ae1f573101 |
| SHA1 | 7da731aeff6998122be7a151bf1e4600ad11b3fc |
| SHA256 | 447f0e84f9a6e884a1db6b364c9e2ffe26c93507a04ae47e42b2185771449313 |
| SHA512 | 6e84c425dbfe34d336c2ea22bd68f1234b95e3cad4b50defcaa227ba53f784ab5b8f5236790b7a98c9d784a69e83a396d7a8f97e832d404c5db3888d35a1e5b7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\prefs.js
| MD5 | 9cf58290338c5b160784d8d41a13fa38 |
| SHA1 | 168dff83967ccabea9c0cb9f72a680d93fcb528f |
| SHA256 | a8c6b01b15546ddf75b64a8757595d71b8f6430d582c8023a2272003b21e1989 |
| SHA512 | 7f01a15d7de0cc3e571749d3a2a3ce616444127d54daa1888cd88bb12272a6ec3e1ffaee2036500b673a0b842b1820c4c855a102e04ce279b8a4eaa289a1d39f |
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\update-config.json
| MD5 | 7d1d7e1db5d8d862de24415d9ec9aca4 |
| SHA1 | f4cdc5511c299005e775dc602e611b9c67a97c78 |
| SHA256 | ffad3b0fb11fc38ea243bf3f73e27a6034860709b39bf251ef3eca53d4c3afda |
| SHA512 | 1688c6725a3607c7b80dfcd6a8bea787f31c21e3368b31cb84635b727675f426b969899a378bd960bd3f27866023163b5460e7c681ae1fcb62f7829b03456477 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\search.json.mozlz4
| MD5 | 41d220d4783f67d2b57beec20c135229 |
| SHA1 | 6e97765e77920b6010fac2cb4abf1e3cea106541 |
| SHA256 | 5d1881e74d76b95bad59439bb5c7676258a4ae6b6d853074e93b5247cf1715dc |
| SHA512 | dc30ddc4c8cfe598de5e24bc88cebbe4256fbb21a0b1db6c2ec15311053e7d8be6a93a0bcfcfd8a02543f8b9cf9b15a5840154b272a2df71d59d7dfd80984ac0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\extensions.json.tmp
| MD5 | 2535703e7d2cdc178e7be4468dd128f4 |
| SHA1 | 82a3a14bea48cf15975efb83758cf8c15169b46c |
| SHA256 | 247bf1109b43af70ec53012875f5b38248ad38eb957a210ae5d3e4227d67155e |
| SHA512 | 68b1390963d538720554c09e81c2be143d1e704af1f63b7e726a204de79dfd707d80738ed6c11259c43af7455211ae8eb9070dbd58c3cdbe558fe48b796bfe16 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\datareporting\glean\pending_pings\8282c7e3-dbb0-48de-84c9-331079bc3780
| MD5 | e23a3640a7bbd54df0d07b02575d365e |
| SHA1 | b3d00f092b95de6a4f118fb0ee4221db067a161d |
| SHA256 | 4e8f32665982e1e70143a57a47cdf62ba546a8a228f9004085853663ec06edd0 |
| SHA512 | 3f8526dc242d70651b8445f6284186d2be09f4348689282410a0729accd9ea2afb9ff71ef1989b12275c60c5cb241de88cd54d34caca1d9ca7a258af4e7529d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\datareporting\glean\pending_pings\38371001-32b4-48fe-91b0-8f22824912a8
| MD5 | 62a9900994a40ed8abf16537d4d006be |
| SHA1 | 35983eb78f08aefa168fe3a4ce83c875a05a4242 |
| SHA256 | ac916e0c5d2eda96ccc971d5066495f58401653c1c982cfaf7c94b5f6e667026 |
| SHA512 | cafe26dacdc5aa23158ba96eb1991aa512a132054a9c14d83ebd8b9a56b926bba7cf489e93e4ae7af8b1a6bf0d53c0559abd39531fc744611e8cd3df998c35c1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\datareporting\glean\db\data.safe.bin
