Analysis Overview
Threat Level: Known bad
The file https://dropmefiles.com/kiTuo was found to be: Known bad.
Malicious Activity Summary
xmrig
Detectes Phoenix Miner Payload
Detectes GMiner Payload
Detectes NanoMiner Payload
Detectes lolMiner Payload
XMRig Miner payload
Detectes NBMiner Payload
Detectes ZEnemy Payload
Detectes MiniZ Payload
Detectes NiceHashMiner Payload
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Office macro that triggers on suspicious action
Event Triggered Execution: Component Object Model Hijacking
UPX packed file
ASPack v2.12-2.42
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Looks up external IP address via web service
Legitimate hosting services abused for malware hosting/C2
Hide Artifacts: Hidden Window
Checks installed software on the system
Drops file in System32 directory
AutoIT Executable
Suspicious use of SetThreadContext
Drops file in Windows directory
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates physical storage devices
Modifies registry class
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Kills process with taskkill
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Checks SCSI registry key(s)
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Suspicious behavior: GetForegroundWindowSpam
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-08 15:40
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-08 15:40
Reported
2024-08-08 15:58
Platform
win10v2004-20240802-en
Max time kernel
985s
Max time network
1050s
Command Line
Signatures
xmrig
Detectes GMiner Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detectes MiniZ Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detectes NBMiner Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detectes NanoMiner Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detectes NiceHashMiner Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detectes Phoenix Miner Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detectes ZEnemy Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detectes lolMiner Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
XMRig Miner payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Office macro that triggers on suspicious action
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
ASPack v2.12-2.42
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\NiceHashMiner.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks installed software on the system
Hide Artifacts: Hidden Window
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\cmd.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api64.ipify.org | N/A | N/A |
| N/A | api64.ipify.org | N/A | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\hdaudbus.inf_amd64_533c8d455025cc59\hdaudbus.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_b748590104fe1c15\machine.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\machine.inf_amd64_b748590104fe1c15\machine.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\mshdc.inf_amd64_0d06b6638bdb4763\mshdc.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\input.inf_amd64_adeb6424513f60a2\input.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\input.inf_amd64_adeb6424513f60a2\input.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_254cd5ae09de6b08\usbport.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_amd64_1793a485b491b199\msmouse.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\keyboard.inf_amd64_5938c699b80ebb8f\keyboard.PNF | C:\Windows\system32\dxdiag.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\netrtl64.inf_amd64_8e9c2368fe308df2\netrtl64.PNF | C:\Windows\system32\dxdiag.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 7072 set thread context of 8076 | N/A | C:\Users\Admin\Downloads\VeryFun.exe | C:\Windows\SysWOW64\cmd.exe |
| PID 7072 set thread context of 2656 | N/A | C:\Users\Admin\Downloads\VeryFun.exe | C:\Windows\SysWOW64\cmd.exe |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7zFM.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\Uninstall.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7zFM.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7zG.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7z.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7z.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7zG.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\Uninstall.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\notepad.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Windows\notepad.dll.sys.exe | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Windows\System.ini | C:\Users\Admin\Downloads\VeryFun.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Flasher.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Avoid.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Zika.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\nicehash-miner_softradar-com.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Avoid.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WindowsUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Time.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\VeryFun.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\CrazyNCS.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Time.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\ArcticBomb.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs | C:\Windows\system32\dxdiag.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Windows\system32\dxdiag.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\system32\dxdiag.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs | C:\Windows\system32\dxdiag.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\dxdiag.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\system32\dxdiag.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\MINIE | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\IESettingSync | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50f08c2aabe9da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ea125702b7698d479b1c3c8e0190d45f000000000200000000001066000000010000200000005871def16037874307f8d50dd87cb3ea8f58b31e398ffa8448e6b3b93d763b67000000000e800000000200002000000075e7e918a667fd5dd2fd3366b6d5a54f2b683925734b419006d4729859a441252000000046978ea756d7df2a96f35df512a92125b4825aaa6859f2ce13cab171a6c53cd140000000ad9d7971be44f6b0bd29649689ae610a2fbadbc7743df23a96354a263a09cda3dd1d716765c0bc28c214b938faf3acac6d0646a88ebe362b15c13a39281f52cb | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ea125702b7698d479b1c3c8e0190d45f000000000200000000001066000000010000200000006b6d7dd68d1d66e53f999c3c76c1d1cb2f75787205c686893da541af1ea878eb000000000e8000000002000020000000ff0963ff278aec854ab965335c1adc5705a7b92ee8d3bf7d95ee6af708437cd0200000002cc68f8fd2495302c2a30263ceaf7d7455c63b17d72badd2d1f9c53cb9eaf1804000000021b16e1ca49f3920646186146061f1d863bc624f29e9bc042ba8db014b932d35f0d758d4ab2ee00caea6d285ba99aa68eec9e24c53e8be17e80cf3744992d97a | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{5552604D-559E-11EF-AC6B-C61537EC8B44} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 6035882aabe9da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32 | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\ = "DxDiagProvider Class" | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlgLegacy\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CurVer\ = "DxDiag.DxDiagClassObject.1" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7} | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1 | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\ = "DxDiagClassObject Class" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Downloads" | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\VersionIndependentProgID | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\ProgID | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CLSID\ = "{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}" | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ProgID\ = "DxDiag.DxDiagClassObject.1" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7}\InprocServer32 | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-523280732-2327480845-3730041215-1000\{435D8FA1-6ECA-43D0-9130-DE9F2CB6F468} | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B} | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A65B8071-3BFE-4213-9A5B-491DA4461CA7} | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1\ = "DxDiagClassObject Class" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject\CurVer | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-523280732-2327480845-3730041215-1000\{60B51E02-C5BD-4A9E-96DA-825DA596F6E3} | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlgLegacy | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-523280732-2327480845-3730041215-1000\{91A3C048-BADB-4CD9-BA56-C0E86A4C1D3C} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\VersionIndependentProgID\ = "DxDiag.DxDiagClassObject" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EEB1CAE3-D0B2-446E-AEDE-727AA9089A1B}\ForceRemove | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1 | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000624c7b65d7e4da0162be5c88dee4da01f56f5c79a9e9da0114000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider.1\ = "DxDiagProvider Class" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlgLegacy\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Pictures" | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagClassObject.1 | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3 | C:\Users\Admin\Downloads\Popup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer\ = "DxDiag.DxDiagClassObject.1" | C:\Windows\system32\dxdiag.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\DxDiag.DxDiagProvider\CurVer\ = "DxDiag.DxDiagClassObject.1" | C:\Windows\system32\dxdiag.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Downloads\Popup.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 410084.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 471507.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 433693.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\rbxidle-updater\installer.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 429117.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\7-Zip\7zFM.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 239312.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 681825.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 794641.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\7-Zip\7zG.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\7-Zip\Uninstall.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 681536.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 791313.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 422519.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 401521.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 456507.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\7-Zip\7z.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 850329.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 38370.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
| File created | C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Zika.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Popup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dropmefiles.com/kiTuo
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9775846f8,0x7ff977584708,0x7ff977584718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4148 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x484 0x510
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6692 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3380 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7424 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7692 /prefetch:8
C:\Users\Admin\Downloads\winrar-x64-701.exe
"C:\Users\Admin\Downloads\winrar-x64-701.exe"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\fae986e7438d45fb8e7cfbc4f93e2776 /t 4356 /p 1076
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8244 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7076 /prefetch:8
C:\Users\Admin\Downloads\winrar-x64-701 (1).exe
"C:\Users\Admin\Downloads\winrar-x64-701 (1).exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9096 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8120 /prefetch:8
C:\Users\Admin\Downloads\NiceHashQuickMinerV1049.exe
"C:\Users\Admin\Downloads\NiceHashQuickMinerV1049.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\NiceHashQuickMinerV1049.exe
"C:\Users\Admin\Downloads\NiceHashQuickMinerV1049.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9720 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8936 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10044 /prefetch:8
C:\Users\Admin\Downloads\nicehash-miner_softradar-com.exe
"C:\Users\Admin\Downloads\nicehash-miner_softradar-com.exe"
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\NiceHashMiner.exe
"C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\NiceHashMiner.exe"
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\NiceHashMiner.exe
"C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\NiceHashMiner.exe" -lc -PID1884
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://nicehash.com/my/register
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9775846f8,0x7ff977584708,0x7ff977584718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9212 /prefetch:1
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\DeviceDetectionPrinter.exe
"C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\DeviceDetectionPrinter.exe" cuda -n
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\DeviceDetectionPrinter.exe
"C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\DeviceDetectionPrinter.exe" ocl -n
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9560 /prefetch:1
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8760 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10748 /prefetch:8
C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe
"C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe"
C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe
"C:\Users\Admin\Downloads\RBXIDLE.Setup.3.0.0.exe"
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe
"C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "chcp"
C:\Windows\system32\chcp.com
chcp
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe
"C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe" --type=gpu-process --field-trial-handle=1684,12521189276601872076,14754395733891265688,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --user-data-dir="C:\Users\Admin\AppData\Roaming\RBXIDLE" --gpu-preferences=UAAAAAAAAADgAAAIAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1712 /prefetch:2
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe
"C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1684,12521189276601872076,14754395733891265688,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\RBXIDLE" --mojo-platform-channel-handle=2052 /prefetch:8
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe
"C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\RBXIDLE" --app-path="C:\Users\Admin\AppData\Local\Programs\RBXIDLE\resources\app.asar" --no-sandbox --no-zygote --field-trial-handle=1684,12521189276601872076,14754395733891265688,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2396 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe
"C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\RBXIDLE" --app-path="C:\Users\Admin\AppData\Local\Programs\RBXIDLE\resources\app.asar" --enable-sandbox --field-trial-handle=1684,12521189276601872076,14754395733891265688,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell.exe Start-Process -FilePath "'C:\Users\Admin\AppData\Local\Temp\66ea462947a1a0a2086d1a16e17bbd18\execute.bat'" -WindowStyle hidden -Verb runAs"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe Start-Process -FilePath "'C:\Users\Admin\AppData\Local\Temp\66ea462947a1a0a2086d1a16e17bbd18\execute.bat'" -WindowStyle hidden -Verb runAs
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\AppData\Local\Temp\66ea462947a1a0a2086d1a16e17bbd18\execute.bat"
