Analysis Overview
SHA256
5e7ffff71a1940df82817be6d7f8024e68ab8cc1ffaf138aa0c6adfee0e556fe
Threat Level: Known bad
The file 150k+DE+@Silverbullet_combo+(3).txt was found to be: Known bad.
Malicious Activity Summary
UAC bypass
Modifies WinLogon for persistence
Possible privilege escalation attempt
Downloads MZ/PE file
Disables RegEdit via registry modification
Disables Task Manager via registry modification
Boot or Logon Autostart Execution: Active Setup
Event Triggered Execution: Component Object Model Hijacking
Loads dropped DLL
Executes dropped EXE
Modifies file permissions
Writes to the Master Boot Record (MBR)
Adds Run key to start application
Checks whether UAC is enabled
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Drops file in System32 directory
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Program Files directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Suspicious use of AdjustPrivilegeToken
System policy modification
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Uses Task Scheduler COM API
Modifies Control Panel
Enumerates system info in registry
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
NTFS ADS
Checks processor information in registry
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-07 16:14
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-07 16:14
Reported
2024-08-07 16:42
Platform
win11-20240802-en
Max time kernel
1441s
Max time network
1585s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "satan" | C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "satan" | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "0" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Disables RegEdit via registry modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Disables Task Manager via registry modification
Downloads MZ/PE file
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\winrar-x64-701nl.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO4B63C7A9\Clutt6.6.6.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| N/A | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\tv_enua = "RunDll32 advpack.dll,LaunchINFSection C:\\Windows\\INF\\tv_enua.inf, RemoveCabinet" | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Delete value | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\SET9399.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\SysWOW64\SET9399.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\msvcp50.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page1.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb016.gif | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page2.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll.tmp2 | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\License.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\ManualDirPatcher.bat | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page7.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\favicon.ico | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\book | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz-cyrl.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File created | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.dll | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page15.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\Temp\plg.wav | C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\Temp\crossHD_small.ico | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| File created | C:\Program Files (x86)\BonziBuddy432\Uninstall.ini | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page4.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\menu.bat | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page11.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page10.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz-cyrl.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ba.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb015.gif | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ps.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\t3.nbd-SR | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\BG\Bg3.bmp | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Options\chose.bat | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page18.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File created | C:\Program Files (x86)\BonziBuddy432\Reg.nbd.temp | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\co.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page9.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page7.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\Temp\stretch.wav | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\de.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\SSubTmr6.dll | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page11.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page10.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page19.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zCon.sfx | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page6.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page1.jpg | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\es.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| File opened for modification | C:\Program Files\Temp\static_color.wav | C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\lhsp\help\SET9396.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET89A6.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89B8.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\SET9398.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentDPv.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentSvr.exe | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89A6.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentSR.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tv_enua.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET89A5.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\mslwvtts.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\help\SET89BB.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET89A4.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\SET89B9.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET89BA.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\help\Agt0409.hlp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\lhsp\tv\SET9395.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\chars\Bonzi.acs | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET89A2.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89A2.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentAnm.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\intl\SET89BC.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89CC.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgtCtl15.tlb | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentDp2.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\INF\agtinst.inf | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET8991.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentMPx.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\intl\SET89BC.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentCtl.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SET9395.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\msagent\SET89A7.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tvenuax.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\msagent\SET89A4.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\help\SET89BB.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\INF\SET9398.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\chars\Peedy.acs | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET89A3.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\intl\Agt0409.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SET9384.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\lhsp\tv\SET9384.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\msagent\SET89B8.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\INF\SET89B9.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\lhsp\help\tv_enua.hlp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\fonts\SET9397.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\msagent\SET8991.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89A5.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET89A7.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\AgentPsh.dll | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89BA.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\msagent\SET89A3.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File opened for modification | C:\Windows\msagent\SET89CC.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| File created | C:\Windows\lhsp\help\SET9396.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File created | C:\Windows\fonts\SET9397.tmp | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\fonts\andmoipa.ttf | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| File opened for modification | C:\Windows\INF\tv_enua.inf | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\winrar-x64-701nl.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\7z2407-x64.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\BonziBuddy432.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\grpconv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\grpconv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Control Panel\Mouse | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Control Panel\Mouse\SwapMouseButtons = "1" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Software\Microsoft\Internet Explorer\TypedURLs | C:\Users\Admin\Downloads\Andromeda-Software-LTD.V4.5\Andromeda.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{916694A9-8AD6-11D2-B6FD-0060976C699F} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FD3-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FD6-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\ = "{065E6FD1-1BF9-11D2-BAE8-00104B9E0792}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD7-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2407-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\InetCtls.Inet\CLSID | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FDE-1BF9-11D2-BAE8-00104B9E0792}\ = "DSSOptionEvents" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4900F69-055F-11D4-8F9B-00104BA312D6}\ = "_clsStoryReader" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{972DE6B5-8B09-11D2-B652-A1FD6CC34260}\1.0\0\win32\ = "C:\\Program Files (x86)\\BonziBuddy432\\ActiveSkin.ocx" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BDD1F04A-858B-11D1-B16A-00C0F0283628}\ProxyStubClsid32 | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{00E212A2-E66D-11CD-836C-0000C0C14E92}\TypeLib\ = "{E8671A8B-E5DD-11CD-836C-0000C0C14E92}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B0913412-3B44-11D1-ACBA-00C04FD97575}\ = "IAgentCommandEx" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\BonziBUDDY.CCalendarVBPeriods | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\ToolboxBitmap32\ = "C:\\Program Files (x86)\\BonziBuddy432\\MSCOMCTL.OCX, 1916" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2C247F21-8591-11D1-B16A-00C0F0283628}\TypeLib\ = "{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{916694A8-8AD6-11D2-B6FD-0060976C699F} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BE8-7DE6-11D0-91FE-00C04FD701A5} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{159C2806-4A71-45B4-8D4E-74C181CD6842}\TypeLib\Version = "1.1" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.ComTransitions.1\ = "ComTransitions Class" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{66833FE5-8583-11D1-B16A-00C0F0283628} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BA90C01-3910-11D1-ACB3-00C04FD97575}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F581B2D6-E4C3-40BF-8A1E-F68CDFD8FEEC}\ = "clsRegistration" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\VersionIndependentProgID\ = "MSComctlLib.TabStrip" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD3-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\ = "{065E6FD1-1BF9-11D2-BAE8-00104B9E0792}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD9-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\Version = "3.0" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BD9-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EE11629C-36DF-11D3-9DD0-89D6DBBBA800}\verb\2 | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BD33B25E-E99D-40C3-B5C5-7F5C3F130777}\TypeLib\Version = "1.0" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BDD1F04E-858B-11D1-B16A-00C0F0283628}\ProxyStubClsid32 | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BD4-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B8F2846E-CE36-11D0-AC83-00C04FD97575}\Control | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{29D9184E-BF09-4F13-B356-22841635C733}\1.0\FLAGS | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{66833FE7-8583-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FE2-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32 | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BE8-7DE6-11D0-91FE-00C04FD701A5}\ = "IAgentCtlCharacters" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{159C2806-4A71-45B4-8D4E-74C181CD6842}\TypeLib\Version = "1.1" | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F4900F66-055F-11D4-8F9B-00104BA312D6}\ProxyStubClsid32 | C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3C01387A-6AC2-4EF1-BDA2-EC5D26E3B065}\ = "IComTransitions" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BDD1F04A-858B-11D1-B16A-00C0F0283628}\TypeLib | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{48E59291-9880-11CF-9754-00AA00C00908}\ProxyStubClsid32 | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\SSCalendar.SSYearCtrl.1\CLSID | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F55ED2E0-6E13-11CE-918C-0000C0554C0A}\TypeLib | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C91-7B81-11D0-AC5F-00C04FD97575}\ = "IAgent" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{29D9184E-BF09-4F13-B356-22841635C733}\1.0\FLAGS\ = "2" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.ProgCtrl\ = "Microsoft ProgressBar Control, version 6.0" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BDD1F051-858B-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C8A3DC00-8593-11D1-B16A-00C0F0283628} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32\ = "C:\\Program Files (x86)\\BonziBuddy432\\MSINET.OCX" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{0A45DB48-BD0D-11D2-8D14-00104B9E072A}\2.0\FLAGS\ = "2" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MSComctlLib.TreeCtrl\CLSID | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.0\FLAGS\ = "2" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FD8-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FDC-1BF9-11D2-BAE8-00104B9E0792} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FE4-1BF9-11D2-BAE8-00104B9E0792} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0A45DB4F-BD0D-11D2-8D14-00104B9E072A}\MiscStatus\1\ = "229777" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE9-1BF9-11D2-BAE8-00104B9E0792} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D41-2CDD-11D3-9DD0-D3CD4078982A}\MiscStatus\ = "0" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CFC9BA3-FE87-11D2-9DCF-ED29FAFE371D} | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4F7AE600-0142-11D3-9DCF-89BE4EFB591E}\TypeLib\ = "{972DE6B5-8B09-11D2-B652-A1FD6CC34260}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2F5A7562-BDC3-41F8-8122-4A54D2C3C50C}\ProxyStubClsid32 | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1533A365-F76F-4518-8A56-4CD34547F8AB}\TypeLib\ = "{29D9184E-BF09-4F13-B356-22841635C733}" | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Threed.SSFrame\CLSID | C:\Users\Admin\Downloads\BonziBuddy432.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Petya2-master.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Andromeda-Software-LTD.V4.5.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 694085.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\sigma_all_rules.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 446478.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\winrar-x64-701nl.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\7z2407-x64.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\CLUTT6.6.6---BY-CYBER-SOLDIER-main.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 462264.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\7zO4B6986B6\README.md:Zone.Identifier | C:\Program Files\7-Zip\7zFM.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 667670.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\BonziBuddy432.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\Winword.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop = "1" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\HideFastUserSwitching = "1" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer | C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\150k+DE+@Silverbullet_combo+(3).txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff81c343cb8,0x7ff81c343cc8,0x7ff81c343cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2528 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3300 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5160 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004E8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6012 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8112 /prefetch:2
C:\Windows\System32\SpatialAudioLicenseSrv.exe
C:\Windows\System32\SpatialAudioLicenseSrv.exe SpatialAudioLicenseServerInteractiveUser -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15974242879625761599,1306729703523606706,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff81c343cb8,0x7ff81c343cc8,0x7ff81c343cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2572 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6256 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6736 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\Admin\Downloads\Petya2-master\Petya.sln"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\Admin\Downloads\Petya2-master\Petya.sln
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2008 -parentBuildID 20240401114208 -prefsHandle 1924 -prefMapHandle 1916 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {53e43693-98a8-47df-9186-4b3bb5963e11} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2396 -parentBuildID 20240401114208 -prefsHandle 2380 -prefMapHandle 2376 -prefsLen 24598 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {788e2c63-d474-4e70-a997-bfbcd7ead128} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3256 -childID 1 -isForBrowser -prefsHandle 2948 -prefMapHandle 3280 -prefsLen 24739 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ba24686-a2ef-4cbf-902b-c9f2a9636fbe} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3568 -childID 2 -isForBrowser -prefsHandle 3448 -prefMapHandle 3432 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fdd3b25a-e8b8-4db3-b5db-57b553b772ee} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4612 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4700 -prefMapHandle 4696 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6308cf71-b6eb-4c88-a29b-cf1939e317d8} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5348 -childID 3 -isForBrowser -prefsHandle 5380 -prefMapHandle 5388 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {83f645c5-04b5-4f08-8735-e362ac567eb1} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5548 -childID 4 -isForBrowser -prefsHandle 5624 -prefMapHandle 5620 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2d2ae47-f1ce-476d-8a84-4c424aee7f78} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5524 -childID 5 -isForBrowser -prefsHandle 5768 -prefMapHandle 5776 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 936 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e2c685c3-a31b-4291-9ca3-0980cec8b858} 3924 "\\.\pipe\gecko-crash-server-pipe.3924" tab
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5820 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004E8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5204 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7164 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Microsoft Office\root\Office16\Winword.exe
"C:\Program Files\Microsoft Office\root\Office16\Winword.exe" /n "C:\Users\Admin\AppData\Local\Temp\Temp1_CLUTT6.6.6---BY-CYBER-SOLDIER-main.zip\CLUTT6.6.6---BY-CYBER-SOLDIER-main\README.md"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Users\Admin\Downloads\Andromeda-Software-LTD.V4.5\Andromeda.exe
