Malware Analysis Report

2024-11-16 12:47

Sample ID 240806-ggbv1svemb
Target https://www.androidauthority.com/best-android-emulators-for-pc-655308/
Tags
bootkit discovery persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://www.androidauthority.com/best-android-emulators-for-pc-655308/ was found to be: Likely malicious.

Malicious Activity Summary

bootkit discovery persistence

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Enumerates connected drives

Writes to the Master Boot Record (MBR)

System Location Discovery: System Language Discovery

Browser Information Discovery

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-06 05:46

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-06 05:46

Reported

2024-08-06 05:48

Platform

win10v2004-20240802-en

Max time kernel

150s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.androidauthority.com/best-android-emulators-for-pc-655308/

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 151018.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2904 wrote to memory of 4788 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4788 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4624 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 4792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2904 wrote to memory of 3236 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.androidauthority.com/best-android-emulators-for-pc-655308/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbdffd46f8,0x7ffbdffd4708,0x7ffbdffd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8648 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x51c 0x52c

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8512 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8088 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9724 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8

C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe

"C:\Users\Admin\Downloads\GLP_installer_900223086_market.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9200 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=8912 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9472 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4872 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,1931801971298213338,109785474330195438,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8092 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.androidauthority.com udp
US 104.20.42.170:443 www.androidauthority.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 95.101.129.43:80 apps.identrust.com tcp
US 8.8.8.8:53 www.riddle.com udp
US 8.8.8.8:53 cdn.intergient.com udp
US 8.8.8.8:53 ak.sail-horizon.com udp
US 8.8.8.8:53 www.googleoptimize.com udp
DE 185.191.224.2:443 www.riddle.com tcp
GB 18.165.201.10:443 ak.sail-horizon.com tcp
GB 18.154.84.80:443 cdn.intergient.com tcp
NL 142.250.179.174:443 www.googleoptimize.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 170.42.20.104.in-addr.arpa udp
US 8.8.8.8:53 43.129.101.95.in-addr.arpa udp
US 8.8.8.8:53 80.84.154.18.in-addr.arpa udp
US 8.8.8.8:53 10.201.165.18.in-addr.arpa udp
US 8.8.8.8:53 46.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 168.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 174.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.224.191.185.in-addr.arpa udp
US 8.8.8.8:53 shapecomb.com udp
US 104.18.24.111:443 shapecomb.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 cdn.intergi.com udp
US 8.8.8.8:53 secure.quantserve.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
NL 142.250.179.162:443 securepubads.g.doubleclick.net tcp
DE 91.228.74.166:443 secure.quantserve.com tcp
US 8.8.8.8:53 snippet.affilimate.io udp
GB 18.244.179.14:443 cdn.intergi.com tcp
US 151.101.1.195:443 snippet.affilimate.io tcp
US 8.8.8.8:53 static.adsafeprotected.com udp
US 8.8.8.8:53 api.sail-personalize.com udp
US 8.8.8.8:53 cdn-magiclinks.trackonomics.net udp
US 8.8.8.8:53 static.narrativ.com udp
US 8.8.8.8:53 api.sail-track.com udp
GB 52.84.90.35:443 static.adsafeprotected.com tcp
GB 52.84.90.35:443 static.adsafeprotected.com tcp
US 75.2.40.13:443 api.sail-personalize.com tcp
US 75.2.104.6:443 api.sail-track.com tcp
GB 18.245.218.26:443 cdn-magiclinks.trackonomics.net tcp
GB 18.244.155.5:443 static.narrativ.com tcp
US 8.8.8.8:53 androidauth.wpengine.com udp
US 34.123.130.65:443 androidauth.wpengine.com tcp
US 34.123.130.65:443 androidauth.wpengine.com tcp
US 34.123.130.65:443 androidauth.wpengine.com tcp
US 34.123.130.65:443 androidauth.wpengine.com tcp
US 151.101.1.195:443 snippet.affilimate.io udp
US 151.101.1.195:443 snippet.affilimate.io tcp
US 8.8.8.8:53 rules.quantcount.com udp
NL 142.250.179.162:443 securepubads.g.doubleclick.net udp
GB 18.245.187.41:443 rules.quantcount.com tcp
US 8.8.8.8:53 events.release.narrativ.com udp
US 8.8.8.8:53 43.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 111.24.18.104.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 162.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 14.179.244.18.in-addr.arpa udp
US 8.8.8.8:53 195.1.101.151.in-addr.arpa udp
US 3.234.117.147:443 events.release.narrativ.com tcp
US 8.8.8.8:53 35.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 26.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 5.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 13.40.2.75.in-addr.arpa udp
US 8.8.8.8:53 6.104.2.75.in-addr.arpa udp
US 8.8.8.8:53 41.187.245.18.in-addr.arpa udp
US 8.8.8.8:53 65.130.123.34.in-addr.arpa udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 us-central1-affilimate.cloudfunctions.net udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
NL 142.250.102.157:443 stats.g.doubleclick.net tcp
NL 172.217.168.195:443 www.google.co.uk tcp
US 216.239.36.54:443 us-central1-affilimate.cloudfunctions.net tcp