| MD5 | 203bbf17be9f3e89a8209a1ba8176b42 |
| SHA1 | c30b7dae5ec2fcbbd903436a2f918766c15ef674 |
| SHA256 | 2cfda7bc3214d10713a8c69ab7a7074c87a34018c9d00ae9ef44df213122976f |
| SHA512 | 7c3d347d94982c3952b9e37fdf6e7d2c466f3d9532a880a32c72b54bb81dceab68808c1052e297c9bcbf435a4123ae534525ae6e118c796dfa88caaad82498e7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\activity-stream.discovery_stream.json.tmp
| MD5 | 39802985c3084829dc1a7d1ae55572d1 |
| SHA1 | a29c31df13019fc7a8e65475e2d13c733f82fcd0 |
| SHA256 | 9d9108c392627c81262ea2e0cccb2e630acd2e9921f0ed59729164985ae15723 |
| SHA512 | 3db8308feb873b89de94daa29849403958a9f9863e2d56b61231cb1d52aa578bcff568450f4c565b71dc45b35c9ef015a47a155a235cdfbfd0ce74e999572af3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\prefs-1.js
| MD5 | 32919ac85fdc4b1f81a7f5e4b8f061b8 |
| SHA1 | 8aa79998ba32a7af27330e062685a9b0d962924e |
| SHA256 | c6ac7f4bcd4ace14fb1bb1a8493a6fbf09440e2cb76ec91e9c8acd2632ca6289 |
| SHA512 | 0dbba518bf74fd0b26d5e2dffb119ff610414fbf4693991c315e8c26a22a9e7f34d4b569fffd47a597d02aab14a8cdd6e0c99bb958a5d672c282edb4e6b82cdd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\handlers.json
| MD5 | e7a65c5ead519a7b802f991353c26d3d |
| SHA1 | 34cc3c1cf9bd4912dba5fa422010934e46419fa3 |
| SHA256 | 0e5ce92485da953757f615bad034a43032b220da18f8165dd85347851b56b2d2 |
| SHA512 | 2a6034449ba6f5da8a77870ae665064047cea2460aeb4c8c0b62b308a403fdd30648150209aecc31ab1e50b6d9d94a1f51d3d7d50bbf35ec1b742bff2dbe788d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\shield-preference-experiments.json
| MD5 | 285cdefb3f582c224291f7a2530f3c4e |
| SHA1 | f816c3e87aa007b6e6d31eb6a4618695a7d83439 |
| SHA256 | 704d28223a4320a853df4a19d48c7015cf79d56a5317cc3475b6305fa43dcc05 |
| SHA512 | 8f1decf1e4b5755fce8f165daae115f45d6890985c9c4bbb33a6f724cbfd26db75f6da06f9ef675de20fe755da9b7f55e5ee37124296a12a520a393da159bd58 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\containers.json
| MD5 | 94a3843fad8c45c48b0e07342df3dfdc |
| SHA1 | d55b650208bda884d573afebd90830a3f4d7c201 |
| SHA256 | 854ff2076f71097b030c302a1ea71d8e851d2920b9ff5fc8dc8f16c91ba95b72 |
| SHA512 | 4d2a6b2a223ad81bb97195abb27685cf88453caf5769de154b373486d5245f02e0c0f664281d8e3bb33bfcdf1d6f7b3d9602303864d4e56481382adcb0b932db |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\key4.db
| MD5 | 4d6e4719c7f28330bace53c791a0d776 |
| SHA1 | 68ab1b566bc5d1eb217614e6204f3d9b0e7229dd |
| SHA256 | e5b77262375be6c89cdb76c6985cc27a20ca60c38769667dc59fa90afefc2b9c |