C:\Windows\system32\chcp.com
chcp 65001
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -ExecutionPolicy Bypass Add-MPPreference -ExclusionPath C:\Users\Admin\AppData\Local\Programs\RBXIDLE\RBXIDLE.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "explorer https://discord.gg/XB94k6SxWN"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -NoProfile -NoLogo -InputFormat Text -NoExit -ExecutionPolicy Unrestricted -Command -
C:\Windows\explorer.exe
explorer https://discord.gg/XB94k6SxWN
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/XB94k6SxWN
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9775846f8,0x7ff977584708,0x7ff977584718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell.exe -ExecutionPolicy Bypass Add-MPPreference -ExclusionPath C:\Users\Admin\AppData\Roaming\RBXIDLE
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "dxdiag /x C:\Users\Admin\AppData\Roaming\RBXIDLE\dx.xml"
C:\Windows\system32\dxdiag.exe
dxdiag /x C:\Users\Admin\AppData\Roaming\RBXIDLE\dx.xml
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "rmdir /s /q "C:\Users\Admin\AppData\Local\Temp\66ea462947a1a0a2086d1a16e17bbd18""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "dxdiag /x C:\Users\Admin\AppData\Roaming\RBXIDLE\dx.xml"
C:\Windows\system32\dxdiag.exe
dxdiag /x C:\Users\Admin\AppData\Roaming\RBXIDLE\dx.xml
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\resources\components\xm\xmrig.exe
C:\Users\Admin\AppData\Local\Programs\RBXIDLE\resources\components\xm\xmrig.exe -a rx/0 -k -o stratum+tcp://xmr-us-east1.nanopool.org:10300 -u 47KJeHrhm2xQzgxg3kYx4m8SsxDAgSXSPJAroo1aCWQN2XLdDUtFaYrgKqCbkxCQ2C9KWgGqCy94UByPc3EMVkNC88Ef6By.USER-4aJNEBHxx8LcOSH --cpu-max-threads-hint=75%
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "taskkill /FI "ImageName eq nbminer.exe*" /T /F"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9248 /prefetch:1
C:\Windows\system32\taskkill.exe
taskkill /FI "ImageName eq nbminer.exe*" /T /F
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10340 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "taskkill /FI "ImageName eq xmrig.exe*" /T /F"
C:\Windows\system32\taskkill.exe
taskkill /FI "ImageName eq xmrig.exe*" /T /F
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "taskkill /FI "ImageName eq PIC.exe*" /T /F"
C:\Windows\system32\taskkill.exe
taskkill /FI "ImageName eq PIC.exe*" /T /F
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "wsl --shutdown"
C:\Windows\system32\wsl.exe
wsl --shutdown
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4848 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11828 /prefetch:8
C:\Users\Admin\Downloads\Avoid.exe
"C:\Users\Admin\Downloads\Avoid.exe"
C:\Users\Admin\Downloads\Avoid.exe
"C:\Users\Admin\Downloads\Avoid.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5084 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11788 /prefetch:8
C:\Users\Admin\Downloads\Flasher.exe
"C:\Users\Admin\Downloads\Flasher.exe"
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\SubmitClear.gif
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6976 CREDAT:17410 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11696 /prefetch:8
C:\Users\Admin\Downloads\CrazyNCS.exe
"C:\Users\Admin\Downloads\CrazyNCS.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11248 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11716 /prefetch:8
C:\Users\Admin\Downloads\WindowsUpdate.exe
"C:\Users\Admin\Downloads\WindowsUpdate.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=11216 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=11912 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11992 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10828 /prefetch:8
C:\Users\Admin\Downloads\Time.exe
"C:\Users\Admin\Downloads\Time.exe"
C:\Users\Admin\Downloads\Time.exe
"C:\Users\Admin\Downloads\Time.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10788 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10092 /prefetch:8
C:\Users\Admin\Downloads\Popup.exe
"C:\Users\Admin\Downloads\Popup.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10112 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10920 /prefetch:8
C:\Users\Admin\Downloads\ArcticBomb.exe
"C:\Users\Admin\Downloads\ArcticBomb.exe"
C:\Users\Admin\Downloads\ArcticBomb.exe
"C:\Users\Admin\Downloads\ArcticBomb.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9876 /prefetch:8
C:\Users\Admin\Downloads\Zika.exe
"C:\Users\Admin\Downloads\Zika.exe"
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\7-Zip\7z.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\7-Zip\7zFM.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\7-Zip\7zG.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\7-Zip\Uninstall.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -addoverwrite C:\Program Files\7-Zip\Uninstall.exe", "C:\Program Files\7-Zip\Uninstall.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\svchost.exe" -extract C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.dll.sys.exe, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, icongroup,,
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe
"C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.exe" -compile C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.rc, C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11336 /prefetch:8
C:\Users\Admin\Downloads\VeryFun.exe
"C:\Users\Admin\Downloads\VeryFun.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x484 0x510
C:\Users\Admin\Downloads\VeryFun.exe
"C:\Users\Admin\Downloads\VeryFun.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Users\Admin\Downloads\VeryFun.exe
"C:\Users\Admin\Downloads\VeryFun.exe"
C:\Users\Admin\Downloads\VeryFun.exe
"C:\Users\Admin\Downloads\VeryFun.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9248 /prefetch:8
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2088,9924988032339391707,8698643187853299281,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10568 /prefetch:8
C:\Users\Admin\Downloads\TaskILL.exe
"C:\Users\Admin\Downloads\TaskILL.exe"
C:\Windows\SYSTEM32\mountvol.exe
mountvol c:\ /d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | dropmefiles.com | udp |
| RU | 176.99.128.9:443 | dropmefiles.com | tcp |
| US | 8.8.8.8:53 | dropmefiles.com | udp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.128.99.176.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 87.250.251.119:443 | mc.yandex.ru | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| RU | 176.99.128.38:443 | dropmefiles.com | tcp |
| GB | 95.101.129.233:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 233.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| RU | 176.99.128.18:443 | dropmefiles.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.129.194:443 | r.bing.com | tcp |
| GB | 95.101.129.194:443 | r.bing.com | tcp |
| GB | 95.101.129.194:443 | r.bing.com | tcp |
| GB | 95.101.129.194:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 194.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| SE | 20.190.181.1:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 1.181.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | tse4.mm.bing.net | udp |
| US | 8.8.8.8:53 | tse2.mm.bing.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 142.250.179.174:443 | www.youtube.com | tcp |
| NL | 142.250.179.174:443 | www.youtube.com | tcp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 174.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.134:443 | static.doubleclick.net | tcp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | testfamilysafety.bing.com | udp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 8.8.8.8:53 | 201.197.79.204.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.129.194:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.146:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 146.252.19.2.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.rarlab.com | udp |
| DE | 51.195.68.162:443 | www.rarlab.com | tcp |
| DE | 51.195.68.162:443 | www.rarlab.com | tcp |
| US | 8.8.8.8:53 | 162.68.195.51.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| DE | 51.195.68.162:443 | www.rarlab.com | tcp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.win-rar.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 8.8.8.8:53 | 163.68.195.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | tcp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 142.250.179.174:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-5hnekn7l.googlevideo.com | udp |
| NL | 74.125.100.6:443 | rr1---sn-5hnekn7l.googlevideo.com | tcp |
| NL | 74.125.100.6:443 | rr1---sn-5hnekn7l.googlevideo.com | tcp |
| NL | 142.251.36.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | rr3---sn-q4fl6ndz.googlevideo.com | udp |
| US | 173.194.141.136:443 | rr3---sn-q4fl6ndz.googlevideo.com | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 84.102.250.142.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 136.141.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 142.250.179.142:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 142.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| NL | 142.250.179.142:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | www.cudominer.com | udp |
| US | 104.21.85.7:443 | www.cudominer.com | tcp |
| US | 104.21.85.7:443 | www.cudominer.com | tcp |
| US | 8.8.8.8:53 | download.cudo.org | udp |
| US | 172.67.69.190:443 | download.cudo.org | tcp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | s.w.org | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | stagingsite.cudoventures.com | udp |
| US | 8.8.8.8:53 | a.opmnstr.com | udp |
| GB | 143.244.38.136:443 | a.opmnstr.com | tcp |
| US | 8.8.8.8:53 | salesiq.zoho.eu | udp |
| US | 8.8.8.8:53 | 7.85.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| NL | 185.230.212.28:443 | salesiq.zoho.eu | tcp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| GB | 13.224.245.89:443 | static.hotjar.com | tcp |
| GB | 143.244.38.136:443 | a.opmnstr.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 143.244.38.136:443 | a.opmnstr.com | tcp |
| US | 8.8.8.8:53 | api.omappapi.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| CH | 157.240.17.15:443 | connect.facebook.net | tcp |
| US | 172.66.42.248:443 | api.omappapi.com | tcp |
| FR | 199.232.168.157:443 | static.ads-twitter.com | tcp |
| NL | 142.251.36.40:443 | ssl.google-analytics.com | tcp |
| US | 8.8.8.8:53 | css.zohocdn.com | udp |
| US | 8.8.8.8:53 | js.zohocdn.com | udp |
| US | 8.8.8.8:53 | eu1-files.zohopublic.eu | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | salesiq.zohopublic.eu | udp |
| US | 8.8.8.8:53 | api.cudo.org | udp |
| NL | 185.230.212.169:443 | eu1-files.zohopublic.eu | tcp |
| GB | 169.148.129.35:443 | js.zohocdn.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 169.148.129.35:443 | js.zohocdn.com | tcp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 185.230.212.19:443 | salesiq.zohopublic.eu | tcp |
| US | 104.26.11.102:443 | api.cudo.org | tcp |
| US | 172.66.42.248:443 | api.omappapi.com | tcp |
| NL | 142.251.36.40:443 | ssl.google-analytics.com | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| PL | 93.184.221.165:443 | t.co | tcp |
| US | 104.244.42.195:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | 28.212.230.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.168.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.17.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.129.148.169.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.212.230.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.42.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.212.230.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| CH | 157.240.17.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| GB | 18.245.253.48:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | 35.17.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | console.cudominer.com | udp |
| US | 172.67.200.110:443 | console.cudominer.com | tcp |
| US | 172.67.200.110:443 | console.cudominer.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| NL | 142.251.39.97:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 110.200.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.252.19.2.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.26.11.102:443 | api.cudo.org | tcp |
| US | 8.8.8.8:53 | storage.googleapis.com | udp |
| NL | 142.250.179.219:443 | storage.googleapis.com | tcp |
| US | 8.8.8.8:53 | 219.179.250.142.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | www.nicehash.com | udp |
| US | 34.96.85.230:443 | www.nicehash.com | tcp |
| US | 34.96.85.230:443 | www.nicehash.com | tcp |
| US | 34.96.85.230:443 | www.nicehash.com | udp |
| US | 8.8.8.8:53 | api2.nicehash.com | udp |
| US | 35.190.112.164:443 | api2.nicehash.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | status.nicehash.com | udp |
| US | 34.110.135.107:443 | status.nicehash.com | tcp |
| US | 35.190.112.164:443 | api2.nicehash.com | udp |
| US | 34.96.85.230:443 | www.nicehash.com | udp |
| US | 8.8.8.8:53 | usage.trackjs.com | udp |
| CA | 148.113.163.172:443 | usage.trackjs.com | tcp |
| US | 8.8.8.8:53 | 230.85.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.112.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.135.110.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.163.113.148.in-addr.arpa | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.134:443 | static.doubleclick.net | udp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| US | 8.8.8.8:53 | files.nicehash.com | udp |
| US | 34.110.229.150:443 | files.nicehash.com | tcp |
| US | 34.110.229.150:443 | files.nicehash.com | tcp |
| US | 8.8.8.8:53 | 150.229.110.34.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | cgminer.info | udp |
| US | 104.21.57.192:443 | cgminer.info | tcp |
| US | 104.21.57.192:443 | cgminer.info | tcp |
| US | 8.8.8.8:53 | coinzillatag.com | udp |
| US | 8.8.8.8:53 | 192.57.21.104.in-addr.arpa | udp |
| US | 172.67.206.14:443 | coinzillatag.com | tcp |
| US | 172.67.206.14:443 | coinzillatag.com | tcp |
| US | 172.67.206.14:443 | coinzillatag.com | tcp |
| US | 8.8.8.8:53 | request-global.czilladx.com | udp |
| DE | 142.93.100.104:443 | request-global.czilladx.com | tcp |
| DE | 142.93.100.104:443 | request-global.czilladx.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 104.21.57.192:443 | cgminer.info | tcp |
| US | 8.8.8.8:53 | 14.206.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.100.93.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cryptomining-blog.com | udp |
| US | 173.45.173.181:443 | cryptomining-blog.com | tcp |
| US | 173.45.173.181:443 | cryptomining-blog.com | tcp |
| US | 173.45.173.181:443 | cryptomining-blog.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | 181.173.45.173.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.webvisor.org | udp |
| RU | 87.250.251.119:443 | mc.webvisor.org | tcp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | 175.117.168.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | softradar.com | udp |
| US | 172.67.69.160:443 | softradar.com | tcp |
| US | 172.67.69.160:443 | softradar.com | tcp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 172.217.168.194:443 | partner.googleadservices.com | tcp |
| NL | 142.251.36.2:443 | www.googletagservices.com | tcp |
| NL | 142.251.36.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 160.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.134:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 172.67.69.160:443 | softradar.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | api2.nicehash.com | udp |
| US | 35.190.112.164:443 | api2.nicehash.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | nicehash.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 34.96.85.230:443 | nicehash.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 35.190.112.164:443 | api2.nicehash.com | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 142.250.179.163:443 | recaptcha.net | tcp |
| GB | 23.206.77.205:443 | appleid.cdn-apple.com | tcp |