"C:\Users\Admin\Downloads\Andromeda-Software-LTD.V4.5\Andromeda.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6212 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5080 /prefetch:8
C:\Users\Admin\Downloads\winrar-x64-701nl.exe
"C:\Users\Admin\Downloads\winrar-x64-701nl.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8004 /prefetch:8
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\fa26860ab55f4b5fb8616b0bbcfaeeb9 /t 2076 /p 5680
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6368 /prefetch:8
C:\Users\Admin\Downloads\7z2407-x64.exe
"C:\Users\Admin\Downloads\7z2407-x64.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Users\Admin\Downloads\7z2407-x64.exe
"C:\Users\Admin\Downloads\7z2407-x64.exe"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Microsoft Office\root\Office16\Winword.exe
"C:\Program Files\Microsoft Office\root\Office16\Winword.exe" /n "C:\Users\Admin\AppData\Local\Temp\7zO4B6986B6\README.md"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Microsoft Office\root\Office16\Winword.exe
"C:\Program Files\Microsoft Office\root\Office16\Winword.exe" /n "C:\Users\Admin\AppData\Local\Temp\Temp1_CLUTT6.6.6---BY-CYBER-SOLDIER-main.zip\CLUTT6.6.6---BY-CYBER-SOLDIER-main\README.md"
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Microsoft Office\root\Office16\Winword.exe
"C:\Program Files\Microsoft Office\root\Office16\Winword.exe" /n "C:\Users\Admin\AppData\Local\Temp\Temp1_CLUTT6.6.6---BY-CYBER-SOLDIER-main.zip\CLUTT6.6.6---BY-CYBER-SOLDIER-main\README.md"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff81c343cb8,0x7ff81c343cc8,0x7ff81c343cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe
"C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /k takeown /f C:\Windows\System32 && icacls C:\Windows\System32 /grant "%username%:F" && takeown /f C:\Windows\System32\drivers && icacls C:\Windows\System32\drivers /grant "%username%:F" && takeown /f C:\Windows\System32\Boot && icacls C:\Windows\System32\Boot /grant "%username%:F" && exit
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32 /grant "Admin:F"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\drivers
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\drivers /grant "Admin:F"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\Boot
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\Boot /grant "Admin:F"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1696 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe
"C:\Users\Admin\AppData\Local\Temp\7zO4B69F9E9\Clutt6.6.6.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4448 /prefetch:1
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /k takeown /f C:\Windows\System32 && icacls C:\Windows\System32 /grant "%username%:F" && takeown /f C:\Windows\System32\drivers && icacls C:\Windows\System32\drivers /grant "%username%:F" && takeown /f C:\Windows\System32\Boot && icacls C:\Windows\System32\Boot /grant "%username%:F" && exit
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32 /grant "Admin:F"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\drivers
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\drivers /grant "Admin:F"
C:\Windows\system32\takeown.exe
takeown /f C:\Windows\System32\Boot
C:\Windows\system32\icacls.exe
icacls C:\Windows\System32\Boot /grant "Admin:F"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004E8
C:\Users\Admin\AppData\Local\Temp\7zO4B63C7A9\Clutt6.6.6.exe
"C:\Users\Admin\AppData\Local\Temp\7zO4B63C7A9\Clutt6.6.6.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff81c343cb8,0x7ff81c343cc8,0x7ff81c343cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7364 /prefetch:8
C:\Users\Admin\Downloads\BonziBuddy432.exe
"C:\Users\Admin\Downloads\BonziBuddy432.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat" "
C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE
MSAGENT.EXE
C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe
tv_enua.exe
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentSR.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"
C:\Windows\msagent\AgentSvr.exe
"C:\Windows\msagent\AgentSvr.exe" /regserver
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bonzibuddy.tk/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff81c343cb8,0x7ff81c343cc8,0x7ff81c343cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,15366232987460739620,16779688805173166329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE
"C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE"
C:\Windows\msagent\AgentSvr.exe
C:\Windows\msagent\AgentSvr.exe -Embedding
C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE
"C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff81c343cb8,0x7ff81c343cc8,0x7ff81c343cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2476 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5164 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:8
C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe
"C:\Users\Admin\Downloads\WinXP.Horror.Destructive (Created By WobbyChip).exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,5611003796892128665,5008142635372980904,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1020 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| GB | 23.73.138.131:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 23.73.138.57:443 | www.bing.com | tcp |
| GB | 23.73.138.57:443 | www.bing.com | tcp |
| GB | 23.73.138.75:443 | th.bing.com | tcp |
| GB | 23.73.138.75:443 | th.bing.com | tcp |
| NL | 20.190.160.20:443 | login.microsoftonline.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| NL | 142.251.39.110:443 | www.youtube.com | tcp |
| NL | 142.251.39.110:443 | www.youtube.com | tcp |
| NL | 142.251.39.110:443 | www.youtube.com | udp |
| NL | 142.251.36.54:443 | i.ytimg.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| NL | 142.250.179.138:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.250.179.138:443 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.142:443 | www.youtube.com | tcp |
| NL | 142.251.36.54:443 | i.ytimg.com | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| US | 173.194.57.198:443 | rr1---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.198:443 | rr1---sn-q4fl6n6d.googlevideo.com | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 173.194.57.198:443 | rr1---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.198:443 | rr1---sn-q4fl6n6d.googlevideo.com | tcp |
| NL | 216.58.208.110:443 | www.youtube.com | tcp |
| US | 173.194.57.198:443 | rr1---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.198:443 | rr1---sn-q4fl6n6d.googlevideo.com | tcp |
| NL | 216.58.208.110:443 | www.youtube.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.142:443 | www.youtube.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| GB | 74.125.175.7:443 | rr2---sn-aigzrnss.googlevideo.com | tcp |
| GB | 74.125.175.7:443 | rr2---sn-aigzrnss.googlevideo.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| GB | 173.194.129.200:443 | rr3---sn-aigzrn7s.googlevideo.com | udp |
| NL | 142.251.39.97:443 | lh4.googleusercontent.com | tcp |
| US | 150.171.28.10:443 | tse2.mm.bing.net | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| NL | 142.251.39.110:443 | www.youtube.com | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.138:443 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 104.21.58.127:443 | esacoustics.com | tcp |
| US | 104.21.58.127:443 | esacoustics.com | tcp |
| GB | 2.18.190.145:443 | aefd.nelreports.net | tcp |
| GB | 79.127.237.132:443 | www.onlinemictest.com | tcp |
| GB | 79.127.237.132:443 | www.onlinemictest.com | tcp |
| GB | 18.164.68.7:443 | ads.adthrive.com | tcp |
| GB | 18.164.68.7:443 | ads.adthrive.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| DE | 87.230.98.78:443 | b.delivery.consentmanager.net | tcp |
| GB | 89.187.167.38:443 | cdn.consentmanager.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.137.44.32:443 | c.aps.amazon-adsystem.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 18.165.242.95:443 | cdn.jwplayer.com | tcp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 54.192.137.125:443 | launchpad-wrapper.privacymanager.io | tcp |
| US | 104.18.20.97:443 | cdn.confiant-integrations.net | tcp |
| GB | 18.165.242.8:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.242.165.18.in-addr.arpa | udp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 18.172.154.232:443 | aax.amazon-adsystem.com | tcp |
| GB | 108.156.46.25:443 | launchpad.privacymanager.io | tcp |
| GB | 18.244.179.114:443 | geo.privacymanager.io | tcp |
| US | 8.8.8.8:53 | logger.adthrive.com | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 142.250.179.193:443 | 2b61e5bae1fea2149d499daecd70740a.safeframe.googlesyndication.com | tcp |
| IE | 54.194.254.146:443 | id.crwdcntrl.net | tcp |
| GB | 18.244.114.16:443 | logger.adthrive.com | tcp |
| GB | 18.244.114.16:443 | logger.adthrive.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | exchange.postrelease.com | udp |
| US | 8.8.8.8:53 | g2.gumgum.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hb.undertone.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| DE | 95.101.149.35:443 | a.teads.tv | tcp |
| DE | 95.101.149.35:443 | a.teads.tv | tcp |
| DE | 95.101.149.35:443 | a.teads.tv | tcp |
| DE | 95.101.149.35:443 | a.teads.tv | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 18.192.52.52:443 | krk2.kargo.com | tcp |
| DE | 18.192.52.52:443 | krk2.kargo.com | tcp |
| DE | 18.192.52.52:443 | krk2.kargo.com | tcp |
| DE | 18.192.52.52:443 | krk2.kargo.com | tcp |
| US | 52.223.6.21:443 | direct.adsrvr.org | tcp |
| US | 52.223.6.21:443 | direct.adsrvr.org | tcp |
| US | 52.223.6.21:443 | direct.adsrvr.org | tcp |
| US | 52.223.6.21:443 | direct.adsrvr.org | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| IE | 18.200.164.220:443 | g2.gumgum.com | tcp |
| IE | 18.200.164.220:443 | g2.gumgum.com | tcp |
| IE | 18.200.164.220:443 | g2.gumgum.com | tcp |
| FR | 18.164.52.87:443 | hb.undertone.com | tcp |
| IE | 63.32.144.199:443 | exchange.postrelease.com | tcp |
| IE | 63.32.144.199:443 | exchange.postrelease.com | tcp |
| IE | 63.32.144.199:443 | exchange.postrelease.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 2.18.190.80:80 | apps.identrust.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.172.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.149.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.6.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.52.192.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.144.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.164.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.160.158.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.18.2.in-addr.arpa | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| NL | 142.250.179.129:443 | cdn.ampproject.org | tcp |
| IE | 52.30.156.59:443 | ads.yieldmo.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.251.39.102:443 | s0.2mdn.net | tcp |
| IE | 54.171.193.127:443 | protected-by.clarium.io | tcp |
| IE | 54.171.193.127:443 | protected-by.clarium.io | tcp |
| DK | 37.157.6.233:443 | c1.adform.net | tcp |
| NL | 142.251.39.102:443 | s0.2mdn.net | udp |
| NL | 142.251.36.34:443 | googleads4.g.doubleclick.net | tcp |
| NL | 142.251.36.34:443 | googleads4.g.doubleclick.net | tcp |
| IE | 52.208.214.77:443 | fw.adsafeprotected.com | tcp |
| NL | 142.251.36.34:443 | googleads4.g.doubleclick.net | udp |
| GB | 99.86.105.122:443 | d17ebhrlbr4s4.cloudfront.net | tcp |
| GB | 52.84.90.96:443 | static.adsafeprotected.com | tcp |
| GB | 52.84.90.96:443 | static.adsafeprotected.com | tcp |
| US | 3.226.214.192:443 | dt.adsafeprotected.com | tcp |
| US | 3.226.214.192:443 | dt.adsafeprotected.com | tcp |
| US | 3.226.214.192:443 | dt.adsafeprotected.com | tcp |
| US | 3.226.214.192:443 | dt.adsafeprotected.com | tcp |
| US | 3.226.214.192:443 | dt.adsafeprotected.com | tcp |
| GB | 104.86.110.112:443 | tcp | |
| GB | 104.86.110.112:443 | tcp | |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| GB | 23.73.138.122:443 | r.bing.com | tcp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | tcp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| IE | 52.95.126.160:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| GB | 23.73.138.123:443 | r.bing.com | tcp |
| DE | 23.197.4.230:443 | cxcs.microsoft.net | tcp |
| GB | 2.18.190.145:443 | aefd.nelreports.net | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads4.g.doubleclick.net | udp |
| IE | 52.51.140.64:443 | fw.adsafeprotected.com | tcp |
| NL | 142.251.39.102:443 | s0.2mdn.net | udp |
| US | 104.21.95.69:443 | youareanidiot.cc | tcp |
| US | 104.21.95.69:443 | youareanidiot.cc | tcp |
| GB | 23.73.138.131:443 | r.bing.com | tcp |
| GB | 23.73.138.131:443 | r.bing.com | tcp |
| GB | 23.73.138.123:443 | r.bing.com | tcp |
| GB | 23.73.138.123:443 | r.bing.com | tcp |
| GB | 23.73.138.123:443 | r.bing.com | tcp |
| GB | 23.73.138.123:443 | r.bing.com | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.1.91:443 | assets.sftcdn.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| US | 151.101.129.91:443 | assets.sftcdn.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 151.101.193.91:443 | assets.sftcdn.net | udp |
| NL | 142.250.179.142:443 | syndicatedsearch.goog | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 151.101.129.91:443 | assets.sftcdn.net | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 52.84.90.106:443 | config.aps.amazon-adsystem.com | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.7.141:443 | cdn.btmessage.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| N/A | 127.0.0.1:53110 | tcp | |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| N/A | 127.0.0.1:53117 | tcp | |
| GB | 184.28.176.58:443 | th.bing.com | tcp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 104.176.28.184.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 184.28.176.72:443 | th.bing.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 150.171.28.10:443 | tse3.mm.bing.net | tcp |
| US | 8.8.8.8:53 | tse4.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse2.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse2.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse2.mm.bing.net | tcp |
| NL | 142.251.36.54:443 | i.ytimg.com | udp |
| NL | 172.217.23.194:443 | googleads.g.doubleclick.net | udp |
| NL | 172.217.23.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.104:443 | r.bing.com | tcp |
| GB | 184.28.176.40:443 | www.bing.com | tcp |
| GB | 184.28.176.40:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 56.176.28.184.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| NL | 172.217.23.194:443 | googleads.g.doubleclick.net | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| NL | 216.58.208.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 184.28.176.27:443 | th.bing.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 27.176.28.184.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| GB | 2.18.190.140:443 | aefd.nelreports.net | udp |
| GB | 2.18.190.140:443 | aefd.nelreports.net | tcp |
| GB | 184.28.176.27:443 | th.bing.com | tcp |
| GB | 184.28.176.10:443 | www.bing.com | tcp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 151.101.65.91:443 | images.sftcdn.net | tcp |
| US | 151.101.65.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 151.101.193.91:443 | di-images.sftcdn.net | udp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 13.224.222.112:443 | sdk.privacy-center.org | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 142.251.36.59:443 | storage.googleapis.com | tcp |
| US | 151.101.129.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | di-images.sftcdn.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 104.86.110.112:443 | tcp | |
| GB | 104.86.110.112:443 | tcp | |
| US | 20.189.173.26:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 2.16.167.184:443 | metadata.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| GB | 2.18.190.133:443 | binaries.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | 233.17.178.52.in-addr.arpa | udp |
| IE | 52.109.76.243:443 | roaming.officeapps.live.com | tcp |
| US | 8.8.8.8:53 | 243.76.109.52.in-addr.arpa | udp |
| GB | 104.86.110.112:443 | tcp | |
| GB | 104.86.110.112:443 | tcp | |
| US | 20.189.173.26:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 23.200.147.112:443 | ow1.res.office365.com | tcp |
| US | 152.199.19.161:443 | fp-vs-nocache.azureedge.net | tcp |
| US | 13.107.253.64:443 | fp-afd.azureedge.net | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| GB | 184.28.176.81:443 | www.bing.com | tcp |
| GB | 184.28.176.81:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| GB | 184.28.176.58:443 | th.bing.com | tcp |
| GB | 184.28.176.58:443 | th.bing.com | tcp |
| GB | 184.28.176.104:443 | th.bing.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 184.28.176.27:443 | www.bing.com | tcp |
| GB | 184.28.176.16:443 | r.bing.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 104.21.78.241:80 | bonzibuddy.tk | tcp |
| US | 104.21.78.241:80 | bonzibuddy.tk | tcp |
| US | 104.21.78.241:443 | bonzibuddy.tk | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 137.66.101.151.in-addr.arpa | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 228fefc98d7fb5b4e27c6abab1de7207 |
| SHA1 | ada493791316e154a906ec2c83c412adf3a7061a |
| SHA256 | 448d09169319374935a249b1fc76bcf2430b4e1436611f3c2f3331b6eafe55a2 |
| SHA512 | fa74f1cc5da8db978a7a5b8c9ebff3cd433660db7e91ce03c44a1d543dd667a51659ba79270d3d783d52b9e45d76d0f9467458df1482ded72ea79c873b2a5e56 |
\??\pipe\LOCAL\crashpad_2216_TWHZEJMNQRPCHEYY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 026e0c65239e15ba609a874aeac2dc33 |
| SHA1 | a75e1622bc647ab73ab3bb2809872c2730dcf2df |
| SHA256 | 593f20dfb73d2b81a17bfcc1f246848080dfc96898a1a62c5ddca62105ed1292 |
| SHA512 | 9fb7644c87bdd3430700f42137154069badbf2b7a67e5ac6c364382bca8cba95136d460f49279b346703d4b4fd81087e884822a01a2a38901568a3c3e3387569 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3cdec8e2732ad0e9a0f2ce3a1ca9d74d |
| SHA1 | 1db52413b67c10180480c839c698948b8b5acb4c |
| SHA256 | 037fc010409c22c38e2eaefce5c1d8f6f927f640665376663995f87fb0d25ece |
| SHA512 | 60f033e03f1441bd3a9afaa024c95b84b1013a8985242e5e88b3e654aa78175140f2646632bd9166127f8c72735eead7b8b798a73225ee40a739cfe5967306e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d84a7f0562afb46ccb33ad20326e5a5c |
| SHA1 | 84daabcdb4dbfe20387ba70d8476e43a8db56bc0 |
| SHA256 | 197af298f51b09b139bb46ff17015ed94e919357c51f5fe5eaaaa0b7136ad68b |
| SHA512 | 05e786c60336485eccf8b059441803de638c45185c901c8621b08cbdcff595fd9473eda5cf8c637df0d84449c88538a35a965988f62af4bb7422c05ba6369b7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 35c16c25b6f480c8c495c831ce1796b6 |
| SHA1 | d42c4e63542e9270ce81bc7af8ef498aecfc3543 |
| SHA256 | c4be73aa8ff998a658629a8fe35aa60c2fcbcb0f986297cb3279cb1b53c28485 |
| SHA512 | 953a8266dd449ed76474f16ee8a8953233032eb59fb440a56e1507ac0fbc4aaacac1768252fe5f7b615dbc1df30d8769fcc4764b282c203b0cf44b0268267f19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | dcf42fc7c8989829cd90daaf7653dc14 |
| SHA1 | 6b2ebe2e31a9dfc8b7656c5e903a61fa743c96a7 |
| SHA256 | 1663e89cb579b26a30271c29e9342bacd80783ce1239361a24f79d24de271969 |
| SHA512 | 36c791d5f5e5af50e413d000d4caf8b6dd515bb6fba96c6c8c8c3eda54c08bacb940bdb9b9a6b1f205cf144cc894d71ca25b011af899a7244e645427af97f8de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 1d9097f6fd8365c7ed19f621246587eb |
| SHA1 | 937676f80fd908adc63adb3deb7d0bf4b64ad30e |
| SHA256 | a9dc0d556e1592de2aeef8eed47d099481cfb7f37ea3bf1736df764704f39ddf |
| SHA512 | 251bf8a2baf71cde89873b26ee77fe89586daf2a2a913bd8383b1b4eca391fdd28aea6396de3fdff029c6d188bf9bb5f169954e5445da2933664e70acd79f4e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 027a77a637cb439865b2008d68867e99 |
| SHA1 | ba448ff5be0d69dbe0889237693371f4f0a2425e |
| SHA256 | 6f0e8c5ae26abbae3efc6ca213cacaaebd19bf2c7ed88495289a8f40428803dd |
| SHA512 | 66f8fbdd68de925148228fe1368d78aa8efa5695a2b4f70ab21a0a4eb2e6e9f0f54ed57708bd9200c2bbe431b9d09e5ca08c3f29a4347aeb65b090790652b5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3a992e85d6919ab587ac125cb7dd4262 |
| SHA1 | e774aa43628349108914aab4fa29df343b80daa8 |
| SHA256 | 5aa22e894340bcdd7db302f26e37babe5bb184bb053f28936ad26f474be54532 |
| SHA512 | d823e267b75c2aa7b71f6a31b660dce1943228e140c24308d9015068384dfbeedb5564a8b7d954a94f1145f4188c01c687dcd1143c62dd49d018d12d16626b4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ce550d8f79daaa50e4b89daf6d6f1dfe |
| SHA1 | ba8ff04c5124326e9bb93b9646b16c8684409fa8 |
| SHA256 | 1edb1f932d989173f0cc67654da805b4000956d154e784bd82bb8df88da6e447 |