| SHA512 | f3214a5bab81692bf7cb730f46623a2be6628cbba0fe4ac0354122905f5f260414b7f23cfb290e5b9c68929280d4a561dfb21ad41bde94e105203c1e60c6456a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\4C11E373FD9A73A5E61FCB5291518B290C3C15DF
| MD5 | 2cd2bef90a18c35d707bcc26f3a0abf4 |
| SHA1 | 746e30207e08fef6c2b6d8ab74179c3491f5497f |
| SHA256 | f296db4774a131906601dd1ae9b31029835e6cdea07f21f3d39ea8f432bc46ae |
| SHA512 | 0d8b7729bebb2f217b7825def22bdb41ac9b73a9a8ffecc0112055383d589234a65ad94ea6f21eeec6543c5e27b3bead74a7c0d71d8da9012493d055944632f6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\DB7A36C3E7F7DAD48CAB34787C2A7F576AAF7039
| MD5 | 0d10e9dbe46d881329f36c19a2640dbb |
| SHA1 | d7d073154b6d432019312fe04c2faed5b8b2913b |
| SHA256 | c69049671258910c96db33eb7b3b9ee7a3d5e852b1270d3e40dfb3d4600fe0ce |
| SHA512 | d63b313f544aeb265403908dc707f2941bbdad36eceea9a707dcffc7cf508a67ec2360ac3a8a2583d3c8983a66dc9188d15f8fa345d51b32e5dab25f0d0c2f60 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\AC5B4849CAB26A6FF5E0D69715FFD2D5203EA01F
| MD5 | b72dc2f81f3dfd2f44953a2d50283a1e |
| SHA1 | ec71992f23a2b962a311c52322160875ca783899 |
| SHA256 | 9b8579caba6a241ae64d1c5c487b9f64a88209a232c2cd322375fb93a8860208 |
| SHA512 | d49f16da70d97e42874a48dc899bacb27dc0dbb5ce8a7f0fa3cde8b862e12a60b30a33d4617fb1b7203672ea90910846068b546b280e5baebf0fa6bc4ba3013d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\4E3562C55341939E493011A1EC297C2A4CAF51DB
| MD5 | 3662211a7ae575b707ebf8d8c186eb5d |
| SHA1 | 1969f6d0327b3147606030e83459c555ad866d33 |
| SHA256 | 05a866bdffd259474dd95c00578512b69f123e3102ae368ecf54671908772a39 |
| SHA512 | e293f283187e3d47a84d0bbc76dd54d654aed09c03432ff24cf2f44e56f76f56e9ed42209c80c56790d90de906fcdeac57d5a578f9e32510e973a43bb99b9068 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\9C29916B899C579DE3BA8409A772D155B031D381
| MD5 | 61e648e0aa417089615902f6e7f6632e |
| SHA1 | b0c2338f81afb0d9388e94526afebed5968c2838 |
| SHA256 | e363fae55edf291cb8132dd08ec8fa9a8bc57f862539bec4b3f06bd67a80b4a2 |
| SHA512 | a8d56610c4e79394ee3084122de42301b19541562074055c3c11098a54a48b1df35f079907bcf6b200b3ad161ab0d5a5e62d07a83190a870cf9256025418137f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\BE2D3D60C4D6C94AEDAA7868122CCB76EF5AA608
| MD5 | 37db3372ed386f511e100949bd702efb |
| SHA1 | 4bc226589cb03bfa84704d2b162ae12a414e631a |
| SHA256 | 5b0b42d753904ad5b8e400d0e480fa75383b5cf4c8ac46122261308eb0209a98 |
| SHA512 | 33a6e26c4bfcd211fc661d78364b9c7fce41c0b91c26ba3547beeb01b18e1ed7ba7e176cd3433403098fb20f83ab69902fe719701b8bc077af23fbf125b94595 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\cache2\entries\E1010D5D7482D53E10DD0E4A0C3EFC3A2E56240F
| MD5 | 310fcc9cfcc5be5aa6addafd20f975e9 |