| CA | 148.113.163.172:443 | usage.trackjs.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| NL | 142.250.179.163:443 | recaptcha.net | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.77.206.23.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 35.190.112.164:443 | api2.nicehash.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | miner-plugins.nicehash.com | udp |
| US | 34.160.124.140:443 | miner-plugins.nicehash.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | nhmws.nicehash.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 34.120.0.210:443 | nhmws.nicehash.com | tcp |
| US | 8.8.8.8:53 | 140.124.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.0.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | play.google.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| NL | 216.58.214.14:443 | play.google.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 216.129.101.95.in-addr.arpa | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 92.37.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 34.120.0.210:443 | nhmws.nicehash.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 34.120.0.210:443 | nhmws.nicehash.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | app.rbxwallet.com | udp |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| US | 34.120.0.210:443 | nhmws.nicehash.com | tcp |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | 101.189.13.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.pusher.com | udp |
| US | 8.8.8.8:53 | api64.ipify.org | udp |
| US | 173.231.16.77:443 | api64.ipify.org | tcp |
| GB | 18.244.117.70:443 | js.pusher.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ws-us2.pusher.com | udp |
| US | 8.8.8.8:53 | 77.16.231.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.117.244.18.in-addr.arpa | udp |
| US | 52.15.155.189:443 | ws-us2.pusher.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | 189.155.15.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 3.13.189.101:443 | app.rbxwallet.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 34.120.0.210:443 | nhmws.nicehash.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 34.120.0.210:443 | nhmws.nicehash.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | mdbootstrap.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| DE | 51.195.116.113:443 | mdbootstrap.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.116.195.51.in-addr.arpa | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.134:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 172.217.168.202:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.22:443 | i.ytimg.com | tcp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| NL | 172.217.168.202:443 | jnn-pa.googleapis.com | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| NL | 216.58.214.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | images.g2a.com | udp |
| GB | 23.206.79.101:443 | images.g2a.com | tcp |
| GB | 23.206.79.101:443 | images.g2a.com | tcp |
| GB | 23.206.79.101:443 | images.g2a.com | tcp |
| GB | 23.206.79.101:443 | images.g2a.com | tcp |
| GB | 23.206.79.101:443 | images.g2a.com | tcp |
| GB | 23.206.79.101:443 | images.g2a.com | tcp |
| US | 8.8.8.8:53 | 101.79.206.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.135.234:443 | discord.gg | tcp |
| US | 162.159.135.234:443 | discord.gg | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 233.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.57.26.184.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | xmr-us-east1.nanopool.org | udp |
| CA | 51.222.106.253:10300 | xmr-us-east1.nanopool.org | tcp |
| US | 8.8.8.8:53 | 253.106.222.51.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.250.179.150:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 150.179.250.142.in-addr.arpa | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | tcp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| GB | 95.101.129.233:443 | www.bing.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| GB | 95.101.129.233:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| GB | 95.101.129.216:443 | r.bing.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.2:443 | www.googletagservices.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| N/A | 127.0.0.1:18000 | tcp | |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | rbxidle.com | udp |
| US | 162.254.37.92:443 | rbxidle.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 172.217.168.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 206.168.217.172.in-addr.arpa | udp |
| GB | 95.101.129.216:443 | www.bing.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e765f3d75e6b0e4a7119c8b14d47d8da |
| SHA1 | cc9f7c7826c2e1a129e7d98884926076c3714fc0 |
| SHA256 | 986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89 |
| SHA512 | a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079 |
\??\pipe\LOCAL\crashpad_3876_CPGCIFJKBPDYBVMP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 53bc70ecb115bdbabe67620c416fe9b3 |
| SHA1 | af66ec51a13a59639eaf54d62ff3b4f092bb2fc1 |
| SHA256 | b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771 |
| SHA512 | cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 10476d6246d3824ed199ade605f89ebc |
| SHA1 | c52a7b6e4da8ff63fa49e1dae49a2b9ab9e7618e |
| SHA256 | 926192faa0c063b87e395ff5965b57ac415e770bab753194a8eafc0037519199 |
| SHA512 | c97bab0ca2bb03c9fbe7729892710ded98d19c8c925d0b849fe601868ac118dbbedff985cfd9e748304312a520f549a8d7f9685972ec6a853575a201e38380a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 48d2860dd3168b6f06a4f27c6791bcaa |
| SHA1 | f5f803efed91cd45a36c3d6acdffaaf0e863bf8c |
| SHA256 | 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77 |
| SHA512 | 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 82f877c32a9b28760df51a56c8dc1cfa |
| SHA1 | 3593979fbc9583b3514b72f4df580b69f9bf2e2e |
| SHA256 | 94b4c834dc2b9f308d4c397aa2dcf223b9651be589befdb8453aa21da08dd55e |
| SHA512 | c85a077ddc48a7c319bbd3b068f653dacb852c1144a53b5ddd67180c521abd5adcc3e572fc584a5a29e42e92739a0b2e8eb614462dd11e8c92825f5c505143d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 55a1477a494ec0b765407009544b7e83 |
| SHA1 | 79e7fbfd14b53a43e1ab4bb01846afbf58184536 |
| SHA256 | b1e0cfec75fddecc8cf5ebaaaa9b6e6b9a90d9d849fed44fa10520f9ffc1119e |
| SHA512 | ad448ae493c74a39f027336278d8550efbc1559727ad0d92198212c26dd68011b46a5eff72ccaa9e5964fa549cda4d7477a04daf1f30909a0fb65328b609307f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f6a0cf373a9d4731b33397381f2e15bb |
| SHA1 | c97504c456f2eb1fc2504dd3c73924fbbf12c55a |
| SHA256 | 86f1ef54afce6376093cac4f98068df0cfbe37634dfaac2a1f80aa023a7d5d0b |
| SHA512 | 29ba7dd296cf26cd22c8fb363d0ebb26cbd42c920fbec9d29f3eff1a76d1ad931fc171a1468a7c0b9ab59ed5ef28d162703b329c79eebb679f1bcf109761aca3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ee48.TMP
| MD5 | 61787f88a5a57cac4a9952431de6aee4 |
| SHA1 | ecccb99f3743e325e2b65c3d8ed0b31fa2f334f9 |
| SHA256 | fef3cbbf1b4eb91c2f6fd1f8277112a794c16ebb41eb8d1ee51cff1c9e3652d9 |
| SHA512 | c70e1b4103c466ed008a588a65daa8887a189b8ee6b9b48550d31c8a8c8897a6538f1b6365235cdefd8198aad74ddf9d78734feec0c5f594cda95653d9cb841a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4685d0ab62c0540ca0372a6144451d93 |
| SHA1 | caff4b71db72348124512765d73a3c80606219e4 |
| SHA256 | 20149b4d5f6ecf1df83b011eab7082f238b0c4d3a17008b032f5541c3b4bd94f |
| SHA512 | 701ce30420e0f6fddb5c3c3b9a84f46466a2b7d39b8edbb62bd7ac5a9fbf2cc910d4adf07710c433eb7756fcbab6d9fbff85d6ecd00cb0ea2a7848cb2f640534 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b06a92eab5df53765ac633c49be4b78a |
| SHA1 | 2a330eac07ca63f0ccb80e7e301e8328ad2df6b8 |
| SHA256 | b607245d7b597d9404c29059c2157567c01ce05ddcc97aade4c08d8a68f6deef |
| SHA512 | f128145fed674f9d8404429d529644b045f69b185916264f0733286b6c40ed7bf023fdeae974c6c7a70ff1d30c21d3107094d292baa3ff302ba8f54328ddcf2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 70495623e97b065578a57674df13ed32 |
| SHA1 | 5d074f57cd21fbacc75cf00671471e0070530555 |
| SHA256 | 021c499632b0140bce41cad7d17b3b0b72e64708d2e38dd1f052fa39cf3cf6c4 |
| SHA512 | 0eac800cf69c0787ef4ec9700c71031406f06ebdc9ffc64005c3505d8805e2a4e8da364e77d6542b06b414cc18628d9c1e3a0597deb282e1bee04527aef91ccb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c514d97eb45dc1861f7972d54d23ac66 |
| SHA1 | f92049194e2a9471926607125d0530c426b261a9 |
| SHA256 | eae1d375cb294553e58a5aebe03357c746ba222773ae854dc8d0ac2b27015bfa |
| SHA512 | d4699629bbda5c824f81df7d470f63cc7990ce9861fb65adea0f81412dcf0bbffabbf4af1ab2bd02e0d14dcf2678b6660da0a72c923f5e7e8abe3425d290a7c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8ba07c8b34c50b84e0e5822391fd22a4 |
| SHA1 | 05ca7bb621276bb5457ec5440dcefcc1fead615b |
| SHA256 | db88d837613e2f0e47381b351c05751d47808f819a9569f46b4840473094f39d |
| SHA512 | 42399a42294d0c8dc255e876c1fb0ef76405a2ef9e7c5623e9a629c190395ce8fa83ee2159aead748d4310937aa76a66806937d66d292729056819b1c8fc4fdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3ffe61030354bdc6e977bbee93059ac2 |
| SHA1 | bd39249171c7be805bb27a231704090fe02def04 |
| SHA256 | 055c83004e5381f3bf99f49e94aec16550f66dcc4a019dc99354c77eb973c717 |
| SHA512 | 019db39d9b89ee98185789d181da99d746c47584ec0c098dffcd04d4c5ca557de6e97a1630330b8807ae5d31418c632b0462be9a6e4a3191d2e424a8ac3b38c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 15377a993361740962975f6d8f02c94b |
| SHA1 | dcf74b46347b673c0660dead970ab7fa228d36ac |
| SHA256 | bb6e0cba6ea09fcdbf4f30a085745c1b9a18c80ee7aa68bd1df1fac3453f87ac |
| SHA512 | ae474ac4fe8f95e2b77fb63f113d3072aca7a584610cff70807a225325639dcf1328eac0bf71b190f0d1b97ad75906cd30d983bbb110933968ba2ba2422d88fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c2f7705ce457b38ac54b522913ba1b88 |
| SHA1 | ab749bc69b8d80ebd2176c736e1a423e30b4573f |
| SHA256 | 61045f064223097adb08b2732fc783a9f9eb67f9ab07b23b959729a63af55e27 |
| SHA512 | 2e08b5217dd911d966026c2cfb6c51dbac0f4005e0fa464bd5b31a8be36903eaadb6898072505bbf90f1c05f004c9b0439dc7d03e0278f60dd4b11919529d035 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1246702a07579ffb732bbe15802c78fd |
| SHA1 | c973962c67424f38d029f3e67cd9595e9a8310f2 |
| SHA256 | 674c30eb199ce1eb2a7b8476988b6ded82fc3f7b906fe3b61f2247579e1ff8d9 |
| SHA512 | 40d7687f0142ffbbc9b705b68d147813cffe493f78c9492b32bb0a78562ca7c864b9ba5eef6678363a8f3786480c38ca409a000220189bb9e8212b2fed32fed3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 00d4cc262b70dd3d386111ff78fb0812 |
| SHA1 | 628d4dcee1e82d04ab3969c29e256cef10101407 |
| SHA256 | 956916ddd6bb5ebde0f5df3605a524d1624ea335cdc6bd5bf26681d3a5ac5239 |
| SHA512 | 12f3cf77c4ee58eb00b08ced394d35e35237da4bc9ca62b1408c6dca4350068aa94d3a0e98132aa0e6cbcbdb7dee9c2b9c5399ba7c4780442200ad37a4c2b1a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 24a806fccb1d271a0e884e1897f2c1bc |
| SHA1 | 11bde7bb9cc39a5ef1bcddfc526f3083c9f2298a |
| SHA256 | e83f90413d723b682d15972abeaaa71b9cead9b0c25bf8aac88485d4be46fb85 |
| SHA512 | 33255665affcba0a0ada9cf3712ee237c92433a09cda894d63dd1384349e2159d0fe06fa09cca616668ef8fcbb8d0a73ef381d30702c20aad95fc5e9396101ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 027a77a637cb439865b2008d68867e99 |
| SHA1 | ba448ff5be0d69dbe0889237693371f4f0a2425e |
| SHA256 | 6f0e8c5ae26abbae3efc6ca213cacaaebd19bf2c7ed88495289a8f40428803dd |
| SHA512 | 66f8fbdd68de925148228fe1368d78aa8efa5695a2b4f70ab21a0a4eb2e6e9f0f54ed57708bd9200c2bbe431b9d09e5ca08c3f29a4347aeb65b090790652b5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d900d759749c8a6d56c9a7bb291dd94e |
| SHA1 | 9c2917b922c183e1f0f55f3fe3ff37f04caa10ee |
| SHA256 | bae64c34c36717517475bb6567e16b96d170f2190da6948b5d92386219d9fe72 |
| SHA512 | 8dc732f2d4ce55e1c6bddc778d1bd2106852d4cb42a7ff0db36cb4774b7928d8845d1c4cd4c05b8d1329f18f0d1667b5d470d67cabb89bc79644576f21164595 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | a662e06af2e6129ea62b506205e0582c |
| SHA1 | 788a4248917578ad9cc15e4007c956639aa8a2c3 |
| SHA256 | ae397368236a1413aeeff8878b00a8fcdcab2c24284f82e8b95e2389a3d67c64 |
| SHA512 | bf0e78aa23ac236f0178637dc3acbdb0cf3244f34bb51bd70402765803e533ccaad44cb94a5e47b31ffc59842597e1959cabb49ab580e763b659513dcece86a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fbb9a7d3-0322-4483-9b04-a51f28f7b58d.tmp
| MD5 | 1a96afd86d45a4c0d1b0841b886b754e |
| SHA1 | 841766aa5e00629e00f0a4622b5c94068d79fd61 |
| SHA256 | 561dbe0e9793a15f0214483b718fa21444949fa6285bf254e6bd9b66d388683f |
| SHA512 | 3b28e86af9234b7cd6f9b3ed59017f1b2e71b0ee9c5851a6e3832cd1c476d5e07e69718a3dfd081e50d11515c7f9d74b1559617e6e913a5ef07eb6475a5d3068 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3de6dd57c096520cbcdf1418092d49eb |
| SHA1 | 169805981321811f3f8a384b3d69e8985b7f1b27 |
| SHA256 | 99084925f76b564bde04674d65581f765ac75aa3a8947cd52601bcf7a3eeb843 |
| SHA512 | 2a9602eae6f9ba0b5bef9df5a5f5d46e5aeed3920e380e14bd92ed4bae34c60e758c86278d1bf2aba0f3d8f4c34a6d92513b588178b5a9a57917beecb1f1bd89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | d91bac1b60b58c54f87f1d1b7b16d445 |
| SHA1 | 9ed78d3cf7553e3180bcbcd2ea9779e1e1a141e1 |
| SHA256 | 4dd5f57067798bd3132643930620ccde1e4140289d52fcbc4fcf7b252876fe8f |
| SHA512 | eb474a57cce34e17d00972b927846f087c55a76f5fc1fdbea0e43111f9d9a5af848862984431402a6a043e5a1a96815be84e114fc03c0372a03285fcf0c2623c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 5d0e354e98734f75eee79829eb7b9039 |
| SHA1 | 86ffc126d8b7473568a4bb04d49021959a892b3a |
| SHA256 | 1cf8ae1c13406a2b4fc81dae6e30f6ea6a8a72566222d2ffe9e85b7e3676b97e |
| SHA512 | 4475f576a2cdaac1ebdec9e0a94f3098e2bc84b9a2a1da004c67e73597dd61acfbb88c94d0d39a655732c77565b7cc06880c78a97307cb3aac5abf16dd14ec79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 5692d934c608ee52744ac309a1746109 |
| SHA1 | ca83f05e28bbfdcbd911b2d2892f6a6cbc13332d |
| SHA256 | 9f8afa589852cadb88441ba53c906619136bdff44aefa739b3f3c0fa6a7c27d0 |
| SHA512 | ae4d6a1bdf43c96b6950aac6555eaeab87b2b07e3136073c03d0688cda24f9899d30e353f7f95bf5325da452c1b40e1b60b556ce2a9466f6b339b574a842e085 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 76417d6258ee69b2c6da1570a70a9b65 |
| SHA1 | 6c8903c79b22fbc67e4ea49c78b0b16e60f08f19 |
| SHA256 | 00d58b4449ad8c1b3026409b28845dcafbec9de22ad355747ff77c17915186a6 |
| SHA512 | 8f11c8cc540661723f351b2ace47c8821c510b9a1bd14102ff0294b744e67476a54002b453d14769cf90c310adae0320fb643832716e8b29c56319e5436888b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b4ec662f4d584bb81e1d9b59c58508ef |
| SHA1 | 5a294aa0ce4bc54b0b20215e7b32f5969cdc43f2 |
| SHA256 | 5f816bc478865f61cad5d00455e36c3935d86cefe404a4d337894bc37c9e3419 |
| SHA512 | d5a30382f74265a1d629f33a976bddd21b9b2347247dece1346465237ed2eece1c13a3c46d7787b85d9f65f6295205151a3833a7dfdcc8cf5d8db167dc9dddb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c0d8c1af7ae2822f9798f6f1a2659635 |
| SHA1 | ef24d697036deb41ef1be73c51a1df77d88ededf |
| SHA256 | a417f9b750cd8a815f2001faca7289aaee3da33f1cfb9174fa2056e431112a2f |
| SHA512 | 67e6e42978602e0300e308902f5a0547d064b51a234947163596e39ffafa0cb644670315e4e1f024e8c6284d590c6c99b4a36bf1982ab355e27ac30ceabcb3f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a51ef587dc6dd4bd_0
| MD5 | e70b2ea054f0eb0701f9f8267738d78e |
| SHA1 | 5929f0f0f8cd4bba4383b2e5cfefed97df277466 |
| SHA256 | c7910c76501b0516069574358fa4f7f198716965c3d0496c29f0c3192864ab27 |
| SHA512 | 6a3f4e1a09e5adc7aa2d393667abdef0b8aa8b4b6bfbffe71c9eeae69beffbe14727591d33bc05a5dfe4aecc3d09a9299aed7831b8c4501406ee006c1f878573 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | cf604c923aae437f0acb62820b25d0fd |
| SHA1 | 84db753fe8494a397246ccd18b3bb47a6830bc98 |
| SHA256 | e2b4325bb9a706cbfba8f39cca5bde9dae935cbb1d6c8a562c62e740f2208ab4 |
| SHA512 | 754219b05f2d81d11f0b54e5c7dd687bd82aa59a357a3074bca60fefd3a88102577db8ae60a11eb25cc9538af1da39d25fa6f38997bdc8184924d0c5920e89c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | d9b427d32109a7367b92e57dae471874 |
| SHA1 | ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39 |
| SHA256 | 9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3 |
| SHA512 | dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 09ac9c9a95dde9d928585489b55a7a53 |
| SHA1 | a0930234469184cebbc08e399bc4d7ad9003b2a0 |