| SHA512 | d6fb71e521018bce7f301c65545e3e6fc2654d1eb8f3afe75e3ab33f5e3c797783a5d94f0639620d16d13c1ef4fc81fe480aab9bf89ed97abcd5fa87a09b2c63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 01dcbec81d2cb8840b6792862afca438 |
| SHA1 | 9f99fd6cd0c48c9ac27f179fd3abfaad1536fd08 |
| SHA256 | 6ec12ad5a2466ed6a2f6123a18047e815cd27f538b781f745f9086b47bb68542 |
| SHA512 | 341585144bae98b6abacd67755cb911fa72418bf8dd557190d8149777aa1e85e5511c555770d065c15bc535157c52dbb6a0b6943687b1c169212df66fb342283 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 904c51db38a37a472848937a25ce5129 |
| SHA1 | c6986d772169968f8866bae478400dbf3d853e3b |
| SHA256 | 23b5c67aceec6d8c37cdce72c34fee8e99a35a387bb11a236561e563905145c0 |
| SHA512 | 91de5b2370990a7d63858ce1f38ab80e5973b5853423e7d03e1e9fcdcb43bb6108f7d8991bc2e50eabda5d9ffa4cd4b8c00849c4d66e35cf6d2057c89107e55f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ff59ebc1-24f0-4d51-b207-adbe1e466f66\index-dir\the-real-index
| MD5 | 7c4db2f560843c7a191ae9debc51037e |
| SHA1 | c0ba93283fdc674fd086cbc36f68a3fcc46faa6d |
| SHA256 | 1044a808a0a4bcee9223c45a001cbd96cb90e7607a7707b5d74150a0d9879986 |
| SHA512 | 95f815a82a218395a3425039d6860cb70fc1416ab39b9f2e12a8e60bbb886143be3760cc35770218fccb5b99d2691a491ee8f61ec7811c1a0f786c2014eb6a2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ff59ebc1-24f0-4d51-b207-adbe1e466f66\index-dir\the-real-index~RFe57d6f7.TMP
| MD5 | a3e2b418fe59f9d03e226c04c700f008 |
| SHA1 | dad5309fdd560fe1d61f0918af1dffeba81da259 |
| SHA256 | e2be49195a430b7f811e0c5e37fb6dc37a9ed5726d176799ee15194aa0fbb563 |
| SHA512 | 2af7828097e11867c8ce7311fe5bc4513787aad6471977d91c094520af8ca1cd51b366d7a27fa1f64478e2ab0e8dc9caea72a7d56eb4d259ece0bb6e89e6d0b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 60c2edd3f25797073e82280320a7f8db |
| SHA1 | 01828739ca2e0ecc544bd840def47d71e8fa1860 |
| SHA256 | 027d2e7d6d80cf8f6363a1ad04d149b71b1164c9d3871c87455d669444f9da1b |
| SHA512 | 5679be52cf654f920535bb1e369b80ce867c92a90707fa5e7098588032590fdce329f61881c1f2c250de003ce1dbca77e51e85cebfd8059587b923383026b6e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f19b3965398c7f5a3bf90a53d40b4815 |
| SHA1 | feb4e0975094f904c5747dce2421f0251b937264 |
| SHA256 | 856a44d95fbb155264f3c6641df8f9877de91359f0a84f4d3aa86ad67afeac1c |
| SHA512 | 12cf52c48ae0cf7b3dcc8d962f542f6cd5ee30320e3f03eb6f29a38636768365992cec4a7a1ac766e05149a7eeb3a630d324782337cc60c95f5d28fb91a5da92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3d1b7caf-3663-429b-9627-22e7b8c19d17\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f7475de650fcfca3f39ec166a854418f |
| SHA1 | f1e7c2aa136cd34a67122daf3b03d7d217195e0d |
| SHA256 | ea214926fe538ddd05abb417700a02073fb9fee32ee4ec55571afe732018fb5d |
| SHA512 | 4bbea276318a41ec36b3167b8ce7f2a031452702ccf3453f3c03593286b75f0672beb19f8e95ad3349a0b43782aa85ada1584f4a89cadabaf0b47c3d412ae392 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | aebe57422e9de65bde7cc46f4c717e3f |
| SHA1 | 30196d2984fd3b1205bc0210d45f5ab3d76871f7 |
| SHA256 | 1c13f46d9f059ec811a2db7481b27e5a84af7d2d4fdf81e85c58f5fd7743537e |
| SHA512 | f7df7d9b6026b8a987df64771c8569ac366cde7f2b8f63e4e0db6fc13213fc1f248c391c2da1ba8f9bbcd41d40a99a65c0312e346086bed4b3b30dd0232d86af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 11baba444fe6e52672b5c99c6a0d1f6f |
| SHA1 | b8569340b6daea652ef46fa995900e66f819ad6a |
| SHA256 | 7ea0876f833cdd63dfd82723a277dea317b1a0e6172ad97b1df0f754a4c229fa |
| SHA512 | 975b280abdd1826c44a75c5cd315b75df151485bcc0cbad25fe12be842b5ac9bd99bffac0050a3610af0398e2662b8298fe1557c1bfc356bd7b9ea0c73b9b9c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 6fc9442f866c703ef95d3f94f8724e07 |
| SHA1 | 274b02589d7959b0d8980d9cf156ef0283b92cb9 |
| SHA256 | 9366424be6711ecdbe31e004dc9d352d59f1d0211aa91019114182d3ae084201 |
| SHA512 | 551a9aa98a580749e06a80112e8d2dba0bce430b037e2039ace04dd8e60ccf9d3ae8908af0f38224f517c8975e8162dc34d905cd245423d2ae56905d35f5e8e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ac20cb784b6b4e269130eb2a76678f5 |
| SHA1 | d94e8bda4aba7a6c760b5591607f4ba0c6f4548c |
| SHA256 | ebc1db27e5d6e3dba04a8f77aa8a9dd6a0beac667e7d83ba72fe662161e8d64b |
| SHA512 | 75bbb498f2990730bd4452ec6bedc55026d4a8c36c125159c5183a9c86bfead286ca9625185e710a1138601e970c2f7478be5364a86554a1875f72c1bfba057f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ef32.TMP
| MD5 | b27d41ba62b39d153ec528e5d63fe548 |
| SHA1 | f513dfb95ca7df08cdfe6df9cfdee247db7bcb6d |
| SHA256 | 906c1068e223d3d39b80e8778413bc4c459de552f7aa255f0879c48a0da1cefc |
| SHA512 | 7356a6c7a9133186c9e3253deeab204ac57fa48d2e596478a6eafe3ece71708fdc34f8de2001055f8b70e2b63ac2443500ce34e79dddd20cf41723273ca1b1ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 159b1e8a39acbe62feb1b33b95481464 |
| SHA1 | 4f272ce831e3cf02850351232e0a10332572b6e4 |
| SHA256 | 5f2f9a08b34e36f9ab1880d1e6284f59ca0002db71f36bfd861711960a11df59 |
| SHA512 | 14e7a8021b4c0a40b6ee5ac86147d4c1b3ba5bc629f48cca0f4b55d02be566f109a3857863ac4daa66392913317797bc48d0d2bf971ee2c16e969ec61acd92b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5788c36d-f66d-4016-9e44-e33c3799b5ac\88ca3e4c41541168_0
| MD5 | 3a49ae8b9069ba09ede950814dfe11cc |
| SHA1 | 96bfd32b957d7bb6c3ed008bbee00b2564409a47 |
| SHA256 | c4d35ba6aa58638b0d0eb1f73d3073b47807ba8e0d3e10821685686d145dc74a |
| SHA512 | 4917f4b97164a806a634b66de33ccb5be865e46428491be13dbb046c542b1bdc42adcdc6c02e41b9091f4ab1fab9900f953fbfe8034eb8bc9fa7f7fb49bc4889 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58294d.TMP
| MD5 | ba89c92019fce329cba75aa216634c72 |
| SHA1 | 9f0310d65b87bbb9f83e72cd5c642caccbfc3028 |
| SHA256 | fba2232edc0bdaf0cfc4d61217f031a83c4fe2d2d7f55bcf1789a0eae912bb19 |
| SHA512 | 0916cfb8d6c9924806959cf623797edf463e2b15d8236bc3c13dba0a06d28d68b5577712b419ab1aec4c3eec20eae30ff8f62968c99ce59e369a34633e9aa450 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5d18d4e61a7de604a142cc96908f079e |
| SHA1 | d60b27ca93904836de4f8714a30e6d49622d8834 |
| SHA256 | e011b0c0f99d516f26b9f795f6c808dfd0fd942d25fb6e2107d440e75caa4e16 |
| SHA512 | 195194d6713ce8abd4581dc3432bf1605b0c8e2912dce5ea493c5bc858282ded68678377a5501fbbe8e36186703dc8cfe5984e6425c780d16bf9f2e1fbafa049 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5788c36d-f66d-4016-9e44-e33c3799b5ac\index-dir\the-real-index~RFe583023.TMP
| MD5 | bf12cb9375219e85718ddc9f5ce4a65a |
| SHA1 | 51113f08647e6ddcfb9a7f204d3e76e6e98079b6 |
| SHA256 | eb9538d8457893827a3d82454a81c856aee1aa3ac544e006ef8162c00b9aeaf7 |
| SHA512 | 3f9c91e107200908826207a9bba796b0c9a998357ec1ab23ef3a209e038a51ef9b97056efabbf9d45ef0efd6e5f9c366a3ea1f4a28603b62b475c6fcfecb284f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5788c36d-f66d-4016-9e44-e33c3799b5ac\index-dir\the-real-index
| MD5 | c9eb3d4a1e2f9b27bd58bc2cbff668e0 |
| SHA1 | 0ce8f84ebb31437568cab62745b22c06171d800b |
| SHA256 | c2372cef69775435aed0f0c88ef7572f8e189ce370bdf527fdd0191df1194f8e |
| SHA512 | 0f76cf9ede3d234b3da9e99c3eb5cc0b4c48436f1927358e02950ed289b8ba8eaeb903aed2183837e73ec9dcb92e5822c3d6de3e36b8a520e2df622b91c36239 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6f7fe0b8f355c5e1cc4e915240d0eebb |
| SHA1 | 1003b9dbda1ded043c1a71c324ab1bd13f5b362f |
| SHA256 | c42e606b60e95fa4e64b64611635369f59ab0174e30d32dd1cf8c7122ec0cd4e |
| SHA512 | 2060ad99b893f754cabb0821be8677b04a34d1ba4dd31abc62c0d8529312f663537dddbd6fff24aa2f957bf11267a3088f5891df0b6f8985369440eb70fcdb4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d44cfb5b9d995134f5b34c3f3999ad87 |
| SHA1 | 09a6ad5e7441609942144d8763c2ba65edb3906f |
| SHA256 | f6f7680bf7c223fca8055e56d77f400cd879085bfc0dea9f1bc597fce30a06c8 |
| SHA512 | f1e234d06c5bad3e83d337d72306f5e95be28bda07ec92a1c01220f0160a3f979b38d35c0ba4295b90b23a5ecb4f3f4ace00167ebcd790432abe120ec5c907bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3b18ee63-781d-4c61-9adb-e4e000a7eac9\index-dir\the-real-index
| MD5 | 2572a7cc6ecb0707bce827d62819615f |
| SHA1 | 97c8bfd61f4fc5f9a88035ca20cea798f8065385 |
| SHA256 | 64d4a4b83eb75bb725d0085ba0336e0e1958f05875c234752887e606a42d1f0f |
| SHA512 | a6983edbb315f8dd0a1793780456a419989ba632a4b7fc5bdd57c0b537438d3439a3f909955f69c7569cd040bb8f542864be08c12c3356be504892bda01041f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3b18ee63-781d-4c61-9adb-e4e000a7eac9\index-dir\the-real-index~RFe584d02.TMP
| MD5 | 5a56d3562d1f0f66bca51f56be7784a6 |
| SHA1 | f6cdbfac25c70d140a8e512c2318a12678ee9298 |
| SHA256 | 311b971bedeb4049d85f279921b3f8bf78c6f3cf2f54fd20de859b679738c32c |
| SHA512 | 694a9b7438de3182feb7f0333dcbc41b6c9a4e8e274251037f6af0996eaffc9b5097d84e3f24a1b3d6e2fdeb8231170386c27af026b54acbee4b45e7151b569d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b328f4354caa76596f3c70d43738cefa |
| SHA1 | fa86017c4cadfec230229cfd56b4e3c36a9177bc |
| SHA256 | 6cf09a5770ce3e7610f5f07652590ff6eae8a11e33a9ba625c2f2dd69dd9c530 |
| SHA512 | 744a968d79acebb53b10691dd304299d071a1552ad01b25da278d897a237bf2be630b8a643d4926827a2d4b6e328141df71fba6708fda890238996de3bd09ca9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 209af4da7e0c3b2a6471a968ba1fc992 |
| SHA1 | 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f |
| SHA256 | ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403 |
| SHA512 | 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | cf604c923aae437f0acb62820b25d0fd |
| SHA1 | 84db753fe8494a397246ccd18b3bb47a6830bc98 |
| SHA256 | e2b4325bb9a706cbfba8f39cca5bde9dae935cbb1d6c8a562c62e740f2208ab4 |
| SHA512 | 754219b05f2d81d11f0b54e5c7dd687bd82aa59a357a3074bca60fefd3a88102577db8ae60a11eb25cc9538af1da39d25fa6f38997bdc8184924d0c5920e89c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 09ac9c9a95dde9d928585489b55a7a53 |
| SHA1 | a0930234469184cebbc08e399bc4d7ad9003b2a0 |
| SHA256 | a2b2e70072c91efc39fce757a94ccb51cb7de56c2e2accc7501947ef0509a612 |
| SHA512 | 0b6d68f9b28439a56bd0fdbd391f8107023117e985a7087dee483e7dcb998897db2e7ec4cdbd551f6546ec648c2c1b8a4345562f9640bcad14fbedaf2730551a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\25067286-1c45-483d-b319-157bb0d41232.tmp
| MD5 | fb84f485e389e736be3dff9fa1dbc31b |
| SHA1 | 7c89ef7b544d40ddb09a75319d53fc31937f63e0 |
| SHA256 | 5c22ebbf968d6da044ae7d9d09e028acf8730cd30d980f7146756d0bc287b107 |
| SHA512 | 4a49dfeb0c787e58800dc47a69fbb804073a5ff8b93c882a2f19d2f4a86f24b9275b00f389bfbe414b637c641e7da075c49047f0690b6fcd56578055b26dec60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | bea3365243668f5266e74e9836ec26d1 |
| SHA1 | b6c80380c2b41209dd118b67d7c7e6ffe07c37cd |
| SHA256 | 4d4090bd433689e8e324c92877ae234482a554b7d6695415ad7ced65a0553e01 |
| SHA512 | 66f79e41e887aab93de0711c86111f8c41b8b0cec49ea4a9c7bd34071a555fed146ff7cb989db11571b634505bbcd14c35d567b47f4e1aaf177653d852080638 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | fd1f79856510e1cddd8141f1d82aff4f |
| SHA1 | 659aa5c13b63adfb1480856cf8da6acd4fa624f4 |
| SHA256 | d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4 |
| SHA512 | 7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | e28bef616cb360329b8090ce08fb08c8 |
| SHA1 | 238bb9401cb8e00306b4cebb42641dd87003e40d |
| SHA256 | 35ecb2b52d81b75c460f0a391cd904afa2864e9e008ac464269a39172dd37317 |
| SHA512 | 4c05bc41ac672c90fc779990e842eff4b62aea197e9a39d6c489565caaaaddfe1d1f04a91982ff132d6dcd5bcf0db395a277db054f744771a28c30f6b35e6d37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b551e82f0a92c506d8d7a68ee607e18b |
| SHA1 | a290de040a1252e84f7a434421052ceb1e8059de |
| SHA256 | 50df618c3d90b126047162f8931805f819d859b933bafc283443a513e2944351 |
| SHA512 | 409ce2d6af8681df70f7acadd612c3464e0b4a63fc01c2d9d468def2711339a4c604960d3164be90276d2feabc39639d419cda4841927774c77a2b598d8162ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f75a9cd8b167ff819a6793e12b46de68 |
| SHA1 | b03cc8b5f86320e51be130169370a25af02c2e68 |
| SHA256 | 70a7dba068b00c708ff892e0741be330beb0687a471cc382905e16ba8ae20462 |
| SHA512 | a29622b7361783eae356373a5762ae19198839e5001048ef9d8f38218bed8fb5a50d55b4f09b9207e8ab166fb9d4e1d194d19a8421416c54872953eadc676017 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\121bf6e4-e8d4-42cd-82e0-95018caa4c18.tmp
| MD5 | 732a95aff15e76e7e3ebe0635db52b12 |
| SHA1 | 3b6a6cb1b7ce6377839916147b2ad5db58559644 |
| SHA256 | eae552a8b5eaf445b22d0063ad84fd8a436368d3473cce26ec99159954a0b0f8 |
| SHA512 | cf14f6c4e9e58b90e7d103fdd08ebccd3ba385b6e55a4e3bfb690f9572edc9b3e0a646f4740df6c8f7723548964d01d44f33d75210983f02278e0831684fc038 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | dd020ac41add11e621975416cd1cb7e0 |
| SHA1 | 7715e2b6c1736eb8bfae50a70881fa09f9278605 |
| SHA256 | 3c1b5c9a9b7069a857ea0c501e1ddda6355a8d3018b3214d1408c6e6a19db54d |
| SHA512 | a5d10f0713fc7db283c6f283be320f208a75e17e7255c1cf29acb7bd7abde2319e3be1617e2214a16df9c4c97f7f0c0c0e5205c96ba0d0c98ca56e60492d4707 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e7dfa8929cbc232efbf88d52731ba7f3 |
| SHA1 | 1ba25faebc12fafda997f5b6c7b44dc9498cff2b |
| SHA256 | d224950f4512d71e2def398861c019a9b429f516fd7b97ad6f4999889b57cdce |
| SHA512 | 4b46f25d7084b4235df07535830e575f11032a83d543299997d0a575bf98113fdbdef29c5c48b0154427ee22c1809a8b32196aadad210560f84de22d29f59759 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3891d06e3e04d030a1cbd54f84ad31bd |
| SHA1 | 8db30985737b4e000461fb56d8f6e8618a621270 |
| SHA256 | 99a550756570cbcdd76bc98551f1a5c45346b29189c23cbf439cea83a2299c76 |
| SHA512 | d49863ef795276ff3e8352bd67d84879da427426223e181191987a8c57353b6227ed5e6994d0a3d6bc74aba8069a5d30ff8068ab6ca6ed420728d70da8adfd54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bdfee7217fa0cb3cc7e7d96e22f0c3ab |
| SHA1 | d1421142d84e51202b7f6a9f8ebc6169ec6ad7a2 |
| SHA256 | aea48c62cb7c2d554badb259019da71e96c39cabe2cbe6db86d68c00e73922eb |
| SHA512 | 8dc34b62e5429c3bca44a4ec4e699b574a3e39228fca5482cabad1405b5cbd0e1727d0c4295edc124c6cec3bb1aaad424f989ad3548f66b527f2441514417ddf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 21a619a35374a0efbcb35fd439b6c400 |
| SHA1 | 61fd40a86d6d303cf0061c2209c693ffac41a76a |
| SHA256 | 8cddba35b8f0c58f77a946c920870c5b5e1191d2b8d70b10a92fa63924fdb6ce |
| SHA512 | 7259667bafdc7ed081246d401eaec9c909729e9ee6f79b4223386bc08f5795ae89899856a5371f10275bcf7c32dfba7f1251390015ef7eacb1ccf84511157a13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | 6931123c52bee278b00ee54ae99f0ead |
| SHA1 | 6907e9544cd8b24f602d0a623cfe32fe9426f81f |
| SHA256 | c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935 |
| SHA512 | 40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000084
| MD5 | b39069244283d0630db35bfe0af50515 |
| SHA1 | 0f448e4c3a3e5c61c0d8bb434250f289379a1daa |
| SHA256 | 6e484fabf582df6de3f99d0c363909a6d404cc29bdd8cc76f393a978ea49e0a2 |
| SHA512 | 2c70d5a82aade4014dcfa03ae0b83cd17b50fd2e995fd27c463980dbc57775da16865d47c8b533dd87baea735e011aab6f3969873e5bd305647ae1586f2bcdce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8fb748a988bb31de0d29101a2cd56592 |
| SHA1 | 349c093f5a7ee40c4d5d6722b718acec7ea043da |
| SHA256 | 63f214d4a08ab2ae07cc0e054908b808a01e62fe1a3a62da07996feb082f0d33 |
| SHA512 | e3442d60f5c7177c1e7dd545e33c0c0e88f341f08fdb9003c2c23bbe42b8be6892c0ea2f0984fc789645d1abe59a54f728983cfd698b2b38c77ccf05d8e75d29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2abfd731cd4a1f87375b067fcbd14d45 |
| SHA1 | 79d366ff74f68c24149227b092f892bdc8bf9612 |
| SHA256 | 17d20e1fbbd0d7972e85208e084076b0456ed54ac7d8e22703eaf9b97bbbc455 |
| SHA512 | 949b7a4aea6d010d39e1354cf6ea7671cbe2f7fe8e4a42f16fed4fe049158badbf9aff568e68f226d8fda9a5a5153b735597fdf7cba349915b10a50784ea8157 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 401ec10a27c43c59286811b1c188ff6a |
| SHA1 | 2ff57c3316d21926dddb97adcf1d6ed8df1c9315 |
| SHA256 | e118c660983b231c52bd9f067208eb2c62a81d9fe10663b55ab31d66aef33278 |
| SHA512 | 593e48936485a7a1d7c41436fe0b0f0dddcb638dd9fed4b911346785d0a2af91cb57d2f43c421ad9679a5f07e825cae9f89e0b3c41ad671e2df1ee640b965863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077
| MD5 | 230ab95d87a717be265134072eb17c25 |
| SHA1 | 71a3d3dd6f952057ba0c6025d39c9792ff606828 |
| SHA256 | 3fdfeaa675697f08f1c7c0fd6b77512f4bf9465e670637e8e332e65ebb9db068 |
| SHA512 | 9b0636421ad14161f211e846521149ab0a7c866e77db309dba79718487835204cee3821c9f4678e48e134614be6a02421c155a34b7c9bc424012137705960b11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080
| MD5 | 845e1a3d0f8b316c2336250dc14628d0 |
| SHA1 | 71fee07b3e73d3ef8f7f13012f6afa33497b7c85 |
| SHA256 | 3652f51272e5dbe7fd76034923c754699ca0ad9b51f15045ebebe1e07eab8e4f |
| SHA512 | 612f8bb733828a8a6be340583976aea7d24654070039f772f227d3996c096739c1a41d5460df7c3a20d8bab12839e921fb756eac7063491f9c39b620da7969b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3e476d5cec603837dd982a27fe8c657d |
| SHA1 | d55eb4e4abd8c412fe81e74a56a975380b4541c6 |
| SHA256 | b8b212ad262a934661b386d790541991acea89a74b1f38752a58875bc82b477b |
| SHA512 | 6847fd94efc99ed2a1808d5804c886487699a3f0bbc0b1080ee108ce740d355ada633c5a3a87d983a9226564c40c1758e4d66fefde47bfeb21ffeb7f793b7ca1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 10d87ece87fa9e8ba1541ad1f79543ba |
| SHA1 | 120440ce22e64e6e480d9990823bd12afa9ccfda |
| SHA256 | d3985b68a446694fafa3861d28e8eed3a1294d7145177a8cc4152e9ba289797d |
| SHA512 | 8e198dd3386e4f23b6656d921c2274a85c0bcdd4bd61f20420443570517978da8f074f7b967229d7feafb962890d089144234cebb011e6e326a2800de7e91d85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000093
| MD5 | 9901c48297a339c554e405b4fefe7407 |
| SHA1 | 5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e |
| SHA256 | 9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2 |
| SHA512 | b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 20e583322d13dd1c7e508461bb7d044a |
| SHA1 | f0fa880abde756995d97e9dc4770a891a7a32a18 |
| SHA256 | 883d2659fe050ce4745abe73f0e70cb0b267e5f5703ca963a71dafe59022eee2 |
| SHA512 | 5c0e6d3259bb7e9740e758e0091d7ac8956c3de8862ca3b188701f4964c5a8437010e2cb6865cb7bc8e9180ae6283c87dc4ea611a1af938f427b25bb86116687 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f4bca6217ea1bcf435ce42f393a5c639 |
| SHA1 | 816ea68d859dd97a971dc4fac3e15d5f5eff505e |
| SHA256 | 82ebe5c9c8ff00a0a1f77c4eab85bee71d27bccb74a6acc23f6fb59bfed180f4 |
| SHA512 | ed290866a0bfee2c5e83dc8700be07e24b10f5efe8e05d8134fec8d00bd8bed6660a134c5b594c0299ec8d2937b2635413e4893eb16e7d8067b4568e29bab4f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 379bcd9515a04b5e51a6963af2742d1a |
| SHA1 | 09b7f646ef42a964c603b6f149d0d1207897030c |
| SHA256 | 7d4ed7ec0a7ad3fcbd9c552775a34f6ef354a1a6e7728e460e169f81b454eba4 |
| SHA512 | 3763090dc979f4af4d214ad4ae22117f2e74f0ffca029b67598cfbc253eba52d10c5d53b04ce61f6f8b677f19843d742609139b013bbf6f0258cb84c0b8bb0ce |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d3d5094ffd966a03651fdbe9fec15bd1 |
| SHA1 | ee51f121502a55349efcb732991af3e8e1d1d795 |
| SHA256 | 9032ac80b01b79d5c1b004b2b8d445246efc82a81ca4911d3a9f0a56fa4b5ae4 |
| SHA512 | 1d94e06a293031495db0d6f0ed4633a0cf0d7746b69e48dc7417f6f1ea1b0d8dae4bdaf0c8c73a01c0b5999be06aecac7f85bb9c0754e499a648ca26ed9ef61c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e63f1671489b13435952150114641679 |
| SHA1 | 1218eadbf4e13875a27580eedb86e5c7366ccdb4 |
| SHA256 | d1a7aed49deefc8d9d1e5bfd908e4c7623c1b057ff199b60fd42aef7b67301ee |
| SHA512 | 5df3b164a0d4a745a1b45182d4743d4dfd551e355841a777b4faa2f4c81a53384b3278c4a1e58a413f961ff95f564cb022412b50e53041f73e257dcbb1c158e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5e5cc819f95ec6bc52e8542f285672db |
| SHA1 | c226086fc30ffbabd38b630df94ad2f4efe61e0a |
| SHA256 | 2908bf434078c86ae03a9705a0c76bc5f7a95e4e9e3ed536424077089e08f8e6 |
| SHA512 | a7c8e3dbdb5b38ac55aea844ce9db66e1e7d3562b57c9272ae2da3a16ceb83464eb5ab3ce0b6a5b69f0debc981ba87b6fb8622cdbc540e7fc0ca628b2ff5a33e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ba8a14e49b6d957fba9ad7fb41ce6bc4 |
| SHA1 | f1201376ea5dfb336dc85380f670b9fbcdc35cff |
| SHA256 | c57a03a55dbc154c41ea481e8dd403ac98bf3dd6c6659bda9a0d65ce2ee6fd1f |
| SHA512 | 1dda12a60c5af8c87f8b368841c30917c951fba98c368ee7e9b0f4911ef0d488bcbc785b8335cb0db1f816c274ac572ddd048e421e4892c3667a84843145b5f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc2cece2905234423f1779702d49528f |
| SHA1 | eb7fa7bc084a40cb35e16e840782ce05f2abe49d |
| SHA256 | da13cb86bdb56e5887ffebc1ef034d2e056457f466ce7003e7fe4de6890d2819 |
| SHA512 | 6555d77f4b6f7c41a26faf726b98c51a3be2139502a932d7e58b94278a99684513a24b7578176a369e6e8411e478899cde14c89f79ccf3a77ae7256d49d90aca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 1282ba59b219e55e1aa9bc059b416880 |
| SHA1 | dcaa236a6a8828193080305b8d82eccd6809a3cc |
| SHA256 | c13a1e6d9bc5136ce6186c3925d0eca438efb696997b6a2b6e39d089f6c6e30d |
| SHA512 | 7d698f5a6ef1103e46f4de67d5c7e54309e0ec9e2de96339fb785adc5be141694144e7381f53e62edc84b5c760f43a7e93d335e44f5bf2b93b81621043eaf926 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 8175952d2722016599801db7524863c7 |