NL 142.250.179.174:443 fundingchoicesmessages.google.com tcp
US 104.18.24.111:443 shapecomb.com tcp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 prod.uidapi.com udp
US 8.8.8.8:53 config.playwire.com udp
US 8.8.8.8:53 impression-inferences-edge-prod.playwire.com udp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 z.moatads.com udp
GB 184.26.57.221:443 z.moatads.com tcp
US 3.143.92.229:443 prod.uidapi.com tcp
GB 184.26.57.221:443 z.moatads.com tcp
GB 54.192.137.74:443 config.playwire.com tcp
GB 18.244.140.100:443 impression-inferences-edge-prod.playwire.com tcp
US 216.239.36.54:443 us-central1-affilimate.cloudfunctions.net udp
NL 142.250.179.174:443 fundingchoicesmessages.google.com udp
US 3.234.117.147:443 events.release.narrativ.com tcp
US 8.8.8.8:53 mb.moatads.com udp
GB 130.162.160.243:443 mb.moatads.com tcp
US 8.8.8.8:53 147.117.234.3.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 157.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 54.36.239.216.in-addr.arpa udp
US 8.8.8.8:53 221.57.26.184.in-addr.arpa udp
US 8.8.8.8:53 74.137.192.54.in-addr.arpa udp
US 8.8.8.8:53 100.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 229.92.143.3.in-addr.arpa udp
US 8.8.8.8:53 243.160.162.130.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 104.20.42.170:443 www.androidauthority.com tcp
US 8.8.8.8:53 g.bing.com udp
US 13.107.21.237:443 g.bing.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 216.239.34.36:443 region1.analytics.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
FR 185.235.86.98:443 ag.gbc.criteo.com tcp
FR 185.235.86.210:443 gem.gbc.criteo.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
FR 185.235.86.98:443 ag.gbc.criteo.com tcp
FR 185.235.86.210:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 172.217.23.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 cd836371f1d.cdn.intergient.com udp
DE 3.73.242.72:443 cd836371f1d.cdn.intergient.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 launchpad-wrapper.privacymanager.io udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 fid.agkn.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 34.120.133.55:443 api.rlcdn.com tcp
DE 141.95.98.65:443 id5-sync.com tcp
NL 172.217.23.202:443 imasdk.googleapis.com tcp
GB 54.192.137.69:443 launchpad-wrapper.privacymanager.io tcp
US 35.164.52.124:443 fid.agkn.com tcp
IE 34.240.201.67:443 id.crwdcntrl.net tcp
GB 52.84.90.86:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 104.22.74.216:443 btloader.com tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
GB 18.245.143.100:443 tags.crwdcntrl.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
GB 18.245.189.34:443 aax.amazon-adsystem.com tcp
GB 18.245.189.34:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 194.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 72.242.73.3.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 202.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 69.137.192.54.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 86.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 67.201.240.34.in-addr.arpa udp
US 8.8.8.8:53 100.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 153.161.49.23.in-addr.arpa udp
US 8.8.8.8:53 34.189.245.18.in-addr.arpa udp
US 8.8.8.8:53 124.52.164.35.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 8.8.8.8:53 grid.bidswitch.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ib.adnxs.com udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
US 8.8.8.8:53 g2.gumgum.com udp
US 172.64.151.101:443 htlb.casalemedia.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
GB 108.138.217.48:443 hb.yellowblue.io tcp
GB 108.138.217.48:443 hb.yellowblue.io tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 35.227.252.103:443 rtb.openx.net tcp
US 35.227.252.103:443 rtb.openx.net tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
GB 108.138.217.48:443 hb.yellowblue.io tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 35.227.252.103:443 rtb.openx.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
IE 108.128.67.67:443 g2.gumgum.com tcp
IE 108.128.67.67:443 g2.gumgum.com tcp
IE 108.128.67.67:443 g2.gumgum.com tcp
IE 108.128.67.67:443 g2.gumgum.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
IE 52.95.122.74:443 aax-eu.amazon-adsystem.com tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 launchpad.privacymanager.io udp
US 8.8.8.8:53 ad-delivery.net udp
GB 108.156.46.25:443 launchpad.privacymanager.io tcp
US 35.227.252.103:443 rtb.openx.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 pixel.rubiconproject.com udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
NL 63.215.202.178:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 c9ed1b93a9e5c7f3cbdf26a24e9fb68f.safeframe.googlesyndication.com udp
US 8.8.8.8:53 prebid.adnxs.com udp
NL 142.250.179.193:443 c9ed1b93a9e5c7f3cbdf26a24e9fb68f.safeframe.googlesyndication.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 geo.privacymanager.io udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
GB 18.244.179.50:443 geo.privacymanager.io tcp
US 8.8.8.8:53 u.openx.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 35.244.159.8:443 u.openx.net tcp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 48.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 39.228.93.54.in-addr.arpa udp
US 8.8.8.8:53 103.252.227.35.in-addr.arpa udp
US 8.8.8.8:53 176.168.78.3.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 67.67.128.108.in-addr.arpa udp
US 8.8.8.8:53 74.122.95.52.in-addr.arpa udp
US 8.8.8.8:53 25.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 134.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 178.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 193.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 50.179.244.18.in-addr.arpa udp