| SHA256 | a2b2e70072c91efc39fce757a94ccb51cb7de56c2e2accc7501947ef0509a612 |
| SHA512 | 0b6d68f9b28439a56bd0fdbd391f8107023117e985a7087dee483e7dcb998897db2e7ec4cdbd551f6546ec648c2c1b8a4345562f9640bcad14fbedaf2730551a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 16b6370afac4e147fd39192233a88724 |
| SHA1 | 01950d09cea66efb15d5202b902e0881fe76800d |
| SHA256 | 91ccea4a1164f481049cb1c575e5b7c8ed865237acc8007af267b771bb68f356 |
| SHA512 | 325f973b6e9d4f0132938eaab2bd6453b3cc6dd34a2dc31243a8fe876f48399cf9f4be274841c4bf21ece55a556a1b8d8a55280c4c2f13ae611524c7602cf70e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 87cfbc2e61e9cf93bc2afb5e79df0861 |
| SHA1 | e4eb345da5a3d05b9653c919baa650ebb7ae5cfe |
| SHA256 | 49af3dcd6f5e5f4b38ee4fb7ecbbd7eca608ede4c6ad65cf91403da974633763 |
| SHA512 | 1a48c0fb9cec071b2a380e240ee60d09bafdb72edcb9ad3c070760332fed752f037a8e42903f7435628771f8d8c5cd75ab51b01ada1d4b9865cfa171126e42e4 |
C:\Users\Admin\Downloads\BloxCrusher.rar
| MD5 | 3d64c46ab6d078e3438ad0a05f363da0 |
| SHA1 | 749fb19277eaab5111cbfda31307edf2e629d7a7 |
| SHA256 | b2affc4a671b489bb091564429df814275392f236d52a26ac303ed2003806cca |
| SHA512 | 69003ec42e4471e9d1896a150473776c9949e28e1cdbef0c330f3561d52f9e9b9eab20604eb0a89e67e26262208ccf950ef0b5b0bebdef1d65ab753e5e1247c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fed35ad24b95a29e3a20629128266c86 |
| SHA1 | 707b39da3186357c0cb226cb85e9cd6afb79b818 |
| SHA256 | 4e2ea9053c5261dd46947fd31e20da53bcf504ac0e95cf42c9d4519910c74571 |
| SHA512 | 8a4bd6a20c0a75108990c385f63452bd7265316c31a6f471f4c2c3271e355ec73e708359d941b52d04a11ac35059419f853c48767939880da581280401ee76ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4851f064a3e29df2_0
| MD5 | 92faadb45ce3687870e1293260da099a |
| SHA1 | ff2fcbd555ab42ef39b5bec8573dd7a075d11c93 |
| SHA256 | e7270996a50136bafdfb2c67e3108a7f81a4368230bce0b771ae16c3bb605e67 |
| SHA512 | 89c909139328d1a2c71d726550bb148eb05a2f4ff1974e60340fa2093332e8ca5958a80392743c688216c6814507d68f04c58512a8daa44d4ebc0433731e3f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 72be4fc9e4293f95defacfab3f8e364d |
| SHA1 | 74d5e7b94d0894932fda3703ca4cd1f081ea4697 |
| SHA256 | e8fa1bf710762e47e491c17f9f58cd26917a63de76fedd12aa496b1097a3b9b3 |
| SHA512 | c81336047203ca0d65412d37dd41b45d42a31ac759aa4c9a4ad6c2e6990f7cbdc3f56284fc8daa7262882e7a1461b8fb3c4a93840e7a5ea3d4e1e620fe70376d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | c727877de432ab147e629df85c64be5b |
| SHA1 | b9f8635974eee42de2aa5fc6a66ee561fe6d78a0 |
| SHA256 | 3f3b70b316548d444ff801c3978ab7a4f52d911a7d6c924817cef522714e6c44 |
| SHA512 | 9b160294f89f695d790a8926e63e556d901abd5b3d040ab73aeb775f7c22bc15895f71aed37ca2ec33a6c84bb8ed39e8e7e50f026a93bf0bca5a8597b2d6d4c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0
| MD5 | 66986f4aaac2b3c58336740e2ca4022c |
| SHA1 | 0fd14e92e11b8c4448be4509e0933238cda88271 |
| SHA256 | e6196055f613b9560b120588ac26d7d48794c786e15c0199e70ef0ab4cd8aaaf |
| SHA512 | 36ed24d938d9b183d273c228e45a0af4ca45b50e51d44efc917bfa428b42b177c066d1dc8c75c26377ffa4c798b3339824e8e8ac2214ccc234fae02a41a111d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | bf06f8caaae763f0ca94dd9f5b9bee60 |
| SHA1 | d9c783586da88991e4c829caf89c2efa63c0e2d0 |
| SHA256 | 58064ee7194fc705d7eee0cd52ac15fd19d0e3d89314b829de76b70b1a5bd0c6 |
| SHA512 | 883a45fc2fbde25518bef22b5b28cb8cafa3fceeb4cdf2af66328d9c34ede8af08de54f96edf5d007c646ba2eab2467ec4a7c14ecbd4de24120cd42b852d2a82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0
| MD5 | 29e4973d3132d87d7f71215efc7af44b |
| SHA1 | 93f5bb9b41d124b4137760c5328197bd57fc2bb6 |
| SHA256 | 02cb5c4af8ccbbcc519c5bf6b5b8548a5dbe3de8f29db28b0cc34c6c0d735855 |
| SHA512 | 4184067a58d2f0d8d12569a2c6a6ddc471537da2c20bbed86177ebfa5348dc7de15ab2d39178d42ae29868a6bda1aca6f83ff90638dbeed67b0747f2f87079e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 25d9784ec5a7e86ae81739e5f49eee10 |
| SHA1 | b61de1e2a16173e5979cab0b88c6088ded8bb473 |
| SHA256 | 9f2175baf68f86664de8d5e68d415ce558379db10bb6b93a3cc1887483878063 |
| SHA512 | 16a4ea0994fbef8a917249742876f69bd92cc99d70bf2ef3997743661d6567d1dcca463438909da7057a05f50cedac748b62e223cfd20c16bffa9e7b3bb75b7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0
| MD5 | bf7426dc96fb575bec53565b050122d3 |
| SHA1 | a3689f8ab4166e29066f481d65db096cbd044015 |
| SHA256 | 0bdaf7a331f58206b17fae94f5cf51f59b86b7b899d56e942131156ef16e9e76 |
| SHA512 | 8974d5bfea3d78f47cc269034554a6c06378d6c04c6bb5514416ee97511798c10a6becbc3340d98456fdca1a93447344857bacc75382e68a51fbbd4d01492555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0
| MD5 | 116e4ccd5c5facc87c72fc286d8efc04 |
| SHA1 | 3d101216ac6ffc87c34990d3a87fc62a9457f28b |
| SHA256 | 51a46dd5fdba3ca1035267f868adaa77ae0a083c67aa73eef56626522cd1bd88 |
| SHA512 | 9f879cb1f1b8963bd8feee58f40f835beb94bfef51b7f70c5f9f398f57e3ae525bfd63fbb6cc19fd21e0626ad80abf3f37e2fecf1549ecc1e85998dc794390b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0
| MD5 | 65570aab2ed239f5876e80c8ffcdb530 |
| SHA1 | ca7f268bdf2e1778c629c122f32dc5e5b83957df |
| SHA256 | e89fab6d18ffc31ff938b54e0c6fe154620a4cc3d41223410363d2ef593ae1e6 |
| SHA512 | 607acac92b0d29d7139f26cdfd8b353edc0ee6ea3c6e24515410abc3bc36040b0fc0b225bfdb18d0d47131d1aac19e6bbd52561eb593ccb1e6d75f292f76e598 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | f7140c45408b4ec338dfe44854985db9 |
| SHA1 | 2a6f6aa3c50635e8c941e7f93fb5956841042d28 |
| SHA256 | e65122d5d5720a8ffebdecaa11a896ce56984e1c59ae64b79f7a7eaec1496fe8 |
| SHA512 | c75ae0c94d7ea27db76588291463503b01f3159906659540beb248b920f8422f70f429b59f3cab9974e1deed8362fee784683144cdd25ed0b49c42adb820f762 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6d8acbdf251f3110e3d05be71afa73ce |
| SHA1 | 3793e0b9422aff595f4ec6eab4ef7705e550f281 |
| SHA256 | ddc2d4bebd661073c0c230ad098b4204c25450cd23b4f484df77557d45df9c9f |
| SHA512 | 0b4ef06dd7f113f1239030a16ec282a51a7564a584f8e6e3235f128dbc3c9e1d204579f2617de271117b6c2a53b1220bb6c886e60c43d3b4019407c644094402 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 811769e9205239b9f7f4c96dfde695a3 |
| SHA1 | 3af3530c9f53f5e250eb53f76ba67aea8aa7652f |
| SHA256 | 84d2095b4e8297cdf7c479014d5772bfb8adbc3cb176126c6914fab9f2e9e970 |
| SHA512 | 447f9ea192514b1a94e2d28ea74dcd5f4363f26015d40417a072eb42943086c09714a2d62c4e9ee364c10c35f556bc3428b7f7b17557a44ecccece48b8c87e39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c9d1f1ff7d6e2178ac2e975f9fbaf928 |
| SHA1 | 1be3a9369259b12c56878b61791536f79da60a57 |
| SHA256 | 29017a3a3677f7d06681a238769f8bc562703631680b9dee0fcf66bbc7068935 |
| SHA512 | 2e5d558e1d77a1b1b39a8f6f0b608177a18e1b6f9c9a6abf02223ea7197e440affbff273ccd1154943fa6655d82590083ff55ab8fa9f4ca3989f0cf5af7a7ff2 |
C:\Users\Admin\Downloads\winrar-x64-701.exe
| MD5 | 3a2f16a044d8f6d2f9443dff6bd1c7d4 |
| SHA1 | 48c6c0450af803b72a0caa7d5e3863c3f0240ef1 |
| SHA256 | 31f7ba37180f820313b2d32e76252344598409cb932109dd84a071cd58b64aa6 |
| SHA512 | 61daee2ce82c3b8e79f7598a79d72e337220ced7607e3ed878a3059ac03257542147dbd377e902cc95f04324e2fb7c5e07d1410f0a1815d5a05c5320e5715ef6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 357f9d023b0c06158f56d129c90c206e |
| SHA1 | fd43f7ceaad67f72b0151d8652f1406a2b2a6b9e |
| SHA256 | 44fc92b20e11df5f27c3f123975de69bebf7e48ce5b32c07a2d6d3d8c6ec9e39 |
| SHA512 | c0dffff8007567b8936e16166cd8f472f2f96fa60e8e3ba11ae5ac29f60af708128eb1ebbd18419deaa10818c5722465ad62e194986fdc324732530b7a03d3c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e07feda1dc17a6ea99a21149369500b0 |
| SHA1 | a4e521e2e6d5a3772ff2e8068652ee551fd8566b |
| SHA256 | 504ca687ada64043ddc41a7f9bd81662c3a5279b2e6ebd7d87a8395f0f795ed3 |
| SHA512 | f47166159df8f560227b1befc4ee2a8628c5c1acdf203f019f69e71e7228e3c65711f9ad9c8682e1141f585af9f1c842f951b5b089f4790715e3e8883ac959e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b8e8b17e5fab1c60653cbfea0f744648 |
| SHA1 | fa1472a77b9af05a5d79e244a47de10408034ddb |
| SHA256 | 13822763479e15700ca7f4834f317a5b0f7b7e93041da4a6120c548564d3aefb |
| SHA512 | 09b785042e95015ec9958ed004f190097e51b7bd86f253f386d25681e458a7cd7971cc77480afec22e1d290117ed841dd637b9d2505e7d969bacb567bd0628c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e7e5d6a15d58b335_0
| MD5 | 2de80fa7c0b9e3de377dffba70e280f5 |
| SHA1 | d1af4b36c7174303ba347ed6c52078b2e94798d7 |
| SHA256 | 1d28ef474865fddbe454d55e76ea0e6260364a549b989c182ddbd7e21f7ce685 |
| SHA512 | 66400b747446035f90547291c5f5176c65e647dbb7f7038445175ad7f935ca5011beb25717615035b4a4ca7351c2faf95359ae15090d12f85bcf0317d23143d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | 4b7778bd2dde2b948fabf02afc5abbc1 |
| SHA1 | 890f743b469a23c1de1cd4cd5d3ff76758d09241 |
| SHA256 | 864eab8505b9709a1ce3cbe50f0a702fa8aa6b3eab773d46da03dde4fd9e1306 |
| SHA512 | b83b23908f2f27a56ea37925c49a2754a81c123e081e7cb99b42602a0564e803b82c1786c79988bdbaa0784d4dc7a8fd55cd5b1cdea8ae2c79484f5bdfcb7ee1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0
| MD5 | 653e2f5e589ea5c77c0882318c7b1b7e |
| SHA1 | 76cb9f1538429cedf78922433e5e7aff0415027d |
| SHA256 | e674cf851703d6e79cd21f57c67c73e3f8f9e379ed4f29817b0f12001dfdc8cc |
| SHA512 | 156d79279e2412cf6bb44b03eb1b4e27f0bede90ddfa70a4ea375cd4e978a235c61fcd04bbe844f872c0b83ab2e06421b0a315058afb0a6487bd54a3be0f6bd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0
| MD5 | 1684d592dc653e6bb22ead1ded3656db |
| SHA1 | dd3cedbecb5c2a75e89d81afcb1f56dac14251e6 |
| SHA256 | 976132df4f049342381a2b9191793f5a98e5692bc0383e310d5ac29058fda3f4 |
| SHA512 | 0eea97236d9134b5ad33c06bc3b015436f78f69341de8389bfe34836eb3a03f098cba19289163b503a90f48c6b5b08aef41aab0051272d402d013932a007892a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffb0cb58880116e5_0
| MD5 | 858aadefcd340de26db19c0676eab5e0 |
| SHA1 | 67c9f1a27a82dd3cfafee72b7fdec89e74396581 |
| SHA256 | f60502b5aefec30b7862714a142977db51e990c7e90550eb565389951654e64a |
| SHA512 | b754384df020671183ef7cd2f88e9217e91706f21d4eb4a4b6dc68074ee9f7c41a2773ad6277baeabf9cc0c718118a94f4610b90117fd72c3304662e50218f69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 7986ff3660fd0dc58076f587b32431ca |
| SHA1 | c0e34a1a5ba323757b34cca951b8f8e454a4a79d |
| SHA256 | 25107c2b60f0a68a5c9eb1d5986a0173b43ca3ab001bb68ced05dfca35f394f6 |
| SHA512 | 61c0377449be8e11b3dbe0879d409a1761b54481ba503b7252af6397ba03db1e19f61745217c6040a52211ae41bd870dc1b81b6d1e41aa4f01c23ebfacf304c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a614899219c1f2bb_0
| MD5 | 095ea8522448ee73e81fea9a0c70d61c |
| SHA1 | 944343422ec350287b24507658f10d2a3b4bf16a |
| SHA256 | 2562ffbfc94aae603938d9f046233bd8effcac8017eaa51c04222302183f9a26 |
| SHA512 | 6defdf43519596ff6f077edb3a3ab9c8e79d4b865bae4e067ccd3a2007358d2e249446cea4ca255d88de4dd825e167896cba58a7ecb6ff0c0112da252f3400fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0
| MD5 | 3bfbec8f1d25736a6b122f0e5ba1b84d |
| SHA1 | 9a97cb7c5f9754a180e309f85da34861559caa37 |
| SHA256 | 480232cc2a58248f05face60a2a509f7e20f0d82204baccc40f3bfc183797b17 |
| SHA512 | 3a3f67b5305dbb1f265323cd25cbde97a10fc49418a3cf628c369714c6cb9f43767bf6bb49df4541302f7225bb25529884f1b87a914bd7b734474f275c515684 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6008bbc13c7f3da8_0
| MD5 | a192be538edb07158e1c2dd59b196bd6 |
| SHA1 | 37894adbc0d682763c066da8f79eee9a66b56fc6 |
| SHA256 | 749cc239cae8e38601f140162e606d34bc6ff49564630a3ce929f25a64747f55 |
| SHA512 | a9e00375102ff8e542c65be5316804c172ad915b8010728b75927a1b861486bd27ee7ff822ae2a5080729a68531a3ee137ee9693d0de9e61981f02ddb8c8feb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e504183595893c5c_0
| MD5 | 3ae3909c1dbd213b2e7a0442c6a41dbc |
| SHA1 | 5d76eb48e24a70fc5e308c49de4f3a606bd9b75e |
| SHA256 | 5975f448581ac29f5825d0cb883ceb891e08145b412361d75535ed3d44aebc78 |
| SHA512 | ee38d5d8ba1d1f07affb42086e576ac46a5604935069b51f666de8b5af75853d3d154c231bf146500deb98f1dc7cb5e4a252b827dfecf0fe5684fc9d98bdc9c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | c345cb9edec07307d16daf6dd429ab9f |
| SHA1 | 859ab98036817d1db41e162f782ed2c65dc05128 |
| SHA256 | 421dc80b94ba1c327dcf1b797cdd74409313dae0f54e60de1c153bf75196775f |
| SHA512 | b3f4692f6077f18442eaf0c55a37abefac4322898b59ed138eb357ddd747028c4c7d7fbb356f02fc7c3fdfa9b20ae06d79bc719f2eca8a2976212a77c07a2d9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 69f3b70326f181585eb50148c44ffa0e |
| SHA1 | a35b91ada3ce3efe42b333f83241e3a91145ce3e |
| SHA256 | f277dcca0935f6c003e76a53d386b3e864c3aa47f79d5870143b2124420adf72 |
| SHA512 | 69f8f24e82de95cbc406d8408172bdcf62f5d51fa80c8b349433aadb8ce55f2dd7cc131a475bc7d181003f60e54c1a7d51eb34ba6dddee1b6b439f50899a86c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | 2b5958c1990700d685d9ae77caeee90d |
| SHA1 | 05280165d7782dd982ccd10954c5b4f591b5fe0a |
| SHA256 | ad830a8bc4c5ec46c01dfde4a311a95326317ba81799e2e29433f598ee462e47 |
| SHA512 | e2d0fc309510cb2b76834e79ec89351cc4196de8856060d7fd47d69ddfdb5787934483222dc1238de925ecdfcaf061d00b5c90a376f7563f96661f7b7bc56032 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 4e11be4b9025284f42eb8220ea48f203 |
| SHA1 | f4f68afefe0035371aa70e534d2f0537d10ab927 |
| SHA256 | dbe32f898eae7e2af5632e1b12b5ea605b81126be9da87b0ec163f7e2277487d |
| SHA512 | 0621be6a44a49036c40ea2fec249170630612a3465970387db2325d892907516da19913c6d9ccc1c92682161fe1906562569d28b7b32f311a75f9dc498f9335a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d37cb16ef5eb861d_0
| MD5 | d33838e28bf9f0a39e60ebf83aeff458 |
| SHA1 | 9fd4860055e40338cd20337c215b9eccbc864f3e |
| SHA256 | 83c01d730aecbf0d35068e490cfe9488a3a7e7531f825aeaa6c99b09e8c1fec4 |
| SHA512 | 3fe756775f69182d245015cddc5752b85a0008b6181e331bbaf72986ff09ec0af5d006c028f7cbb2b6f5128fd630e073f8522677f2b4171c3a958a0292f95864 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | c41191c326c050d9e3e28f70fb48e33b |
| SHA1 | d1550a3c2ea9b65b7dfeaef6bed99d81d38a7087 |
| SHA256 | c56a775c6e0f4fef4f5a5baf5634152006578050b1c8b2522a77e5d56748969a |
| SHA512 | 5778a1fe0698935aab57b0c93eea693497d863ef7d02a58fc5255c668f7b06cb47ad5cf26b0fe2d611b61bc2361ea01b64b60322e64720c5d8cd29e24b044865 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0
| MD5 | f99577365eaf246435ba71c9f3f060ef |
| SHA1 | 52f53ba3ebfefa0e46b29eeb31e039627e96ff12 |
| SHA256 | 6a7312358acdad9178213594f0bd99c6fc0afddecdb5a2ef8a9afbaeabd24ccb |
| SHA512 | 9b5124ec736f26612044475819c4c9d29f1d6c5b8d0142b77d54b98583a0cee3565e69ddcfc7cca4fa12cf53a7a50f32d20d25d9b402ec94c7b8a26e1d6f54c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 8e8a0e295454ee4cfed86d908f7061e0 |
| SHA1 | f77a998e85e0419bddad612dc3d479d689fac6ec |
| SHA256 | 470cd3b30dfc62a4076e85196378561d27a1da295da84dd70486637c08299c78 |
| SHA512 | 3f20aecba178b09fb13dcc63d5350bc9520794eb9016b514824f889f9d1cdfb14d70c2b38621df37bdac42ad4451c26cd0c1fc97c96ba8ef26f0f490e6f26fed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | d9f7488981cfbb3740c7ca8734e6d080 |
| SHA1 | 5031276fb3d7b2fe51ca2c4b2c710f7836990992 |
| SHA256 | e2fdc85e09a9e186ef4e9f679fd8c575763c3c548a0bf6b3b4cf2796a3b3537c |
| SHA512 | bc832a2379aa3fac2fed41cfb9df889be40d4f3c01d239fa1fd648b00ae005cc923422463191a53719557e01f9c9d9342a34618b762378c73f650c54e040c75d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e4307e217455e69_0
| MD5 | 75244a67e7d6a17cac162505b4a11cda |
| SHA1 | 42fe3707ac8fdb4b48bc3f6a6e92d3ab4415648f |
| SHA256 | 7f5073dbfaea09d7b86bd0aed9fd7acebc3bd375b640110010161461b45d4214 |
| SHA512 | 6995cae884ad746c8a8e4e39c697977bac58b6369c54143996efc74034f2d9f2eeb44271331ed2d5a3f3d69ea56a56ab90a94734f1207e8083332d5268864080 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | 185fd9e1a42fb18762574b63ed0354d9 |
| SHA1 | f8c9beaceb7064f0482e52b08917abeef0c948b1 |
| SHA256 | 8ba1eb5088c1559a98e87ecf219aa5bc5d21ba64712b466001a00d124bd48cc4 |
| SHA512 | c7936f8c5c6014288b782bab1dc748f31a7fa228d492bc4c39d797c5fdd3cf1eca60cbda8129e2b3e4dfe76c59388c4b647f5525524a4f1b8e53e0a572ddc9a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 6bffbe594b38c1315e901fe3f584228a |
| SHA1 | c18abfa7eaa479872fa9d07fcdf9937ca22c0f44 |
| SHA256 | 783080c16de80db80de441994e62a9d40eaaee3bc05bde5690efdb8d39c9777c |