| SHA1 | 2a2816091a7c2ccf2f4c70f3748c5b0f2c3f72f4 |
| SHA256 | 889095daf91dc1f2b210c8375dac3319edc3639833fea521372d4b6883a27003 |
| SHA512 | d0173508797963c383c988a1984b18c4d2356a9b8647f4f94c845fbc2bff2e405e67f655d12b57215158312d4fa9e4f7d10bd9e204429367d4ddc75633a728bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 94f268e8a114a3c0f65791deb2461d33 |
| SHA1 | 24e8f2c74f47c88d452669854673138789197331 |
| SHA256 | 71467acee116150fbbd74f965e4f752596b3d5e3365f8cb36f855b4920a25b03 |
| SHA512 | 495a995c93655d550c6e70c6cd73c16eb8abae088de2c2d1f6dc3d0b1339b5a93744fea9aafa456c2f458763e8f98ca177e9b50941f7ad1d152d8e68681fe9f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 922ac5cdb4bccfb75cea3666c8d11dae |
| SHA1 | 82572dcfbd5178cdd5be483848563beba7046b1b |
| SHA256 | 092fbefe4a5236e76c2e91d9175bb8464f79d537265ba79d7ad13bbaa14126dc |
| SHA512 | 46cba86976f5e39434e4f33f426f3a56d54b46dd8b267a85b3061c6da9cbf6a03eb0c9d18fe917ae01eb25ebac607766623ac0141a9fe7a3313c65a76010510e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ac70f88c44b273dad7fdb30aff1af55a |
| SHA1 | 55e7fc1a30d2786de681cfc3eaceb53f97ee469d |
| SHA256 | 499596c8294a3753b3c2741bf2095c343aa479b44fff0309d1e25e47d33c42cd |
| SHA512 | 3b57bbeafbd56ee80c11c7facea8af2eb084937c4629d449bc0c6c5f0f30e7e7f2f66da32782e45d4c8ec8b206b7c8772d4b60d591a7a0703cae0ce39ce6ea6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Media History
| MD5 | e6d10f1f373a1691783cccdca25cbe5b |
| SHA1 | 37598b11535bd0e00198a19c36240f2fafdee938 |
| SHA256 | dceea7851c2aa5688bf71c02570318c7e629d7e3d5f92d3ac5a43efdd39c4fc8 |
| SHA512 | 31a8995c23d70ff13cd78b315842abb7d9ac4c17fbfc872dd88c6b85dde814f744bc65fe158a13563ca5957d638a6ef672250dfac33b0700731aa0c4027d9a46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | 69929ec1384baadfb44e7b6b1b5dd7a7 |
| SHA1 | 2684e513ee2c0d4a305ebe7dc6916ada1ca90edd |
| SHA256 | 47298ffa2850f79518aba940d873789e0606e9f7de3ec93b287d8b82abefe57a |
| SHA512 | 11ecdccfa6e4edbbec328ac46a6085956580d2d3153f1fe1429eda0b07b3131e9db9e78a93faa2da66edd677d60268d85a5ad37e0ea0b15ef2ed541943d8d504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | c88b805bdf97e807351e1a0f5045a4f8 |
| SHA1 | be8bc04396452bffae6ad3b6fbdea80725e4ae11 |
| SHA256 | 8973208f1ff2f6b980826cc790a2b3c25ac939804e6e840e56b795c863f17510 |
| SHA512 | 4dba5d883bb075f47951416921f4f3056f3d61bc8d4e6747389550fa73468da7a803d97eb9ed4905ee76edcac855931a72458b6f83a8612c3ee13ca19ea8a824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 3a77d2475007dbbcdfc6d71e8e1208c2 |
| SHA1 | 47a1b4dc009c0d1e036e72f3316d351fcf9b9b7c |
| SHA256 | b20f9c8df196a58ca6bc8ab0ac0e68418b40b3cd6dc7663dcec9aa089ca8d3ad |
| SHA512 | 39dbb4384068955990c7bf6087d4a31b4d4254d8d0e5ed8a26c06e584f93922fe2a7b2b55b3f8bb8f6d450a9f70cae84a29c2eee2926a72316f1ab060ae37a2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | d718f6f578149f5df22798e9117d725e |
| SHA1 | f4c691699c29ac27cfa56aaf95ef95d83278683c |
| SHA256 | 9ad92327ffae3c667bc737003974f973b908f916b512209da42e883605f57c8f |
| SHA512 | 5803838e296a8e83f07cf40a1e68b92e050a315a2d745f72cbb3e03f4cfe73eead89ede3e40db5974cbe3fc8cdacc04da755d1c66c84977b2cdf92e5b9158180 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d51ee71615a45bfb8efc2363ec9dece |
| SHA1 | 8477a6f94ab6cc44c4e6e2df603f2e1b6e884b30 |
| SHA256 | b54aa6689133a57d02317149b81ccdaf42b6e6583b0ff1570e59996b2d0b87e0 |
| SHA512 | b088aa3ae401ccebc3a9de9ef47fe8e3069e93308f3165fc3d85ab188045ee000b5f23a74155915c60aa7c75a89acccf4421258ec7f4fa6c5cd813c8e08742d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0d6f875004a2a02b2a8e11432f8544a3 |
| SHA1 | ecb58856c57cd93b6228a9eb3bfba596a7a21793 |
| SHA256 | 7fccfefd9630c700c022b334387b96f4c3a4902bcc303c3890d8eb1d6bf3a932 |
| SHA512 | 6f2417bb726aa5738d92aaea33671e947948b8c7196d4698655fb1ceba13877e0543196b395bed61e35f9ef9257f531e39690ab697ff93742a6595288ea9acb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 728fd394689b6e4147965b5807908d2e |
| SHA1 | 24fc54487f45e6cd8443c566ff0b494d5fd3f0d7 |
| SHA256 | 78b6a15b0656c09042619fe87eb3796ca2550e4d0f4e01941c93eab6edafdcce |
| SHA512 | 97f2118193671535ff3e7fb3763487e861686824bcf1020c9df0d69f99433c1e55f37e1b154bf0a95aaead7274c01eb494e5a952de1f837465c49a2854a7dbd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3cae32aabbece4975ef7840153fb3ebf |
| SHA1 | 189f582eec1a43cfb8e3d7675f2da1d1234ebdb3 |
| SHA256 | 1ffb0df071800e8f8dbbe320ccf2af7b2a0b3a63154d6bfc96a231e823117f25 |
| SHA512 | a7fc2954868f3addfa9050757f9cae3c580797a082f68207b662beab2640088bfcfaf3783d6f552b4bbdbee3145512a6336927b8b270807d89f4f48e2027d766 |
C:\Users\Admin\Downloads\Petya2-master.zip
| MD5 | 99190e3a6848755c06ea966b7fe60695 |
| SHA1 | 16b2d6d2a515da07c700cf34255482f973971522 |
| SHA256 | b9c352e7cef7e3725b405ee7cc47dfca83562c221af75574d7bd3155f3a455b4 |
| SHA512 | d81f748e76bd46d7a29332bd4b6b7bc91e96edd7a711faa1e819ac9d7cc93506b278dcca67ea97726abd5d45fafe1ccbe7a0809bb39445bf006dbf12a937f08c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f89d7ea04b9825c73d835cd2a4a28e17 |
| SHA1 | 3658d495f39d29a36ce45e5b749c3c72e90ce571 |
| SHA256 | 46882e80d73f87fe1744d0163117988649ff8300995a7185d9774908f9daf04c |
| SHA512 | 609d8e64043e9d2371f49b253bca94b4e5c808c687bb566fc3203f98fb72bdee131b7fbbad9fc2a8550cdef56c520840f2d23faf55c3e0588c378be791890602 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aab4479a005e24c8b7db1a981b91c6a9 |
| SHA1 | cbf6f422ff226cc0be835dee16fd86eb9459a95f |
| SHA256 | cafee2c08585a397e73d0126dc5f5637d4847a99335af1a6179b7ea42b3e986d |
| SHA512 | cdc0c4e6dbac64fbd67d00c07baf7d8f3d2a156d7b9ef1a7e63c99fdd4b4cf48f4e7e40c27d80a72e73fde800ea39f9f9799c8e13551b59a4cde1ce0a1ff7c52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 470c8b5cc3ec151096425ba301b407fa |
| SHA1 | 5459417fb6c1084509ece35b52990d65a9441865 |
| SHA256 | 0ae1e1656be4d9f4dd5372dcd7032ce83279d488841e5004cbff0df4dbf09f54 |
| SHA512 | 0cac66ee8930c9cc87f44ca75ab20b9ad4821fae14bbfe3e5be12465824b50ebd920cf6fd96b1d82047edca0b9d6bd60d32e6c544e2a84e484fbea2ed0387c92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1bd12f43bd53f0fd9931fd1e90e572ba |
| SHA1 | deaa14311cc910487c38e232b8b1545fa0459ec2 |
| SHA256 | c8ba51ad4b98107528887a968a76c4dd58d418d19fe628b61657a85826cdf72d |
| SHA512 | 83d67c41a25c34866b12d320f826821077b60fbcb7891aebe91782a629a3ee69863bdc42fb300875c557b663e6fd5da85056a73bf3873fe15f2d60791397b4cc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e275ef70659adbf85254d25c9f6f590f |
| SHA1 | 7e48b5e82210c8c7112a65f644689749f09c9903 |
| SHA256 | 63d723d0fd9c5c1eda94fba8343ffd9897a4747ddadc23e8f7492d2acf875b71 |
| SHA512 | 33c12592aea93a957eced3404bec64dd4907bc54682917a0d3bbe8304e8190f0fe1ff8868237d5093f5e674162a2cc89c6e5337083d6ce6371fb7a809fc98ecf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\pending_pings\382444bc-d2d2-407f-b5e9-ba5c9321a58b
| MD5 | 0930934ace3fa812a6096e186e6f11a9 |
| SHA1 | c26388706f2f64fcf520971f2c5ddaa0d44053c9 |
| SHA256 | e6afb0ea0cadc8ffafa90fbd4899a495f516f1369b321644aad64c78e4a5b79b |
| SHA512 | b750542e37233eaebb1c9826f80d07608dfdfaaa90049c1a4bb0bc1cf4bae81ef7d924ae152b9118260b98548aa36573f620447bad166eaaec7f85a4d58f2202 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\pending_pings\36afab81-3128-4283-996a-69f0a968fb66
| MD5 | aee0630a7ded28d80913833770e45bea |
| SHA1 | ded7a19f7478ea70882886a98ded6a2268e655b3 |
| SHA256 | d81a9e373cdabee8c83ddd12dce091f47ad447381393de7b8c8c96144e0e5d59 |
| SHA512 | aff181fc4eb2250d9cf44fe9fdc6ccb68c735b40a181cbdaabc787a97e94dfc1352e5e1170e08640852eebd2d9eb8101ee768a40ff83b4c6a875763f87f1e4cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\pending_pings\02f8fcb1-7bfd-480e-af4b-465c47dd3be3
| MD5 | 4c259ac05e80db15e4fc8f3e3b4fd148 |
| SHA1 | 798fb3b2ba2866adddd5d5a1321006730a072de4 |
| SHA256 | d885ece0b355212ce09b148c8f63ab4c3dc8a999fa3193ab24ad59d57a7abb10 |
| SHA512 | cc0a9dddf00b9b4100aafcc76279644766942d6ef712a83dc6e756fb9ed7cceb1b1a336b5a7e012f809f19981d8bf94db69904e95745e202596c7f0aa30bb48f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r5m741b5.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | c86e296894f2ef164fea7c27754d67f9 |
| SHA1 | 33cd8ecab2a79122d947282501be8ed2f98985a1 |
| SHA256 | 767ced63df396ea3a3203e21a13f1daf08cd1ed2fb78edc6ebe7dcdd82a046bd |
| SHA512 | ef8abeee6a6884252292378093d62e1ed296453761e58b94e50aa8de7f0148bb97cfb402d171706e75ceaf577ff33d974e831029f8fa8323af39e7ad0b5148ad |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\prefs.js
| MD5 | 0a43b2ce0a2a69ad947fb65c295ca5b6 |
| SHA1 | 7e122067f705a17fe22002d8963deaf6884b1cbc |
| SHA256 | d8a371abc6c3a3118338fd126be22b46f00cbfb59c1e3b049eb25fc88a5339c4 |
| SHA512 | ba054c5e884be6930d780bb8371de2dc958b65a4681a915de455435859c9cca6eff03d86417f11f0d82699f26970d49685291d07b7f14fac1e0a152711027729 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 809b7d2e7ea21a2adc6da7cc72317400 |
| SHA1 | a1117ee959ad9d18e65bb7f0e619214c7b6f7db5 |
| SHA256 | 380f0cfc13034d27e4df985152ed6892eff10f4f2863b5c83c76a66cd29b69af |
| SHA512 | cfb9e4340a016a698609dced2451a68adbcc807bf82215a170e925bb6ee820ed22e256d00556f82107292b32f52286ffe12be1dd7dc934ac4fc2e9c726dfde83 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\prefs.js
| MD5 | b88811c781f74d2cd72c91c6fdde03c8 |
| SHA1 | cbfe0a31b45914d6da715f69f5db900a32beb09d |
| SHA256 | 40ca6c25fd747142e4263d40b5999252348e5ae94816a07373a52ba61d5c4a72 |
| SHA512 | c7e702b480d7b76e146f520aa438f939b5254bd8678e8273680c39a5078da5d3f2108dd89d684d455289297276073d35678eecd97d2d775147e9e405581ce8c4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\sessionCheckpoints.json.tmp
| MD5 | 362985746d24dbb2b166089f30cd1bb7 |
| SHA1 | 6520fc33381879a120165ede6a0f8aadf9013d3b |
| SHA256 | b779351c8c6b04cf1d260c5e76fb4ecf4b74454cc6215a43ea15a223bf5bdd7e |
| SHA512 | 0e85cd132c895b3bffce653aeac0b5645e9d1200eb21e23f4e574b079821a44514c1d4b036d29a7d2ea500065c7131aef81cfc38ff1750dbb0e8e0c57fdc2a61 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aee6a21cbd6f1cf16ab21dfbd44feb25 |
| SHA1 | f60db259861a38be32fd7d62444f8d37af71bac5 |
| SHA256 | 4fb6e5580a4052ada52fdb6288642e579eec0f52ef2da4bae872ea996156d13b |
| SHA512 | e5043dbe297217e64cbfb7c985797871b8977c91e3b46e78ebe003c993c4bb0233b9f644fe6ff12e4a89fe98952b5bc8238224a016e422750722804c1b13c55f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4c34390a4aa51546c8635c09f8524f11 |
| SHA1 | 911552bf501950832c704afcb7ce824b7a1a37d8 |
| SHA256 | 7b07521ed3d247dcde17f83b127e535519ffbf34128884f71c8860dc464576aa |
| SHA512 | dded537c7bf7835405c67c71e258d4f5ddd05443b5d5567ee09a0d4637d05d93fd35498757abce6b8e182d9897a089630bc87e2846f779457f3521793e9c2bfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6ca13c87c3052e10b4c01426781920f2 |
| SHA1 | 5453ae734cfe8d8eb45d02149f91804f80aa8e3d |
| SHA256 | ec86cca1966fee138f6601e3aa54266e37a48e7c37a8845f67a8673ee177c163 |
| SHA512 | b2de5f8cf0022c77c472eaf70cd6dbf4b471e2822aeccdfc603bbc9885708464ec59b5c423f6e7df21c9b9ebca1ba867aed54e49e42b6fc03f4ec503fce57fde |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9478fd87411dee8dac5eab8732784b56 |
| SHA1 | 32f2d70325a0f7774ae8e0e11618957aec4cdfc9 |
| SHA256 | d29f2b9e278ed722ae3b6b0e226a1b79782da4da8c55249fbc7332383aeebf17 |
| SHA512 | 0950dd409fc883d6d825c26255dd349753455e4a63af735beffcac4f7026b2c17b4390640a185f6e14e716665023d6294a8188865a94cbe0ef4d077ffba98059 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6436f7986b5d58cd1099698ed6693fb6 |
| SHA1 | 062b07ba4d334c6f1a581dd147006953e7fb9c9c |
| SHA256 | 630b9ef75e51d1ef20f56f42b4199843f5b67920dbefdecb6d2ad00e8f8a71dd |
| SHA512 | 284e1ad92dfaa94a7e04344e48140df6fb0f43a77c02229e88c43051c3c86421b97ff069a73ca3d38828f1cf2e0394f888dcaead188efe407df850016c3c4dd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3
| MD5 | 4d8e40e68e050d4aefa8e1cfb93d6332 |
| SHA1 | 00fac0d1c198cd430a5f41e33e6f8ce678e2936f |
| SHA256 | 850f68c7c396440f4f26e752a1a5d712cbbe918c169eb1e6ea1fd559ddf584e7 |
| SHA512 | 8bd0d94c410c7514423603586639a1cb3693176675a5b6d872c79ecf5b67f694ca7f5448341c47c0a9daf19c9d08398a911c194cc8a7b4b01b0d51f475756007 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4561b36401535d8625cf2c388940278f |
| SHA1 | 35dca54aef5e97b1166ceb6e7c108e97cf3b74e9 |
| SHA256 | 5b64c38b53668f40497e62465f14a6d9e1aa7fb811f8babda8259ad935197c5a |
| SHA512 | 81b8a85bb32c156083ac28ebc157c572fa661d709abcef9da5c5c25a0de58bad25f2f77703e0aec203e0b91389f885211f14888c53b44ec14bbb78e43103e8f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b0
| MD5 | 1df8e57c4ae6a0c89441418d5d37913c |
| SHA1 | e54f8d6d390d987e86febde4c565a3dd317407a9 |
| SHA256 | 599ab5465f2e3ba027595a4dbf2f0def54701f29f866afedc57e44765d231b9c |
| SHA512 | e7c5b5742cc122269c92443ab5a4fefb5a15475693969fa673918775010d3ad701c0c91ee2396bca7759e10774d0893e6f0bf52e5b00ce1f94fd6a108d27d353 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad
| MD5 | 14c460a1feda08e672355847ea03d569 |
| SHA1 | f1e46ac6abd71ebbcdd798455483c560a1980091 |
| SHA256 | d1161f067875a5f686c1732a442f340142c6a03244f4dd0bc0f967596f6cbe3f |
| SHA512 | cfd6e743986ae5074e73264ee1f311fc00a987bdabeeafbf55f5dd6ef0794ccc393507be9dc7e38181f2f10897c300edc297976acd3fb72da2bf560ec260af91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7
| MD5 | e947e95a0fd8df1e8c8eb7cae1f96f09 |
| SHA1 | 22f36705b4a47f05fae77201e936a5c65cb05bfa |
| SHA256 | 14fd0b00467eea3d8b863e4aceb343135fa64e8a3b4098d58765199a9d2062a1 |
| SHA512 | 24b9a4b0b5ffd6ae11ea6cc76d88da96cd0579254dcd463e1bc5ddd99d9850773ae861594ad053d4d07882d4970267aa3789940a4eba63c0543588cd9b293dd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b3
| MD5 | cfff8fc00d16fc868cf319409948c243 |
| SHA1 | b7e2e2a6656c77a19d9819a7d782a981d9e16d44 |
| SHA256 | 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a |
| SHA512 | 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae
| MD5 | da4c2d9295fbab7844d4f29079dbb8d5 |
| SHA1 | 2e214261c9f3394badf103af57a2b9bd6f89a68c |
| SHA256 | b2f523dc352a436652fdfa66e899f589653015929b1add2da64eeb9650a7febd |
| SHA512 | 83a66de2c3593c960f5e7567f8c315f983245334f63bda67c7490570753bce7e865a1f752d15a5b6f795fb4cc4aa2a122ce6bcfb86bf3e116f00df7a558a92c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b2
| MD5 | 919d13ecf08e3da7e9f337e7b60d6dec |
| SHA1 | 3d9bd4aa100f69cf46ad175259edd6ce9864830c |
| SHA256 | 9d4575044d2efd5e90503beda65571b5158a3f32d999191ac1f82d1a5ee62ad0 |
| SHA512 | 98d8236ed1c44826b4489b9fb7b76c62502a032547374446c53dcf2eee2f5fe3548c6587fce66df9d075294bc2ab6be97c3cb21457bc899451ebd3b476715985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b5
| MD5 | f5b631335f170065edf1b148e10b34d4 |
| SHA1 | ca34f82af577fec763ed38f0436d20f1cf766f62 |
| SHA256 | 99be964ed51ca453ccfaa264a1ea9490da11e32b53765919172b6d3749a9f846 |
| SHA512 | c66791cbdc7c0d12e7295eb26eb583b26e03692c8986ab7d5dac0e6a561b8b68a8a9e33814121efc700ff6b472aa4f685162b0c75439b144f12286c9e28c7cc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b1
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000af
| MD5 | a6d2a865e9f16ea305950181afef4fcf |
| SHA1 | 082145d33593f3a47d29c552276c88cf51beae8e |
| SHA256 | 2e5d94863281987de0afa1cfd58c86fde38fd3677c695268585161bc2d0448a2 |
| SHA512 | 6aa871d6b2b0d1af0bda0297d164e2d685bc53f09983e5a4e1205f4eb972a2017323c99c3cc627c3fb01381b66816e570f61d013d3775cddad285ac1b604cdc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b4
| MD5 | 109a8cceba33695698297e575e56bfad |
| SHA1 | 2b8c6dce1ccd21a6eea2dd9aef2a8a6bde389053 |
| SHA256 | dd82d9ac034f0a06524fc1d5ef884c29a7e4d586a1e7db66e339dc54fac3636d |
| SHA512 | 6d51ed30c45560838df921212370a0044640a8e3c0433922106225cb6fec8cc115ac6191c753da13def21c4e0db4deb5782fb7a75ada822ced1db7c7d13beaf3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8
| MD5 | bd96190c3723c6828cc6601ee39d46d4 |
| SHA1 | 8ec0068e12d9f113b01d6077cf634f19079cbf53 |
| SHA256 | ed8fd1c5a4f0e11544b694ca505105c2a8fb4b643b41bae87b2b4f1ba14f8d1f |
| SHA512 | 7c649fdad52f9fe2bf76af6249b3d7de40ccdde73618c5b929fb16fe32e51873f7a73734e64b54e918a31d42d6430128c8801787e4ff5ee89fd9265ba9875dbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 35f59a680160bf43550b4ea07917e1f3 |
| SHA1 | a4d88c609d5999f05cbe437c244c4c12c64d4dff |
| SHA256 | ce19e572e3f7066add379e13a74870dc3706ff5ca8f26eb66e08d568ff01203e |
| SHA512 | 8b07ef7352fa633c99b34f10f1748bd540a9ecff72af220ab588b11151262443f264af736c27c94366564e152abe84fb54eefe3f40a4a4e449f5223a73e7a1ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8e1971b0-589f-4d6b-a6b7-cc12a7374617.tmp
| MD5 | eb3345ab070741689fbf2abaf9b61087 |
| SHA1 | b765268d698f997044605fbb6f697cdc13db7287 |
| SHA256 | fcd9f21bd535a49e8aa30b03b03a7027acaa61db0c6df650d4daa2ce19b90418 |
| SHA512 | 054f09e249f2a57aeb2e0a49a5c4c572db4a6265876cedce05aec1e80d2a4ff2dfbb0ba58a6fb11b56ac6a0317192c72c6551d6af525d029f2f21443dee8c60f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d8e2eda8c7926aad80ea9a6d14ea3dc5 |
| SHA1 | 37b9ac6cada51dbb4688a19a84ddb7e12ea5a1d2 |
| SHA256 | 248822fc93757d8d149ab0ef0ec1852ade7383a592b37a849d2034ce1333c733 |
| SHA512 | 17d330b79cdadd295be65c656741e4e65b07a349f8643b107fd9e247a9e6923c0223e0be345440a2d48483e7857645c1d8cb05cdff7d3193302b392e7fd51f36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4d30c08f88aaccb1e27e6d8598fdcdc7 |
| SHA1 | c75ab007589380d623849a1930400eb02e225fe5 |
| SHA256 | fb100205e042be3cb4734677f132f62c8ef603665251ff0776f5bd9070c336e4 |
| SHA512 | 27cddc4a080ac6cf69dcdeeeb46d51a2b7b22f8271eaba81c9f02b551cf6bf43b83a9d9fc7692b0612ecc1297e23c9a8adb6c8610f1b18436657797958ec973b |
C:\Users\Admin\Downloads\sigma_all_rules.zip
| MD5 | a3bd9b060660521e3b014fda53ed51d1 |
| SHA1 | 56115075dbd20f9d95da2480cfca866894c8e32b |
| SHA256 | 58675243ed52a4778757245408aa0201cce39294838f4d70eacada386cac5a3c |
| SHA512 | 42833afbb88d309f82e4aaccd7cf5345bbe4cba77be30990b41560b23ec57cddffea4e5d9edf7055bac720952545f6d30e5815521238a819df7822602256edde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 53c1cb60773d4352bf2bc325a2fc3061 |
| SHA1 | 2931ff2951c9bf447ce9b3c7a39fa5cfba8e1511 |
| SHA256 | 0a6b330ac200cc4b07ad7d6a2538cfe03fbbfa78732c6778fe091eebccd250ff |
| SHA512 | 1b807a69f40b6fd9b7e002fa69a6ecfc7e71d398a5b70ffc1e9ec84b8a17f4a5b4f761b1c29b64d952fc23fbe8c107ed69951b150633de8977fcf5270a82fb96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f5e0f1430b09b71bc0e20aac42dadb0d |
| SHA1 | 75fb9e0a9546418c3115c95b4f23e1ec3db37d11 |
| SHA256 | 0a19dc1bb5de96c609bc03d935a3e8dfc612beed2eacb46e7e329d475381414f |
| SHA512 | a6f3821bfc655a35cce6d5fc2d913e3fdee5db3dce84497da90d78f47f3a76146b144995ffc639532946df780d0b4df38c4fe569e853feebff6f6de0dea79164 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cfa43fb3e68248b515dffa891836ae51 |
| SHA1 | 560d5acf1ed9acad1960d68f6c9259b239e5e123 |
| SHA256 | 8658acff3a8264cb88ddfdac7c0ef0ea3d11e957fcc04fc321cb00c352b8d5ec |
| SHA512 | 92269719d60495c2c8f78ab2b96750af3f3a063750b5c5b411aeb997fa74d7b51ad5e29675b91ceef89f6bcc1a23e630e6bb5c25d824f8643436f68d2b628011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c807b8e9088e4030_0
| MD5 | 25438dbcfe652e17ab8ec49320a5bf82 |
| SHA1 | e0e2b1b4f522399acf876d0abe23e1b87c51640d |
| SHA256 | 24f292a3f21a9014c1344f32429c25aedee9e037dfbb1fabc5d8e6dc99344fe5 |
| SHA512 | bdd3f9f1b8f14493adda5a385cc249ae5c65440c1fcb5b899793a4c7585418f7479e663745ceed7a5fd8de506690a29b7824f4733bd8ca3ce85c651b90853bfd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000cc
| MD5 | 07251834d336b4e155e0f0163df4334c |
| SHA1 | f1d5aaf2c0e9fe5cddc3e6cb2c6b13354ce985bf |
| SHA256 | 3c1831bae696fb512591670db48ade50e4dd74a77280915516741e483b9fc902 |
| SHA512 | cc6c411c6ec9038e994fd265893cb7a374c06410887ad21c6b83f9df85ca51e164c49bd389aa050687ec07d1ea05f6112f94bded47af0ddf57f5ccb5560780f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 07a9b091ea007ec554af9a3dc7776c7a |
| SHA1 | 95f04147442dde203aac6802da38021a8043aba5 |
| SHA256 | 79784aef06d5ea54fc5d4ca4b9849480f937b49b38756a87371dc66b85a951e1 |
| SHA512 | 9d3f8e2ae0c8e22a0f0d2c38a196f77008bc63eaf9ae16044b34ed54b5d1e97eb879feaa1f5eb10a52750b967619bc59b7386523d5f7d70186ce0c5a2a2c6399 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e202d3a7fc3566b4283dd6c7421995d4 |
| SHA1 | 6ec583bf61427ff6eda88ccb722e42281b4ce889 |
| SHA256 | f76496e0cf8cb1123d98a65e60b7e770bab295881a855ed4e5f7b6b6dc35f94d |
| SHA512 | 31177ae8009e6a9304d6ff7d560ec16af4a30bc2ab402ada29b17f1f7b4d1c8cd16ee8497a18d6fac7bf2b7a73011de67152f207a9abe40133227f171ab7445f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8f8f70699c9e68bed355a4ba4de7923c |
| SHA1 | db4b1c44601c5d02912c2178dffb3a6bdae97ce3 |
| SHA256 | a1c6bca06069ada5ea5fe904dbf6cba280ebdb08b5b63cc96624638686659b7e |
| SHA512 | 1ce1e4e6630126bf6d008464978ccd3e5715f1822ad35115fef77d4505c52ed3eea85362e0a8b3b6da2ca38ab8991db9a9acf7ea0afc7b67a6405c32452824f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2917467600665dcded946cacb807b0f3 |