NL 172.217.23.202:443 imasdk.googleapis.com udp
US 8.8.8.8:53 s0.2mdn.net udp
US 35.244.159.8:443 u.openx.net udp
NL 142.251.36.6:443 s0.2mdn.net tcp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com tcp
US 8.8.8.8:53 ssp-sync.criteo.com udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 playwire-d.openx.net udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
GB 184.26.56.245:443 ads.pubmatic.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
GB 184.25.193.73:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 acdn.adnxs.com udp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 151.101.193.108:443 acdn.adnxs.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 stx-match.dotomi.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 3.33.220.150:443 match.adsrvr.org tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 64.158.223.137:443 stx-match.dotomi.com tcp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 97.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 6.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 196.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 7.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 245.56.26.184.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
IE 34.243.120.79:443 match.prod.bidr.io tcp
NL 81.17.55.170:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 110.101.22.2.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 73.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 108.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 129.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 170.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 79.120.243.34.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 match.sharethrough.com udp
DE 52.59.198.80:443 match.sharethrough.com tcp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
GB 18.164.68.6:443 check.analytics.rlcdn.com tcp
NL 142.250.179.196:443 www.google.com udp
NL 172.217.23.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 80.198.59.52.in-addr.arpa udp
US 8.8.8.8:53 6.68.164.18.in-addr.arpa udp
US 8.8.8.8:53 145.160.16.104.in-addr.arpa udp
US 8.8.8.8:53 onesignal.com udp
US 8.8.8.8:53 csi.gstatic.com udp
IT 142.251.209.3:443 csi.gstatic.com tcp
IT 142.251.209.3:443 csi.gstatic.com tcp
US 8.8.8.8:53 bid.g.doubleclick.net udp
US 8.8.8.8:53 vast.adsafeprotected.com udp
IE 34.251.98.188:443 vast.adsafeprotected.com tcp
IT 142.251.209.3:443 csi.gstatic.com udp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
NL 216.58.208.98:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 www.googletagservices.com udp
NL 172.217.168.194:443 www.googletagservices.com tcp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
IE 52.210.74.221:443 pixel.adsafeprotected.com tcp
IE 52.210.74.221:443 pixel.adsafeprotected.com tcp
NL 216.58.208.98:443 pubads.g.doubleclick.net udp
US 8.8.8.8:53 gcdn.2mdn.net udp
NL 172.217.168.238:443 gcdn.2mdn.net tcp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 3.214.220.174:443 dt.adsafeprotected.com tcp
US 3.214.220.174:443 dt.adsafeprotected.com tcp
US 3.214.220.174:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 r2---sn-aigzrn7d.c.2mdn.net udp
US 3.214.220.174:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 3.209.251.142.in-addr.arpa udp
US 8.8.8.8:53 188.98.251.34.in-addr.arpa udp
US 8.8.8.8:53 98.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 194.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 221.74.210.52.in-addr.arpa udp
US 8.8.8.8:53 238.168.217.172.in-addr.arpa udp
GB 173.194.138.199:443 r2---sn-aigzrn7d.c.2mdn.net tcp
US 8.8.8.8:53 unified.adsafeprotected.com udp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 ox-rtb-europe-west2.openx.net udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
NL 142.251.36.6:443 s0.2mdn.net udp
IE 54.171.0.243:443 unified.adsafeprotected.com tcp
IE 54.171.0.243:443 unified.adsafeprotected.com tcp
IE 54.171.0.243:443 unified.adsafeprotected.com tcp
US 34.102.143.98:443 ox-rtb-europe-west2.openx.net tcp
NL 142.251.36.2:443 googleads4.g.doubleclick.net tcp
US 8.8.8.8:53 174.220.214.3.in-addr.arpa udp
US 8.8.8.8:53 199.138.194.173.in-addr.arpa udp
US 8.8.8.8:53 243.0.171.54.in-addr.arpa udp
US 8.8.8.8:53 2.36.251.142.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 cdn.riddle.com udp
DE 185.191.224.2:443 cdn.riddle.com tcp
US 8.8.8.8:53 i.ytimg.com udp
NL 216.58.214.22:443 i.ytimg.com tcp
US 8.8.8.8:53 22.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
NL 142.250.179.138:443 jnn-pa.googleapis.com tcp
NL 142.251.36.1:443 yt3.ggpht.com tcp
NL 142.250.179.138:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
NL 216.58.214.14:443 play.google.com tcp
NL 216.58.214.14:443 play.google.com udp
US 8.8.8.8:53 138.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
FR 185.235.86.198:443 gem.gbc.criteo.com tcp
FR 185.235.86.109:443 ag.gbc.criteo.com tcp
FR 185.235.86.198:443 gem.gbc.criteo.com tcp
FR 185.235.86.109:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 andauth.co udp
US 8.8.8.8:53 api.bam-x.com udp
US 52.21.33.16:443 andauth.co tcp
US 52.21.33.16:443 andauth.co tcp
US 18.213.58.73:443 api.bam-x.com tcp
US 8.8.8.8:53 www.gameloop.com udp
US 104.22.64.123:443 www.gameloop.com tcp
US 8.8.8.8:53 16.33.21.52.in-addr.arpa udp
US 8.8.8.8:53 73.58.213.18.in-addr.arpa udp
US 8.8.8.8:53 123.64.22.104.in-addr.arpa udp
US 104.22.65.123:443 www.gameloop.com tcp
US 104.22.65.123:443 www.gameloop.com tcp
US 104.22.65.123:443 www.gameloop.com tcp
US 104.22.65.123:443 www.gameloop.com tcp
US 104.22.65.123:443 www.gameloop.com tcp
US 104.22.65.123:443 www.gameloop.com tcp
US 8.8.8.8:53 unifiedaccess.gameloop.com udp
US 8.8.8.8:53 webapp.gameloop.com udp
US 8.8.8.8:53 rumt-sg.com udp
NL 142.250.102.157:443 bid.g.doubleclick.net udp
NL 172.217.168.195:443 www.google.co.uk udp