| SHA512 | 834805209ff67f4998023895d3b6429d2230d4509038ac8100d6fbe06860d9011061910a512c10301ebc5e0e4ec5ea92912270d47722f8e5f25ef93075b9e409 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0
| MD5 | e7bce775a8b1d08ee429c9bfb3d6e654 |
| SHA1 | 67194314fe47f5758eacf47d456aa3b01a6eef85 |
| SHA256 | dba639e9eee31d5d577276b90da880527f3b36b8d198d5c186b44a0529e203c4 |
| SHA512 | 8f40a86f0744cc735d129a5ec64eabd6fe3715737107345093df33d7a4b1e6349285fdc064fca54d45604797f3e3fde4a111a13e4955bb3d6be7a3c21c906278 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54621936eea23565_0
| MD5 | 5174af61efc173902ae1bf3228b8eea7 |
| SHA1 | b584e9d15894fe30bb9009e75f0308ad45b82081 |
| SHA256 | 753ba427577b196bfb2251209f2b57b0c79635aa29d8e7c117b1b22d4de5fd80 |
| SHA512 | bb1c7db8a59838728b635462cd440e764e0847f12aa601b4d646e21c30ae76acdce54ca14843f87871fc878c8aff256004b1881b3dfdb63fa4887b499a18c997 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0
| MD5 | 48967667cc0ed4c779be87a4789513c4 |
| SHA1 | 66b65f8eb46a4e59630359aa06ba64953c2e3559 |
| SHA256 | 63025da566fe37083926e55ebaff3d975070788cc3b5cdaf9e2b753d700a07b4 |
| SHA512 | 6a9d331313204c305c4caa4b9b3274f37f9077f8bd050a266aa7434c36f0f2dbb46ab5d69d1fbda07109ee6540e9f287dc897ebde044ed61bd257b6e9fa32b58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0
| MD5 | 82b7ef110854e627a2410f226a451ea4 |
| SHA1 | a420d45f99a9a1acecc53c844941fb866ac10e07 |
| SHA256 | 3626f67c093d96b2fa36090add1b54a58eae7a90c476025279ff8ca5d37a4166 |
| SHA512 | af69fed8494a79b07d6e15332dd66790ba076078834241d41947b782dc6c9e4c503200ceb80e8251c87c58e091f3d3cf17ebb89b548f9b1efd85b8724cf01d9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4cd1d1d887caff0_0
| MD5 | 60f80312293b79e6de151fdbe351aef9 |
| SHA1 | 378a5d8b4ad7b02241e2e60c6c93e6add83cd53f |
| SHA256 | aba756d6d9819fb0180fd6a1f153d38c7014e5a21e55a6acf3312cfc5933cb87 |
| SHA512 | e472f5625cfe0e32cfab6c71c41aee7d9a261bc0d98d50827e5f830112f5f17959fe3de094a6dc8458f26a58d62cf7fff09c4b63c46a30b2e68fb9bd1eba24b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1cbbc6bfc6f806a4_0
| MD5 | 2f157185f80fa12e9bea75c1c7149c6e |
| SHA1 | 149bb6b35cebf2e3cae9f5429d79f26af25a9dd3 |
| SHA256 | b804f86d80d92e8751538dd2a08370a803ad60222c538563e3045911b680b20d |
| SHA512 | d65814838c4a26f873ca6a719a0b7468deee52b40d32c6f4bcc925f3a181402ed44ae9dc7f5d4918cdd08a7c7f559970af3a5b500c026da8b203ebe677e88052 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0
| MD5 | 2168cc99d2a78451c75d6d1f7d0d645d |
| SHA1 | 984db9b825c54e0bc06c8f752620cccee39a38e0 |
| SHA256 | 1afcb60c650b1fdef600df9d55581e309cd7522b08a94f7e2ec764ae75ba47a5 |
| SHA512 | 4bdbbf4bad7f25ddbffada45e6752e723afc35f9d3fb5f2c300ec0a124e4844d61d32b7e621023edd063565e1e69094362328cb4caae11b490dda566b29e3d27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2ffc2cf20fadd0c_0
| MD5 | b551b4f6edace3b179ba7c273371f4fd |
| SHA1 | 61b61b81bfefccb6c2abda278c24e43f7e253b15 |
| SHA256 | a790867f392b5c62c4f9721b1d14a2843165934fcdcc7b595a620110f59950af |
| SHA512 | 08584e3179a028cc3c452a624511c7cbd3a9776e58fddd25396dbf583c194e72231b68c2a6aa9e7f319c95a90e077a97503e6266998d80321e4be9aa7d2d7565 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0
| MD5 | a5f9b0e5388bacd84ed94194e911612c |
| SHA1 | 4324881a9e4e233cff827c914c0a3dacc5ab7d4a |
| SHA256 | 2164e32f4401fcf87faa4350054b60170e12e2c5f915001a656cf9c7db2d3570 |
| SHA512 | df06673ce0f71d076b5a2db42b99e7bddd5969926c9d07f81cb04a59b76874035cd44feec053c1840aea20a544452aa0e1c2c879fdd2e4681761ed105c3bd1d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0
| MD5 | 0673e15611a27cee6f5ea12801b667cb |
| SHA1 | f086f20c550b5bac86550913c2a5bd86c02fc51b |
| SHA256 | f87a816d671c233baa6dbd9015b777b5833729315d4a4768f923e5567bdf3dda |
| SHA512 | 0d5389bffd0e3d6b3cf655516069f138e1a421ff91ba71233325c9fdb7e429b513173a2ab10b2ddcbfdbabadf386f236d761a92310e26555730027be747d0616 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3557d97bacb52931_0
| MD5 | a4c2af115ab35b88c364b82e4f544c6a |
| SHA1 | 338f049c1012a93c226b880046bc67f463de2f03 |
| SHA256 | 7c7d542eeb07b29cdd439fe12fe0946092e69f3fc98406f5471519cd3d83bf7b |
| SHA512 | f5987ef6c79a7d2379730f0940bbe49fd30bfa0b8983f5d3cd6fb2f3ff3a6743ca4c6aaf7dda04865cd3053555f7a9d8aaea69b39f15c90a0af43cbf20139e02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0
| MD5 | 2fc7a6e38ad8762f0fdd7366e79d3dea |
| SHA1 | cfeda4504df3774e1ac13100a122c79c1a6b0997 |
| SHA256 | 35da345afc8309fbaa8bbc67573d0694465269a9ac9560aedd82ad8ce377a114 |
| SHA512 | 526759ba0dec9a5f264b3ed1ff2208424b0462a1e34d245709eb4e1fc7d18838845b16fd083c51a439af63d314bff24c2e74c0e3ff78fbf782c5c4d53a0eb833 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0
| MD5 | 2d849244f7bd6a381ec965e0e7165add |
| SHA1 | de635f050eec7b009e8ef76b8349b6e833065594 |
| SHA256 | d1b160a9d7a08ba675cc0310637a6cef6534759e98d5695f87b9b0f6fe5580be |
| SHA512 | 3f8c0597b9e6c54f632d99dc56d86128f8cd1a1e5308993aff667842d418cf15a4af6d565809867e8b0a6b7a5f4007c35909e8773278a9e721c78e826e5fbd5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | d1cbea06f302c66cc822c493c191c216 |
| SHA1 | db0259a331885028e0720322daaa4d7e9b582d46 |
| SHA256 | 16343ef20a387a3a8aee5bf973ae883dde894d4ac7a13dd6fda8c7a0621eeea0 |
| SHA512 | 8a43557e4e1e9beccf238f37e66ce8ac702ea714cdc41f4e137d9c1e23327b9eb19db5658c18860f70f1c940efac7a65c20ef7dfd1a79a879018668439f7ff88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | 7a448b8db7a97318f09774c6ff788ce3 |
| SHA1 | f4efb83fe5e8671ecf6db2e9c3b5b3827cfbd70e |
| SHA256 | 1d2b49115c7d90e97d7528b0fd4712d9cc65c7fc5f1152d732447e3e798ca1b7 |
| SHA512 | 8fe01353603996ad7bab6b10db2e386943181f7fbfd0764de957f429869fc4c68dd8e35d8613e50d645aa94577ed04e22c0c54a84cd8807e86c64a34673a5fd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0
| MD5 | 8e0961cbd320b56c6afd05f6418f98cb |
| SHA1 | 5a916ee393427c0ba38ec78dc298474fa852b412 |
| SHA256 | c0bb32b41801910ac13e97091ebaf4dc600075618925695a52d4791fc7ab51c0 |
| SHA512 | 44020d3eef60b799178ff065b48a7e95d0c24435e539ad080281e78cc6350b05e027e67e22229d50c5062f18be2f142e3d947d571af411aca2db52943de087a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0
| MD5 | ea11a096fe9abce26cdb295280bee231 |
| SHA1 | 7c1d5e18f05a1b2d37fa83a48f7e681d0194502a |
| SHA256 | 3ea62976b33e061842557044182f1dae554ea4ef8cc02f26cefd29051513ae39 |
| SHA512 | 017ebc0a649c634898b8bad61ad00a759d0a7554cd6597c48ef8398da0be083371924e92227cb46c361f030b37d2c4018325c4400c527286bbf42ac014bd1fe7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 43df5b7e6de9e1d04d6cdaee033f4938 |
| SHA1 | ce7eadedf817e4db700e9e0ff185b9afe6e641cf |
| SHA256 | c97faca59816989609321d6429bffb46ddbf6cc9b425492facf66a0dcbd5c39e |
| SHA512 | bc7a6821315fac512cb0e7e06029bb85649b04b4ed0b4944d1c7d22c2de7d12e835a9db0cf40d20f5ccb4af0f1bdaea60d9330ddc0791d0da4b405d6edc5d751 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0
| MD5 | 7a1bb81b835a2efef156329291758ab4 |
| SHA1 | b8b49644997f5d1ebb108e344ccd917b2a72d023 |
| SHA256 | d1eeb246478649387e9a2e5b82034193ff11d5ff44a826da33c4ca7bbaa3ae16 |
| SHA512 | f807338dff5c2e01cf3c053262e4e89910c839923d69f45df22dfd4f9cf57f3487dbad81fbdb3240e4f28f76beec5eeb1fe9e636ece0a400d8b4ec3729d9f01b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\59fc8adf66a76ab9_0
| MD5 | 83b192ae34e278d979de2f65d0b9e2fc |
| SHA1 | 729c229f46acf975893da56accfe4506b60a828b |
| SHA256 | 022156aee75b82401d53f0e75acb911c3d7041ef84bc9d3d37abc5723d1fb75c |
| SHA512 | 4d2f9f85ff3e94020fe58937ba9a8eed96347522956f4ba268f57b3b9eb28741fc99bc71015fc4151ecbb58b3dec6e8b5a958a266d91836b3fbca57d79597987 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94f93ada55bda7c3_0
| MD5 | 19feb85a9636fa1e03abae301ca45225 |
| SHA1 | 441b419253acd7f67b78ce547b5c6e31cc408179 |
| SHA256 | 44c9791f9beafab79e26ab0fc69296b81b52a869b70de3d12e07ebe2c5829052 |
| SHA512 | 37fda1e6b9d57c5521f13910021bfdd0e6085775672805232d0ca2209af8586d5389a9030dee9c2cb25ca775e672a62ded03c0da4b06b4ba98f1db009a1f1751 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1860851168a17773_0
| MD5 | 1ea4868da2745fdffa777d2d69166431 |
| SHA1 | d44f43bdcb838bba093b7261cefd913411d92955 |
| SHA256 | ff232c38532ec4a71b09f230f042fc37e6ed9cbe6faf1f0420ee898485981b9c |
| SHA512 | d7e2e707ae620249c6fa079e3b4bcd231cc18d6a7e5dbbfb7d3165f4091475ae688a4ee3d27b808d702fa4a0196a2f3c9bf0c1e8d31fb168637128057b0d3509 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0
| MD5 | 93f89f3e78d852d4c3b69ebcdf38c324 |
| SHA1 | e02e3ed8254746a275f1725e0d555f01779eff5e |
| SHA256 | 9f9f7d5eb9a165cafc52fd36d3c639871d0a1cca74742881d3b614cbdc63a957 |
| SHA512 | 08aa5c70428b67a4b98793aa7a8d88d3dec3b122aa284f5c49e49f2b4944422fb72eb8b9e9c3a0a238a6d25b7a8163f878b5573dd619dda6c48b0b8f5392b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | 671baea51a76e3001161bff8eb74adbd |
| SHA1 | e6f833c9b43745cc6781c78b8225c3b87ffc20b1 |
| SHA256 | 1bf6fef85d785bb9a5582ced9294f501fc6164e30271a1d4aeb8bfab4c85e6a6 |
| SHA512 | efb437cfd13c60eee132bfecf7fc166594a30194fc06fddc252dbb44fb2b715cdfd5c1f00fe54ac460f2558c884142ff5ee3cb27b24701949a4a7fc985c9ddb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | 0fd87f096487963ffef74e1c0fe4fcb9 |
| SHA1 | 6fc1eaec303eea2000ef0c4d36a961c589dd8371 |
| SHA256 | de1058ad1f9df36e9d62a98c8e9c14aec73fc2bdef82998d75e01c76a7d80098 |
| SHA512 | bb248cfee2bd81fa4fc2fdfd37e2cc5206cb9ab8fa85d929ea90820b75f67c3af45e402652afd69a6f09c255d5419920e13995c12c3d54aad73657135de42a6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6dfcc1f33ed9ac52_0
| MD5 | 187b736582a651edeb17551104ab669e |
| SHA1 | 1200902e45908a7467b072ff0417db29f85f4e9e |
| SHA256 | e583eda0e4201df66aafca8858e0b971266fa0bf42a4fc0fe3a60a149d7e3ca9 |
| SHA512 | 55ea50b61443b782fac1053134a58426965e987d2be2ab912998812d259796fef92cd34eed6d6770d9aa6b992870ffe41f17bf2287956018a67edf1ab87fffd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0a90c4208bb87d75_0
| MD5 | 60e5aae7e6267122a238b6ea322df491 |
| SHA1 | c514e68e72b5fb83f95fffc5f9f4b3d97dba814c |
| SHA256 | 06531142c14c143a658a9ea2161f3b283f60a13e1c2e95b2cec7cbda64957b5b |
| SHA512 | 45f9cf5f71eeba57752e91c5b3fdb6b0f8830de8a5255ce570dd50fea115c09d9392b69347ec5d362defb9db78866832792eb387607e5b25d3ed9fccc55c28ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e46ea58bd8515702_0
| MD5 | d125b698df2c9ffe1e59bcbb094aad4d |
| SHA1 | b3ed772d60409444a9e353b54cf0967c32a1f398 |
| SHA256 | e9f842ce831d31fe8d652e3bcdbaf6dded899f5a8a65b54fb2ccce5dd9617a78 |
| SHA512 | e31dcdf0c424b023b6d469b6bc69ddbd68517d74a94aee7b7418c04b69f9ed5ce6a942f9ee847e8e96c56a7785fb4606551c725272869140bdd538b490eef566 |
C:\Users\Admin\Downloads\Unconfirmed 681536.crdownload
| MD5 | 46c17c999744470b689331f41eab7df1 |
| SHA1 | b8a63127df6a87d333061c622220d6d70ed80f7c |
| SHA256 | c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a |
| SHA512 | 4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1777d470a8afd7920ee450010aacad82 |
| SHA1 | 1a393f869527e2794fc0eb0a6c64800c9ba8f6c4 |
| SHA256 | 177f7eacd4cb938c017183d6316c8fde18f4b6c94b734d5cdcb7fd8bac54afc4 |
| SHA512 | 198c6ba13d4d85ec1e050c4742b072f199af9ba890c4a6c6184f1e6ce94b6502b782149d4352e6eb25271c02abde9e4ffdd40aee71a900d53cdb1a198f920fe0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 25b6bdc86022d95aff696cc6f6eb20e3 |
| SHA1 | 2064966cdccd439b214292c2068d17bb79423a9b |
| SHA256 | ab8e5e67cf2cf77597b417046a306d149992a81780ece6c1e68a80a1fb54f845 |
| SHA512 | 9aed6692ef4a02ad452902cf067e9a931707a809b43862070f0cc173e15a510926f742b1ba6d5da17d5b186c795aa0ea8263402a38209e7d91cb7f2c0c436a39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1922ab819254059d7913e0aad2ddf9bf |
| SHA1 | 4710ff4509a2ec1cef96b9440587959260b80c53 |
| SHA256 | 3437aa93dd61273dcb81ece32ea1d6c1e5cd53733d90a0223c73dac266337f9e |
| SHA512 | f20224a6ec3e93089df2f32bd2d239bafc4dfcb55c651c1b9e171678ec70c9a6a58371c09396d31d5408f548ccc3273437eea084c0161019bfafb3302c5cb3a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | fd1f79856510e1cddd8141f1d82aff4f |
| SHA1 | 659aa5c13b63adfb1480856cf8da6acd4fa624f4 |
| SHA256 | d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4 |
| SHA512 | 7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | 9749d9ec019343047185cdbc554c6db4 |
| SHA1 | 089a2ea98bede002cfd2371d1647ffe155ec23fa |
| SHA256 | 96383f6cf4abb61960cd6b68deaa7648b268962484f9a0dca9c7d54a62b9f97c |
| SHA512 | d9d3f3156f0478d08c114c6189304450edadef8f9f0a1c7e36b89566be1084a51bfb9c6d17ef65829acd29c61ce140a1644093b67cc838dff76d638e70fff075 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
| MD5 | 80f1c7472825e6dd19d7ab65b0984ffb |
| SHA1 | 76af1427993a5d699b8441a32d751777a91fb0ef |
| SHA256 | cc6186b5115525964b454ef070e9034df1d919d806314ee6a2203a2d66b4f7b3 |
| SHA512 | b0be05f9536efd3ee010afef24fe879aeabe56cd52c877cc23980b8c1742823834f2e9e8c000a78d79b077d0f257dc30bff10b5eb5bfa6d2cd684405bfec7c0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
| MD5 | c03474c91a7d5b52f22924609663e304 |
| SHA1 | 95c2a641c92a3dde1e8d805c9200e9bdd322913e |
| SHA256 | 842a7c2e9da0be07dacfdd0c018ca1904792eb9e79b3651e99a39a33d85a9f90 |
| SHA512 | 710ebce90fd5776270451e3d3fa18d1ced1350c74904e71c436f0183285baefffd686e89e525af3c1ac3a054ea1a33fbefeb6c9c2b81c92d66dcb9ec8889ca6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | caf3270e6712a05fa98d2906767fea61 |
| SHA1 | dac8ff2f4df3d5f8cb11540a08d526ecdf6276d6 |
| SHA256 | 31fc03c0de46fb6f87bb3ee52ec768a9e707eaedf6d635eae2f53b5cb12beb0c |
| SHA512 | dc20a621348b2de52dd542f8f655961e855fef93c2c37d459609cf06d18ea1ce44d7c23406e94a6c2fe05a8361658af9ea9930e59c11a4ba5b7bc2dc37960c63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2acfe2c77a573c5951b4900d22030434 |
| SHA1 | cc5ee4a6b17d86b5ecc19df684838701af65e1e7 |
| SHA256 | b35fc5aa006cb629acd217854df5a581cfe267171c04442669173e79e3f79027 |
| SHA512 | 51fe61348e66b886fe122bb34fae4a642c2eb2fdf491cb797845b4b5a1415b60f6273fb3c610408f764e8df4a8e58b2b72b47643956f4734f6287c60485b3350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5b3d63.TMP
| MD5 | 4c08b14e2ecd1613a9a7a4b3505ec41b |
| SHA1 | 82f2feaa8addcdbe4047f25c8c3816dc57697dfb |
| SHA256 | 230ec9943cae906ee339032dcb6c252490de28c0e791f377d2c3dd4d5ad842a9 |
| SHA512 | fb2bd81d4d64b19a9982075a2ea3305cc6ed3d3acf3eaadae3293a0ab0f0be0a48c849b1ebb64ad6a4f256940dd22990825effa3efe5fcd307adad9213d2279a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 825ea4e61ce9d187f420676de5fac62c |
| SHA1 | 0a88dc9c6b36d6b262635a134d3eaf177d2974c0 |
| SHA256 | 249753818fb1ddac90c94c560c87e1d767d61e0139b341a8a256c7a785f319a3 |
| SHA512 | 6e8870b00650552fd3c343b391a71ba8260760815acf74e7c170a8aa9f4d6771fba7520f80805b3279f8b1f5feb03d440ab80468fd12733f06c3d7ca61192fb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bb854bfc871793e4c668f1ffdda8afaf |
| SHA1 | bdeca7608e1cfdc29f1b7277cf124b212ad900aa |
| SHA256 | c00aade3e8525b509561503bc6f9b7bdd3a8a8b52195d64f73e2a74ab19cfeaa |
| SHA512 | 1b82dcb2675fe0fa59e54f862cc2932fcb7b8c7aab8b343463d94b87426737d3e66eb3f629bb0b39d99f1822719dd22b7c4c10f98d815e9637d54bc820b0eea8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9c8b523573d6692f1aac40983c467380 |
| SHA1 | eb1b608132c8945ed8a31ccea3a50456ab1c30dc |
| SHA256 | 56af039853cc57feedf937d94337a1fab327b31502c4264979f7766c45bc0e3d |
| SHA512 | eaae7fd3bc221d2422ca45cbe5807a6d491ac9a8dd94c5a32a9f6c7ba111f780a1a62801fef49e2dabe2d5900ff91c8821d082042904a7f5040702ebdeeb955f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 874ee6c0f4ee3553c488e484eb74db00 |
| SHA1 | 791b1f934d743103f150caf62d535e28cd876b7a |
| SHA256 | e6e63ecdd9835850a3c2e8098f67482e67a5b509f6351291af317d4482392a38 |
| SHA512 | e804ae3dee98273c6beb37a22fcf66b39a751033e859eb0c38b820331916685b31f9e7bde86ebd3ab944d9b81c130a408c66465411fb24823babeea87d7ff11b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b8c7d.TMP
| MD5 | a9471ca4f4d999b6f032758a4d325759 |
| SHA1 | eb041af90d164d5f15ad9951c55e33a0b773a906 |
| SHA256 | babda04d6e9e6cb2b729df5df1e7bfa4f3df16d48acbc3f113f424f951518c2d |
| SHA512 | 1f71d70093128ac2eab694cfaaa0e3d141b0fa521a4ed4d8be255004233bf64f69432876479e241f7466a35437bbdb902a1d1bf3db87bedb51db9e9f6fade4eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\014180fc-43b9-4ab4-b253-3e38cdced174\index-dir\the-real-index~RFe5b9bfe.TMP
| MD5 | 3dc4e17444a4bcaaa3fb9143519f8688 |