| SHA1 | c7353d4050f983112c0a5a6de009ce9cb85a74fe |
| SHA256 | 18397cac7f30d47dcc7371bc1205243792487322404178590610a95f7ede75f9 |
| SHA512 | cd80b4166ccbfae95d0e0b00043e0cd882a027ae74c9f672465aa8108afc7399bcbeaf855b3fe36658c37d5a5ca3468d636d71bae7f9216191c6eb90bc959406 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b8bc17748e50c85dae19e9c6c977220e |
| SHA1 | c4d02be651ae7763602c05e7e42f7e54b1ebf7a9 |
| SHA256 | ed5a8fd959ead5d31d873c7381ce85916f7537a78ece3da5debd19d401dab259 |
| SHA512 | 457c60ce9accea4f87bb9f7224bf33e2fde607e9ba783d80e6c1a918ba7a12fcfcde03a1d916f0ad2d8e99dbd2a8739d7cb55b3225996a6303e1a5a747064889 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f37259cc568e562403525048095622f3 |
| SHA1 | cf762f04808da077351944801c321151a70a312a |
| SHA256 | cbc52ab99b39da9a021e9b85d0ce67ce76658eb44a81bd44c7efafd9723a3eab |
| SHA512 | aa1e8d21b6077651c169b24b88dd9194eaf2e2ca46f0b36400be0a53f265f28cb260371d30e169cef87cb08a5d49c0258d58bb8cd3070e4f839ffd76d1849fb1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 848f2b0d94f7d0e4a69504daea2c4959 |
| SHA1 | d5c7fc10a1f055ed1e35e41a7ac5367fcfb960de |
| SHA256 | ab817b832161a3ed6cf3e38e3cfbb30a153f569179e48481a9adb0f96d0c57ac |
| SHA512 | 8afdc4ba766880ee8b2dbaf0fef9f48e0fdc6df14c906eb7d1c5a714e8eaa392f1f0f44c32528e3276a88cd430392e2eb25ba1c2f3187a8e1cc281347dc433b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 191c54076e4242796c515dcd1b2e30ad |
| SHA1 | 0d14bc6772acdc23100eee59e15b939bbfb1b6c3 |
| SHA256 | f66ea811583676b7a83d3e99e6009c69ed553fe6a464bc71a2f92ffd28275860 |
| SHA512 | b7846d213ae71b9cac63c85da2e264024a9675e774c93560c945e13f0caaf9a9cc233c41f986a3cb79caf95daa278f6169c7a6b02e8ef4840420378d093e4980 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c6ce594dea1a481d7fcda083d6b8ece9 |
| SHA1 | 0ba5dbc3a2449c90bf5d683e000f5ec98c416572 |
| SHA256 | df72d0dc41114ee9985c1467a5ad8ca5ea76b3f42c13144bbfd1da7edca36bc1 |
| SHA512 | c2566fd834a3cec98d677cd0d11a5eae02aeca7a0eefe88fb40329f32f7511fc63e29be787d4a9e95cdb45656f28f0e7c5ac4881784c8841e024db686a29a86e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 347b05d7ea29d1678d859271dafc50c6 |
| SHA1 | 0736c16cdf7c0b42296a921833b31263bec69e19 |
| SHA256 | b06c437a323871406bf16bd8090522cdcd12eb9ca9491b14e11f5ac633efb20e |
| SHA512 | c9c792480ac989908e3719f9d620614b67a9af7a98a647f19b4b69abb48aef776d079665f043058fff90f042c1babaf51d4ad20413e1342bbfadda41a81a2273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1dd9425c8f71d1f99edca9c04bfc30da |
| SHA1 | a64ad0f4972aae575c1585a98932130d41788c5c |
| SHA256 | 1d0eb20bab40cfc29de595d36b01a35ca0b71bfbebfb9173e5eb59e87c5ad2e8 |
| SHA512 | 3db41ae8d6dc6d8c92e6b02b01ab4416a1fee42fbb77fe430a62167fbe2eb5bf4a35d40b5a1e6bb7349ecfe94555a6bacd9cb39aa783f82a35a422c864281da6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 19738578ab779d496b82766d3d1f2635 |
| SHA1 | 3c400a6b78741bb18e90624e04481f46b8953e22 |
| SHA256 | 79222cd4e09b60ec73a8f7edba3df6f3224a340867abb810add3bf1541b39d98 |
| SHA512 | bc619414576f00b62923e2d7dafc180176340b09eea40eee6c58a801da5621b4c25887b89566e26ae1359cd4a29eb5c389fef5b76ac4931933d88e210b2ac77e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7d5b74230bc4dce64f9f43f67ba66954 |
| SHA1 | 9f237bccb01a67dc70728336f3c09b9bbb3d833e |
| SHA256 | d73c5ae0009114c7494fa2838ee88358f96d19f6ae7c150179171af2538253a4 |
| SHA512 | e4681e1d1a7b931b077ad4f846217e627b854e2eb41b04ee0bdabc81bf827179a48b0c0951a2909bbd5cfdcd2c7dca580e70618ed30916f7d83b583b1d653aff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bace48aa0909ebc68933f06de601b6d8 |
| SHA1 | cac103857152a0c2b339283339b64e5d657fefde |
| SHA256 | 62945a6cacda13dbf3102de92d8e2c8e093f53822987912e950385a3cd26af9a |
| SHA512 | 1a9a4a724177cd29533ccdff7ca1bfff049687ac26b9fa8c90207fcf763ff1a30e37ff7d229a5e767e18cb5ce49301b2091c2f7f0b5a56f0893e8558f363b5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c5788ede2b3b2bbc_0
| MD5 | d854ca0b52d0590b8eed0bb59fe80ebd |
| SHA1 | d2fefb89ac268481eb63da203ab3d579a2fe019f |
| SHA256 | 9aa72542e1c87461062518e17ea67381d7948258a2f78ee6dc4913e6dd949487 |
| SHA512 | 727985d4a864e4bbd3b712b174a01912602e66abf654f5b27b5cb114726c2a2126cc22254c120afba7ea46b6d61428e6fefb79a38d2a94b3762a507de8eb46f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9f1220d60438aea8_0
| MD5 | ffd203f90fe1249b982cece89115ccbc |
| SHA1 | 7fd81cd2b9431ac61879547d1ef41052ef232bc7 |
| SHA256 | ccd61b8e903f60b24795904038fe1ec664f1bc664bc778cb474376ea39b20a22 |
| SHA512 | 39cec4726725ec993f9d43c9c32a964edac7ae29b7488cb18e5391dd9c5f26acc18fb7ecb0ff20692f31231099ceaacbe5260dec2a427fd85083614263eab635 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\efe7600a785cf1d0_0
| MD5 | ac7660d9686adf24402ca349aaedacae |
| SHA1 | be720e24b72938005843bb488ca64ad4347263ee |
| SHA256 | 103564bced9ec4958c9fb6e39265fbbe8c15cbbad03abdc89e477ded266a9ea7 |
| SHA512 | c5c42ffb2cdf41ad9f4543d1d651a7154a7a23d844cac54aeb9b80a4829c99b4583a95ee9e6181dec2cdfb72aac044531aa65b181bf53a27a83a9b89a02dffb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8a63cef5674855ec_0
| MD5 | 0361cfdb91cc6704d433d43c4d933c98 |
| SHA1 | 28c6f04d0ed9d1500166753805d1d71d463e53cc |
| SHA256 | 9b0b8a14abeb8f3f5c094cd20a2e8e0fd23530b2fdef7f7f1cec0c5c2b40c55d |
| SHA512 | 95431c0b1fd80306f2148b020e89705e5bfcf185fa10323a7598e3e16ac4f28351162b52c64a750cdce512658269a72e95f7282e34ac4d90b7e59c5ae69ed2d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ba7773c5b11c73d9_0
| MD5 | f53940776a8a20bf54f083a2e2bf8010 |
| SHA1 | 5249210763da979abc39d342a5bdd170a697a872 |
| SHA256 | f4b1862cce14efb7d05746ecbbe2438157ece7bd83c5982bc2d36c7d3ab7f766 |
| SHA512 | 728a969186c2105a0c4f66ed87dc7a91d5bdb232cad0d945969d9e819194fd606f58755247f9844dfce8d356654d283a47f6372fb05d0ff09a36950a9ba9e744 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\37ca16582bfd954b_0
| MD5 | bf32ecc555b66caa03d0014e0e04b071 |
| SHA1 | bf22b62b8f3938c2adbfec7c60c61f3f3af8db7e |
| SHA256 | 9089bb357b34f124fbf3b70b2199d2f54878ad2c2cb56ff22958f148ad8dc6e4 |
| SHA512 | e1ec6330551953a4cd43d2ae401eb6db823a85f9e89a10a14e7ecae5a95f23cac3203e8d77735ad67ac6df4888216fe46fbdaf80eb951537204fdf7b8ed9cf8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd7d45d8a26ccec3_0
| MD5 | 0199eae09c69830f46ac5e175fd3d2a3 |
| SHA1 | e96faecc08608e23a54d945a57ef2e5a73ec4492 |
| SHA256 | 9bbdd9d7d12da76d390cec0cf3c8e17d2c1f1623580b43a9cbd264d3044c6ae9 |
| SHA512 | d343a97d546d38bbc31e0675c43ad851d1b6b73ff1f5cbebb03a55dae1163e1c938613b6092262cc09f0dbc93700f6b54f2950fdca3d0ac68193a5fd787352a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\650048549439cbae_0
| MD5 | ba6cf1f24252933875e35aac82e488bb |
| SHA1 | 421ba5732b9df734549c2224b4f7767d07b45fc5 |
| SHA256 | 6669077106d8f02292bbc12c484a1c9a1cc4d1f653c4491da54f9cf88083bab0 |
| SHA512 | 16fb99cfa4d6a0d0d64e17b7dba729f59ed506687083af0eedb9b7167640d34a8983e7b341edc2b8a991df7185881d9400e6374aae3e9b16be0125b4ee209545 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1499430a87e5519d_0
| MD5 | 97cba7b57d47c88d71a6e14b6471b0f5 |
| SHA1 | 3974c86cedd782501097d059dc67e92d6dd48885 |
| SHA256 | 2e8ad2bc32a09c3f2f31aaa293ad5b3b4584a906f74139595ea2aecf72a7d862 |
| SHA512 | 827efc66ba076cdf0149680be1818a7fe443e28e4ad4ae4d5d435aa6ae59e483c1636bb1b9259a72468565fbdbd2307fcf3be4a4344af5511e0447aac1fb18ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ae6938c53190427e_0
| MD5 | 1a546bede0c5f79be56989cb864ff51b |
| SHA1 | e12edbe0e31242e972506c8c61864a72b0f74718 |
| SHA256 | 556efb70e2a2cece861e7ac52a0292812b1e167add7cac9e018cd880185739f4 |
| SHA512 | cc7bbf135b3c8ddebf8a174aa1d5c4b0fa794238014bd033e3d22c81a0704d3b4d2f4df3b9408906a085d0cba07656e4de5e8fe69bad5e0d30522e97f063a5c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2e978c01a051d02_0
| MD5 | 8f133d4065ccae4a834eec7929641d71 |
| SHA1 | 8ee93de8c9e379b161049785c4d375b0d29192fc |
| SHA256 | f689d539a3e88f4a596cb0961cb89a12cbfd68ceb9e9702ab916fe1b35454488 |
| SHA512 | 3deae692ad1efe023a8a90b39b199ef75d25c3e9ce27d4353f421d31f1be6bfd5262c5a7640ad1527492a4c9f300f0b6085029cf42f5bcd1712d97c16c9be9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa7f53746e5bfb6d_0
| MD5 | 280c085bab78647d5c637d62d40c12ec |
| SHA1 | 15fe2520650b32d8da9ed9664dec493aec410e3f |
| SHA256 | 1ac0598e45ae0eebf385622fb53347918c893d3ed99292d8ff3890d66795f3bd |
| SHA512 | b4f1cc6fac401d740c36b75c4314dc618706bbac3ef12f1c01544847655f7051a28b9377973987dcd2e34c22e94cb8df803063c178c3e0de754ffe8cc8766e4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f27b37247deb0d3b_0
| MD5 | f9cffb384f6bf637e37fbd41f3b497f1 |
| SHA1 | afba3acd180f19e002dcce304f05e98e4faf190c |
| SHA256 | af03cbe3722c63e36b1bd3e89914fe67a4817036b063117a64ad31e82f57cb24 |
| SHA512 | 7810c2234e9dd4e258e1f61338b15ebdf4bb02c3a0ec100ad177391f03e3dfc78bb023042b52cb15b459bff2d5eb31321eb90edbf8a8a91a4943294f5b3e333f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\84c6039e1399e8ab_0
| MD5 | e8eb1dd6f2e2e2a754b928e41ab621f6 |
| SHA1 | 1ff985c51504d4be3bb2a8777f77618ca2076320 |
| SHA256 | dc991b70401cdedcc5001f9bcc68907024420adb2730974d10572d6434b26148 |
| SHA512 | 971aae8c7e8b1a62351e1b0826448d0d5eaba207df5d3c1c000a11fb8746d4eb32b3270535dd73923874303d51c751d5275a3425a2d9bfa5272c288b8520c504 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a02df7c313f59d27_0
| MD5 | 42ef5af6e67da96a3c1cf9fd70327825 |
| SHA1 | 5f40c85892a2c423a3723b5c7ff9accdc7e4599b |
| SHA256 | c34505e37587c2d30b082d39a63c4fd2fc64beff301f6ae3e4a8e636dfee3530 |
| SHA512 | 8f798521162e6030f8a74e38235a60b99df22c32c866bf803b55b2014e89b829a198070cb7f27c2bf83c9c7a0c7058959c4936259143b301f0df0a2e213c6cba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4a9cda1121219915_0
| MD5 | 05c1acfacfb1a3e447b66e5f0f841b52 |
| SHA1 | 0844f64ddcd4e842b3c93b8b78e1c6335c3e2cd9 |
| SHA256 | 406e772379d0f9824558c95579031fd86fb2006285533d6ac99031e7dcf8f1ce |
| SHA512 | 6f94e3f1c95c60dd4d0b9e57fe91eef7ecfbf0b67984bedc78437e94ac8786e75e2db0dfd770b0b61dc32e351742761f85c74974acb47710d1e11cd9cd307a93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a0d3ac32f2881fab0dbeae84eacf3b41 |
| SHA1 | 0324b2eb14dfafc9445d6fbe453f0478444331dd |
| SHA256 | ee7a05e0c3877cba26fd7479a129beddbc18facd8ade0d746265b04edb0ef636 |
| SHA512 | b028a612f8c2c6c818125c31beea2c5b9981fcfcf69deb4309efce74391e4e6e64d2aac370b582ab9ceb8a7f0a238c735ae59ba914970c9d5d5550339a226664 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8c504c7f100c48ff2e035ea11783c57f |
| SHA1 | 6a03755ba61cdfe12b98bbc7051bc66cbfdfa8be |
| SHA256 | e3285faced6309ad13f7551679018e2f935c693eb6d9250af732be828b2cdc7b |
| SHA512 | 71466d3f3d8ff880fc6cfd47187f19831badb9b8dcad6078af74e0d29d4f99d6b0f022b792e8fe082b6f2d4bd994a1599b739ca44a57a9cc02c602a25bdcc97c |
C:\Users\Admin\Downloads\CLUTT6.6.6---BY-CYBER-SOLDIER-main.zip
| MD5 | a13a08aac9f25d0b7f41b89348fd50e1 |
| SHA1 | c91e19d5b31b0baac9b58a15cdad232e8fc10c3f |
| SHA256 | 7edc3f16770698c0d9eb302f534560ecc82c0e35cdbb44189cfc06adaaa10641 |
| SHA512 | f8af2744f6909c52876ec4a52b82f1624b571d10082fa240f8091c6867919354510f52611eb1dbdd4bf6594eea03f8145208d4618f36342cc5e2a87be2efc223 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5aa3d33d3ac4885c964be54bdcc36d4e |
| SHA1 | 1c8855ff6a8cce867132548b3e0f340ca4baabc0 |
| SHA256 | 071d86e99dfb9e4c1975cfd8bef9a8bfce4b44ff1351c27e820643bf6dd4bd93 |
| SHA512 | edf5afeb6087c154d3e427af9178433186fb44ea5f9743fd78c3de56688c716c724ff9356d08123a4663baa99ee2791278e38499cf85070b2f872c745a4b7c76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d6ffdc8ef1771b2014131c4757918377 |
| SHA1 | e03fe7be81cd975d9e5e2cbd6b3c816a61c64b75 |
| SHA256 | 214de40f78732a4b75641aacd322d3a8eb42551de216ca4015b2d71d9527402f |
| SHA512 | cef3075a2f82782172f53ae6f832d0b50e6731039093b65ab49928ae5334ed2e2fe4bd0954115e28b35b583d01ff6b6697b2f01e9ede66a42e2d24fecadf76be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 627b92ccb630f481e0dd8448d78943cd |
| SHA1 | c163634a49b70656613393490bc0fd76ce7298d8 |
| SHA256 | ee7c2932612be0dca8605891e87c7d1ff67dc0fce0ed990c78959e17c4cf319a |
| SHA512 | cae4ca368a529f1f94c45e7633b5632faf29cdd2f58e7aff768f4beb18f818fa8331f2f45738e633df047518de01665af4ace919db5d72a4a6866b8da3bbf76a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 559eae125cacf943d84da3cfa3203c05 |
| SHA1 | 54c3245666c6c8a540302592c682d088f1f9b267 |
| SHA256 | 07bcc1a4113f48233000e9985effae835ab54c9814ecdbb30f12e2e3e55884d9 |
| SHA512 | af00f50664037ca337437c5d308b1ad689f2b041a9b75adae6c48add0397a7d43aa64090a12d6e8e087e3da4247cd50a04fe0b0225059c1605608fef806667f3 |
memory/2256-4605-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4606-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4607-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4608-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4609-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4610-0x00007FF7E8DD0000-0x00007FF7E8DE0000-memory.dmp
memory/2256-4611-0x00007FF7E8DD0000-0x00007FF7E8DE0000-memory.dmp
memory/2256-4634-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4635-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4637-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
memory/2256-4636-0x00007FF7EB850000-0x00007FF7EB860000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 43745c6cdec584ee5c85d255b0ea1959 |
| SHA1 | a73204bcc4d014903c410bd47c839ed772c5482d |
| SHA256 | 4a0c2602b491e2947cb921fc85a7de441d42c5e30394b9984ff9017059cc9801 |
| SHA512 | f82b3200f1047cfc5462738c14104e575e277af6890492ad6d23f8771280d530166663bf6e9de02b3d8deb2a6100f771f8c90669bbb7fc0d989d736ddc07ce3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\20a0152c-ba72-4089-a59f-ecd49583eec2.tmp
| MD5 | a36e9e4606a1a5ee16ea8104cf1a5c7b |
| SHA1 | e9fdbd0d5e058441e42da0a9443c10b08b4501a1 |
| SHA256 | 226522107a0e534d988a5cdff6b410f66d4f26b03ce28ea915041920f7f4047b |
| SHA512 | 12ed66f9f12dcbac9bdfa98c5ec58ee6d6abe8327cde11fdde47e838ad0dfc21ae37f48d0bea85d6aa126553e560e2de0433151f6a5d2dd3223850423f931ce7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 78997f3eb14c29847e6ca4951a87847f |
| SHA1 | f2d9102ff97395f360d6213aca86971853cd7c18 |
| SHA256 | 8a994dc54d77fec2b679d1d8a13b260f3effaffb412a308e65fa15942560d7ba |
| SHA512 | 9712da9ac567977d349a2ebd89e9529d4b46b39e76d0a69df1d0746161315e20dfa29f8e2191585cc6f10aceb3bd6692882946b499751ef3c8abc82f76d31e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 35bc1c98f9f2489fa4c428f3953af200 |
| SHA1 | 034743e928de61b6cb04d65c8419ab5b3ded0f65 |
| SHA256 | 7ac58d05aa985308ea02f1bb2c5ef85c0740a1f1e2f2bb5105f642ba65a885c8 |
| SHA512 | 24f75ee850ab04835a7694d7e256ca60bf78ec0230fb32293c9c31ca744f0b5258bd9c98b1d214b66e103b0cc7bf8db7e030b0c22b21168f610fc15c561f113d |
memory/5328-4731-0x0000016B73540000-0x0000016B74638000-memory.dmp
memory/5328-4732-0x0000016B77200000-0x0000016B775D6000-memory.dmp
memory/5328-4733-0x0000016B77E00000-0x0000016B77E10000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9e89cfb84e2d9565c5c6648e852c79cb |
| SHA1 | 7d2378c8bc29cbfaab856d6702c8ee28ed272aed |
| SHA256 | 72076f95cd8ea56cc86486f5bc473f2a5f6ef2271020cb6a8997bd1ca1bd9f84 |
| SHA512 | ab47b504a30cbc5744a0648e9af6edf32c43e1879298dc019ef753522d37f53a57c054ada2ee343f4fbf3a3353ea7bd7ca9ad8b8ba4fb28b3fdfaf06fed50c90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7572808be49a3e144e26a6d6316c8011 |
| SHA1 | 190d887af7919f9221b561bd79a7f3e0aa86ccf7 |
| SHA256 | b47b2c52741652af8519c67c5c551b6d96e8750f59bf5d4a0eaa77c54834d530 |
| SHA512 | e17dedc17a841b921100678ef9bade3cb4a3a9b7c705a8ef8e276a081d27c488447dbc85007d4fc62d70995bcca99c2a4801566933ab5bf9dc1f1bb51058809d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 923f25da15b830f0da28d402fd51ec3a |
| SHA1 | 6845d6f73cd73dbaa4991432d42efce8b258442e |
| SHA256 | b2853fb16c45b54379af39ad2f048308673869d649937ee8df49dbbbd7da9b3c |
| SHA512 | c978dba88e6bbc9e0649a123f7585574166b9b83865aa6f9ec6a676d18711c517821c93840a26fb20f1b691e0d9c23cdde5bda5b2935e80d8807a9e0276ade42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 628aa385b78a659693c3d6d1146d8271 |
| SHA1 | 6b1055e91c88b2f74570d2aca0d4939ae00e2ae9 |
| SHA256 | c3de31110b22133c9ab93d0da348703db30120907297b9b367dfc358824baff2 |
| SHA512 | 8bcb662e0b4ae3694336a102a4d6e3e6c605acdd40920f6c90a1c455e2622dab94f4a56d51f4a44d60d3eaa3a9af39233c2c8f69138e96710b1ab2e0280c2db1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000104
| MD5 | be689bd00654d520b455b7361d7febf8 |
| SHA1 | cb812ba1d0c46a178531a98f489641b74ef65461 |
| SHA256 | 8c7b2da1b0f8af3bfe0a502540160fbaacbe2d0578d6644c12470c64bdfc9099 |
| SHA512 | 60904096c0d6a9af11bfd4d8b3a92c5b0dc54a2c01287e80039f39b0327c2f778d5c8562238d6a5d4d3562941b488a5c9d79a73b362df6247f5923d4d988b2a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 55f7409444c76984579f1b69ee19bdce |
| SHA1 | 7b1ace6ea54f7a12d3edb82bd734fdc46cda7c17 |
| SHA256 | 7d826084bbc6c735c128b16fe58d7fb1f046b59c1f5a474c506c8696f8d9ccdf |
| SHA512 | 7d9dc4ece061a704484539e5988ff5909c439a1eba0ced7862ca986d5416ae8ededdb9d6f208fe2a9ce0631b87ac6a3b6a1b48bd80f3f3128c6c6a7d7b770415 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1b8d7c8464d60208d3e001a34743a6c |
| SHA1 | cb91e5572387fc9580593f475ee63aeaa1780c80 |
| SHA256 | 504a516805f229a1eea78e0c8b931b2155be7177d0bc1c14da792c6d3fef776e |
| SHA512 | 1f7b129b69faf43d4a3bfd87640d752e35c043623a40c3ba2d4778578375201ed73d2cf6430f9b7483a7ddde8a47d71880e88add9daa406beeeca81c797e29c7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 58c965b2ef1e626c5586fe3a3e9012d3 |
| SHA1 | f711c4d64e68455dfcb5887908df3f44a543efe3 |
| SHA256 | 26c63f97502648cd93922fd369859e5aaf2f2e165e57c907ac80fc9f6b26f010 |
| SHA512 | b8c7b06d6c519a6f3cf05c192a2cd82733fd208e3e0197ab99f28d0fcbc3dec70ef7dadf9375115294f09774eb22ed57d292deecb0b9eb9e6de082d6d8312085 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 546dacb105d116208c26d469e92596d6 |
| SHA1 | 9dcb5e5490cc488ef0e1b60f53e271bfef4b2a8d |
| SHA256 | 6ca0fddfcaf84210ae4546279a88f6c31bfc579662167d60f95a228861f4e715 |
| SHA512 | b082713c20187e0923a0656e6ff3913bb53e967970d8b76d536cf5ffc87ca754c5bc824ca83b00957265c6e3525466f1ce41e585fbbef1b5d2fad35d20f7763a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5de9f44e801f6134_0
| MD5 | 36d6925dd2174769e94ee354f9d8be6f |
| SHA1 | f12c5a09a0bd67c9925853a90ccd80bfecc21c4a |
| SHA256 | 9390b3135ec62954e2c6c048f48b3634d0e8b909bfa2b3c08b0fe9c4bd6e65b7 |
| SHA512 | a5d237f8b89049fb828eb9ee85067c802c94572741343a8228b9740e143b6d0d61b30eeaf0308e261ed41ef7dc21a39dd510c47bb959bfd4b36bb9b5630605f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d9a159afbf1607d3_0
| MD5 | b4cd97a7316a32b9f5de55ccf5c0d580 |
| SHA1 | fb78d200859e71a97e2df6d799e0b908cdf992fa |
| SHA256 | 8655c28b6a3c5d5a738640e18a67e77a2cec10079448660adfc3ae646e15b323 |
| SHA512 | 8af6aa098c71d613c2bdae6be991960a2b8e09d97b18156f5e31ab343ce651cb90ed9c6f6072bc0abe07159b422f0cd3d52639444057625743c08d68eaa9e11b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0cc3b8047ea58590c66c147ffe086307 |
| SHA1 | 0984fdf770a53ce83f4c08d972723f03cd963704 |
| SHA256 | ebbbda02e58260c429893bbff7d22dc7407d3ba5f823b7c7f334dad8d5166bc4 |
| SHA512 | 9d9863f58dfae09dda980c588e663fd9de199ea7ffaf2f1d62870d78db98162df13f996706428a915950286a822f21662cc15ee4e0e5ded5d8d490f828b6de6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a4613485854ac4f7bc23ac6bd80206c1 |
| SHA1 | 6c3b857b6f767d1c90b7051af6cd1fd1698676ed |
| SHA256 | 9c877a391484b3c5a116f14d06d837c9a9fee2eaa6f8d7d709da6b2c74fe1d3d |
| SHA512 | c2d542c0236762835a8bbd47194d46d5c2162a56e6552f094f7a42d8c295f99575bd6183ec2df880546d075cae9a130b8334c3e0bc301d92e5e4fd397e927c53 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e160fc4f769818a4de315a07e97f2b12 |
| SHA1 | b899f34cd387eded814c899e1593664e253835d6 |
| SHA256 | 9d49ddc9805e44504eeda6264e00efb824256ed1a4d28e719c0b6fc0c7cd1dff |
| SHA512 | cf5c3930ed6b1a86329bcf9c0d79121525baf66026873bca0272af5cae0400bbe16031a5a37904c153fb8b1d215f1dc34f609e9ac2791e7b41080e53461f6735 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e7a735eae2c1b6a86063647b26a5a3ea |
| SHA1 | 37303c29018bf2d102c9fd22d8136c61543c00ce |
| SHA256 | c95c0c7d2a02cd472ecb381ae7c9ff5b6d533c6c3d452db8b425eb0fa701626a |
| SHA512 | 8897398bc3a318a15c93d2cb87e33b872b42f6ab1c01ab6387c0cf8df870bb9c3e0806e521b0948147dae6c6fe87e2a80c371e58d4afe3e6816fb6a2b58344d3 |
C:\Users\Admin\Downloads\Unconfirmed 462264.crdownload
| MD5 | f1320bd826092e99fcec85cc96a29791 |
| SHA1 | c0fa3b83cf9f9ec5e584fbca4a0afa9a9faa13ed |
| SHA256 | ad12cec3a3957ff73a689e0d65a05b6328c80fd76336a1b1a6285335f8dab1ba |
| SHA512 | c6ba7770de0302dd90b04393a47dd7d80a0de26fab0bc11e147bf356e3e54ec69ba78e3df05f4f8718ba08ccaefbd6ea0409857973af3b6b57d271762685823a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fbe4614c900cb9872f155ad71be55711 |
| SHA1 | 07cb90f1fee9c32645d924577562bd553b140b73 |