US 8.8.8.8:53 123.65.22.104.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
DE 49.51.129.71:443 unifiedaccess.gameloop.com tcp
SG 43.156.86.55:443 rumt-sg.com tcp
SG 43.156.86.55:443 rumt-sg.com tcp
GB 43.132.64.188:443 webapp.gameloop.com tcp
SG 43.156.86.55:443 rumt-sg.com tcp
US 8.8.8.8:53 svibeacon.onezapp.com udp
US 8.8.8.8:53 71.129.51.49.in-addr.arpa udp
US 8.8.8.8:53 188.64.132.43.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 55.86.156.43.in-addr.arpa udp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 8.8.8.8:53 down.gameloop.com udp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 8.8.8.8:53 210.106.226.129.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
FR 185.235.86.205:443 gem.gbc.criteo.com tcp
FR 185.235.86.110:443 ag.gbc.criteo.com tcp
FR 185.235.86.205:443 gem.gbc.criteo.com tcp
FR 185.235.86.110:443 ag.gbc.criteo.com tcp
NL 216.58.214.14:443 play.google.com udp
US 8.8.8.8:53 master.etl.desktop.qq.com udp
US 8.8.8.8:53 oth.eve.mdt.qq.com udp
CN 157.255.4.39:443 master.etl.desktop.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
DE 3.78.168.176:443 tlx.3lift.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 68.47.33.101.in-addr.arpa udp
US 8.8.8.8:53 unifiedaccess.gameloop.com udp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
DE 49.51.129.71:443 unifiedaccess.gameloop.com tcp
US 8.8.8.8:53 down.gameloop.com udp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
GB 43.132.64.188:443 down.gameloop.com tcp
FR 185.235.86.202:443 gem.gbc.criteo.com tcp
FR 185.235.86.96:443 ag.gbc.criteo.com tcp
FR 185.235.86.202:443 gem.gbc.criteo.com tcp
FR 185.235.86.96:443 ag.gbc.criteo.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 grid.bidswitch.net udp
US 8.8.8.8:53 ib.adnxs.com udp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 8.8.8.8:53 64.162.199.18.in-addr.arpa udp
CN 157.255.4.39:443 master.etl.desktop.qq.com tcp
NL 142.250.179.142:443 www.youtube.com udp
US 8.8.8.8:53 142.179.250.142.in-addr.arpa udp
FR 185.235.86.218:443 gem.gbc.criteo.com tcp
FR 185.235.86.91:443 ag.gbc.criteo.com tcp
FR 185.235.86.218:443 gem.gbc.criteo.com tcp
FR 185.235.86.91:443 ag.gbc.criteo.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
CN 113.105.95.120:443 tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 185.235.86.220:443 gem.gbc.criteo.com tcp
FR 185.235.86.105:443 ag.gbc.criteo.com tcp
FR 185.235.86.220:443 gem.gbc.criteo.com tcp
FR 185.235.86.105:443 ag.gbc.criteo.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
CN 125.39.120.82:443 tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
SG 101.33.47.68:8081 oth.eve.mdt.qq.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
US 35.244.159.8:443 playwire-d.openx.net udp
NL 216.58.208.98:443 pubads.g.doubleclick.net udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
US 35.227.252.103:443 rtb.openx.net udp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 178.250.1.8:443 grid.bidswitch.net tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
SG 43.156.86.55:443 rumt-sg.com tcp
HK 129.226.106.210:443 svibeacon.onezapp.com tcp
SG 43.156.86.55:443 rumt-sg.com tcp
NL 142.250.179.162:443 securepubads.g.doubleclick.net udp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 cd836371f1d.cdn.intergient.com udp
DE 3.73.242.72:443 cd836371f1d.cdn.intergient.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 50.19.75.102:443 dt.adsafeprotected.com tcp
NL 172.217.23.194:443 ade.googlesyndication.com udp
US 8.8.8.8:53 102.75.19.50.in-addr.arpa udp
IT 142.251.209.3:443 csi.gstatic.com udp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 142.250.102.154:443 bid.g.doubleclick.net udp
US 8.8.8.8:53 154.102.250.142.in-addr.arpa udp
NL 172.217.23.202:443 jnn-pa.googleapis.com udp
FR 185.235.86.208:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
IE 54.76.104.189:443 pixel.adsafeprotected.com tcp
FR 185.235.86.103:443 ag.gbc.criteo.com tcp
FR 185.235.86.208:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 st.pubmatic.com udp
FR 185.235.86.103:443 ag.gbc.criteo.com tcp
NL 172.217.168.238:443 gcdn.2mdn.net udp
GB 185.64.190.89:443 st.pubmatic.com tcp
US 8.8.8.8:53 r5---sn-aigzrn7z.c.2mdn.net udp
GB 173.194.135.106:443 r5---sn-aigzrn7z.c.2mdn.net tcp
US 8.8.8.8:53 189.104.76.54.in-addr.arpa udp
US 8.8.8.8:53 89.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 106.135.194.173.in-addr.arpa udp
US 8.8.8.8:53 image8.pubmatic.com udp
NL 142.251.36.2:443 googleads4.g.doubleclick.net udp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 btlr.sharethrough.com udp
DE 3.121.186.27:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 27.186.121.3.in-addr.arpa udp
US 8.8.8.8:53 api.bam-x.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 18.213.58.73:443 api.bam-x.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
NL 172.217.168.195:443 www.google.co.uk udp
US 52.21.33.16:443 andauth.co tcp
US 8.8.8.8:53 www.ldplayer.net udp
GB 163.181.57.232:443 www.ldplayer.net tcp
US 8.8.8.8:53 cdn.ldplayer.net udp
US 8.8.8.8:53 cmp.setupcmp.com udp
US 172.67.70.36:443 cmp.setupcmp.com tcp
US 172.67.70.36:443 cmp.setupcmp.com tcp
GB 79.133.176.186:443 cdn.ldplayer.net tcp
NL 142.250.179.174:443 www.youtube.com udp
US 172.67.70.36:443 cmp.setupcmp.com tcp
US 8.8.8.8:53 232.57.181.163.in-addr.arpa udp
US 8.8.8.8:53 36.70.67.172.in-addr.arpa udp
US 8.8.8.8:53 186.176.133.79.in-addr.arpa udp
US 8.8.8.8:53 res.ldplayer.net udp
GB 79.133.176.235:443 res.ldplayer.net tcp
US 8.8.8.8:53 apis.google.com udp
NL 142.251.36.14:443 apis.google.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 983cbc1f706a155d63496ebc4d66515e
SHA1 223d0071718b80cad9239e58c5e8e64df6e2a2fe
SHA256 cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c
SHA512 d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd

\??\pipe\LOCAL\crashpad_2904_DKSINSHNORRAXQTZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 111c361619c017b5d09a13a56938bd54
SHA1 e02b363a8ceb95751623f25025a9299a2c931e07
SHA256 d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc
SHA512 fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e197c0142c248879de79cd05aead5d20
SHA1 0b47d2f068bb89d4d16233a3222c0ef81e2cb5e1
SHA256 3dbdaefbedf199cd4f6d63b361ef2675c70aa7bc38e29ee8ca20e764ec3c281b
SHA512 6f5fa1e0c0994d5c156e5e31cc1d6eeb46fdf94a51fcbc051fc6bf2dda6208a7ec5614c4085f7541e6f4950ca40257c2ceaa4cf77610591ed0ca59582802269a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 975ec79649229a3626e2497614a69a89
SHA1 5811be27573e954718f6c3521b16489e9c3dca41
SHA256 966a0eb170e231d113ed4918685726bca9dbcc8b1268f615ac93b63ab55bdb44
SHA512 ae5c13f154f13bd62cf8d9b60e64c7e509bc98ece3938059c3f4f4603106d3d5df394dc967a331fa16c6c481b4e5755bcda39c4216f67a3b5d5900f22cae2582

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c617819aee71f36431c1053069856f4a
SHA1 08d3f732d703c263991da2af4105ea4568e44b43
SHA256 ec5fd9e8a29240c2c6b52eb755b0a63dda8e2e92bf63a76e77c5eaab8a508c84
SHA512 ff59a83598179daae7fa81d6778edcd6ce2f9274dd14538ec6f4867fcb23cb83a22e52cd2b0a547b4feb47bb8c07ce3980e775fb20f57e68f80a9a91ca4c83ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 6b04ab52540bdc8a646d6e42255a6c4b
SHA1 4cdfc59b5b62dafa3b20d23a165716b5218aa646
SHA256 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d
SHA512 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\915f109fef38c60a_0