| SHA1 | 9d9906f6547615e79f49f32cb3e7cbd5548a8d6e |
| SHA256 | 66f037126ec4757c982c039881cb300b178242383bddef2d58c995c4c6540c44 |
| SHA512 | e9eff20e94149698750095bf808690c6f893f3d556157a3b4c92c5c5b80d8ff80f6e145f9fed5d40a42f1480c067c6693a7d37de01ddef10a60eb29924c2fd1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\014180fc-43b9-4ab4-b253-3e38cdced174\index-dir\the-real-index
| MD5 | 2d878502ee612401d27c08362e7f05d5 |
| SHA1 | 9e69f07a0baf7ec51995e33eebebfbd979d2fcd9 |
| SHA256 | e6bd2e5207c197ed0625091902b42de963a89dce0888c2df22ca5e2de2f8c3f1 |
| SHA512 | bf334b24351fcc1c1d62ccb705e07b7fa882569ffe8dbce2a8cc7bee2831ae74e541199088df12ad4eccdf6c0e138d89166f99f759cabbcef8eb94005faf77af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e49999c2eb7a92cd6d05bdacd55868b9 |
| SHA1 | ee4034fb4475e95539a8c459908d07a7ff48b688 |
| SHA256 | baaf73fb0f33633e6eb6c575ae7db47c567377c89450174499e3f17062a3b563 |
| SHA512 | c37e76f94740cec044536e2af27212114519dd222a9cc5450506decff72c6a17470547f59e8d90d144513004aad9c9970fda893920e17f2ebdd531022dad6318 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a3
| MD5 | 39a880159a5f80ba70cde2b46b456120 |
| SHA1 | 034a4b5d8bce2b55ff01662071444b4561668976 |
| SHA256 | dcc71ac7e4e04a85b222e1a02ef9ccacce825be4e573bd1230bc606c34ead853 |
| SHA512 | f04009f4fb2f73ae915cf0bc483b731fab0fac269f607e437b294b1639de7a4eee4ce0c1e812ca748dac395f7b2eb733d5c8957fcb3854e439df086f5531565f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 12a159de52772a2b78d654b437b49ba2 |
| SHA1 | f9f13341b3e1f1e903dcb88a5e2a4a66ebe617c4 |
| SHA256 | 22e117ec54aa4d4a3f30e5f026b0e78718de21175b9a8b39311a6cbf1bfb3522 |
| SHA512 | c6b8d36f924e43518e0fb0f07b5aa0601318515f8ed697f1b2ae6a9858ec7875ad60bb2cbe2e8db83ea99159d5ccd97b6c5d1ad91760456f9d084bd6c85f263d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab3991a23e82521533c436fa9d8b568c |
| SHA1 | d9eef442ca9e02b706ec5763a6bc52603c561166 |
| SHA256 | e1e6412ebff1b64cbd28e5697a304fb42f6db89119d178d8415aa388a7c54e13 |
| SHA512 | b346f0af8fa09c053f2307e2566a783864bf7e4cfba231f41e5d80011153abc164bb552be0df7e71220b46c44b32f24beff48b7fc8a20cdb0dbadc1e3027fa79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_console.cudominer.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f936ae1e6fedd2ba937ec982f35ad303 |
| SHA1 | 530181a3c7a17e2cc4a46f26d9db0c3dea033c5b |
| SHA256 | 96b2182dfb2513d0c3ad0977b7eaa79c4786943e8c79bf39f926e419fc1b4b36 |
| SHA512 | a2ab1fead7d5b2dece32e0dc03e9a7b9772abbef7b3281e7b368866510be03d53fc34ef5012b5c48b3670b8d3400f4b3c70d7c2532c357fe5d8567ea97a422b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce544174b087c7b16e6236b908d74440 |
| SHA1 | f21156c8e50bd5e126b2a6f7bf4661558b7cf11f |
| SHA256 | e99ff3203160f33f1992afba34f60ee351e35c459e100643e76b964e9b3d5067 |
| SHA512 | 3535ecaf5ae84f63abf8f88adde7485f6eca5a1a64cdb84ca11350544ea0900aa39f2b87d54975d74fcb70635d0cf1495923a4f25acf294a1c7e61f12166a18c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 84a927824381129e4dd474f39ce0974c |
| SHA1 | ec3e70a0c3eae14d9b7146f671a391f57965e049 |
| SHA256 | 89da76d57022d59bb9becc1ee34739b1b5bdfe3c610b3f348d2002cfbc802a39 |
| SHA512 | 38fa39d9801b0b42d68853e15386fc6eb4207544583d8e150478f31cf1996cc34e6aee07e6a01507952cc8d5c9885e0bfc521cc7a7b6bf1a4436aa403887cfaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 48045cce60c550f2afdeef6b294b95a6 |
| SHA1 | 9ab53e623dfd2e172cc66ae518057afae68d12aa |
| SHA256 | 8f38689260c43009963a0b9294ece4700d0765a25302eefd3c1d9ff4bab4fce0 |
| SHA512 | 957e2720ec83ae69080c756fa4b407d8d7206efde3f05c1eef7c3ed09cc5d323e1cd30d9c5cca9d4b397d13900b5058d6be4832e99c21ccdf58eab168741d327 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c9
| MD5 | 76d66c4252b2c841968625dfbb849c5e |
| SHA1 | 4d7a1496763a5940a19284977e39a584dbcb1d8b |
| SHA256 | 37211cbd3dcafd6f200bd022fb9052af77a2f691ed2f39ce30dcf0e74f72b111 |
| SHA512 | fee3aa6961529f60a40912a5c5d957de8304a337b3aaefa9bb8397d153af28b691c877a173edb2e01b53d08b216be1761e3e8f1db9408ca7fffc57fc6811366e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4788f19a8dc1afaf22fe868e374dff7b |
| SHA1 | 75c995a7889d4c5039a87e80851c912873d3f3a9 |
| SHA256 | 53a131123f0312dc928b86b9e7a1a89bc14a4c5be0e1fbcad60a1821bcf2c2d4 |
| SHA512 | fee426dafb48765b5e0330a66d6888f2a2afbeffcafed429108ae222bbfc633f5fa177c69f22649502867c4d8594a00b5e27da9fa30364586cd1c25c84d32319 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd869c69643293e1c699a3a2523dc4e6 |
| SHA1 | ec3a4a41e90340b636885f499a676706b3c890f9 |
| SHA256 | 7ba4496cf1c16592e6a80fc3f2b8d4478f268b7b911115857cdb3c7c54ebc4b1 |
| SHA512 | 9d884dc9a5373d8d3a3990ee8a107e38c1049b620054e2897e30d4013aa617345961cae480fb159f55c7fd51b9f135f23ff870e0409773568dda8ecef6af4f4d |
C:\Users\Admin\Downloads\Unconfirmed 239312.crdownload
| MD5 | dad232de5ecf9f5eb45ad7de28995304 |
| SHA1 | b88d68da02a8451d438a96b4bbacdb396bad2313 |
| SHA256 | 9689f702ae072dcd197e37945fe95a96731c8ff125b27c6804877364aa6f8a96 |
| SHA512 | b412b6b6e76ac0d341231c4f3e6493226ceaa412e5dc908cf4f3db0f88b7c56eb39023c689b8ff0e51f1c6f9ff56f30bdf3cf65d0d4ca1109ea914329ad9df98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bfff90682958b6bf03701635b0558a47 |
| SHA1 | fcab38e6f7e5200bdbca2841f0caf39c095ba942 |
| SHA256 | e0481d99e3b82470e79c87e6d7d9f266f5bda953029a0514437475a9608ac4d8 |
| SHA512 | 42e4e39e438a17cd6e66cc77430959de8a4e7879e899f683f8466b132b0f3626fe3f0b16d5c484a7c4c5dfd2c1930d36269c581cac49509006e349c9a61b42d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1a62417dce640f2624ce40390efabc21 |
| SHA1 | 57bf61f8926c721dc75aee50f8f9928dfaade18d |
| SHA256 | 21fd3ca7c86cd03812c34b6a4d96a8d8a5c3cd5b7315a6191b31bc9087547f8c |
| SHA512 | f01145c32c91defe07d84e1d0db07a181899213e680522fec1f61e9cfa64574ddb2c94f136e9e763fd310fca54b883e2d5b742fe19409147fb755666378d9196 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ae9b3bdb3f44f86c35ce94ddb22284d0 |
| SHA1 | ec97f76fe48ab6f971a97ce2269421b56a80b9b9 |
| SHA256 | 0c95ac290fb2d5c49d6ff4bbf6c554775e45e2040a584f48aee004624caf9568 |
| SHA512 | 90993b908cd6f105a8251a9e618212e92ab9d0874cad2284e5063f63d950ea54277947e0660ff3ef0ad9edec8a940d59df2b0fe7b00035a6dabe5b2381584666 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b81426f93e01d6fca12486fb609ad551 |
| SHA1 | 9e24751e934bd021371577913a3c93d37fb9c74c |
| SHA256 | c2e0dbf065415aa058b7a33f416e5d78a90682b98c8a6075c15a706c80ed5699 |
| SHA512 | 62aef832541d67991323b09ec7f8ff9ebfbc3634e9138d83994bae36a66c5f1d91625c6c388a55adbbea0f850af17e8fcd2e0e7addb35736ea2a6eb02a29a81c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000de
| MD5 | 91d0ce49926f1a8c48dfb53473761591 |
| SHA1 | f2de7c70d8aecf6d7a9f70b3c63a47a372405bae |
| SHA256 | be3d7ff67699a974a9328da4d916328c3e57de497bebe35105e12cda0bf6c60e |
| SHA512 | 0c6c3f081d661422bd70e5a1b2bfd0f24bcd70551639e60ff88a7ce667f7b5541848d756e5c8fa0689b53ee0e1a1b281d2af83c5259428fa237b33cb6911860d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ed
| MD5 | 631c4ff7d6e4024e5bdf8eb9fc2a2bcb |
| SHA1 | c59d67b2bb027b438d05bd7c3ad9214393ef51c6 |
| SHA256 | 27ccc7fad443790d6f9dc6fbb217fc2bc6e12f6a88e010e76d58cc33e1e99c82 |
| SHA512 | 12517b3522fcc96cfafc031903de605609f91232a965d92473be5c1e7fc9ad4b1a46fa38c554e0613f0b1cfb02fd0a14122eaf77a0bbf3a06bd5868d31d0160e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e1
| MD5 | 1dca7fc5af6b04387369c6fc29392940 |
| SHA1 | 90afd4c9147508b4dda099561553bfd078de8793 |
| SHA256 | fbfc3a996dfb33905503922962e2732629904e200dbe8fe041b736d1855a9acd |
| SHA512 | 7e29bf69c078cdbb88ee4132b0f26a9cd6598bd4bcfb7eb663ff322c0b73d6001c7c641746fb13923d77607cf73134647281eb3feab9623260fcf29c0b2ba3c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e5
| MD5 | 6eed23f3da7b8caa8c3ab948713623ab |
| SHA1 | 6f3f03e0dc07c4be3ca3307e371a94925abd065e |
| SHA256 | eaac0117e38d497ab09b54a22b0be1c2e4c4b260a0c02d423e05868f82517c61 |
| SHA512 | 2a0fd83900c9a2dd353eeb66cc9469646001a0e6f574801d059654871fe6c94a38a999c9f67c6967f544d3376056ae597e1c20a6d764ece6d23a17d027a4f15a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24904f3c3a39e4edb3200b2bfce7cd83 |
| SHA1 | 370c3cb2a1f37be6c8ade5b6de5719ddcdb4140c |
| SHA256 | 14c6d70bf1771336d01b5494b7a8b3c5dabe88bad36c96956f132aa1a05b8908 |
| SHA512 | 3db7ccf831190500756010dd3a94ebf6ea7bba52cee176dfbfb26c65cb665ed006b0f258771c6b96708e7bf32560c4822c69ce8976623c89196b021fea7e1059 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6dbff41c88252055a65d6d1a1ca0ffdc |
| SHA1 | e9ce557da4d832e43d8a89b8b5159494a891e91f |
| SHA256 | 5e158f6c5cbbc9dad7a183cac565e40fba667964b25cd0052e81f0cef4a26c50 |
| SHA512 | 44f50e52a53f73e3fc50f4eb2395eac4ed8d3c326f01c1b8601257a6cd884d5b1d47f53cf9c167bf6464c7b182fd82668d716a775e6baf417923e3e46fe0be3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fdd6cf61b0abfa81b3529b2951da4740 |
| SHA1 | 92ff9860eb3d1c3c73013158bb9131e121ee8f79 |
| SHA256 | a4c5a00845b7488112514b8be5cc2959c1b2e8efcef2b6e8c7af64d43e42f7dd |
| SHA512 | 517bad1dd11713f5a5b5575238f729530f2d75a5641e8188230b6fa8f36695bd6afa160522cb7bc27768aad987ffa465c29ecc8d527969f1a1ffae6e613ec1b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6305702dfd8eae160acce29b3261248e |
| SHA1 | a49d22a7b35d5724c78b950fa9e897cf3125071f |
| SHA256 | 082920135da1321afaa86761f3b9735a239737c8a4521eb904594ab43ea701e6 |
| SHA512 | f68d7ba929b037853a234c918375701e03f3013c45a4378113aee9dd45fab086f03d35008f08626706377f97c3b197899c1680799d61bda963cebefd7cb4520f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c8fc84131a5fb3e5a94dc36bcda5e9a0 |
| SHA1 | bfed309c831c72572beabfe88f6d1928cb5fd74e |
| SHA256 | 35e6773754017e8937349ccca787c0937abe9b0f07222441259f554784526a97 |
| SHA512 | 3e0095d4e88abf79bc933924abd9bfa31c0f0cb3ac669d99bdd5c7cfeb43127c06b1ae0a96a8762714eefdb2c88b9996927dc7a2c9dcb6605364151d003b958b |
C:\Users\Admin\Downloads\Unconfirmed 433693.crdownload
| MD5 | 754b17c1af82fcb5e5c8507452a9089c |
| SHA1 | f58cf62e01873b473f4e4c893b8fd566605caec8 |
| SHA256 | 520ff061c825a51e17b1dc538d175b2edc99939e9ecd66d3ec2451937736cb97 |
| SHA512 | ed24eba78002714ccb70b5bcb18f8f1b27c509c047c62d0afb58d49592c8f2c8a625a58fe2cf2d65ab6c40756f5a22c550a2c84b8b9ee33cf67ef9b7c21262c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f05ba14c2eb3030c2d852209f1566de |
| SHA1 | 6c08e90ffb1c30172ab1eecb2ec51a4b02b2fb9e |
| SHA256 | 26c78861ed46d25e6470e396e2d5098e4d5293287e3517da550dd8c774f0a545 |
| SHA512 | 744acf12675ed1acf6202d47c83cbf4f8f26a735f6d30e926a4df44a50e7e93fb7029991a68339b3fb256d1a44b9e07579d74738e2663f460bda71b3f53d909a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | df4ddf413134064dd32adfe1b5986bf7 |
| SHA1 | 03f4a443e3ad42a55954477dff3c09a62453685c |
| SHA256 | d1defa9c9da12db727bd0be2d1a7a2b4c3f74444b42b99ee7d32ebbfe18164be |
| SHA512 | b10af048862d63d3c8a982a9e249577a747ee1ed6ffcb701b53c5763a2a31fcdf4cd3fe64d8117294b606f983b14152ab48f15f75331c64a0cf7521c0d8a8b6c |
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\nsProcess.dll
| MD5 | f0438a894f3a7e01a4aae8d1b5dd0289 |
| SHA1 | b058e3fcfb7b550041da16bf10d8837024c38bf6 |
| SHA256 | 30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11 |
| SHA512 | f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7 |
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\app_3.0.4.4\CreateLogReport.exe.config
| MD5 | 69a865985cbae6ef2cc93c1a892d3975 |
| SHA1 | 1e7092a434323c021409e5da902320770c2b01dc |
| SHA256 | 2ef673c54b8bdfc29635f88c7fe7f5437399790583b823dfafb667392ecf78e0 |
| SHA512 | bc71f531231c1caae2bd8bc3d494f6a9a1534c21badfecc04cb66025c5e28a03532f31cc03698ea40cf99755e3ed87d71a08477a118f0bf3fc56c3f4c721d438 |
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\CreateLogReport.exe
| MD5 | b2f96ea9894d40f002a4a20029f594fa |
| SHA1 | 490ccb819c619dbdd6db3fe5d57201a439b3bd3e |
| SHA256 | 6940c6e44a26049de56662fdc8f5c790474d62c3ae561f939b6ea5d4d3fb553e |
| SHA512 | 55dabd72178eb7e111a32a3b81bcbc45c69fa844f4ad2aadb10e74d26ddfb8c3090cb82b9ba69f0a9bb6f6155a243bc9a5841ff054cea61fc927839dab6ff1b0 |
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\runnhmasadmin.exe
| MD5 | 31ed1568bc783dd43d35dba760b9a5cc |
| SHA1 | 06cf0396e19bacf4cb645183e9c62e70a44b0752 |
| SHA256 | 6948409377280ee6a1f19edb4e12267cd12e75a2f3b7a36d61d72c1902937460 |
| SHA512 | 878993d3ac1137f3b0fbf89c3b2490b8ed24e2fdcc8cf31e4158ca206796f3482e283f2ab7f1c04b4f04ebc6fd5e63f45d11592098ef6a5728334cf2a4849fe3 |
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\NiceHashMiner.exe
| MD5 | 6444152c6985d7cec92b02b9761bcb93 |
| SHA1 | 893da506eab8bf33cf909a4bd9eff0c92abac2f1 |
| SHA256 | 3bb48c69fa0ffd1a6ca32c0ba03480c3726e3e0d3a34f4fd22bf9f902f3947de |
| SHA512 | 60228ddb5ebc44da25b2040868f5f590b2667eae5e3574fa41d79adc0f351946d96f689aacce2043fb6ae3ba3376a43faf9147ee160cb0d8345af8aa8cab5fa4 |
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\StdUtils.dll
| MD5 | b7f044787bb5a0c1eb43907c061c1ac0 |
| SHA1 | 84675f05e0e406482a688c61e0dee35b9a8fb390 |
| SHA256 | 4787e95796035dda92a6cbff56ffddde5ace96f5e46f0f40d2998189ccd6e7ce |
| SHA512 | 7f0ebc15ee74050a8b493f2c944fc6551056efedde60193be76d4115d28b10f06cc9a859cb42135deee56d614d2ca90e432627f30432d303320dd41fc7fcde6f |
memory/1884-3968-0x00000258D2440000-0x00000258D251E000-memory.dmp
memory/3524-3969-0x000002700D6D0000-0x000002700DC98000-memory.dmp
memory/3524-3970-0x0000027028490000-0x000002702850A000-memory.dmp
memory/3524-3971-0x000002700E120000-0x000002700E12A000-memory.dmp
memory/3524-3972-0x000002700FA90000-0x000002700FAAA000-memory.dmp
memory/3524-3973-0x0000027028200000-0x000002702824A000-memory.dmp
memory/3524-3974-0x00000270285C0000-0x000002702866E000-memory.dmp
memory/3524-3978-0x0000027028250000-0x0000027028272000-memory.dmp
memory/3524-3980-0x000002700FA70000-0x000002700FA8C000-memory.dmp
memory/3524-3981-0x000002700E130000-0x000002700E138000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\nsDialogs.dll
| MD5 | 466179e1c8ee8a1ff5e4427dbb6c4a01 |
| SHA1 | eb607467009074278e4bd50c7eab400e95ae48f7 |
| SHA256 | 1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172 |
| SHA512 | 7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817 |
memory/3524-3982-0x00000270281B0000-0x00000270281B6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\UAC.dll
| MD5 | adb29e6b186daa765dc750128649b63d |
| SHA1 | 160cbdc4cb0ac2c142d361df138c537aa7e708c9 |
| SHA256 | 2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08 |
| SHA512 | b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada |
C:\Users\Admin\AppData\Local\Temp\nsz3982.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
memory/3524-3999-0x000002700FAC0000-0x000002700FACE000-memory.dmp
memory/3524-4000-0x00000270288E0000-0x0000027028B4E000-memory.dmp
memory/3524-4004-0x0000027028590000-0x0000027028598000-memory.dmp
memory/3524-4005-0x0000027028F90000-0x0000027028FC8000-memory.dmp
memory/3524-4006-0x00000270288A0000-0x00000270288AE000-memory.dmp
memory/3524-4017-0x00000270288C0000-0x00000270288C8000-memory.dmp
memory/3524-4019-0x000002702A4A0000-0x000002702A514000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000108
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fa404ecfeb36e5e2992dfe7857ee95a3 |
| SHA1 | f353f19e713629b7553d182f2f57c71cdb26d100 |
| SHA256 | 5e1e695de617165760816a368f0ff7f93d1ab531090ab49abfbb89a36fbf2c45 |
| SHA512 | 1f746b4a957896bdf2334e0a2c4cc854f550903e5e5ad2e31fe63c038a447172e8c17abf298f72cec145a00c1954040d09b1622fc369111ad2101ce60ca0b41b |
memory/3524-4106-0x0000027028E10000-0x0000027028E22000-memory.dmp
memory/3524-4107-0x0000027028E00000-0x0000027028E08000-memory.dmp
C:\Users\Admin\AppData\Local\Programs\NiceHash Miner\configs\General.json
| MD5 | 0ba0e47a4c1fe3fecef940860d5fb4d5 |
| SHA1 | aa85130fa42e9185fc1a3afd47b5626884236325 |
| SHA256 | e4a065c166197254249e5c5b99b0af3cfcfc87dd53e9107d29ec631f14e4794d |
| SHA512 | a0e1307ac5ea6292de93fff77bd3d7bf18172593ea98bdc116be44ecee1f89356dd67e5ae06b83ae2ccd5678cb57ebaf4dad6445c123784e5bd4f3715c09d904 |
memory/3524-4112-0x0000027028E30000-0x0000027028E38000-memory.dmp
memory/3524-4113-0x0000027028E70000-0x0000027028E82000-memory.dmp
memory/5748-4115-0x0000025832D80000-0x0000025832D86000-memory.dmp
memory/3524-4117-0x0000027028D80000-0x0000027028D8A000-memory.dmp