| SHA256 | 8286a0392f431c735c7a55481d418ac84c8f15aa827feedbb94076cbb38d8ffb |
| SHA512 | 78fa6f47cd73122221029a5cd62eae0f23a27fb2b1e85e9364b8d9eebe16c0318875f462f02d4689b3c439f1bdd63d54f3dbde3f28b63e677b60a73e97a7e939 |
C:\Users\Admin\Downloads\7z2407-x64.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c9522f2acb67d213cea03e726f84b0e6 |
| SHA1 | 0bfdb1f1107a129e9360b0afcb1233f1dd4c15cf |
| SHA256 | e1eedc018208434345b5c5c1250b3646966f4cb91c0788b245071f8c336b06cc |
| SHA512 | d947d7a31bbbfd41862b72588d4b86ad9d31b1363e5bdc014a4780729fc5a0a69ac080d726c5a6c6edff2a073b13c8b33b58e543e12dacb39673dc137fef593c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c5d47c348868396b447b2289eb8d79b6 |
| SHA1 | c134e842dfe358e43cce1bc883f98284f0b844c1 |
| SHA256 | 42d2274e5ee1089053067b99ccf04d7687a2841a87f0317c5d9a6be0f027da71 |
| SHA512 | def3adeac9bfd2643bece135ad5d3d3ad35b481769cc1a4fd7d2a9d86eb2a095773048a4a8698cb8d7c77afe9e81906f89692a22e0d1063429fbe5427a56976c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 691361d08af2024ef4077053fc6c8f86 |
| SHA1 | eb06bc0ff0ec55fefd12548a67150de69418bf80 |
| SHA256 | de6b2b8f46318a62973ac6e0d0f4dc7d9a443034491ca9dd6843f04094369958 |
| SHA512 | 0f09928a4f3d2b65bd626e4a363a716c6337180eae87379e555da2f7e417b6fc5c9e87818f8193444e4697c5e9b9f81a9aeb8aad366edeca23b2d0c97e4d59ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c9265d1f7b0792be4160381367610028 |
| SHA1 | 7a2600bd3bea73904cdcd3ff79887eb5caeec19d |
| SHA256 | 71677c72ff8af8d2095c1a14b6824fc4fd601c1efefd9e5ca87ad521d10ae9bd |
| SHA512 | edf398ea8ac58cc8ec5694007b9d014155be6df68addb4603a437d3ea06f5a5b78443e8592af63a83e80c0ace0b963cb60fb105cf6918ebfc9119d76bfc66410 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 49775785ccc7efaf67aa6c5cb43f66cb |
| SHA1 | 6258e3cdfe349e7b7954ef17ac83267a6a94b243 |
| SHA256 | bfb9fe64fc95ca4e635d60a25c9fb71af9b543b5bbb5d8881335e6d1cfd39ac0 |
| SHA512 | 14927373a2a92d7718517727f8159716a2c8d4991f4c6791cfb51678683f896113d1b861b458700649881cd4858b827aa200211555435e77eda19f38ddbd5271 |
C:\Program Files\7-Zip\7-zip.chm
| MD5 | b79894fbee3c882c3efc71ff3d4a21bb |
| SHA1 | 8bb4fa0e32cc892f8be396dbaa35acef7a53e36e |
| SHA256 | 2d55ca494a8b6dcc739d84bdd112f5c50d612f8abf409c9fb5f2b5c2c84c37a0 |
| SHA512 | b66a75ee3831c56967e2c64f8c9ba434f3cd9e4dc4c4fa79580e5ef81e8595863a477ce487921d46891bffcb31c6d45ea332e441c5c26df9a1ee59c0769f32b6 |
C:\Program Files\7-Zip\7-zip.dll.tmp2
| MD5 | 8af282b10fd825dc83d827c1d8d23b53 |
| SHA1 | 17c08d9ad0fb1537c7e6cb125ec0acbc72f2b355 |
| SHA256 | 1c0012c9785c3283556ac33a70f77a1bc6914d79218a5c4903b1c174aaa558ca |
| SHA512 | cb6811df9597796302d33c5c138b576651a1e1f660717dd79602db669692c18844b87c68f2126d5f56ff584eee3c8710206265465583de9ec9da42a6ed2477f8 |
C:\Program Files\7-Zip\7zFM.exe
| MD5 | 79e8ca28aef2f3b1f1484430702b24e1 |
| SHA1 | 76087153a547ce3f03f5b9de217c9b4b11d12f22 |
| SHA256 | 5bc65256b92316f7792e27b0111e208aa6c27628a79a1dec238a4ad1cc9530f7 |
| SHA512 | b8426b44260a3adcbeaa38c5647e09a891a952774ecd3e6a1b971aef0e4c00d0f2a2def9965ee75be6c6494c3b4e3a84ce28572e376d6c82db0b53ccbbdb1438 |
memory/6944-5635-0x00007FF7E8DD0000-0x00007FF7E8DE0000-memory.dmp
memory/6944-5636-0x00007FF7E8DD0000-0x00007FF7E8DE0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\TCD3D46.tmp\gb.xsl
| MD5 | 51d32ee5bc7ab811041f799652d26e04 |
| SHA1 | 412193006aa3ef19e0a57e16acf86b830993024a |
| SHA256 | 6230814bf5b2d554397580613e20681752240ab87fd354ececf188c1eabe0e97 |
| SHA512 | 5fc5d889b0c8e5ef464b76f0c4c9e61bda59b2d1205ac9417cc74d6e9f989fb73d78b4eb3044a1a1e1f2c00ce1ca1bd6d4d07eeadc4108c7b124867711c31810 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRD0001.docx
| MD5 | 21d982181219ad1e44e97502b0372f26 |
| SHA1 | 2b8fc724e3afe88e864ef0a657fb617a476290de |
| SHA256 | ffd965f9bba71cfc3e35ad8f4e339de2a19f65dfb9587dadac4b552d0bdb59f1 |
| SHA512 | 5f9f93bc5d3dde88f7f73f7cd203e61110738ff3a97dd8a795ab9cfaa82b5d89aa6b8b1846d6ac9d4c2f6193ee61b14d6061f291618af9cd0cf43307e64f3483 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRD0003.docx
| MD5 | a110ead1bb7fa040fba8c0104f0e10da |
| SHA1 | 6e5922398ea58ed1023e1731f5f939a8813c8b27 |
| SHA256 | 81502991ac2700e56cd174a4b1597058c4d5824a64c7b0d54c7a2e7b85f7ecfc |
| SHA512 | 58ab98a9a23a2cc516a2089caf72f1ceb043a380faf5ba122ce340f8ca96347ba4ead722a380345d5b9c8bb339d5488533c37940341655112ff1c18914200512 |
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.SurveyEventActivityStats.json
| MD5 | 6ca4960355e4951c72aa5f6364e459d5 |
| SHA1 | 2fd90b4ec32804dff7a41b6e63c8b0a40b592113 |
| SHA256 | 88301f0b7e96132a2699a8bce47d120855c7f0a37054540019e3204d6bcbaba3 |
| SHA512 | 8544cd778717788b7484faf2001f463320a357db63cb72715c1395ef19d32eec4278bab07f15de3f4fed6af7e4f96c41908a0c45be94d5cdd8121877eccf310d |
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.CampaignStates.json
| MD5 | f1b59332b953b3c99b3c95a44249c0d2 |
| SHA1 | 1b16a2ca32bf8481e18ff8b7365229b598908991 |
| SHA256 | 138e49660d259061d8152137abd8829acdfb78b69179890beb489fe3ffe23e0c |
| SHA512 | 3c1f99ecc394df3741be875fbe8d95e249d1d9ac220805794a22caf81620d5fdd3cce19260d94c0829b3160b28a2b4042e46b56398e60f72134e49254e9679a4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms
| MD5 | fb407283ec3c1a39c9feaca999a989f5 |
| SHA1 | c411b26852f8e6aee67b5893712af007af859d9b |
| SHA256 | 47a36f8e42882e9db6fa91965cd12535648d110c88c2d8561b45468cf8a37062 |
| SHA512 | a63bfd1fca41507d39f5f4a4e4707df89ff4937c938a145d310af1b7e9b69bb442bb99f7cb5d253d2ebc029da74dcf3f89223d5a73cdde2948decfe9915ccea4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000119
| MD5 | 4fd2f59ac773fdd8b0a674377cf4d67f |
| SHA1 | 624765911e7607c02ec335d01aa92c98bdf52cf7 |
| SHA256 | a2706ca94e4bd56a0e48028dbc4c6b08162dc304a80dba23f8e93a21bf237a55 |
| SHA512 | aed5b6e3bd4024d19b57d8384e7c5a1e710d1d5a4019e3e880b5a204fc6aab3f725c409a001a284f48a9fd28da13885d9b40f69475f9195a4ee678e7bcc3473f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2df2c057a5731c19_0
| MD5 | 48dcef10b96243a76580f6606668a389 |
| SHA1 | 5dcf0deb5e1da3f2f08a4f53c94457c25ddf4b6d |
| SHA256 | d524eb85c0db8ab30b3a5f7c2b6e6ff6d9ae4b4f3bb17248fa5755c8ae0b3741 |
| SHA512 | c862aa47c180c0e9f3bb236f2e1ac0e98890c23c5e96de273a711fe38235f326fe4073b194e873a8a1e3505891678e310af41eab021fe05b02f42ed1022c8a96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfa37c3bce11c64f_0
| MD5 | ca21e226c12dd5365b2056c670b302ec |
| SHA1 | b383b2e421bec3ffc629e79ab0edf1b4445ccda7 |
| SHA256 | 84dad0211014756c8cdda916099fbbc80219ac9dad2346a9e0f6ad35033f0100 |
| SHA512 | 277d8a342e58387c87a0bc7309ed3ab21ee958436474aa720b04e31f1855b271fa1ab48628ab34a5ceebdba2d20361a00b6ac9b712120c8a082c4e3a90a88e2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1b656fe85bc43465_0
| MD5 | 29c3e99c91fc1bb709e1e761518330c7 |
| SHA1 | 88b59be2fa3b59732f424a1d862b0b04c0533d8c |
| SHA256 | d9d988818781028125a7976d3cb14c586b36a144db08f0e672d020cc1840f4cb |
| SHA512 | 67d78a21c26237f1eea8d2aee32c46c8b01a4a68ba4d44aa93ab061c9378a9272bc6263b554a21126adb37bd46b16bdfeb922c7aa9bd57cca678a5953d592e5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df9da550ea6d3003_0
| MD5 | f9d3d15d1198e79da0337d4f14aa5871 |
| SHA1 | ee0761b0b1ba82e8112a871d4f6c50eb276578ad |
| SHA256 | a7a1cf39207b8f20059d873c39ef01673d1724ae00d5609f94de435d8d26eb5f |
| SHA512 | c4d2ed7b8cfdccd40ef2dc164d4b1f8d672deb34a4ef5832842f987ddb453756903b9966202fe3970d09b6616fc5395eb2d055e7b17664e64bc91ddc42dc9dd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a3beb452e1663a8d_0
| MD5 | cbd220ac7ece4002775a173b59010b60 |
| SHA1 | d9a6a91f85c76ff3ee3d324bab9acd9f7d95d880 |
| SHA256 | 63edb1f795d74c7eed59805d90f8e88c241fd094fca3341ef8d92160ac0513fb |
| SHA512 | debc602649102d0dcf3f7c6797f7a1cd1838a75c077bcc32f4b09140304c2fe4286c30470fc482e295517ae9ce6745718d797ad8230c3a5d2941333ab43a58be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b08cd0430bfd81b_0
| MD5 | f7c882324c5b813636e3c76707667d63 |
| SHA1 | f1f4df8a6aaed6c003771ab6b57ae04efe3dfdf6 |
| SHA256 | db7cd8a3845b8babeea48e5defdda343c5458fde2a4546920d72f6ab57d1ac34 |
| SHA512 | 6374a50c65c74651c543ac25a4ebbefdaec14d68adaed4be16b6085f3630e34bdba8d707ea67f310dba3f9299e4f78cb74056c6c79a997996f890930edcda6cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\56858010a7af1199_0
| MD5 | d8b1f6f00dff82e1a8aa9fe7e96d2dc0 |
| SHA1 | 0b4a9e509cf82943d42ef2321b819600caa280d1 |
| SHA256 | 1a62475f14238fe9b194663a5400cad342e75554eb868aad69d4162284a5afb8 |
| SHA512 | 5a371b0467904fb2a5277265a34d722de37b02627e99ea51d4397e4fb9885e304e1b4a3781e728bded44e964b2d8a2d63a174c966a2daee5c924cb6bdd217467 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1506d85c637f43a6_0
| MD5 | 881c600c75d4cabf89a0d51d01bd9cdd |
| SHA1 | 71d4332cc69484ea7257b39dd5df3dd377fa4804 |
| SHA256 | 4d66b0d0cec3721ab54585a6c9b19647a18915ec4397d77a7805ee8e6355fa0b |
| SHA512 | 3072feb01ac9ca86732eb414d0ff6433f3c51140dd54fc8e3cf71ae0eb67a605f6538b2ec70f041f3937e4fd7d22d0cddfbdf7d481aebbdaa0269f70e7ac7b5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c0a158aceb1dea8e_0
| MD5 | 69d09085538e5cff122b500ef566d4f3 |
| SHA1 | 39e7b3f7ea0aca413a2b3d7b5f1bb9bb7c80e690 |
| SHA256 | e3ef28b587a04eff80b942a3df1525a89aba78e6697f5d178c800fad31a5e2c3 |
| SHA512 | 8316525e597dea283e1e00b01baaf37274bcee0a86e5a99095bbc12f63bba5e2b54af7158772ae2b9d145014a44f6738976a0a484dc48d28e54855382ba7cd51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20dac1bd8ef32ebe_0
| MD5 | 68574a5d454112a385bcf2aedf57bac3 |
| SHA1 | 887142ce0bb1a8868aa108d48cfed8cff8db2818 |
| SHA256 | 34f75704c9d860ad1057596bade669fc50bfbfc5f59a002fd2fa918e79632f1d |
| SHA512 | 716665305a36b651926e982cd080a01f3d0d05d8ac5735ac186f0e89df0de4d75bc1621e4e726caca0f03b1aa27c72574b4aab73d1a4b31b6ff1ad4952a87537 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7fe85d7249e8dc55_0
| MD5 | 50742fa5e68a4880f6c5a53cb1b7d7cc |
| SHA1 | 20c5c2a2af1d5743c9f6afc0d3f13b1cb21a3bc7 |
| SHA256 | f9b12582e192cd53ef008a51d0668b3553d43a25fbd47706c0a6b55d6d1cb199 |
| SHA512 | 7d8cabaca4448fb5b6fd1b33caab160510f9870b4196024b8d449f96d74938cd0954caca9203e4181c7236e2812b3db4f4a9db9e2b383dd3cc7a12fe394bfa17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ba872977e7eafed0_0
| MD5 | 45cbbd2e69004996260b96d69c352dc5 |
| SHA1 | cd1867ba91d337c930e2fba670018a75b8be2e19 |
| SHA256 | 65dd79975cf901d6232b663c609fd9a30649ce77be8dd0e1a175b5540af9654c |
| SHA512 | f16df0bd4629962ec82cb1de093c5e4574c54fb4df50510afdbae6c6ce828efccfba81bc241dc891649f08ffd7cce2a413845934aaa27c3ef1ece7381a59d02c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\65029c17e720c1c5_0
| MD5 | 44e380932db092632754834ca4cebee4 |
| SHA1 | b2e7308b50d9e79b72bce06000a93d58b4401c1d |
| SHA256 | 82a19e5143bda15c2e1713eda8d2862d559c687d019e74353fac690827fd2fa3 |
| SHA512 | 9f38cb1a869542415e14f095ccba332b91bae2dd6891d17b67f488d4a3e9616c512bb0c05923b01e3c9d00be644cfeca59a0727b526ff41c3c9de507be42147d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\951674a2601a33d9_0
| MD5 | 7dbf9704035671fb048c902c66b6ad68 |
| SHA1 | 43b7ec8942c7b29dc8ed73c38f48d3f5d944c130 |
| SHA256 | b8d40e3f7d0b29517c8c80dd353f72ffa7b76926c076cdc732313e25332c7ad2 |
| SHA512 | 7ae7dae0a1329e80b2c2ba527e92ef839ec1756a225132390ad2d7de50fe99a73c71045faacc5ad7648914b91b4f5ba8c1ed00d6c7721dde056203b252d24fe4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\552e9cab9e32a74c_0
| MD5 | 7f76e349b696bfc069aaa056bd322bca |
| SHA1 | 8ce2e07811ca6f342f035719e7abc7b8b1b1a83d |
| SHA256 | 074511d32296eb3d1739abe32e8af8346a19b7e6296f11926d7ba47024a72361 |
| SHA512 | 04da3525ccbc591595c145b32ddedfa91cb0e88c1860afdc7c5760d7a6c1ec011f4fe7e1d25489a3344f3a04b37135ef3f724770f8dd8a21bf63e3e9bfdc83ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\08367b3179c4da90_0
| MD5 | 2ce92d133560da2f48498e746d1737d7 |
| SHA1 | 42b74c179acb41488a7978f971cb359777b86c70 |
| SHA256 | f2c6411e12e4b6a72a841c1326d6a341a716e2510f0091afc24530b5c9151033 |
| SHA512 | f6031aef5e87528bf26d88964cbfcae23a9a2f66d08667e7fe7e580f1ada435a895903d8cf66fe168a7f93172183bdf619a23d8b0f2ab289048f655c659694c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b044bcecece9bfb_0
| MD5 | 3a3f57807909c1704d35cbe04f604941 |
| SHA1 | caa49a48cbf368094e2528fc815fcf8aaf5765a9 |
| SHA256 | 1c7cd53bcd967cb78cff1f359dac72bb660c1ccb2c0b5b8e5071172086d618db |
| SHA512 | 4ef83bf1e02065a75f8930af50a86d988289c809c9e9d4f50fb6617a8b4241a1c84b55a4930276be2706524047671c63d2467641d3ad2ebeba4789668bf5266d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90f61163682f5561_0
| MD5 | df8462717ed9fa344bd68479ed2bd9e1 |
| SHA1 | 9a66c9c63e138fe9936ec009507738d766af7675 |
| SHA256 | 9a9cf6e770d6cd0f6caa5550a94fbcf23a0d4d2f872d9d09b55e66088df24096 |
| SHA512 | 8f7300d6e2fcff89a96823c69a184dcd87d8d041918537d68a130e2377480279961bdd7f145fe6b2f6e9d516be898a533b1691d3bdaa5bdeaad5f696199ea515 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\794b4df9888a1693_0
| MD5 | 10093136e414ad4bbdfa62994252090a |
| SHA1 | 48312ac7140f224d3612c2f0909c2c0cbf1089ab |
| SHA256 | aa3491b6dbb165a7a1d5d8ddcdf854bdd849c15d5daee9741ed0b0e0cd42b805 |
| SHA512 | 957a80541d5e95ce187eb3350f6a2d99627543e01588bcd932d48090b3a70f67436c60352878fb5cadce71ea4296ff280a0d351b96feacbec8122c9e00ef32d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\57fea5bbba039920_0
| MD5 | 965e365a769322c4fb5f12a895fb2de9 |
| SHA1 | 3e452081e924a7481ec8380b1abf2f7a8fec246a |
| SHA256 | 439987673e114c6663f6a0d16e9c8a2952c0121d6232091aba534b03f6594e12 |
| SHA512 | f1b730f23ec6809acf1415d19545e1a4768de627d65d83f7182e263eb2d7cf2814a630a1a9d0c4d949c764e8e209d237d1c46daff5044cf4c79798c5b52ec5fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a7e7921c6642f313_0
| MD5 | 8da5a6c1c56e23f02653504c9dadc4d5 |
| SHA1 | ecec0ea8113083654b619f68de3c45c1820bf1bd |
| SHA256 | 64764a707f015cf9cdb69c24eb035d8ad3cb6c4007adf4af2ce0ade10104d7ce |
| SHA512 | 40183d539ea65ddbb5da3e3d90ecbcd4bed36ce51b9875a0ad169673d8ec3c520a3899e442a8bea1051072c27a9a786358521a6f461b88a2f5a00fc056d2b8d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fce2772ba8b623b_0
| MD5 | 389c2002026d4d6a9403dc935216e6db |
| SHA1 | 609c6b232bb13fd2992018de06c1f5f238e7715e |
| SHA256 | ff5de31ec9a48b41ddc3e5be49a69fdabd40be8487f2ab9fd46f749c20ec6cec |
| SHA512 | 8b027eb61aa4b8cf7fe972d75aac078a410fa7a128f703f33dbd1f719fcd7003929099277b4908d119940dffe967052471f838ca4f6efbc997fed1a170ce53ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9e9585b606ccbcd4_0
| MD5 | 71ca9d271277221a26956df09c0b9fb7 |
| SHA1 | e7e521e93aa5a2d5e1eb7c358f032a3a66bd5a35 |
| SHA256 | 1af408ae09ba9be594b568366d1802fa7fcb24ef2fb2eccbcce9f4eced0aad50 |
| SHA512 | d9ae70cbffb1039bdddb8bae718cc06aa5e7534472263abb8e5f384038a86ee8a16d3738e727bdff8c96711bd67d483227ec70a6cae6d7253e47eec07c34272b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3c0976e826452b12_0
| MD5 | e6953b45247c37d272d8be3191c22e99 |
| SHA1 | a2eae5d6605eea8184a5159ed3c82558c3cdb61b |
| SHA256 | b4c98f5734faedb0a8155947d3f7943d65fc9ddd91eb30dc664e6ece5d2e20b5 |
| SHA512 | d94c067f44ff507e9b0f2b343bf4f7623594d6b2a21038e71d03c60ba69521923093a063e5df3ea0164a4e2f6bae4dfaf764f5b889992775b393a3ed2c6f03de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a8c6898902794e23_0
| MD5 | fdf12ba4cd8ea4a54532a196d86ae37e |
| SHA1 | fe3f873384b0ffbde7d25b072c6c6b62d9eca491 |
| SHA256 | 27be89292ce76091c382004b18932d9b76cd12ebb82cc5bc7c55149b31022e40 |
| SHA512 | 008edef613e4a6db24697ec312fd0fdc5d2a5a8b646cbec59866ee69c8a10bdf615cbf6cb51160b57a2b59c16deb222328f26a1f1c74f2ae61258e410caa8c5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\223785267ad804f5_0
| MD5 | 72f64b70cdc04c23ce347643d9953b7a |
| SHA1 | 136f6279baa95f29274287398cce4900385e4bd3 |
| SHA256 | adaa65c83ebe3ff4be8dc7815701390c295be7c628c6940817fd220fc2b83896 |
| SHA512 | 9e70934b04e2c3fcbf2cc8a670cd1468ccceb4189c9f8d459e192d371341a4eb04b8c0326e3c06eecee7e47be1b1fbc267f375d2906a26e26a17b53dfd4fc59e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd8e97b58d81706c_0
| MD5 | 1e30464589633a83623953b36656f672 |
| SHA1 | 1b65887cf715d877ff4a80e7dd65a6b9ed845bdb |
| SHA256 | 48c9eb039e063951131a69bb954dfd6fa990151dd2e43a0325f89b7e1960d69b |
| SHA512 | 27c01226ea209a4db2174d0f1729c3ee4be65fd0494ffcf7ad605c1fed84bd4ec24a8d9557f0f92bb6be919b5cc23f87f1305322f29954a25ef9b2238689ef3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bf3dde9e4182dd73_0
| MD5 | 338df8ae21ae2471c01dfa581bb73a75 |
| SHA1 | 4be3588b089b9f7fba705546e8ee6e1a4dc5aced |
| SHA256 | 7c14195ea2baae6ee50bd6d524730db82f0a7d15c8c8267e498fb3dfdc75eafa |
| SHA512 | 4f39a86b7981607558678a9a16e7073b623b8e7320fc7cd37505df171bf52a23cbbed28f8caa601d32e32424fb9f7e51fc5fc6eb92606364bf1d1810601c535f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\39f1b8ad3a7dfa7b_0
| MD5 | 9dc38c314baa0cdd1af11a957a4d5786 |
| SHA1 | 12c5bb4bfd52127aade32f16db7a39b1e3fd49b7 |
| SHA256 | ce9b771f0ffcd892071d0b82fbbc308deaad466100c3051d2e19c3ea7f650e75 |
| SHA512 | cfbedc959865862eee9e1dbfe0de7405726f0b5d33203cc0b2e716063d17ca2898f954fc1165adea87999565e2d8cf248ae5cbe092337689b8574619cc34f917 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1e54725c590c3137_0
| MD5 | 08fb5d1dbae996d04eb6587f5d7910e2 |
| SHA1 | 8ea989b6eaaecc50dac28052dee90b68c2e56abc |
| SHA256 | 61933dd663440daa1aa1f8cdad8a22edfe0a7f7eca6a0a0db3079e4fd114010a |
| SHA512 | 9226d64338a8cff16a361b8c0632ea5b02ab5f3f0f6e6e0185a16a33633bcae713731407cb4e6cc6493720a6ba17ff2fe5ae31378bf0d5c86a0a9b0145195370 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47f1ad57edb8b6bf_0
| MD5 | 2ef66b36d51afbd2dc6ef99f53045832 |
| SHA1 | 34f1bcfb88af9289e809a8eceb5a4e304699391a |
| SHA256 | 2aac8f915fb1117f7acb2f5232d29c5a28660c663f8c0dfb31048f2b695f84e7 |
| SHA512 | 85c66fa8a9b58de954a11453c1e5821879462cf71ebbdccefbeed9b0022e2511318511a664af20e1609e9b78a53a9c56bd9ef7be7b3cc83eaf5844e85f3c9a62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\202ee61178b3d1b4_0
| MD5 | baff81507c424f890226e16f4a2dc8b7 |
| SHA1 | 603991e252814a65e27b1e948ce7c9fcbbd9809a |
| SHA256 | 46ea705cf9012c99a3ee333417b6f8cdc4df2bd7a94c881f41bc290db43a7590 |
| SHA512 | 11de85874f65fa355838c2399dc47a3c5a420ac4cd4ebc182316ebdf27ffdb90ce9771e5ba02bdecade6cfa6afc6f4e501675463c7736acdc8fc131e53a7806c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8648952d5ff5512a_0
| MD5 | 37aae9e13e753dc8765cc1a33aeb8f8b |
| SHA1 | f956e6e9c969288d77c3f9dc01d57f31bccbbbdc |
| SHA256 | 0b7a82075ceccd87b4e0a1b6bc71329248c6872a83a5101cd91e45c45055890a |
| SHA512 | 501bcc2801e325d82ed9525e366e8ce9466b62cf35f2176d4cbda5521ff609d6e24f1172ad3c630cdf8bd6669bcee1083cc867b0c9324ce023b6de209beaa5a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cf4436542c566b96_0
| MD5 | 30e51bb1fbe8d5ceaef02e124735d687 |
| SHA1 | b5e51d25bd27b2af42650c404d0206082dec275a |
| SHA256 | 79a1759293f1dbaad6c7a55625b64b0251c6c92f87971dd203263d0fa6b68892 |
| SHA512 | a41b35bac2f739e117f1f0909c4484744b10c7d40520a100c7437d04eb32a9c4aa59a79bfcde5ba481c19084c6d821c6362d7a5b5e6953cdbfe61731bb832bcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f09fbf9f0dca9c4_0
| MD5 | 58f4f9b741b128f3e2abe76531367b4f |
| SHA1 | b796776422386f204156ceb3a538393f2f23e04b |
| SHA256 | bbcc83de6e06ddd8fb8a4e9c4df107decf5f0db4de81532d228a118922f8a071 |
| SHA512 | e2aad0fc0f0e466ee978dcdea4f2ac151cc93486250b27fc500ea5bb1837bc1c275e002af3f95a4e31897a640d6d32429de488eaa9a32898c272eac611b342bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\89c00ef3bbb713fa_0
| MD5 | 08bb703e7cc211ee75c8db42824309ed |
| SHA1 | 1d81c89eb69ea9791fd292f6fa66ca59745538ff |
| SHA256 | 315894a922b765b1d9ad6b07ebd4b71ed1f854c53deb820bc9a39116c91b4ff1 |
| SHA512 | abfb365151276f883c70e314ca7cb2807c3ff1f0b59f330c8af38310985ddf66f699772daab6a63fcd9d2aa474e7bec5a55726ea48a8dcf720ad0afa6c248709 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b335498d880125e_0
| MD5 | bd8d5c806e3802bf29c2e63e98510e62 |
| SHA1 | 23ed65c223c32b3d28f12a854efb0ad51027378e |
| SHA256 | 463258001f97b681a2b13249b968d67e18768c2a9790774bc2ef85f51e45c152 |
| SHA512 | 2cc383acc07288295c0889dc504dd2db790ac82553ae14c4fa2b090c118b362d6c509b4f8a631c0becc5347fc81daaa574f574fec5243a2a44b3b715328d4aaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7334c72fcccfac5f_0
| MD5 | bf3e60303e5911f2717ef18e3112aeff |
| SHA1 | 2b6b0d6b544712c09874d2de8209de22f26ab63e |
| SHA256 | 45c6128753840b021dbcc28614687e9071803e3e393d679c5abdb39a652f5dd4 |
| SHA512 | a27425aa3372e037641756a9311073903e5d06de109e3b3974714eecfbeca827cc9375edbfa1bda8d586a8decc5d4893f635b777e865129b8883990d312fa9d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5df19512b232e76d_0
| MD5 | 733347e2cd20de0427a474e1ef5aef04 |
| SHA1 | deebcf7c7edfd2b663bd02e040f8668356227f19 |
| SHA256 | 3541023c2321a68552658ce918fd57e49feebd537086d19826d8d383fd831150 |