MD5 34624fab49c822b57bde2db53826e648
SHA1 9139d09e78301d67a6eb502ba3c207d52c2ca4fc
SHA256 053908db0ac5b059bc78e289fe66d957776f501b1120617495f401fb3097eb49
SHA512 7f63e5a5c9b52233142563c6dc20e9e9cca8842dae8d46c0aae24e53a19a187190105013c4addd3f96a364906c5a01cfbbf055b8b25fcf1a987aaebc9ab8ee34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64c95565aba84937_0

MD5 dd68333f580b22f2981f4af7265f55b6
SHA1 593994a8f3070e5e99da5375e2bc50222e66babb
SHA256 af00157ac999109c2d2cd1e39e876a1a3f08ec0653188769b38bdcb3352994dd
SHA512 94359ad3b0aa2db7fcc9efa4687a4d9204a672ba990b7b61e5f014581e41f11d240e82b439d342e8eb2dd3a9357f2b9f21bcb069021165314fae38a4341a13a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a8a71e627a2c2f98_0

MD5 f60e5c15b4ecef32e8e87868d472191e
SHA1 bdd421553b3ed57325ee789963895dda0c31b53f
SHA256 b8a5aff9cfcc3b5ce93cffd2698a758abcc614db2cbe8a340f734036ce129499
SHA512 cc81d9d93b8b006b3e57355b7846a456923a8c504303b0282243adefa0455f5c1a4317997842e931e51fa2ba5266dd3cab9594ebf825f60418cb727d311067b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7d0362d230fc63c9_0

MD5 fe29667cc908e0ff6f4f4209e869822d
SHA1 a1242b1c6831fb5e09d8b45c6cbbe6218498d188
SHA256 f900621bf5798e4b0ae2f3d9aeddc686c3c62a4b925c22f5d7f21c133bce9b9a
SHA512 776c192089f65b09da092bf1d29a93c03adb0c3cc41b4a8310216eb7ba27bfa9f0c0cd7af776d72818d7b4dd0e0a2c18db35159c11a1e70fce577ea0cbaf461b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c34643eece78f2a5_0

MD5 0204536abac432142797cc8de1684f11
SHA1 b48f627faaab70052b80e54ec8685efd7d267ab9
SHA256 2c1cdd8360f9e3b4196a81a4a49f1e464fc7d5cb187c74e64092f3eb42462e88
SHA512 cc93cb0f88cf378222e76d6bcf48ee6124b8711ba8dd4a6cbb130832e4764b3ad0c8cd4593828da12cd68351195aeeac9cecc6700df900f3704a49532595beeb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0314e0800edb0a6a_0

MD5 3fecd3fb366097f029c88899a1c9c9f6
SHA1 0242cd7b12111091efccea4b003b62675b6e3a30
SHA256 580dba341324ccf713febe86ac11478bdad99bb5846f6b16704708a21073ce40
SHA512 afa525722431ae402547154e2dcdbe7e9efd8759653c30887a107eb4b139384b0e4e0a9e6b2ec5f109b180c08c89bdfc8944df1990b401a3ef507000f0c15350