memory/3524-4122-0x0000027028D60000-0x0000027028D66000-memory.dmp
memory/3524-4123-0x0000027028D50000-0x0000027028D58000-memory.dmp
memory/3524-4125-0x0000027028D90000-0x0000027028D9A000-memory.dmp
memory/3524-4127-0x0000027028DA0000-0x0000027028DAA000-memory.dmp
memory/3524-4129-0x0000027028DB0000-0x0000027028DBA000-memory.dmp
memory/3524-4131-0x0000027028DC0000-0x0000027028DCA000-memory.dmp
memory/3524-4133-0x0000027028DD0000-0x0000027028DDA000-memory.dmp
memory/3524-4159-0x00000270295F0000-0x0000027029634000-memory.dmp
memory/3524-4161-0x0000027028EF0000-0x0000027028F12000-memory.dmp
memory/3524-4160-0x0000027028E90000-0x0000027028E98000-memory.dmp
memory/3524-4162-0x0000027028E60000-0x0000027028E6E000-memory.dmp
memory/3524-4163-0x0000027028EC0000-0x0000027028EC8000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d2c34be28f9a06a7f1adc9cb9dae14d6 |
| SHA1 | 7e70ae94b375066f22e44e1a18b1dec7f6cfcf0c |
| SHA256 | 213b2cd094e7a0abd59fb5256aada348df9a1e880951165add0aa86085998200 |
| SHA512 | 9d31fa64b764777cfa784322e875e790f63579b57a3b8c9bc2b144b64ab65c9c23d8bf281055b2519cc0970aa3bd8cc9761a6d87ba0d4f7d92bed5f567cce9fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bf45ae5e40eb241e7ce592fc2a0f0088 |
| SHA1 | 48c49efde4bc89d8b08445418d6bd532b9c56826 |
| SHA256 | 89df815c8640e914264d9f0eef8e36fa7a60908df318e8eef58c149e2f05e119 |
| SHA512 | 3f0e6c1c4e85934700a857d1bac3ed7bccb9680a05a07f1436a6e9b953295fb2e2e6d6d3d0ed6918a5c1d94f66606bede6476d93564fea185d7a4db95986a6fb |
memory/3524-4192-0x000002702B0C0000-0x000002702B148000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9c0109f54c03223c_0
| MD5 | 12d96bf5346a7a73fa9393cb752e33f8 |
| SHA1 | 0e7a16dcf1eeff3bf3fcf0aa4b75807a85f6dce6 |
| SHA256 | 28b139fab6cb62b53fd4fd83616a4567648e080200163d07ff24a47d65cda95d |
| SHA512 | c0cc3be1dfb7ed38e45dc7b01af9d8edd2c366b3adc3490291bbb12ded682bdfada27c7f7f835538ed0ec4eb1a7a9cb0d12d952f47ee8ed18b163223132163aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7949921e27766d03_0
| MD5 | 7d071583d9e2fb28c9ec8dc375d4d296 |
| SHA1 | 7c918a3e43161454bac8e0a1b6d75e8a95a07c89 |
| SHA256 | 342d368daf6a187456da2a6b0c014cc5510f6e41ac07e4c37b8438b9a5fde49f |
| SHA512 | 1356f49ddc7a0403bb788b514ab86ede15ed8bea1bf0ebb1970089f259265b6056a3d2b1e431ea8f9d6e4a1dbf7350e7b869da4902a8b967c66022ae82439c11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\618d582b10d0d7c0_0
| MD5 | c6e2aba457401d656ed3acc7b3548767 |
| SHA1 | 5ed69837d79ed38112432a3f6eb27ed45366665e |
| SHA256 | 109e4cc279e9980727ed722cd25ab427e2f1bdd162e53d93f1f78ffcc8e91f17 |
| SHA512 | 6a8d6c8c54ea93ee32906297e866b72b949a2d19b67e5fdfa8498ccd9f9b0283929c614302da7c7de8a35e38b3fd6374f135cc4be79a32b381ccb9671164d49a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ae8d0b05a4b538df_0
| MD5 | 161e2af4e4d311da1fb0c07a1b033a3c |
| SHA1 | 21a4e11cb7d9278832e861ac99ce946c6da7f876 |
| SHA256 | caa6d24467be577a065839b854f56dc2c2cc8de5e87377fa980d479a55e5451c |
| SHA512 | e66b4892eec59a6d05b2339d63b572f1d25483c1f33893fcad45fc376bd07657a0b561ef2d6f5de8f48d4491ae7bae41a1c2aafd3b3a4d8ef4a665c461920bbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010c
| MD5 | ac7db22410e01114700ed3a28ef07331 |
| SHA1 | a8fe4bd6cee8deafadc78849cea61fb3b8c3e17f |
| SHA256 | 9ccad3ed51d515eeab43c7ec0694f6d0b2577bcdc2f20b102e451523e6ad393f |
| SHA512 | 90498da893a702f91e592e34f69a19a9daa501e23aa1b785fbcf646ca3f57a063864e43b03dc360ae9c12d94ead06ee3801d96b2ddf47784f5b9707602a7e27b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0
| MD5 | 8f642c62302f69ef9d062fea246b3832 |
| SHA1 | 8a509819b6cd0ec52ffbe478b968fd48b9db5122 |
| SHA256 | a1491313438dfd781620ff258a9a6da96624d284ec1ede54179f03504f008cff |
| SHA512 | 7fda3d666ea387d51bf2a657651af95532f9ac9cf35d82a2ec696424f5c50ab2d7bcd649017e99814a9b5347929341b071e55f69ec4cd642a8e3036e5fd7f0be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\718aba49c9504085_0
| MD5 | 6e6e99a4f6c25798f1a7e70240ec796b |
| SHA1 | 4c31a343b9c8d941667be4a05148472a7ebc47d2 |
| SHA256 | 95ce21bbf56fa971752493d0739c502051e74b939dd4c97fbcdbdbdefab4dd9b |
| SHA512 | 2af77131982e155ad6aae8faa3574c69551af9a1e2be747264b3dca8b1730af5c8e1580dd73704491fa581b6393fd1f2697163b73b320f620a7bfe6730c9bcbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\99110e9a19c3c06d_0
| MD5 | ab386995d0214f1bacf9d6ab2a52b7ed |
| SHA1 | f90f2892b6fc5e8942c500c403696ba610f9aa4b |
| SHA256 | 7858945015378cbced27b3ef13b58919e4114860797a8b7ebed7f2996dbabc31 |
| SHA512 | 8d4ab4cb17e73c839821762a655a97f936ee39a90a7482cf41827e3f8a2ae4a23a5a5eee8eabcf0fb55690d574c7b58eedb61e18c1f963ec2c229316255eb6a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0
| MD5 | 2083ba79e61913fc16e11d1e2b81cf45 |
| SHA1 | 5459c3675ad78f30af767e7bfa29427160d47487 |
| SHA256 | 33105582bb868a132b140d601eaefbe5225791ca6bd859f8eb1dc75598a3e8cd |
| SHA512 | 72b18d4bfa748f3259e8398b32352a22d6f335222f565b070d899024162fc510beec6067a9c68590a5ee5339a92b7a71e7f44b648fce770ab35651aa9753bee4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e3d18be5d494e38e_0
| MD5 | bbed45e37989dc35476ee6cd246469c7 |
| SHA1 | feed25f03effacb3557f48d3368cb52a2ef9a8db |
| SHA256 | 06b32b3da0de49ad406062d5383ca7476f3c52127d5e01a6982e5e8b7789fbe7 |
| SHA512 | 3dd4b351a6d01dea0d4f911cd61fff5052f144df846643d150f47e29ce22b92d352751fac91ab57cb08c78faa1d925ff140a305dc6bb4a4aa69566bc7c27679f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\960f838b42b585c9_0
| MD5 | e860d7ea08178e958babe0212cc71569 |
| SHA1 | c4b73c1ec2ca4616c93f2da6e68d01805f19503a |
| SHA256 | 06b7fbb8e575407486f68d65c766de3c413395b4c30eb1a43b13c8acc9ef8f61 |
| SHA512 | dd21fbf72af4719f561a5a46ab89a7e15c41036377487af77dd0a2bc7150b5fe7e75cc2d6a9a2764a6203fcf553ddc036c581ea05c693b70626453ef9ffae327 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87bfea9426cb2ef3_0
| MD5 | af9ecf7ad9814dfe5d1d934b4737906f |
| SHA1 | 5a723f414b4c9c6a966e4432b4c20eefe5893208 |
| SHA256 | 50d21399d044ea3e3fc62d3e51c542559cd4066ff31a4c0b4c365caa5a1d90ca |
| SHA512 | f1a526a8382bd765585d0062b6e681945014e02282383bcd9b52021829ab34a9b31537fb411fb46a5cfbf73ba1a1eca001ad902103e1a146cc5a58b785880a60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f15925c0a386a6ac_0
| MD5 | 6c4da7f992f25e54908467f13161caa6 |
| SHA1 | 82a28c696fe35da4d20e316711a3158825f27b98 |
| SHA256 | 9e3a235aa03b04a38f263588f8cdd544f62e3657ee1159ac145aa6cc0b8a7054 |
| SHA512 | 4a5bf408949c1b887fe4c0f3116976e9f0af40318e61680ca60d6fa4bcfc16a5f5e5b4ff5638bd43579defd78497da77127e2fe5ef98d89b2813bb58a50231ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 9436d63bc2728ed38629a1b43668a439 |
| SHA1 | a0ff4d59338a12965339544a9cb9e88748b7935b |
| SHA256 | 62bc2417ad801a384c5d3cd9b6eba29fe9b570d925dc7eaed2485405e1858deb |
| SHA512 | a01137996592d4dce89a018b350d0f9a4b95be483b11ba667225b8531b48ad4d86b43813021f9f9113335ae0f196233802da8490ca6483b2ff5048dc81201117 |
memory/3524-4332-0x0000027029680000-0x0000027029692000-memory.dmp
memory/3524-4333-0x0000027028F40000-0x0000027028F4A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24360874c99b2368_0
| MD5 | dfbe9a2a8d933b6242648eb0dd7ca1a5 |
| SHA1 | b40abf3cf72981d3e0664c21048f4737ef8a5be3 |
| SHA256 | f00782090da15e43399ac859f9f3288966b696d81120ca391256d2be52c12633 |
| SHA512 | 3563100df5736ec66e601235d8e474d16708e9fb5a2dc3e0342b27696f98d905c28de320cf9961f4b436dc3eb14a4991dc95bfb9f1050d299995b67823b2d4ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000119
| MD5 | b778699ad70d4515f3687c28342349cd |
| SHA1 | a1f0a15fff766a1617f4ec94d0f7dc6804f6822f |
| SHA256 | 1877b9e6bc4fe825aaae68eff38b999b42fcf1bb3891046290d07265a40c6e99 |
| SHA512 | 1d8e1bfe4c9bf766054cb4545de3afba64d8a3ab9409b9498852adacb017a90f3b2126055d2c18ceff8ffab05f811658b77a336771db1ec6227bd9c26864445c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0a9a505615b03525cf231a31a316569a |
| SHA1 | 5f2e1157ad593913ab4bd66c22b26060ce469891 |
| SHA256 | 7b2c0885f173b40900f4f4ceceb1090526f6eced33fcbf2fbdd8a7c0277211e9 |
| SHA512 | 3ef482e85b68918502579b26519767334e82b6b6a56b37012713bf3df3b904b1aaeacc551b4fede1e59bade45b5df60963459c73e675fbdca42dbc9aa4f3eb55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 99e75aa80fccc0198b8405dd8b7ab9b5 |
| SHA1 | f1b3eb95b3aaf2850537f6a7e7a11d5b9f7bb97a |
| SHA256 | 40392e673cb8db4df3652cbc64f102be0865b41aa68d2b530086367b6758e35b |
| SHA512 | de85f8e029bd210259e8cca7f301ce009191fc0d7781437f13876d8f2dab39cc6287df8051ebeb05239a9c91b587cfca7ddba217bedf9a98b4160e384223cacf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000113
| MD5 | ea6c21cf81adff272c3c8c54d86513e7 |
| SHA1 | 5f0bda55cf2abb8bcbfed20fedd33ce8c6da87ed |
| SHA256 | fe7d0b56bffb4b745ea8c4d145c4a364e0b1c5eddc9b8c0ba24f2648b4567a07 |
| SHA512 | 05d10dcc10d3ba25b7fe0c576f6d918ebc3378d08645a7bba87489a63f830f7de1397012dcf4a1941b411201ea50acd56cf8039e2d9b4813f36d7cece5d639e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b6d2dd522651ea54_0
| MD5 | 0081d3ef1b11e98ed741b7f743ee1489 |
| SHA1 | ecc86d562a8b3e4abb6179e2b6349633ba7f4f9f |
| SHA256 | a116128b998709bb8dbe3d192ca89821a6781eb4413259179679feb4f0e23c6d |
| SHA512 | e9d5e1381bb4a0a87aa2826f9f590e5e44c86dc1dc6a0b5fcfcfcf3f74a1c37b68935bf3cb33db459227d55c9d9a896ae2d7bb38163ba68107322de55b40b265 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1c2c9bc34cf572c2_0
| MD5 | f52e11bdfc5a977d595a6b404f99dcbd |
| SHA1 | 1082269baabe841da660ceb8633115e960d1036f |
| SHA256 | 68d1983dafc3010a020f6f974c2b9de245b2bfaf57ad65e824d73326cac08ac5 |
| SHA512 | 43ee68dcb11c6c0817a67bcb0ac97394d7387871ac226dcfc509da7aa0664bfdba717e2fff5871017ec6a9754a116d102db174413bf2cc38ca2a64a99295f332 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 07443f84353a284eb88fa08e50466b7c |
| SHA1 | 6c38b8c17423c1db90a3c14f795e7a0854e8d33d |
| SHA256 | 5883f7ae9267b914b88bf2f7dc431345c4760d34e2423dff108167a78c1652c1 |
| SHA512 | 24919df7c664d64314f5fc26d3646c0524ab8691d7b16748b7cf8d45a1567b2125fb1a83df4ad9afc8751ef301ca0ba282720df0c0e6c355b07ddfa6e797533f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d5666b24e92933f3_0
| MD5 | 2fc629653add3bbbba5430f1f0ec573d |
| SHA1 | 0c458af38b1968af06d63a25221121b229dab06d |
| SHA256 | fee6a478fae0e064a724fa5ebe322bdbc8f816946846cf67751309ab60bf5ec0 |
| SHA512 | 95ca3cd9262a04f09e903a07aefe538f45f2739cb90487f527480a7735050be8479f1e6056b5e4c2049b8e4f84596423a185b5f36bf68e229f692fbd620575b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | 5dc77b5d615c608c2b6fc43c841ce848 |
| SHA1 | 3221490d3ef9e45503dd27c0022d7b056b68bbde |
| SHA256 | 4a1564ebfe94ffe124be2c6e9a073344ece3c4895d34ca94e0f3a896909e1531 |
| SHA512 | b6916e23ed934cdcc9470121c1176d315078d105542a4261a96739e4f91bb6d04f250d486b5ae2dd725255ca798939ee2fc92137112827f6b6c49c055ee7cdd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0
| MD5 | 9aa1ee7da9ff9eb5a9407c5fb53c102e |
| SHA1 | 536bc7778851fe028b14468e982f86638543fedd |
| SHA256 | 66a9c68da3d1e71c131799f3fe3e0b74943e913cd30d0d848442494a3536c693 |
| SHA512 | 75db36d2bb3599d1b53c60bb48a3f2ae2dc9f5474371005347557df0612b4dc773ea00eb1c39a92498146502b3940e1cdd714ea6ad10687aeeb662bd7b703d22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 862d99f6bd8f7e87ad43d1e64666de7d |
| SHA1 | ebe8465a77566eefb8b7787dd626bb67d09441ea |
| SHA256 | 5a658d03a36a42a9926bcc930acfefd938b0e82976469b33871f77623006882e |
| SHA512 | 5e385657408bb43fba339f429758f10c5331969b557fd73004b2824a6d0e2cdcefe12052fc1a1742f1d6a897f8a62361f359959ed854d15f1930c73eee43e19f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9233fd60c5bf7ee6ad825cd8b85ca810 |
| SHA1 | 48ef6dbf89fd7446e95cd34f2eb68ae5a56d06a6 |
| SHA256 | 50e88c54c40bb6ef1791290bd68b5d7471f130449dc6230c57e3cbe423439e98 |
| SHA512 | b7468be0cefbcbaaa9c4e82525391df6c671be67140008804545e9d5d9827e4b305ab12d1cfc34baae8e494364276ae6a725141e002748ffeccbcafba9ed1000 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c8a55f861bf34f8424aa73013700a2a4 |
| SHA1 | fed113795018d979558cd1e8b341635ef1e3c14f |
| SHA256 | 192b6aa621fbfd044e7ea34cf51b77ae0dd45e51c598010e67d68599d8346217 |
| SHA512 | 659731afbb98f796706e6bb2435c6911d40eab77a7070994ec3918e65a748aebd476d9ab2302d79ee296c4e794a226e96c6bb65f10e953c9a82c56c9e6541182 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6a291ce4473d66beeb8e5792fa3b11cb |
| SHA1 | d7939fdf79fba445983b195e1d0a034c747497d8 |
| SHA256 | a6f62275324d9d7f02f766c639da5d863e0e665b8c6fb01360067bdeed2fb61b |
| SHA512 | b06f4b770b0a23465b3b8ccce21ac894341fec3de6ea477319ca454407f105470c5e872605f04a374d2e935767989148dcdc88f11689313f89a76c4a1f671178 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2ffcceef50838d84989941cf8234d758 |
| SHA1 | b5502ed894a2724c30e8389ae718cfd5b2626aee |
| SHA256 | 16fa077bbad6d7b6bbbba525baf9e4ea12aa79bd461c15fe1c28819596f865d1 |
| SHA512 | dd73f5823e9d4d5fb5be88e3739827db16f60926b75588cd8a62d1574ae7727defa9168a9a8a80a211147e64eb7ae8fc45fe64f4ce25f364a982eda1348d9f06 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 455f1a8391ea9f7b3f33adf8dd524194 |
| SHA1 | b71fc0ecb36a8443afa474db892e4977bccb3d8d |
| SHA256 | 2a313447a4703a25bd4881e132a42008294d62ebe338655302f1d43b6839196c |
| SHA512 | d8dbf8aeca837913fcdaa0aa0ee4d28a400a2b908ff6c1df09cd1b41c659f01eb9d01e221b0f0a497484c50d38ea4f530bf79033ae073174d3d99fa1eb3f1d66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 615e813bc915adbca534185d4a317cb3 |
| SHA1 | 46650547c8db5613f8c4748a4f1ce962b2f86881 |
| SHA256 | c83836218820fe945f8423996b37351abc2d486e23aaca1e81cf9451955f4413 |
| SHA512 | 4a44edf5c10d23ba99b089cda16b06cc5d96e487431f9e352b2c0f83bcd6e5b5763312f8aa3506f7f79239f426aea46685c55ea4d0f9ccef2d54d62b0b3a1e24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 19807077b25ad5ad76aa2f8b3d754ae7 |
| SHA1 | 3d9d4a0f388f793a18c4ca2b285183dab76ad839 |
| SHA256 | 0870518624eb96c025c7ab25cd9e45ee96f3d144000ebdac6e48caca3c72f14e |
| SHA512 | c4c5ed30cbe11117e3f00d0bcc237590702d4c48e595538110f9f4cbe229303ded33d40f5571f31a9c810593edda1e0b40c0c48cea59cc0fdb80740ff4f3db58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a53698b926159eba6dd0c3978e700d1e |
| SHA1 | 34b5b1ee409ceaa94dfd5e6071c1791117cd7d8b |
| SHA256 | d907a33b503389ea1039b867624f1e0267a94155a3a4f6eb1511faec48347efd |
| SHA512 | 934ddebfb1299b19f6da891a8f8315156c8104ca0eab459396c63b1aaf215956f1e3624c278acf008f364ccbb861bbc55eb09db517424f8d413a42e98d3691a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1a6ebb900e9517f26d3842c31299af18 |
| SHA1 | 771e0eabcf3ec3bfb62dff73a618c52b83c70fe6 |
| SHA256 | e8e58fefc47e6d174a305a737d20e2a6c3e581db3de305ce112d636a038fd111 |
| SHA512 | 627139fe787dd2797f44c345fb96c20452cf8692d81669c17228665b33a670d8383dbb4fafb1240e7e0d10cd93ca161546541d1c159b1a3cb08f6f6fb8aee933 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | dd0f8a692944e86a26e9445c3eef6864 |
| SHA1 | ec9c227ba7684eb034d68b1d3f7bfb3497159672 |
| SHA256 | 1f2e147adec041478c8bbad30f828a2d9c457a1048ee2b2cf27e1f88f9e790d3 |
| SHA512 | ae150e7111a87161478f30aa7b7f8c63d00ba4be8d3ea535afaca9b4ff64e332569b4130c555ca8bb52ecd98c49cd80542d1892c196f1c3a70ff978fde915e24 |
C:\Users\Admin\Downloads\Unconfirmed 681825.crdownload:SmartScreen
| MD5 | 4047530ecbc0170039e76fe1657bdb01 |
| SHA1 | 32db7d5e662ebccdd1d71de285f907e3a1c68ac5 |
| SHA256 | 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750 |
| SHA512 | 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e |
C:\Users\Admin\AppData\Local\Temp\nseE50B.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
memory/3732-5849-0x00007FF984D60000-0x00007FF984D61000-memory.dmp
C:\Users\Admin\AppData\Roaming\RBXIDLE\Code Cache\wasm\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Temp\nseE50B.tmp\SpiderBanner.dll
| MD5 | 17309e33b596ba3a5693b4d3e85cf8d7 |
| SHA1 | 7d361836cf53df42021c7f2b148aec9458818c01 |
| SHA256 | 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93 |
| SHA512 | 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298 |
memory/1588-5933-0x00007FF9853C0000-0x00007FF9853C1000-memory.dmp
memory/1588-5932-0x00007FF985BE0000-0x00007FF985BE1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_avun3pih.ec2.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 015d0b33db53db92574f0e64d78a786c |
| SHA1 | 3833010b522e95d5deeb5c7ee6a756e1bb1e46a8 |
| SHA256 | cd5d2bb5fbb239313c97064c98a6851558690798d549388516e09ac435e3ad30 |