| SHA1 | bafd6355bd3d497843e3648107ea54af12718047 |
| SHA256 | afade789e9ea8cd9312f707b7c2620daaece628f6c2b3772be40ded1911c978a |
| SHA512 | 5cacc1813257b08a78df1d68ff9432c414a599c6e6a3662a709f60fc01fed914f22ef4debee473ab628a38506ba371ec064766de1a809d026a8ae1b3c9091c0b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\prefs-1.js
| MD5 | 07e30def78b780fc37e98cb056436ff2 |
| SHA1 | f7aecd485b0a3f5a6a969eda736dfc056f661ba0 |
| SHA256 | 3c396db3eccf90661de6ac4b577edae445847f747bc721d369723919f74e40ec |
| SHA512 | d4390af95cc7945ddee02a87a57783b35b526c7a43793ee58041a07f47a0cc8c31c9e711e6aaf7253a82fe539c4e8041f18c2c74345be02f7548c7bb811efe34 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).p98i_wme.exe.part
| MD5 | 524cb8a77ebac9004cd9e37bade58011 |
| SHA1 | 61869c5bde21535b4cc96bb6b3480416fb635745 |
| SHA256 | 256e135c0221be0cd7eb21d2afc1054a46586dfd46374e16fa8a4297584ce578 |
| SHA512 | 4a01055e4b418cb975bed8648fef2493da99a96d23b2e463d4d6adfd58fb16a778965d7b1c639716395ae426f85186898c9c6cc343b81d7c2b72ab2fb3aadc86 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller(1).exe:Zone.Identifier
| MD5 | 89d07bfe1782132bf335cbbf3c1e4e9a |
| SHA1 | 960f16380a8c2ec35649d7f5005ba6f119478548 |
| SHA256 | d7a7d810aa1a1f1e05400c4a44b059cb605ea19d80c54175166827f0a07c5a6d |
| SHA512 | eb715a0c61119083f0a418dfbf4a31d3efb86f42eb91ab6f98e0773816aa121f2dfaa356308193d0b4520fedae3e32660ca8ba39b7b12bc307b574d3bbe2ccd6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\sessionstore-backups\recovery.jsonlz4
| MD5 | b81a706cad21c4d68901f5709b38f8e8 |
| SHA1 | 9bf4cce638735c78232b3900f7c4a36723320981 |
| SHA256 | d234ad306ae42688b19f605cdf2da053c9f7140289282bbb5c826efc37151416 |
| SHA512 | bc1dcb9684e1c814f67cf437a414311cfe9c0ba4e10a1228bbe2c05a75d0a9ee2c823fd7cd4a769d16fa2792b8d9a69d5e2fc2007b8cff94e27c82e6a04bd680 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\sessionstore-backups\recovery.jsonlz4
| MD5 | 13fe6dcbe60716a03d38b6c4c3616657 |
| SHA1 | b8a828bb30581904f5b38c8e114fe0161900136f |
| SHA256 | 0126f5f5876385c120d4a99a1f1b36fe30682626de85f507c7ec069b879525f4 |
| SHA512 | 9e76edfbeae709058f89d66cf487a1b3e8f457431d75cd5f4edd712cdd07a09f15dcb489b9d834deb8add0586a8cc6712eb84ab81d8997188af3b06d17b13cfe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\47ke3i6d.default-release-1722832529659\prefs-1.js
| MD5 | b7bb7a66f490e7d89cc362631639bb23 |
| SHA1 | 55b7a0b014b857f7132b94eb01a0a3fe84be567a |
| SHA256 | 75f918a113e2a909242a6f7231b05470ea28df321597574d453954ecf1a6dbb1 |
| SHA512 | 0edce459167cdf4d008607d13cdc3c8db333226b48928c4fc1f2b287bbd9a160bb8522c2db79dbf1d00f01eb03b5674fbcc9a12e9f03188f0b984e11e7362cb9 |