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fab7add1493dde34_0

MD5 f5db8f8d9d8c3adfaf02f14ef3458919
SHA1 093673d6faba089e292f7969294e548c92e3b3fb
SHA256 779ef8462ebac5a1b7e8d5f05bc921eb0fa6c3d7487ca6f2e70b1b0f718b8a33
SHA512 e8ffb29fb53fef41288f98b528b34be33fec4173f462a96cd000ac10c23a00973ccdfcd3da024918f368a0f2a4af4e71128b4dbfda5adc2c926115b2f511c16e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 c03ff64e7985603de96e7f84ec7dd438
SHA1 dfc067c6cb07b81281561fdfe995aca09c18d0e9
SHA256 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526
SHA512 bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0d456e9262ae4101e18ec2c1d4f646cd
SHA1 73809115643232b49fab78ddb02e5e079f575927
SHA256 de9e06287bf89d23b4218e23982d2fc88bec2f374261f637ec9fce794c8bfdff
SHA512 9f79e409bf36dab7ae8c61ce50e12fecd5812cd912f2ee92c81e4dd4fe40dbe7fd6cbd10c26f1c7d3fb7285e6cdd1433daa9035a6f4d4069454d8bd98ec3c030

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ba95.TMP

MD5 f803cd8633e72d14d7424cc9876aecd2
SHA1 2de233d2310de69f7207825cd863f6d3a3eb286d
SHA256 c273287e84f9941a047141027cddbeac3cf40ee0603dbd1543810762a936006e
SHA512 57c23cf72c1672c23c448ccc3bfa5f3f967c09313777ead90f1161762501ca567914cfede8855cfd26615b9c05f7fa463f349310b4613787801c218af0f89062

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 33d28de253ba5d23558aabb1c7fbafa3
SHA1 f922a5d6ad619f4ba08465cbeafc9b8318437b48
SHA256 b4bbbd51b9308dd5f9c379fb67942ef603822e55cf6d1e62b05ddf4abd623ad2
SHA512 40d3b858b47c9c84be52d3cc99ea1d062f84e52d0597f16b0bcf6bc896f7d71fff224ac3323cdb706c4fd2f47dcf48458ca51271e7bbaa1d314a4b045b9e5acb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bde86be4e83007a5ec2af8412173b232
SHA1 122587a4f660098d8737e639c2b2fed5e3ccf595
SHA256 27cdc35151f5098d7ed65f6b2b9c1e3214229b3ed906974fab30148d1b7bec90
SHA512 364df8a2275895b939eb9dc31b9624d7b530c0df0b8760c21f8c6687b1e79a4c9681951e2176ede702f7eb64e893236e297b7a4a38b982e2eddf1cbd2cba9a78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.gameloop.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\Downloads\Unconfirmed 151018.crdownload

MD5 503a84464431d9fb77fff5c76b9181dc
SHA1 622114e85462b0814c787d30efe11983e3497d33
SHA256 d34ef58261364124c05b91d7874e26e251f64b6ea8c2390a378edbaa4bc9c689
SHA512 947c7974886de6a43df2ebd1543ec6844739e6bb28cf0229a117dcb3f3c115c85293c2e780d1072b65660a49a31650611dc2187bf1d0ea5478a660995644a1fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5c7c2d6590b531fd66cea5594aca58bf
SHA1 7e2ddbbb124c5ea5d7607ccfb13d872e42ed37fb
SHA256 36809fc384a5d15315c1f5bdc1e00554ad9aca9acac3a3fb29df47374d8fa34d
SHA512 0ed74a4846b2382173f44a4c4d803e6b2d95d5c3ffae76ff32348bb5bd68b8f952e1aad390805585662629f4dc89ac375d52fa7e956def5503452811dd988b22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5aae0aea0b7ee3c96d7477889993049b
SHA1 114ded1d9725bedf53c1676c4ff4d86c394b4167
SHA256 3444038f0b3f1dd116518f63a4fc4c591d3faa9fada0d144ebedf3097a01fccd
SHA512 a2180511da25daa3a5462d2c671a007cb5d65e50eba203537b5b2f6773fd2ce71d2deadeffaa28be8ee1e67d952e0742354618b1a91689450c2316c06007fd98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a0659da5cd10688c25944407e0c745ac
SHA1 c5d117f5ada78925c9c9ce9d2bd48617980d6dd4
SHA256 d6272cf7534d6947611d6a4305ce3a8253a88135cbe1d93c86968a54f111c2fe
SHA512 4262927985b329e810b7b8b48d367619c46a0e62ec8f427b22d02fe4d8ec55537f78f66b332286398ae65eadf428828c37b05609a2f8a74289dcaf142eedf310

C:\Users\Admin\AppData\Local\Tencent\TxGameAssistant\TGBDownloader\dr.dll

MD5 2814acbd607ba47bdbcdf6ac3076ee95
SHA1 50ab892071bed2bb2365ca1d4bf5594e71c6b13b
SHA256 5904a7e4d97eeac939662c3638a0e145f64ff3dd0198f895c4bf0337595c6a67
SHA512 34c73014ffc8d38d6dd29f4f84c8f4f9ea971bc131f665f65b277f453504d5efc2d483a792cdea610c5e0544bf3997b132dcdbe37224912c5234c15cdb89d498