| SHA512 | 3ba56a92a1584080a8b91de213376c1802c11bad32284afe0f6913673a6421aa47ae0d1363342b84c164bdda6674148103f4f0d75bbc657ea31d6136d0745d4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f98a9b53209646ee_0
| MD5 | 3ce19b2ac8c28a336a8c8aae61b11d45 |
| SHA1 | e75cae191a3d8d31a1eb82b8a91172b87cd99591 |
| SHA256 | 56af62a8ce0902d4d9da8a9bddc238caf420513ba0441d60edb77c04b27a0130 |
| SHA512 | 322a9b8d5fe394c4ef2f8808fd527ca5979b32fbd54974e48831db7cc2e27cf5607f99ed64b8ae2c6238c06ec4f8efb3ac4e2807b4bf2c8e283f6fc33a70088e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6870cbb9284d54e2_0
| MD5 | 90f8299a9c22564a0cdd2e76c97e67fd |
| SHA1 | 48eaea0ab9741249ebae0aa4d04948c01e43e027 |
| SHA256 | 16729543b1bcd65b41b9bf4eae098c788cd5f1cfd9156ffbc9a040409067b1ce |
| SHA512 | 5a9e65bad39cde43c906ae2be7cc51e95fdea738a0bce62790fc098fcc605dede4a05bd215d98475c25da5113e6c3a44e5ac73160771464cafb2558548fb92b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3af26fdb0a014ec_0
| MD5 | 7eaa15a4d01d2d520ee0e58b64907e4a |
| SHA1 | 8c3bda76bb7d52dc0740ac01d963a081eab1928e |
| SHA256 | d58c019fc6e1b37a8ccf3fc03c918c3a3a1566f48776e32329d9d396bcd7557e |
| SHA512 | 6a065fd9b5ff84dd22ad644afee94d8a13d461da6cf81391bb12c968cd39f0c1808ed34854afac0848f1fa5217177c077d4a91f500ab9622dc4a72bece48773b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45ef484a783af53f_0
| MD5 | 6d333e0d6eef89ab6836bacc442f4a86 |
| SHA1 | a5c39a99a17601b604b518f0c9878041b5574d7f |
| SHA256 | 9e083cc7f44d65b39083bf4514276a5071525f56fec75c0dfead74dcb1049805 |
| SHA512 | a2840f4f2f5356c7db231cc508aa9a4f55ff34252f826d78dc83e77b7e8d19ec51fe43490f095c88b9e7edadf1f59646d75efe5f7c214f66f23032e3e867ea24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c2c3466a716ded51_0
| MD5 | c30b03f15c3da73370eac7f2aa25fc15 |
| SHA1 | 7a16d6528c2958eaa696744c7c4a44fc701f2913 |
| SHA256 | 1d8b01dda0f9a2f7595e70d87ba15c66557e11a378d9d63c6084bb189e1761ca |
| SHA512 | 06f4df4725c20837937f7a0e8482a75d691bbcb61a78de4c16b16a63c2d6df8837529a3151c4e47ac826fb8524ff310e215b07092aceb9e0df6faca7cdd4cb29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b590fd7c030c5374_0
| MD5 | 23f68f7975bcb8e7242a87d0949c5a81 |
| SHA1 | e6c63971051f1619c0f6b0b90b36bb08d07abf68 |
| SHA256 | cf995e737618a231679674c7560ff1a6c40b8689322d36313113b9934c739f29 |
| SHA512 | d7961af5a33b1c207e5e74937c962b168350dbc0778ed2dc13d1a71cf88d7d2c0156c2addc7bf80ced82b018aa34f2551d69ea493f9c8c529ef484fc8feaaf0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fad43496817469ba_0
| MD5 | 2d302d529d5fc722a2f1fcc667474a46 |
| SHA1 | 02a31ea44b7cafc4200fbaef77ea9863e1616b75 |
| SHA256 | 004332ff6fdb70ff6e563d2a129479556629bd74a1fea9b82cb5e926b33ab24d |
| SHA512 | 68a9e8b571c813c23b95b7c57b6c20377f9f13aec94bb2a80cc0f9270bb7f40c30df87bbe85bb55f9ad0d5cf5cb53e6eb3f6ecaf5849cd76c6a9eb0ad82297ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94b6594413ce6562_0
| MD5 | 7f7d0af99e617a07edd6472c3ac9cec4 |
| SHA1 | e0a156989dde8d9934b2c80286478680b6c092d5 |
| SHA256 | 0b3a3dba06463efa4801b42ba0e5c257d6c5f1aabca79e02e3894dcbd58296b4 |
| SHA512 | 10daa035a00c95038a0a8d78fab4fb14da99b7068037ecc4c977788c24c9845c45a162a2ca66f3bdf569153cd7b6206dd6ca5866e8ad81bb77ca8f0be4e28c1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ec520f5230eed29c_0
| MD5 | 1a0011b0d125ae6b4103fd6e0bff33fb |
| SHA1 | 000cc0c822c6395e9ecbc8bc9026973deeddeda8 |
| SHA256 | 7dd0a1ec0fc3da4aa1a96c47082a0a960937c0fecb69ce35a7a43c5216abe4bb |
| SHA512 | 1501b49aa3bd2b41f895e93e37f1c238f431181c1034dddf9ea2eadeee23eebba0b40f2cdf99154cf042f6acf19a2b3ef280344837a503c2283806a59940b2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b6
| MD5 | 3694eef89d1e034166295504dce63198 |
| SHA1 | 748339411d0830a68526a9915a1af815909f678a |
| SHA256 | 54fef2e48685e18fb889f5f5556350b2594d80afccd8df48866bef894dde6ff5 |
| SHA512 | b62b9cfb4fb23e4a238fb474f0093c98ee3b66b0b0a3d519427ea442362817b325a90458397d47bf8bd1bab70a6eda187c6b2ec6fac26bfac2967d8a2f207bbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa61758ad53dced9_0
| MD5 | 31bc4634f957b317144598351e4d4083 |
| SHA1 | 07fb60da6d12eca21fd276c04e1153968782ab4a |
| SHA256 | 920dd918e14c5252d4670c03a8717f0f01ded11472194a48ad030ae4680ce61c |
| SHA512 | 8487a9cd5392bf146315cf68a3db7b5930fc35e7ef424bb24339bff2d6bf49a6ecf7a4700983ff7aa4b7eeb619b5156e33e0356f37d53169021270c8aff79fe9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a05b0db8f454e7dc_0
| MD5 | c3d54023519d98f59c26d011fb39dbdc |
| SHA1 | 7935df7f9d025618b521fee4dae4815f1b2a2f3d |
| SHA256 | e716f520bf2801e66cb8891c471283fa4dacb20ac5baf16379a0b5d89ec7fb7c |
| SHA512 | 694a52404fcda139a465fe37fb0d872a0bd62b5bcb992861fa4848bfffcbe26d447d01a6fd574bdba77876f4b93cd024e3962cd1670045e3333c8bb8a7993c83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\00ddee1bef0b1489_0
| MD5 | f39d34047ff03f6222ff81efedff33b7 |
| SHA1 | a257ef941dd879acb9e4a8e4ad3901ad028148bb |
| SHA256 | 3ed52a55a45704cda1ad5e1a6e3fe4bd8aff69de8e0c3b5cb1ebc89ecdf2cc37 |
| SHA512 | 398a65975a5643f035977ae128020ba9e2142ee8392507cf966fc6c1c8c17bd62820e9e9e8778ad37cd27a43ebdbc0c358a9198a28c2f7245e10922a3c499212 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d6ee3be543685b8_0
| MD5 | 95f76abd274b1783e366761b68644d00 |
| SHA1 | d52769e4be7e8368e0c470390cefd551a53c0ffe |
| SHA256 | 04f69f45e4c9eb682349737352ca97175d17539c03b70f151da6da74cd752940 |
| SHA512 | dda455558e8a66f604bc15edb25deb8db5d957198f28bdf7a5dc98f4a11b07f87db14d3e9fb9ac01281fbb444c4a2de0dc550af0b51ce9da8f188042979590dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2d9c813a0dcdf108_0
| MD5 | e350dd45130118075aa626b6317a93cb |
| SHA1 | a60273d9364c8b205bd1eae9a5967758b4e768af |
| SHA256 | 746c3103a35e05afb3acdc6f303930152036022a610556f287b79b567e6b4d0d |
| SHA512 | 67814b3cea77d9bfa0c2f56aa5f6a9a7878fc68696df0ce8847220fbd7d2a8cf5831ac8ef5399e0482d87ce3ec5cdf1e105dda59a54c7048feec2c657f7287c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5667bf87cc6b1b8_0
| MD5 | c23130dbeb580959505d5b1335f533ec |
| SHA1 | ca1f8bb5a43517b6cc5c891dff59980496fef768 |
| SHA256 | 42de834eacfd455844e031725b18131d3fdc412c2b73d0caf2010470eb9d5ef3 |
| SHA512 | 8d56688fa5d7eb91b7f9d6a42eb20c9040054bfcd066b73fb13e317ab1dd0b6616abe88d272cb1e452ae53a3d5364aea5c6c9e4dd8689f83c85a6759e1887691 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\427075385d94c9da_0
| MD5 | 925b0d32e683389a235e54b8d384dd46 |
| SHA1 | 75796f14760c6ab1d2567c0ff50ecca085bf8755 |
| SHA256 | 83c081fd7ecd1cf7f30970b1415dad80670cad82b5a8bd92d96b162cb7610827 |
| SHA512 | 5e289a8e8159a5af5c82b5c5d82dc8f75f0003d768415b6abb01579cacee3a2da181d19b2fc391d749f214a2e8fe8eac462f0cd2987e121447fa34f6b16d46ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb307b4160083434_0
| MD5 | b08940f57a98d53b1ce9f87808b821aa |
| SHA1 | 38c747a2907292f05df9f3a83a3e8453fb4b17b1 |
| SHA256 | 1e7ae53714223a77493964c296e362f956f3d7e1911dac50968f1ea989505664 |
| SHA512 | 75301940c84a67b7949b3bce0647d13afa0b9aa2262ec586c437e05e7f57559f3d77ef7243b9fca135de3e24e94160db7df842569305c2b530428c92f4385732 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4d1c0c4397d90bbc_0
| MD5 | 122360f1e1f9f6eba505cbb850764cce |
| SHA1 | c77667294d7b86a4ee3e19764da7d1f3201d67c3 |
| SHA256 | 507ff9541d82dbb794f254e212cc552bc81dd91be5fc0a3e5d883945319470ea |
| SHA512 | 3bb70b6528f37f3b9da740bf91dea9fb541d8b421a37d813721d4ee39dce51ba742e666941b8d91db3295fcfb2ddb7f6711216e51bfdf407169e59223396475a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\311f97ecf058f007_0
| MD5 | f210d42670d354b2bc0c6684a4ae19ab |
| SHA1 | 982e8e1736dc1552f4a0cf9278100c884b5ddd7d |
| SHA256 | 1fb34b70b24052132ffe2ac122f50f0964a78344503db6d9a9d1aabed0048bbe |
| SHA512 | dcb21fd70006bd1c80a1164035ec553f96195cebaead99985db127654aa8a0ae8b21211d162caa09dc3716152a965afeccecd129edad0390159a44b7adc670df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f8b23cc82f2b2e7_0
| MD5 | 9e60ddf882c219955dd4ec1d3364fa9e |
| SHA1 | a1114717155d8c06d3c220c3f50d1edc4e7157e0 |
| SHA256 | 60f110a097f5a3a66b6e361d0f5999bf832deed7f110e2331a35ce17da8c283c |
| SHA512 | 1448813903611389043225a4dedb640c199962b2f1de331e50f6ba5ae785a73d0b7b09103d10a2a6139ea7228a189719188a90b58bcd69a8b23e770d3642115b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\115807c81f46d2fa_0
| MD5 | 9ea818b14250ef14dc69d5cddb2dc347 |
| SHA1 | 9a883c1ef7686a4acccacdd5dfc68976d41e696b |
| SHA256 | 135f50da2d719500a4a2e4094c3bea76c44c855b45050f98b2dbd7c3960c9968 |
| SHA512 | a9038354315cf00fc6dbb786577e2fb31809b2c3b7bd58f372370fb9ffd50a2921d6cf0f9a4e99fcf4bf1972e65ee9e2cdf6f60a46b912710510022fdde3c8cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d6ee81079c1cbac4_0
| MD5 | 64f3a7171f25f2b379a0cf2b0179656e |
| SHA1 | 418fc51b881dc81fe82a9a3ec00deef02d5b333c |
| SHA256 | a3b55c1f4fda888a65a17e23724661921f50afcc06fe1b3d0c43f189576f2380 |
| SHA512 | 2456f60ab9408174b88aa81af0bcefdd8cf99778367454f16346d40e18a33c796ed7e554c03a987858a4bd94706223382084b008c8f31244020fa40b6f0403e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c4f2da4e4b4dba36_0
| MD5 | c89800e883a04138ce93358bbd57770e |
| SHA1 | 22d0bf5a9d88a5e04e96bcf4f976ab5c945d28ea |
| SHA256 | e606150188d703c52583f05d39f56415a68aeeed47710b88b8fda3304ab1a3db |
| SHA512 | 5402db2f3cee5273d07a1a8fbd63cfa180fcd01d0b0ba61d6c915410b55f32efea99273f10ebd240099a995059a51edfa677c244ff251c8d4e59c8cf946afb1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d39eb1c0399af5a59dd771c21684ff9 |
| SHA1 | 9bcc67ce6d17830baa66ba265eb65b2834cf35e2 |
| SHA256 | eb2b203c4522d8862f6bc38d0b4829b3d7ec0a7bb1467a13aef8d2cc50832901 |
| SHA512 | 2991f2159874c83affad3ff8a093fc0d84168025555d1d31e39e9e044aa01923e703e8aa070b5e2aeb5d1dfa13b563846486ccf0accf4dee3a38c45ed3505f69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b5312a834e259210b7c7b1dbdb073885 |
| SHA1 | 9a8debb76fa9038a0aac4856d094ceb2c8070047 |
| SHA256 | c2321d71eae148fb8b460d3d0beb1aa914312190cf8c2efc474a119de2bf37ab |
| SHA512 | a39ae849c0e2b93e44850b5823d8b4c0fd1fd72fe6549936a2b3a6452c125d959371134b971a579a24341eeb6885f7821957beee1473ce51f0a0bc5ff15b0715 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 85e6207ce25c3fc61408054f6ae5af7e |
| SHA1 | 24b1c42d7b2cc5cbb756761f1350bf571905f232 |
| SHA256 | b7f62ed8e07c6f4422bf240464d70570027ca54034ef64448ed4ecd68cf4f584 |
| SHA512 | f5c9b36872ccd44d5fd10bb81a2fa66687ebd7d4e54cac3736669a1731e3f0ecb54d4e560112b370acf912bdfb4444a7e43a49d442d047c661d8672d4e6a6792 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 131804a1de710ce5d7582399c2c32699 |
| SHA1 | 9a6154ee5b4ed136fa7f20833e68ecbfc7f80c21 |
| SHA256 | 23180e20da05c8709d92ecf63989c09911957fab415a64b138d572414477f145 |
| SHA512 | b0e3636437563fb70797fad455c8277cd00e42932ef51d3b2b7c05db1141c826b11cdd4956c47c27b5e5b659c0417082d5b8e7fa503153dce05f7767f65aef0d |
C:\Users\Admin\AppData\Local\Temp\7zO4B6DF4D9\Clutt6.6.6.exe
| MD5 | ebe2598356ddaa94e3c507a3bf3fbaaf |
| SHA1 | 12fbb71303fbad2d1d6b644d67f3d895ed417ea2 |
| SHA256 | bce721a6081d418d0e00bce7dfb5a6b957767b0138690f7e5d642181556b8296 |
| SHA512 | e541c1e25c081530b7102445d57c70ceaabb3a719ac895b1322305d3b2e0c6d8cd42dbb231285473a48c8221d94cfd3f9aab431a2aaaf551b55b060d83f87552 |
memory/1636-6426-0x0000000000A80000-0x0000000000F10000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d008fd7a8e0fcf31f22decdf944f4312 |
| SHA1 | d00ab87b4cd058b4aa28367f98c6fdac5e459b32 |
| SHA256 | 7142efc4acbaf4dfa0c7ec9f60d4952c1460059243e9f0c5674371112fda5e59 |
| SHA512 | a9941a84549d3c56c6cc82a6e625f382b5b6042f7ea45f3b8551c5c9da43a6a58ee736f8132cad92f9c35fd732809816cd8e2ff742f26b194bbb24a913731706 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8294e8d15ee4c8bb84ae51681a98e33f |
| SHA1 | 990f46dbb673df8b9d456460e68bccb28965e408 |
| SHA256 | a2df6acfcad89f4cea2dd381cc99bd35cd8871d64015fcd0f0af2a8f64a5d07b |
| SHA512 | a45e771c84a62c87f473ce87d6f0c8113a71101283641fca04e6bdfcb9613f2a687321cd39a3a4506cd22bc259e6fb6ed4f2f6254eb6cf1483f0966a21f5ab62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\82ec3b5b-ddc3-4911-9e1e-9066704e0058.tmp
| MD5 | 21f4df4635f9a2d9e8035cf315ba5192 |
| SHA1 | d00f54f18d424650aa9ac330588d96722e42bf8a |
| SHA256 | cf886afb161b5fcafa4da3a11244970bc82cbbcc901f36b4d6bed44dc14ec034 |
| SHA512 | 57feffbc2ac512011a62abaa638016afc943e0b366aed9bb86233ad2db588a1701695ab935d4a0ffad8c47857b9d72c8013451f0cf2b605dbd706c1eff413754 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 6015eed05f24f31d5c20644a5cc7fa4d |
| SHA1 | 2329dd2c62534ca79a570358e901a0ffd28b95e9 |
| SHA256 | 9b7e7cc0e9fcfbca29306c80a9401dac6b20acabea731397984999e193148e36 |
| SHA512 | 11ba6e84fe70d2cfa9383529669864afe8b6c8abfc2c40cdb69d41b698c66efba7c523d763c66faef3756669592517e2ae0f8feced85f10687ab7aa8501a4535 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cbd0cc70ff5a7923a80436031d539546 |
| SHA1 | 333ad762812a4f0ff28cda6319d23f82141b1756 |
| SHA256 | 369f2a625d4ff0688c4288961e26e0e7dcd7ba23392278a91a711673d03309d6 |
| SHA512 | 8069d875f066536d496e54e3eff1ab1b590e0997a5ba5c78cea5ee464471ef541f9fe9759fa337098f3263543cb52684423aaa0b122e55479c5613948678d027 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0ac930f2b3d261c0a78d4039b117a7a4 |
| SHA1 | f0bcefa9c9fc09e090c8e74d8a1de413e6829361 |
| SHA256 | b7129a043c0480d527a55c7e9d74338236aa07f5132eeeed0e1ed1e40997f461 |
| SHA512 | 15a446fae764413cb3ca13971344010b90db5dca8770c21b860babf019ad02bff967fdb8833cdc70cc563b013fd318172c7200f5f9041885003955fe0ecc4528 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2020b12b484165eaaec2cbe866ce48fd |
| SHA1 | c895e1a3e63eb8e8ae649e9e16402e0f2311d501 |
| SHA256 | bb3c486e36718a6230d3e43bfd545412aec7d59975e0f075e14cfde01fa485a7 |
| SHA512 | 32071f581f8fd44aaabeef5793efdde110f981be464bd936199e175d8eec9fbe2a67f0c85a14f05c92dba9259aa06ab5b60d15dd35378942ea1fe9f33b0829d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 496f47fa7755e059e86f1b6fb3bcbcfa |
| SHA1 | 4dc8a413c17037cdbf0d1f8159e594338a5a18e2 |
| SHA256 | b20eb9faf7f371f778b1825e42b294670a333c334e0703f41c24a7af605a5327 |
| SHA512 | 5956b4310a46b1fb303c589e1a35f76bc251c7d6bfe508e5f4d4cd0a2a0faf771fd91fe858a064f510ce19991846725b3a3ce5cf46df555946a2e284e4bab764 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bd
| MD5 | 1662897e1cf26783d7a32488934eeb01 |
| SHA1 | da473269cfd46b565da80464998e0d4def891005 |
| SHA256 | 9fa12cb1c4c37e258884a4efe6100cf70a3fcc609ff3e2b30c9abb96f67a71d6 |
| SHA512 | 5b7a388ea408784fb45dd26b2bb13a9aaf50d7c567e812217dd63dc00010bf5462a75518fefd9acf1f36db8bff698bddefc5e0fadc0733400ee9d26a9cc0c10f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f5475918d8422409d6b010d755e3c046 |
| SHA1 | 78086dbbf917157de2b293c6061570294dd6da5b |
| SHA256 | 60eb60463b15c0338bb1b7b4212a170642dbe55f8e8f94afc7b07b54a5b3579f |
| SHA512 | e04dd3e251f1985839c1605d31213a06a58dcc7ce241d0a1254235a3bc26b135eb5f0d25e9d8827fd6529ae2cb125f6705a9bbf0978c9f72b233532e60c0cf0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 94b6b4ad9ceb16c71d6c5bc800d33e77 |
| SHA1 | 620c688ff8f799f8d1750e00c5b7379150a1d569 |
| SHA256 | 28f6511bfc8be3ff8c6a897265490e4d36aaacc171f75b18b7038ed69c454e89 |
| SHA512 | 79eac2a93c7c8d831f8d449bc799fd0033b4f1f39f9e27e57f9fdf1261ac706152ad50046a38262e53e9102dcdb176b1c68b1e0b1158f59cdb3b14ef5fe6d5ac |
C:\Users\Admin\Downloads\Unconfirmed 667670.crdownload
| MD5 | 06d87d4c89c76cb1bcb2f5a5fc4097d1 |
| SHA1 | 657248f78abfa9015b77c431f2fd8797481478fd |
| SHA256 | f1e859d99072e35f20e172d8458e3ea1baf8ba86c8c9e311a0debcd2acd5d0fc |
| SHA512 | 12bcc681544bfc0cb5f1a3c2e5e3d475efdf5abb8bf0e18cb18f529a82d551f39e16de2d3f0664c2c2cbfab2bc4702e256b958acadca53424e6d8760b6f457f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3c1451abb77256b79b0b5bb1681e6eb5 |
| SHA1 | 79d614d11cea355cbb18a63bb2391ffbcd8d1973 |
| SHA256 | f436aa8cbc5d3dde014dc2c3a99fe27bce5fbad26c483703fb65b6c492c39dae |
| SHA512 | 2fde379a071f677f0c7d024cf3d343946874f144db445a28b6f91e14ad171a10366f0fe2e401126e8aabe7ba3ee850fc48afe6b62acf5868713657b898506c02 |
C:\Users\Admin\AppData\Local\Temp\$inst\0001.tmp
| MD5 | 8e15b605349e149d4385675afff04ebf |
| SHA1 | f346a886dd4cb0fbbd2dff1a43d9dfde7fce348b |
| SHA256 | 803f930cdd94198bdd2e9a51aa962cc864748067373f11b2e9215404bd662cee |
| SHA512 | 8bf957ef72465fe103dbf83411df9082433eead022f0beccab59c9e406bbd1e4edb701fd0bc91f195312943ad1890fee34b4e734578298bb60bb81ed6fa9a46d |
C:\Users\Admin\AppData\Local\Temp\$inst\0002.tmp
| MD5 | 596cb5d019dec2c57cda897287895614 |
| SHA1 | 6b12ea8427fdbee9a510160ff77d5e9d6fa99dfa |
| SHA256 | e1c89d9348aea185b0b0e80263c9e0bf14aa462294a5d13009363140a88df3ff |
| SHA512 | 8f5fc432fd2fc75e2f84d4c7d21c23dd1f78475214c761418cf13b0e043ba1e0fc28df52afd9149332a2134fe5d54abc7e8676916100e10f374ef6cdecff7a20 |
C:\Users\Admin\AppData\Local\Temp\$inst\0003.tmp
| MD5 | 7c8328586cdff4481b7f3d14659150ae |
| SHA1 | b55ffa83c7d4323a08ea5fabf5e1c93666fead5c |
| SHA256 | 5eec15c6ed08995e4aaffa9beeeaf3d1d3a3d19f7f4890a63ddc5845930016cc |
| SHA512 | aa4220217d3af263352f8b7d34bd8f27d3e2c219c673889bc759a019e3e77a313b0713fd7b88700d57913e2564d097e15ffc47e5cf8f4899ba0de75d215f661d |
C:\Users\Admin\AppData\Local\Temp\$inst\0004.tmp
| MD5 | 4f398982d0c53a7b4d12ae83d5955cce |
| SHA1 | 09dc6b6b6290a3352bd39f16f2df3b03fb8a85dc |
| SHA256 | fee4d861c7302f378e7ce58f4e2ead1f2143168b7ca50205952e032c451d68f2 |
| SHA512 | 73d9f7c22cf2502654e9cd6cd5d749e85ea41ce49fd022378df1e9d07e36ae2dde81f0b9fc25210a9860032ecda64320ec0aaf431bcd6cefba286328efcfb913 |
C:\Windows\msagent\chars\Bonzi.acs
| MD5 | 1fd2907e2c74c9a908e2af5f948006b5 |
| SHA1 | a390e9133bfd0d55ffda07d4714af538b6d50d3d |
| SHA256 | f3d4425238b5f68b4d41ed5be271d2f4118a245baf808a62dc1a9e6e619b2f95 |
| SHA512 | 8eede3e5e52209b8703706a3e3e63230ba01975348dcdc94ef87f91d7c833a505b177139683ca7a22d8082e72e961e823bc3ad1a84ab9c371f5111f530807171 |
C:\Windows\msagent\chars\Peedy.acs
| MD5 | 49654a47fadfd39414ddc654da7e3879 |
| SHA1 | 9248c10cef8b54a1d8665dfc6067253b507b73ad |
| SHA256 | b8112187525051bfade06cb678390d52c79555c960202cc5bbf5901fbc0853c5 |
| SHA512 | fa9cab60fadd13118bf8cb2005d186eb8fa43707cb983267a314116129371d1400b95d03fbf14dfdaba8266950a90224192e40555d910cf8a3afa4aaf4a8a32f |
C:\Users\Admin\AppData\Local\Temp\$inst\0005.tmp
| MD5 | 94e0d650dcf3be9ab9ea5f8554bdcb9d |
| SHA1 | 21e38207f5dee33152e3a61e64b88d3c5066bf49 |
| SHA256 | 026893ba15b76f01e12f3ef540686db8f52761dcaf0f91dcdc732c10e8f6da0e |
| SHA512 | 039ccf6979831f692ea3b5e3c5df532f16c5cf395731864345c28938003139a167689a4e1acef1f444db1fe7fd3023680d877f132e17bf9d7b275cfc5f673ac3 |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page18.jpg
| MD5 | 108fd5475c19f16c28068f67fc80f305 |
| SHA1 | 4e1980ba338133a6fadd5fda4ffe6d4e8a039033 |
| SHA256 | 03f269cd40809d7ec94f5fa4fff1033a624e849179962693cdc2c37d7904233b |
| SHA512 | 98c8743b5af89ec0072b70de8a0babfb5aff19bafa780d6ce99c83721b65a80ec310a4fe9db29a4bb50c2454c34de62c029a83b70d0a9df9b180159ea6cad83a |
C:\Users\Admin\AppData\Local\Temp\$inst\0006.tmp
| MD5 | b3b7f6b0fb38fc4aa08f0559e42305a2 |
| SHA1 | a66542f84ece3b2481c43cd4c08484dc32688eaf |
| SHA256 | 7fb63fca12ef039ad446482e3ce38abe79bdf8fc6987763fe337e63a1e29b30b |
| SHA512 | 0f4156f90e34a4c26e1314fc0c43367ad61d64c8d286e25629d56823d7466f413956962e2075756a4334914d47d69e20bb9b5a5b50c46eca4ef8173c27824e6c |
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page17.jpg
| MD5 | e8f52918072e96bb5f4c573dbb76d74f |
| SHA1 | ba0a89ed469de5e36bd4576591ee94db2c7f8909 |
| SHA256 | 473a890da22defb3fbd643246b3fa0d6d34939ac469cd4f48054ee2a0bc33d82 |
| SHA512 | d57dd0a9686696487d268ef2be2ec2d3b97baedf797a63676da5a8a4165cda89540ec2d3b9e595397cbf53e69dcce76f7249f5eeff041947146ca7bf4099819f |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE
| MD5 | 93f3ed21ad49fd54f249d0d536981a88 |
| SHA1 | ffca7f3846e538be9c6da1e871724dd935755542 |
| SHA256 | 5678fd744faddb30a87568ae309066ef88102a274fff62f10e4963350da373bc |
| SHA512 | 7923556c6d6feb4ff4253e853bae3675184eab9b8ce4d4e07f356c8624317801ee807ad5340690196a975824ea3ed500ce6a80c7670f19785139be594fa5e70f |
C:\Program Files (x86)\BonziBuddy432\ActiveSkin.ocx
| MD5 | 3d225d8435666c14addf17c14806c355 |
| SHA1 | 262a951a98dd9429558ed35f423babe1a6cce094 |
| SHA256 | 2c8f92dc16cbf13542ddd3bf0a947cf84b00fed83a7124b830ddefa92f939877 |
| SHA512 | 391df24c6427b4011e7d61b644953810e392525743914413c2e8cf5fce4a593a831cfab489fbb9517b6c0e7ef0483efb8aeaad0a18543f0da49fa3125ec971e1 |
C:\Program Files (x86)\BonziBuddy432\Uninstall.exe
| MD5 | 068ace391e3c5399b26cb9edfa9af12f |
| SHA1 | 568482d214acf16e2f5522662b7b813679dcd4c7 |
| SHA256 | 2288f4f42373affffbaa63ce2fda9bb071fd7f14dbcd04f52d3af3a219b03485 |
| SHA512 | 0ba89fcdbb418ea6742eeb698f655206ed3b84c41ca53d49c06d30baed13ac4dfdb4662b53c05a28db0a2335aa4bc588635b3b205cfc36d8a55edfc720ac4b03 |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE
| MD5 | 73feeab1c303db39cbe35672ae049911 |
| SHA1 | c14ce70e1b3530811a8c363d246eb43fc77b656c |
| SHA256 | 88c03817ae8dfc5fc9e6ffd1cfb5b829924988d01cd472c1e64952c5398866e8 |
| SHA512 | 73f37dee83664ce31522f732bf819ed157865a2a551a656a7a65d487c359a16c82bd74acff2b7a728bb5f52d53f4cfbea5bef36118128b0d416fa835053f7153 |
C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE
| MD5 | 8a30bd00d45a659e6e393915e5aef701 |
| SHA1 | b00c31de44328dd71a70f0c8e123b56934edc755 |
| SHA256 | 1e2994763a7674a0f1ec117dae562b05b614937ff61c83b316b135afab02d45a |
| SHA512 | daf92e61e75382e1da0e2aba9466a9e4d9703a129a147f0b3c71755f491c68f89ad67cfb4dd013580063d664b69c8673fb52c02d34b86d947e9f16072b7090fb |
C:\Program Files (x86)\BonziBuddy432\BonziCheckers.ocx
| MD5 | 66551c972574f86087032467aa6febb4 |
| SHA1 | 5ad1fe1587a0c31bb74af20d09a1c7d3193ec3c9 |
| SHA256 | 9028075603c66ca2e906ecac3275e289d8857411a288c992e8eef793ed71a75b |
| SHA512 | 35c1f500e69cdd12ec6a3c5daef737a3b57b48a44df6c120a0504d340e0f721d34121595ed396dc466a8f9952a51395912d9e141ad013000f5acb138b2d41089 |
C:\Program Files (x86)\BonziBuddy432\MSCOMCTL.OCX
| MD5 | 12c2755d14b2e51a4bb5cbdfc22ecb11 |
| SHA1 | 33f0f5962dbe0e518fe101fa985158d760f01df1 |
| SHA256 | 3b6ccdb560d7cd4748e992bd82c799acd1bbcfc922a13830ca381d976ffcccaf |
| SHA512 | 4c9b16fb4d787145f6d65a34e1c4d5c6eb07bff4c313a35f5efa9dce5a840c1da77338c92346b1ad68eeb59ef37ef18a9d6078673c3543656961e656466699cf |
C:\Program Files (x86)\BonziBuddy432\MSINET.OCX
| MD5 | 7bec181a21753498b6bd001c42a42722 |
| SHA1 | 3249f233657dc66632c0539c47895bfcee5770cc |
| SHA256 | 73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31 |
| SHA512 | d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc |
C:\Program Files (x86)\BonziBuddy432\Regicon.ocx
| MD5 | 32ff40a65ab92beb59102b5eaa083907 |
| SHA1 | af2824feb55fb10ec14ebd604809a0d424d49442 |
| SHA256 | 07e91d8ed149d5cd6d48403268a773c664367bce707a99e51220e477fddeeb42 |
| SHA512 | 2cfc5c6cb4677ff61ec3b6e4ef8b8b7f1775cbe53b245d321c25cfec363b5b4975a53e26ef438e07a4a5b08ad1dde1387970d57d1837e653d03aef19a17d2b43 |
C:\Program Files (x86)\BonziBuddy432\SSCALA32.OCX
| MD5 | ce9216b52ded7e6fc63a50584b55a9b3 |
| SHA1 | 27bb8882b228725e2a3793b4b4da3e154d6bb2ea |
| SHA256 | 8e52ef01139dc448d1efd33d1d9532f852a74d05ee87e8e93c2bb0286a864e13 |
| SHA512 | 444946e5fc3ea33dd4a09b4cbf2d41f52d584eb5b620f5e144de9a79186e2c9d322d6076ed28b6f0f6d0df9ef4f7303e3901ff552ed086b70b6815abdfc23af7 |
C:\Program Files (x86)\BonziBuddy432\ssa3d30.ocx
| MD5 | 48c35ed0a09855b29d43f11485f8423b |
| SHA1 | 46716282cc5e0f66cb96057e165fa4d8d60fbae2 |
| SHA256 | 7a0418b76d00665a71d13a30d838c3e086304bacd10d764650d2a5d2ec691008 |
| SHA512 | 779938ec9b0f33f4cbd5f1617bea7925c1b6d794e311737605e12cd7efa5a14bbc48bee85208651cf442b84133be26c4cc8a425d0a3b5b6ad2dc27227f524a99 |
C:\Program Files (x86)\BonziBuddy432\sstabs2.ocx
| MD5 | 7303efb737685169328287a7e9449ab7 |
| SHA1 | 47bfe724a9f71d40b5e56811ec2c688c944f3ce7 |
| SHA256 | 596f3235642c9c968650194065850ecb02c8c524d2bdcaf6341a01201e0d69be |
| SHA512 | e0d9cb9833725e0cdc7720e9d00859d93fc51a26470f01a0c08c10fa940ed23df360e093861cf85055b8a588bb2cac872d1be69844a6c754ac8ed5bfaf63eb03 |
C:\Program Files (x86)\BonziBuddy432\SSCALB32.OCX
| MD5 | 97ffaf46f04982c4bdb8464397ba2a23 |
| SHA1 | f32e89d9651fd6e3af4844fd7616a7f263dc5510 |
| SHA256 | 5db33895923b7af9769ca08470d0462ed78eec432a4022ff0acc24fa2d4666e1 |
| SHA512 | 8c43872396f5dceb4ba153622665e21a9b52a087987eab523b1041031e294687012d7bf88a3da7998172010eae5f4cc577099980ecd6b75751e35cfc549de002 |
C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat
| MD5 | 4877f2ce2833f1356ae3b534fce1b5e3 |
| SHA1 | 7365c9ef5997324b73b1ff0ea67375a328a9646a |
| SHA256 | 8ae1ed38bc650db8b14291e1b7298ee7580b31e15f8a6a84f78f048a542742ff |
| SHA512 | dd43ede5c3f95543bcc8086ec8209a27aadf1b61543c8ee1bb3eab9bc35b92c464e4132b228b12b244fb9625a45f5d4689a45761c4c5263aa919564664860c5e |
C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX
| MD5 | 9484c04258830aa3c2f2a70eb041414c |
| SHA1 | b242a4fb0e9dcf14cb51dc36027baff9a79cb823 |
| SHA256 | bf7e47c16d7e1c0e88534f4ef95e09d0fd821ed1a06b0d95a389b35364b63ff5 |
| SHA512 | 9d0e9f0d88594746ba41ea4a61a53498619eda596e12d8ec37d01cfe8ceb08be13e3727c83d630a6d9e6d03066f62444bb94ea5a0d2ed9d21a270e612db532a0 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT20.INF
| MD5 | e4a499b9e1fe33991dbcfb4e926c8821 |
| SHA1 | 951d4750b05ea6a63951a7667566467d01cb2d42 |
| SHA256 | 49e6b848f5a708d161f795157333d7e1c7103455a2f47f50895683ef6a1abe4d |
| SHA512 | a291bb986293197a16f75b2473297286525ac5674c08a92c87b5cc1f0f2e62254ea27d626b30898e7857281bdb502f188c365311c99bda5c2dd76da0c82c554a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTCTL.DLL
| MD5 | 237e13b95ab37d0141cf0bc585b8db94 |
| SHA1 | 102c6164c21de1f3e0b7d487dd5dc4c5249e0994 |
| SHA256 | d19b6b7c57bcee7239526339e683f62d9c2f9690947d0a446001377f0b56103a |
| SHA512 | 9d0a68a806be25d2eeedba8be1acc2542d44ecd8ba4d9d123543d0f7c4732e1e490bad31cad830f788c81395f6b21d5a277c0bed251c9854440a662ac36ac4cb |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDPV.DLL
| MD5 | 7c5aefb11e797129c9e90f279fbdf71b |
| SHA1 | cb9d9cbfbebb5aed6810a4e424a295c27520576e |
| SHA256 | 394a17150b8774e507b8f368c2c248c10fce50fc43184b744e771f0e79ecafed |
| SHA512 | df59a30704d62fa2d598a5824aa04b4b4298f6192a01d93d437b46c4f907c90a1bad357199c51a62beb87cd724a30af55a619baef9ecf2cba032c5290938022a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDP2.DLL
| MD5 | a334bbf5f5a19b3bdb5b7f1703363981 |
| SHA1 | 6cb50b15c0e7d9401364c0fafeef65774f5d1a2c |
| SHA256 | c33beaba130f8b740dddb9980fe9012f9322ac6e94f36a6aa6086851c51b98de |
| SHA512 | 1fa170f643054c0957ed1257c4d7778976c59748670afa877d625aaa006325404bc17c41b47be2906dd3f1e229870d54eb7aba4a412de5adedbd5387e24abf46 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSVR.EXE
| MD5 | 5c91bf20fe3594b81052d131db798575 |
| SHA1 | eab3a7a678528b5b2c60d65b61e475f1b2f45baa |
| SHA256 | e8ce546196b6878a8c34da863a6c8a7e34af18fb9b509d4d36763734efa2d175 |
| SHA512 | face50db7025e0eb2e67c4f8ec272413d13491f7438287664593636e3c7e3accaef76c3003a299a1c5873d388b618da9eaede5a675c91f4c1f570b640ac605d6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTMPX.DLL
| MD5 | 4fbbaac42cf2ecb83543f262973d07c0 |
| SHA1 | ab1b302d7cce10443dfc14a2eba528a0431e1718 |
| SHA256 | 6550582e41fc53b8a7ccdf9ac603216937c6ff2a28e9538610adb7e67d782ab5 |
| SHA512 | 4146999b4bec85bcd2774ac242cb50797134e5180a3b3df627106cdfa28f61aeea75a7530094a9b408bc9699572cae8cf998108bde51b57a6690d44f0b34b69e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTPSH.DLL
| MD5 | b4ac608ebf5a8fdefa2d635e83b7c0e8 |
| SHA1 | d92a2861d5d1eb67ab434ff2bd0a11029b3bd9a9 |
| SHA256 | 8414dfe399813b7426c235ba1e625bd2b5635c8140da0d0cfc947f6565fe415f |
| SHA512 | 2c42daade24c3ff01c551a223ee183301518357990a9cb2cc2dd7bf411b7059ff8e0bf1d1aee2d268eca58db25902a8048050bdb3cb48ae8be1e4c2631e3d9b4 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.HLP
| MD5 | 466d35e6a22924dd846a043bc7dd94b8 |
| SHA1 | 35e5b7439e3d49cb9dc57e7ef895a3cd8d80fb10 |
| SHA256 | e4ccf06706e68621bb69add3dd88fed82d30ad8778a55907d33f6d093ac16801 |
| SHA512 | 23b64ed68a8f1df4d942b5a08a6b6296ec5499a13bb48536e8426d9795771dbcef253be738bf6dc7158a5815f8dcc65feb92fadf89ea8054544bb54fc83aa247 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.DLL
| MD5 | 0cbf0f4c9e54d12d34cd1a772ba799e1 |
| SHA1 | 40e55eb54394d17d2d11ca0089b84e97c19634a7 |
| SHA256 | 6b0b57e5b27d901f4f106b236c58d0b2551b384531a8f3dad6c06ed4261424b1 |
| SHA512 | bfdb6e8387ffbba3b07869cb3e1c8ca0b2d3336aa474bd19a35e4e3a3a90427e49b4b45c09d8873d9954d0f42b525ed18070b949c6047f4e4cdb096f9c5ae5d5 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTCTL15.TLB
| MD5 | f1656b80eaae5e5201dcbfbcd3523691 |
| SHA1 | 6f93d71c210eb59416e31f12e4cc6a0da48de85b |
| SHA256 | 3f8adc1e332dd5c252bbcf92bf6079b38a74d360d94979169206db34e6a24cd2 |
| SHA512 | e9c216b9725bd419414155cfdd917f998aa41c463bc46a39e0c025aa030bc02a60c28ac00d03643c24472ffe20b8bbb5447c1a55ff07db3a41d6118b647a0003 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MSLWVTTS.DLL
| MD5 | 316999655fef30c52c3854751c663996 |
| SHA1 | a7862202c3b075bdeb91c5e04fe5ff71907dae59 |
| SHA256 | ea4ca740cd60d2c88280ff8115bf354876478ef27e9e676d8b66601b4e900ba0 |
| SHA512 | 5555673e9863127749fc240f09cf3fb46e2019b459ad198ba1dc356ba321c41e4295b6b2e2d67079421d7e6d2fb33542b81b0c7dae812fe8e1a87ded044edd44 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTINST.INF
| MD5 | b127d9187c6dbb1b948053c7c9a6811f |
| SHA1 | b3073c8cad22c87dd9b8f76b6ffd0c4d0a2010d9 |
| SHA256 | bd1295d19d010d4866c9d6d87877913eee69e279d4d089e5756ba285f3424e00 |
| SHA512 | 88e447dd4db40e852d77016cfd24e09063490456c1426a779d33d8a06124569e26597bb1e46a3a2bbf78d9bffee46402c41f0ceb44970d92c69002880ddc0476 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSR.DLL
| MD5 | 9fafb9d0591f2be4c2a846f63d82d301 |
| SHA1 | 1df97aa4f3722b6695eac457e207a76a6b7457be |
| SHA256 | e78e74c24d468284639faf9dcfdba855f3e4f00b2f26db6b2c491fa51da8916d |
| SHA512 | ac0d97833beec2010f79cb1fbdb370d3a812042957f4643657e15eed714b9117c18339c737d3fd95011f873cda46ae195a5a67ae40ff2a5bcbee54d1007f110a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTANM.DLL
| MD5 | 48c00a7493b28139cbf197ccc8d1f9ed |
| SHA1 | a25243b06d4bb83f66b7cd738e79fccf9a02b33b |
| SHA256 | 905cb1a15eccaa9b79926ee7cfe3629a6f1c6b24bdd6cea9ccb9ebc9eaa92ff7 |
| SHA512 | c0b0a410ded92adc24c0f347a57d37e7465e50310011a9d636c5224d91fbc5d103920ab5ef86f29168e325b189d2f74659f153595df10eef3a9d348bb595d830 |
memory/2120-7746-0x0000000000400000-0x0000000000424000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d6413c15096bee9e1be8f06f366e046c |
| SHA1 | 99a2fbf23c7b3fb82f072b7636b8297322b542cd |
| SHA256 | 0a245ad16fa58d41874441f057f151c2054319871772a3b1e6647417fd064827 |
| SHA512 | dcd0ccf556c64adde37241fa36dcd5f1620a93d621acf4c8b46285d90350fff47e0192c395cce738c0c2e868169a6b5004977fc41f2e5fa7ce3e8cb2859aba8f |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL
| MD5 | 81e5c8596a7e4e98117f5c5143293020 |
| SHA1 | 45b7fe0989e2df1b4dfd227f8f3b73b6b7df9081 |
| SHA256 | 7d126ed85df9705ec4f38bd52a73b621cf64dd87a3e8f9429a569f3f82f74004 |
| SHA512 | 05b1e9eef13f7c140eb21f6dcb705ee3aaafabe94857aa86252afa4844de231815078a72e63d43725f6074aa5fefe765feb93a6b9cd510ee067291526bb95ec6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.inf
| MD5 | 0a250bb34cfa851e3dd1804251c93f25 |
| SHA1 | c10e47a593c37dbb7226f65ad490ff65d9c73a34 |
| SHA256 | 85189df1c141ef5d86c93b1142e65bf03db126d12d24e18b93dd4cc9f3e438ae |
| SHA512 | 8e056f4aa718221afab91c4307ff87db611faa51149310d990db296f979842d57c0653cb23d53fea54a69c99c4e5087a2eb37daa794ba62e6f08a8da41255795 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF16.DLL
| MD5 | 7210d5407a2d2f52e851604666403024 |
| SHA1 | 242fde2a7c6a3eff245f06813a2e1bdcaa9f16d9 |
| SHA256 | 337d2fb5252fc532b7bf67476b5979d158ca2ac589e49c6810e2e1afebe296af |
| SHA512 | 1755a26fa018429aea00ebcc786bb41b0d6c4d26d56cd3b88d886b0c0773d863094797334e72d770635ed29b98d4c8c7f0ec717a23a22adef705a1ccf46b3f68 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF32.DLL
| MD5 | 4be7661c89897eaa9b28dae290c3922f |
| SHA1 | 4c9d25195093fea7c139167f0c5a40e13f3000f2 |
| SHA256 | e5e9f7c8dbd47134815e155ed1c7b261805eda6fddea6fa4ea78e0e4fb4f7fb5 |
| SHA512 | 2035b0d35a5b72f5ea5d5d0d959e8c36fc7ac37def40fa8653c45a49434cbe5e1c73aaf144cbfbefc5f832e362b63d00fc3157ca8a1627c3c1494c13a308fc7f |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.dll
| MD5 | ed98e67fa8cc190aad0757cd620e6b77 |
| SHA1 | 0317b10cdb8ac080ba2919e2c04058f1b6f2f94d |
| SHA256 | e0beb19c3536561f603474e3d5e3c3dff341745d317bc4d1463e2abf182bb18d |
| SHA512 | ec9c3a71ca9324644d4a2d458e9ba86f90deb9137d0a35793e0932c2aa297877ed7f1ab75729fda96690914e047f1336f100b6809cbc7a33baa1391ed588d7f0 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\andmoipa.ttf
| MD5 | c3e8aeabd1b692a9a6c5246f8dcaa7c9 |
| SHA1 | 4567ea5044a3cef9cb803210a70866d83535ed31 |
| SHA256 | 38ae07eeb7909bda291d302848b8fe5f11849cf0d597f0e5b300bfed465aed4e |
| SHA512 | f74218681bd9d526b68876331b22080f30507898b6a6ebdf173490ca84b696f06f4c97f894cb6052e926b1eee4b28264db1ead28f3bc9f627b4569c1ddcd2d3e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcirt.dll
| MD5 | e7cd26405293ee866fefdd715fc8b5e5 |
| SHA1 | 6326412d0ea86add8355c76f09dfc5e7942f9c11 |
| SHA256 | 647f7534aaaedffa93534e4cb9b24bfcf91524828ff0364d88973be58139e255 |
| SHA512 | 1114c5f275ecebd5be330aa53ba24d2e7d38fc20bb3bdfa1b872288783ea87a7464d2ab032b542989dee6263499e4e93ca378f9a7d2260aebccbba7fe7f53999 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcp50.dll
| MD5 | 497fd4a8f5c4fcdaaac1f761a92a366a |
| SHA1 | 81617006e93f8a171b2c47581c1d67fac463dc93 |
| SHA256 | 91cd76f9fa3b25008decb12c005c194bdf66c8d6526a954de7051bec9aae462a |
| SHA512 | 73d11a309d8f1a6624520a0bf56d539cb07adee6d46f2049a86919f5ce3556dc031437f797e3296311fe780a8a11a1a37b4a404de337d009e9ed961f75664a25 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.hlp
| MD5 | 80d09149ca264c93e7d810aac6411d1d |
| SHA1 | 96e8ddc1d257097991f9cc9aaf38c77add3d6118 |
| SHA256 | 382d745e10944b507a8d9c69ae2e4affd4acf045729a19ac143fa8d9613ccb42 |
| SHA512 | 8813303cd6559e2cc726921838293377e84f9b5902603dac69d93e217ff3153b82b241d51d15808641b5c4fb99613b83912e9deda9d787b4c8ccfbd6afa56bc9 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tvenuax.dll
| MD5 | 1587bf2e99abeeae856f33bf98d3512e |
| SHA1 | aa0f2a25fa5fc9edb4124e9aa906a52eb787bea9 |
| SHA256 | c9106198ecbd3a9cab8c2feff07f16d6bb1adfa19550148fc96076f0f28a37b0 |
| SHA512 | 43161c65f2838aa0e8a9be5f3f73d4a6c78ad8605a6503aae16147a73f63fe985b17c17aedc3a4d0010d5216e04800d749b2625182acc84b905c344f0409765a |
memory/2120-7923-0x0000000000400000-0x0000000000424000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e67bc0ef39f2a2b44e8df0f68f7e77b |
| SHA1 | acbbea9bfe75815a1ce29c1027473c6b804c6235 |
| SHA256 | dbdd126000daf3eed95113fb2a9429e27aa267d1d9d26b7a1787fcb724d51bcc |
| SHA512 | b556f33dfe2e9b2660cbbf6a1632cadc66f3a3e3559078324d86448cc2086d14a03f1d029644590e800d04fc21b2fc1bf55100105b9bc51d65e58dd9edd22b92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bcd3cb3405976a6602ec510ad777155f |
| SHA1 | e4a927635a98ebb0670356690366eee40868b5c4 |
| SHA256 | 5494adeb23b2226e0569ddeb8d5c8f4d93d148bf7bdc13129e73d1b52bfa781f |
| SHA512 | 0f16c223fdd7904bd9527306af9d3a1f0418afe7e1f5c15e7911a064e43dd9380d4e039e2f85a3966e517512f0da81ac8c5639ea8bcca5ef58fbed9a0e8b4e02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000123
| MD5 | d04298c66fb6d212a37bda8c95ca3f18 |
| SHA1 | c11f60ed11f2e85220bea0517f44e6080694a1c9 |
| SHA256 | 5c8c3803038c0d4ccc3cb67539c8fcd38019ff907bf88b25c349038cd1b7d2fc |
| SHA512 | 6809609d7445a32afa0b84e45661886669e4f5604e0cd782734b1c48ed4296b173a24daba6f6b7b336cb4f0ce3cfb7f5f5ac8960a12b8f06768051ea42dbe371 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0afcbd18f3adbe9796416f60df7b1f08 |
| SHA1 | c17cd6fbfbdecbc14ed0d58022d60a4e2d3913e4 |
| SHA256 | 66ae8236f95d303f67a35d8df082db9987e51a93fcceb93782d36a63c0f41ec4 |
| SHA512 | 228d658ea2ab6c7ec959481e49f757676300d7db1e726723f74b11d46af7cdb9af539f79068445ce8665d3e0dc1442d7715409f1694b872f9aac98542eecd0d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8e3f8685164ce7815349bbf45bdfce00 |
| SHA1 | 9ac35315b858833b3f0786380c58c08392580469 |
| SHA256 | 363f3a398443b1bffb058b099313bf339f0543f41d017955ab9ae34a4fb01e20 |
| SHA512 | cc7e063952d930c1eea78a420bc3b5c2a0200391de73fca847ce212c3425b4236d956afbad329c9a87cd07956571b32e49727d7e069aec6d7230a764d78e47be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c985e6447a5b0a4aa1acc75c83f866da |
| SHA1 | 0e5d5a02b8fb015b5345281a3446d0431f1a0d4d |
| SHA256 | eeed9dcc38b14ce360e3a4d3c8bbf86204b24dc5920f67fafd2d1efdf6487a81 |
| SHA512 | b5e7a300e6413de24291010ccea855df8b3ee29e7381935fb1b6f04d91b2541fefd8c9f49c6393962281a61c679207bacaf8dce01aa56f3cf8a0049e15a2956d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2d402296869f75317e861e6138d480be |
| SHA1 | 215c3968908deeca4befae4d1a58ac77b7f4e856 |
| SHA256 | ab4d46d030c9f4090e578478364e29ba8770ea1a050276acc19fed158fc31375 |
| SHA512 | 153d9a6f820bb3c29537921712b0e76afe20bf771c3a3a21b3ed01ee30a82fbb2ef41ca484f9e509656b3ecf7af3b69f2cee4b2fce21ec6709dda9f5b63d5b02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 993c9a25ead66621275af07f894c3c53 |
| SHA1 | 57f155348fcfe8dca2fe0f515fd7b5a16a4018cd |
| SHA256 | 616acc998db22f25aaa458367183cb650a404ccc0febd26cdbf0804d484929bd |
| SHA512 | 6b997ca56408438f24db8723326277fb3142c6034e739c0121e7e4dd169342677c60fad996b7e5ace06f8c71f0003d81e8a7e6b6cdf6d6d34fab0ef082df1617 |
C:\Program Files (x86)\BonziBuddy432\Reg.nbd
| MD5 | a8ed45f8bfdc5303b7b52ae2cce03a14 |
| SHA1 | fb9bee69ef99797ac15ba4d8a57988754f2c0c6b |
| SHA256 | 375ecd89ee18d7f318cf73b34a4e15b9eb16bc9d825c165e103db392f4b2a68b |
| SHA512 | 37917594f22d2a27b3541a666933c115813e9b34088eaeb3d74f77da79864f7d140094dfac5863778acf12f87ccda7f7255b7975066230911966b52986da2d5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7453827d1937ce3150ecd52eb5367a6 |
| SHA1 | b406d54df781db63acc466d806c81d241bd62bdd |
| SHA256 | 8f3d58b89600ff3f306394c242a3eae89bc155c68516811062f9f8d94683ae82 |
| SHA512 | 3deaa7ccaa080dac09c2eecc9b7030a10e459a65c883bc0dc7095369bd60c39390179a4acf45d4cbd038558d3079f6de9d1285dab7d44d468205e43153d7e9b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a1f51ff3-7060-4f96-bdee-841f5cea23ba.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b7873940dfa69327d6b1b8ed6bf243ae |
| SHA1 | 5f550d03699ce3cd587934c106e5b8df5b39eed2 |
| SHA256 | 3af6395e3292e4d5aa82a30ec2bd28f2b5926e5f8c9064bf7d10453c57a12f1e |
| SHA512 | 25b8afbf5439e2f9b1f58385d0ee19bd069122a50b9f26f934f250f67222f018210a8a8d4b8ca17aa907ad9b4c6c0052162fb327b102ef8c61fef5a2485d8d72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6bbacdf9966af5a0d5a5b59b89140dd0 |
| SHA1 | c2af87f769ca63c844093a09b6640b4572ae61fc |
| SHA256 | 8a9e9df7d1db82dd7dc264e9aaa7411cf9a243afc0afda71c35bdeac3bdfc100 |
| SHA512 | 0a6dab08c165d18887300e68bd19f42b8c04567a1b5f2177a677b198b791ed6689a4bf9752c0c1e3db367f667e260198f60f200c778949b8d60d811c181f6fba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a1d623091e2514a798e1f2ab752566b2 |
| SHA1 | 596b16c8a3a744bb297e9f1b0f311005b1cf00de |
| SHA256 | 69430e16fb1a5afebd05ffca2469f9c1bb0a762f7183a2bd8425bb9e0b2e3088 |
| SHA512 | f1cc9333a280291c55eaada8cdb8ac6d08ec1021693ac2073aa5c74b08ffa732070c9c91de4fcda042318b82fdb53f7ee4eb02449fe8cd0ffe5bb5ab987081ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e2b25c5317c3b4442c4463f9bf153f81 |
| SHA1 | a45bdde3acc52e31b5bf7cd76ea5bd167cec33c1 |
| SHA256 | ce05af8c8ca9cf506594359739ca9fad79e965a575b6d5e40278bc6681e6b9f1 |
| SHA512 | dfdbac38e9a3c8c05f87f8ff67d8500604f6a6528ae098bf9cc3a7f072063168aeaa892fdf6533a502f3000b4ae674abef956b9f97cecc8f61ea25b4874978f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dcbd0b5bccce413d80173e8df8519a9a |
| SHA1 | dd253d7601f38ef06c13025c8c77f40c50a8f2ad |
| SHA256 | bf9fe92211289a37266335e4014941a3187ad49099cc052321501bca4495c953 |
| SHA512 | ede514fc68852f60ecb5a742a8d6f8da78232761ee5ad916e5e248fc89cea07b48a966eb8b1a63b211e55db09facb3fa8e93c4983a84523d3d9e5f6ce70ef6d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 93b8f7921f05959b5fa622faaa919926 |
| SHA1 | bcce876d851058bb614d3518768f864f080bb774 |
| SHA256 | d95474960d274cd940c210aec06a3cca2ab913d41977b3453bcdf1ce45644a06 |
| SHA512 | 13ab4cba9c269b9d2c65df4458c166d11697b2280b7686c2bffb58019f5d5401fa54ebd57c1e447b4b3bb11cf5575a7824cdff6ea5d5aa45b6d927ade238510c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3bbae5232da4cb3096f145d2f9035791 |
| SHA1 | d4c82a45bc0f900a95bc70bc80a361db6e9b133b |
| SHA256 | c1a4281abbb6f83a087ca8b67f9320dd23f54db99e3c4519a45b71bcd721e56f |
| SHA512 | 306b7d95c63d7d652807ca9b9e4dcd676c2d1ad3e7f8b399dba0062ea05edb0fa9f2b8732adffb750f6858664b680774ae52735b22c5d14b8d9ec1388a9555a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f7191a8e913b8c3e6dca38c4b0b86241 |
| SHA1 | d0609048bf4d81677c020cf617e1614226723313 |
| SHA256 | 6014422bdc0d368f31478964c463d54f1829cc2ad1ba8c65bf3bea669e16f168 |
| SHA512 | fca27ae2cf6c9de60864e2af7deab5605c476b76aa1c9cb9688221f5251a5c13fa601004f229e8032c13810cd94eccfcbdcb40225157545e071b0d579803af7f |
memory/5356-8312-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8322-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8323-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8324-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8325-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8326-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8334-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8344-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8345-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8346-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8347-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8348-0x0000000000400000-0x0000000003DF3000-memory.dmp
memory/5356-8349-0x0000000000400000-0x0000000003DF3000-memory.dmp