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d1b1eb8be9086ac7a6a00b6bd286bdf9
SHA1 51bc9fff5ea8226136aca31d5b22629f24c46e87
SHA256 08685a6e8281638580727763d55a1d411c2e691d7a101dfbac51bd168050ec52
SHA512 cee71fe7ad42dfd10e5e5f80d6b87e2f1cb0935eca7e88f937c96d8e8ffc2106012ac465fa31aaa631d3312e4e753e31643ccbaefc2361928953c2a9dcec5b20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 ef59397fafaa5c01b21baf75054bbfdc
SHA1 57e2c2d336b83f1c8cd19f9e6ff05345cae97c3c
SHA256 51021bcc0fdfe569dd8e55cb725fa21075323df3258e5ddee8dd1a4f23652fe2
SHA512 f969b0b0f915f5ccc133b778f923f219fe51477bfb8377f717d27840d0c97fc42a61de5bda4b9b79ec6e4ed137652d3510e08066e0a08166855c81934b940147

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b4b1f3e9dbf1504e0b2c15bb2e582afb
SHA1 96f02b94298acb89aa4c2fc6f7ab2cf1aba5525b
SHA256 5ae095fed275af72ffc0908de0fed0074c7ece1b056d465e8e2f43408e450df0
SHA512 177104c0179eef23276f0d50cbf55b17b15ad709f8fc5447ad0efb0fbfc621e7f4af1428ec42ffc9aa0f6480378b5c42f9268cba39d7edf371cd24b8cfba791a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 42483a7ee42e74ffb34ab54675456bdc
SHA1 346eca1312eb1b57b1fcf552ebe3c28bff807090
SHA256 8042bc389639c293548a1ac456fbf49b88198f4c31b98141d810eff6e240199d
SHA512 b52ba73a287142d8658749f947ef49a0e45951462ed34f8b110dfba2d548acf94b7d853e12a31d14a74231ca144519a4460be7fa0e7b22fd4fd3231ab8ead3c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3218c0c46b419bd574968f662e0d2757
SHA1 231632b8693f228487626b5a38b6148a2f65be6c
SHA256 430d27eea0599936cb6b0a465536b03988bad3b018b46b20e1e1ff30ab7d1098
SHA512 cdacc7add3f472ef7597b39968b95b67998470256012a045dd5c77e83f1adc8bb875f4b62316a10e5ce33bfb02ec6f7c4cd529c5084847d0531e0b2019d5269d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064

MD5 5565e3f393a5b87de51e740a710fc658
SHA1 6ddc33a68a2da9530e973a09d569facddbe40d6a
SHA256 7471345a127c350d41f20a6647d4cdca8c17edc43a7cf27cd78265b339397962
SHA512 5dbffe77a8737de5141c1fe0af654958d79d82e86121b14fc6532bb6ee4a12ab7296fc4dc31ceb4557e2c35a0a7f6c5dbdba36ded390924da722ceb4db5c6d7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32b1e7fe46d293f7d0786627caaac2ff
SHA1 ce7830e5c2d8a537d5814093d33e912787160824
SHA256 ee65fae3a54aab437b5a5eb46a7618c9cfc880aadc8d72e976e49165cfdcc99f
SHA512 abb0d81dd7e7e364caee73baff34b582a47e15d98bad37d2b9b1e3bd1e7a55c322a020b2448a3956b3c23d65bb9278eaa5cf46b32f2706aa215f6c6eac668ef2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ea5cdb4ed022f9cb128bc5cf2d1c7e98
SHA1 c8ed152b9aef170e6f407975380d9d4ee5ebe5a6
SHA256 f4545e701e13a4628a74ad87b3fea5b6075bf5b384412e535668e2bc530bb256
SHA512 602e90edc790d4f1e947674d340e63c985bcec47c97d49e7029324f198b59b936aabe1c9e2ba80a7b4c29842e56e05f347ca91082602b455a422372f6f044895

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 6931123c52bee278b00ee54ae99f0ead
SHA1 6907e9544cd8b24f602d0a623cfe32fe9426f81f
SHA256 c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935
SHA512 40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e0af24d93d9d7e2023bfe336a0dc626
SHA1 bca205f7acae939f1a942f8d79473bc8db866f27
SHA256 53b95365dc1b8ec248d02e06492ef6c52e8e9d01bfbd764e7dd076690e3f87b6
SHA512 73c785919fee0a378bfe83337ff4665ae9202afa43199f0f4e05b36c0b1d675e841b1410b85ab2183932a5f1cd657dc508b123b3de73174c1476a261996a73ac