| SHA512 | a45052f2abf857cc682acd09fd2859b396d4e950cb1415f0bf9b74f04518d37eeb3cd415670b56045feae2571a0dbbb178ae08bf9a334c690f5278fdb4f80f4f |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Cache\f_00000d
| MD5 | 81e8f8281ea972cee3cd3ee2ff4ed42b |
| SHA1 | 6877e2f5e3c97294610f5d92c53982b3f6db008a |
| SHA256 | 8a6aea6739ad1bc5c58aa123796b46a9334f2880fc3c3948cd00abc6ed2e5e9c |
| SHA512 | 615a131732c448342706cc049874cac0ec523271d6c8dfa600a3ba8626ec52c92fbd5ba8ba1ebd2ee51497dc6ef96d433a8d6eda45611cc7b00fe365dbe3b49d |
C:\Users\Admin\AppData\Roaming\RBXIDLE\settings.json
| MD5 | c86db2a1e8b0a5bb2586314227d0e5f1 |
| SHA1 | 05449ea862dad385bf5bf87ef6280e4ef1348b86 |
| SHA256 | 0514231f6d6102c21102d769eb72c8b2eef9aa0d28459770bcbe247e6ade16b7 |
| SHA512 | 7083f665f6f7c44d13fd7b35c9400cdc51d767279c34ecbd217bc360e4a552a5f21a1be5c722a57b2f106e47a04f702b20bfa7f0035ec2aa0cc9e77dfbba00d6 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\settings.json
| MD5 | 6a14da167802c72e53ef86a9aa85b591 |
| SHA1 | 2017ed6ebf4df942a8826ef997c7646c1b2dde42 |
| SHA256 | 21b809447838cace425017d3434a87626548919b8821a76eee9784ce5cb38f35 |
| SHA512 | a809561f1c9cd3c81bd1752031f2c9caac313c337c2b9c2960d80683db101136fc92808bb88d7450f0fd4e323bef6c91882b2adf0b5c8d6c35cc28c0197bf364 |
memory/6224-6140-0x000001E522320000-0x000001E522364000-memory.dmp
memory/6224-6181-0x000001E5223F0000-0x000001E522466000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f4ca4e3483b2080048edb4c63bce1f07 |
| SHA1 | c04da6cc9e9d089469f75ce2b206d39c5d2ded46 |
| SHA256 | a08f64fcc12ab9e8b698745b147f972a0afe38abc0c3458f449f135734f20a65 |
| SHA512 | 52fdd8db06c663d67062bf09738e5c9de91d58088c78a916e13891c7ba11602ecda886087185918d4bec8e7b2d514f621e5ef3b58821851872c5896683b9a6af |
memory/5308-6214-0x0000020F70810000-0x0000020F7083A000-memory.dmp
memory/5308-6215-0x0000020F70810000-0x0000020F70834000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
| MD5 | 2f87410b0d834a14ceff69e18946d066 |
| SHA1 | f2ec80550202d493db61806693439a57b76634f3 |
| SHA256 | 5422bc17b852ad463110de0db9b59ffa4219e065d3e2843618d6ebbd14273c65 |
| SHA512 | a313702f22450ceff0a1d7f890b0c16cf667dbcd668dbafa6dbecd0791236c0bc68e834d12113cc75352365c2a2b6cfcf30b6ef7c97ea53ed135da50de389db4 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\settings.json
| MD5 | 0c3471bbfa415ed18993d687b210d99d |
| SHA1 | d86f6e4ed6cac0666b8a80ec8e21e89020279a77 |
| SHA256 | 28df451c972f750c3bf5f63fa6c8c44d097d2941c5c23e9f3246fd14473019c5 |
| SHA512 | e1067f528a29abc83530058bc6d094eb50cfeb9141ad135b7c6cc856d7d732f65ee91e484c680c09c3118bd6f1ef5dd7ec8004657d53069578976d78d448fefc |
memory/7504-6383-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6384-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6385-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6389-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6395-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6390-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6394-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6393-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6392-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
memory/7504-6391-0x000001F3FF420000-0x000001F3FF421000-memory.dmp
C:\Users\Admin\AppData\Roaming\RBXIDLE\4342481e-b101-4168-b2ab-dd5a1b358f29.tmp
| MD5 | 58127c59cb9e1da127904c341d15372b |
| SHA1 | 62445484661d8036ce9788baeaba31d204e9a5fc |
| SHA256 | be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de |
| SHA512 | 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a |
C:\Users\Admin\AppData\Roaming\c2bee2a7-02e1-46ab-bb92-7eabb06ba266.tmp
| MD5 | 357ea2d8684f460d33cea115a000c9b8 |
| SHA1 | 154eda8f1f39ecda744fee9120f92a88b29b411e |
| SHA256 | ea1c663b7d00815769ff44dde0ed7dd2899d30a8f83105f9c2aa1a971e0be9ca |
| SHA512 | a2389bcfb5376763e42f2e0e92235e2eb8b15d74b847f86bd75a68358310ab622c78bdf417b0be3a49fe682712c37c8085c0197ac991b60f157a4a6cef7d1bc4 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\settings.json
| MD5 | f7bd745a10341da084e7ad155598acfe |
| SHA1 | e1f9581d5af8b340bfd30cb494e3fa2c4c5f82a0 |
| SHA256 | 67d1d1c788f42eb351ad40b5a1f5d28681c3471f6027a0a15667168503442134 |
| SHA512 | 86eb6e70f96c6b5e17667fa33017373df3bcc3b6c638e66c9520f013d4f639ccb03de2db20b5ae285bccdb22281fa5e716b0827264610eb47276b04a3edf9272 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9aaf50828d92910d92ccf7d1ded9528d |
| SHA1 | b7b58f953affff3055efde9d0b418feb4e949c74 |
| SHA256 | 23752c3cf977062b5b025f5966b14664f7521531f9594ce87e2d7217779cb936 |
| SHA512 | fc3a6c3357c22956dae8cd1102ba6ea622075a1e211fc1f0aa9c14e51f3e62300cc67a174112f64509f8037067c649232651f0113a789d3342902d8559d99f85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1343af5dfa1f966b9d02972e84a8df22 |
| SHA1 | 19ff0762dc260ced5b38d8b7a97f1c6b8e7e4217 |
| SHA256 | 4048e32c8154ab919a28088217b0248f26f2ab3624eae3f19a2fa46ab769fd63 |
| SHA512 | 4467a642aa6cb944803b923b2b05c887bb7e00fe3a7cc493ca767708f86a3471bfee2487ad54678270e7598b0113035d35befcc46605dfc59a1673a3f3cbaaf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9c57f74dcda244943df269be73b5db23 |
| SHA1 | 7c1d2371b8043042613480cc5cac7baab416532e |
| SHA256 | 5ad6846b52e29eeb67edfb6fff568f08140d9c4dab5153f938bbb25074d95155 |
| SHA512 | 8a800f1cc8b9e692d67ad07e5e3accd897ff9ca5df59e1b86efa3e62812befb014d42f981f7f0fbf9c2ab9f8b7039efe21f8d7f86f6d1d20aeaafc5f988a318c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f557a69a020ec0387349b854a59e3886 |
| SHA1 | b5571c4d30aedd6d30e8c482fbe37b80672bf414 |
| SHA256 | 07f955cb73438dd1c5bdabf22eb60eb46650af188fa56f3ca7427e56e7c41cdc |
| SHA512 | 52bc08d67937733117dea9f15fd640b6db2894b68b6d6333de344cd7a44c712d949ad187064ebf6d8d3348fcb09090623cf5a48cc3d7f9d8325c97b20283abaa |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Code Cache\js\index-dir\the-real-index
| MD5 | f0c78db380cd73ac871007711ee990e0 |
| SHA1 | 60289de687e71186b8e390ad970a0d7d81f53b4a |
| SHA256 | f35bcbfeb13bc9658b9703d35065d3325bbdd7c052941eed714f8f6a0adab9cb |
| SHA512 | 67f9be9df1fb3aca54afcd87f623f83396be1d658d5d3a8a68c8f244ad25a172fd69d370342bd0766810bedecddf97f0434fcb108c25cd3a3e11b5d9a581c239 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Code Cache\js\index-dir\the-real-index
| MD5 | 49adbcaa282306001b0a3ad6f06ba8fa |
| SHA1 | df4b9518ef6b10178177bf51c7e852ec5e01d1b9 |
| SHA256 | 1609502fe6aed6b95452a8132071e8ba95fe3a7cdd477bacca1754c89e86515c |
| SHA512 | 58b866f86b52428d0f8368dbbf9dffd9a144352b473796f012892e1a96fc615a4008884320dd5bcbb351b01ba6ca67c6268fede8f5fc428b2a11a369af768d5e |
memory/7964-6504-0x0000000001040000-0x0000000001060000-memory.dmp
C:\Users\Admin\AppData\Roaming\61f73e24-6006-4044-be72-34a666df8308.tmp
| MD5 | c3cad947493814a7c7b6c31c24973883 |
| SHA1 | 713f9ca964b831433a465d7c0dc1567df592ca4e |
| SHA256 | d854d91a4e8213cc2fd3c1c31c58a684f9efc4d37a753b2b28a6c3cbcd083bc1 |
| SHA512 | c35ac8db7dd30e7b43ebe80c8a3da90863b66280eb4d0d4fdb40e6c55039397272c612bae3f8ecc37767b9617baaadb832807177f161c4743cc88e5a24294fa2 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Network Persistent State
| MD5 | 68352230aa339cd3130d4e065c1e62cc |
| SHA1 | 923fdbfadc938786fc1c7669195f077d6243302d |
| SHA256 | 3f932a9232fe63b4f40ead369f83043b2f4d4b13d9126455faf5e03136b96cc5 |
| SHA512 | 4079d595df37b3ce10afc697437eff7b17baa4534edefb76a4cdf03e754b30dbc394dc512cda0fdd66dee6c10a5749ce450151aec1740c5fed6fd99341a07e2f |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Network Persistent State~RFe611b28.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Roaming\8fa55dad-1a7a-47cd-9ff2-9e696b409f95.tmp
| MD5 | ce15639cc412b5c4e3cf2496b69a8739 |
| SHA1 | ee91e192589a683aa7e91e0a8f081a6a25ab7e9d |
| SHA256 | dcbec6269aaeb800dc91d6d186e02fc6cd6fe9eb4de5e66a87a8e171106ccb80 |
| SHA512 | f01954498ed088275bf5a0aed212bd2e7ce37e0f162fbf28b01b01da0d96e6ce707265d9dd0b83d71a26e6a7250fd40ae2c4b3fabf1ce6858897dd110b0f45db |
C:\Users\Admin\AppData\Roaming\459204d8-0017-44a3-875f-24218695ff9d.tmp
| MD5 | 83fde5ea183234478e28ff6f77ab8c5f |
| SHA1 | db812f719b6301ec9a7d4ee153a85e55451ad354 |
| SHA256 | 99dbbd3f207c2f45a17fb8e30143bba2670a21aa1be5d03e0e6791caca8fc6b4 |
| SHA512 | ae740ae046adea47fd324706f7504a47c9fa56386facb7aaecef8682f5904af6368d721562a987edc424748761af7044d5be87eb9bc9bbb8f9e85537ab5b034b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a8a886da6b00df3afafead8e5ea5e87a |
| SHA1 | 60c03db7fb7ff028e3888e659f85a1d4f7638e00 |
| SHA256 | 2d15a7b53b13688d3ef3544bca78b52d67e59539a52120e523c6ab7d64f3f97c |
| SHA512 | a7d47cddda3f47db4d6f978ff0699d6a8da0176984d5eb0132f297613ac53b575bfd9904c8fb1b44b1e1de048a4731136a23b94780a0fef8dec2b4bedb552380 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2600b88607ca1a58375a2e9e8710ca26 |
| SHA1 | adf36fcbef265500d7d65246e12901c3a136223d |
| SHA256 | 3e63878611145326c24e2f59d88d292024134af6bb9073fbb3f3c1b9943aaa4a |
| SHA512 | 12159d126d857d464f48c8f9bffb44c5d26a92a9300b6febf752ef3c236100ad30504a8e749d78c7624ea448e3cdc73e2bfc89cd053374e399aa094aa0518b74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d6ef135d82dfc2cd0955fca3cc64dee |
| SHA1 | dddd83bda0ff0e9e9fbf78d4e5d13c82874a3562 |
| SHA256 | 96bdcd69f443cfd2ff5c4ad1c20aac16bc4a5d4f46a8f0b5ffcb2ecf7eba55d6 |
| SHA512 | 31fd2da2936d1223d6d2cae8d2e2646db4347f4aeeb12f47cece427f182573a4d075121d250cdf7ca40f33fb95ad87842766313039f411815fa853dbdf00919f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 18697a7d6faad36edce1c95ef8a304cb |
| SHA1 | 648f308650e29fc5ff9866180154ddc015979c88 |
| SHA256 | 7b08251ee54563f297b676c8ed6c6f9b50f315e6239194b54956286e4e0aee7f |
| SHA512 | 667167d13711351b73daae6fd218236b31a218f700eb8fc53ca360de16a3effe0b1179c2b2d4ff1b95d76f2be133c40d6945f48e36acf8551494c385d8d5c9f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013e
| MD5 | 7e5eebe8666e875fcc6c451474d92103 |
| SHA1 | 8d29967235736dc267947ed4d430a2f8378e9776 |
| SHA256 | 31850bfcac1588c9d99067380e5e9228f3860fa1d14c04cbd9b6ea3d12def764 |
| SHA512 | 58e1e60cb5a9e7657b422a5d7106a5a6e152971bc1fb04d1806fe61ff59c45e23067cad57058904ef62acd19a52c17d575091eadce1f2e314f27804ebd27059b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c401f272e8457defffa16297636bf8b7 |
| SHA1 | 567fe24397232c6315d535ca472cc92b04024325 |
| SHA256 | 188c5cc460e35b37bbf7489239971843709a56cf9e5859962d49748897520fec |
| SHA512 | f5872935ef4624ec7896dac8f17ce19951f9921245b27796161c84402314f8a00c6cd09147c5536faab271b25279137383d0954b2f50dece8046f02fd7eb8372 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4c6ff1e77b7a00b489ce4bd986b7a202 |
| SHA1 | 2e15a5089cb48f388de4d49f8611d39a1f09eda7 |
| SHA256 | be7998d81a77ad576577015fbe0acec0151da9612a20708ac1ddd7f07d7f09d8 |
| SHA512 | 0697ee11b363b72e36eb04ea8cd550d8d7bdf8cf01a0189fc8798cb480f85647009f99180c39e75b79a6614c0d6be9cc73f572a129844cf12470eae2cf028eeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013f
| MD5 | aff03c72c3252dfb5a938a1b8859f66c |
| SHA1 | ca12827fe095367424343a4672d6767eaaa3ce11 |
| SHA256 | 891ca1ef0bf6ec267b6a58b84d6dd91c70ff4d78e4fe21b4543a274efbb971e1 |
| SHA512 | 164e59c6fb6597a4e8436e5b893eee540ef3600ac2f8e13aea813297227e9defa27913638757bce2de418e97706d4c34ae1c2787f2194157b56c213daa0787fc |
memory/7964-6786-0x0000000000400000-0x0000000000E3A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
| MD5 | cfff8fc00d16fc868cf319409948c243 |
| SHA1 | b7e2e2a6656c77a19d9819a7d782a981d9e16d44 |
| SHA256 | 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a |
| SHA512 | 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | 919d13ecf08e3da7e9f337e7b60d6dec |
| SHA1 | 3d9bd4aa100f69cf46ad175259edd6ce9864830c |
| SHA256 | 9d4575044d2efd5e90503beda65571b5158a3f32d999191ac1f82d1a5ee62ad0 |
| SHA512 | 98d8236ed1c44826b4489b9fb7b76c62502a032547374446c53dcf2eee2f5fe3548c6587fce66df9d075294bc2ab6be97c3cb21457bc899451ebd3b476715985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | a336ad7a2818eb9c1d9b7d0f4cc7d456 |
| SHA1 | d5280cb38af2010e0860b7884a23de0484d18f62 |
| SHA256 | 83bdfb7d266fd8436312f6145c1707ddf0fb060825527acfe364c5db859887a3 |
| SHA512 | fa69455b3bfc162ab86a12332fe13322dfd8749be456779c93a6ab93e1d628e246a31a0a55cdba0c45adb3085acd62ba0a094b2115529d70cb9f693f3b1da327 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | f5b631335f170065edf1b148e10b34d4 |
| SHA1 | ca34f82af577fec763ed38f0436d20f1cf766f62 |
| SHA256 | 99be964ed51ca453ccfaa264a1ea9490da11e32b53765919172b6d3749a9f846 |
| SHA512 | c66791cbdc7c0d12e7295eb26eb583b26e03692c8986ab7d5dac0e6a561b8b68a8a9e33814121efc700ff6b472aa4f685162b0c75439b144f12286c9e28c7cc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 109a8cceba33695698297e575e56bfad |
| SHA1 | 2b8c6dce1ccd21a6eea2dd9aef2a8a6bde389053 |
| SHA256 | dd82d9ac034f0a06524fc1d5ef884c29a7e4d586a1e7db66e339dc54fac3636d |
| SHA512 | 6d51ed30c45560838df921212370a0044640a8e3c0433922106225cb6fec8cc115ac6191c753da13def21c4e0db4deb5782fb7a75ada822ced1db7c7d13beaf3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042
| MD5 | a2ade5db01e80467e87b512193e46838 |
| SHA1 | 40b35ee60d5d0388a097f53a1d39261e4e94616d |
| SHA256 | 154a7cfc19fb8827601d1f8eda3788b74e2018c96779884b13da73f6b1853a15 |
| SHA512 | 1c728558e68ed5c0a7d19d8f264ad3e3c83b173b3e3cd5f53f5f3b216ed243a16944dbe6b2159cfe40ee4a3813ca95a834f162073a296b72bbdedc15546be8f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040
| MD5 | da4c2d9295fbab7844d4f29079dbb8d5 |
| SHA1 | 2e214261c9f3394badf103af57a2b9bd6f89a68c |
| SHA256 | b2f523dc352a436652fdfa66e899f589653015929b1add2da64eeb9650a7febd |
| SHA512 | 83a66de2c3593c960f5e7567f8c315f983245334f63bda67c7490570753bce7e865a1f752d15a5b6f795fb4cc4aa2a122ce6bcfb86bf3e116f00df7a558a92c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | c4b8e9bc1769a58f5265bbe40f7785ef |
| SHA1 | 07ff14df16d4b882361e1a0be6c2f10711ddce50 |
| SHA256 | 2786986a3139e9722e667f81b4902609a4cf458e1c16206cd11feceee0254192 |
| SHA512 | a39157460b523ee2b9e1eacccf7aed99ff002767a8f87287c1c4662b6711b97f7d4955df64a86a882417fe71e598719e3934e14f787c1e6b3348c8a4c813e3ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | a6d2a865e9f16ea305950181afef4fcf |
| SHA1 | 082145d33593f3a47d29c552276c88cf51beae8e |
| SHA256 | 2e5d94863281987de0afa1cfd58c86fde38fd3677c695268585161bc2d0448a2 |
| SHA512 | 6aa871d6b2b0d1af0bda0297d164e2d685bc53f09983e5a4e1205f4eb972a2017323c99c3cc627c3fb01381b66816e570f61d013d3775cddad285ac1b604cdc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a
| MD5 | bd96190c3723c6828cc6601ee39d46d4 |
| SHA1 | 8ec0068e12d9f113b01d6077cf634f19079cbf53 |
| SHA256 | ed8fd1c5a4f0e11544b694ca505105c2a8fb4b643b41bae87b2b4f1ba14f8d1f |
| SHA512 | 7c649fdad52f9fe2bf76af6249b3d7de40ccdde73618c5b929fb16fe32e51873f7a73734e64b54e918a31d42d6430128c8801787e4ff5ee89fd9265ba9875dbd |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Network Persistent State
| MD5 | 476a6ff0fcead88c6f211704af67ff14 |
| SHA1 | 37ec2a9fd81851851a2de4956f6990a494ebf58d |
| SHA256 | 68b46580cb252f0b9811b50c5a4a28a96c8421905fcfaac68f13cdfe66d91314 |
| SHA512 | 43393c5379907099fc87af3f04be7f1ee52d3dc461d77b720f63427155113e99ef85ad24b51fac5c77e9f42e911a7bbfb0525f67a21c1e8aa24d0b4ef2047ffc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c6f0a98eb66ce2cbfcd7e0b5f3a56bbc |
| SHA1 | f712c1ca8ed7618ac796b561834e30b5d8e1eef7 |
| SHA256 | 436735d946747b72e119a48ac052e91779c0c497178c9656e98c944c4c711673 |
| SHA512 | d8f5c19c741edf6c97cdd6d80422219fd4abe28d57beaaea951f6fe48a7b12592a9e30c028ca64ec2ebadf69d705d9206bceff0c9ffb060d01dd3cf8b993d800 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7cbe821678929dddd2e10d119f0dc997 |
| SHA1 | f7fd4ecfb5246b3168078a3e59e35b4e0eb36454 |
| SHA256 | 57d7be71a94c3d89818d6915d1df30e7f6fd609545b0ff7da5bfdef357d02b6f |
| SHA512 | 280a7a2613e4ab62397b2b24ae131d92804fa2aefd18894a9aeaaf4984f5b4483dc2f5ffc3f14cf2f1b6bc254f057b06f09a5d5885ec1337da3a949a4d363480 |
C:\Users\Admin\Downloads\Unconfirmed 791313.crdownload
| MD5 | 20d2c71d6d9daf4499ffc4a5d164f1c3 |
| SHA1 | 38e5dcd93f25386d05a34a5b26d3fba1bf02f7c8 |
| SHA256 | 3ac8cc58dcbceaec3dab046aea050357e0e2248d30b0804c738c9a5b037c220d |
| SHA512 | 8ffd56fb3538eb60da2dde9e3d6eee0dac8419c61532e9127f47c4351b6e53e01143af92b2e26b521e23cdbbf15d7a358d3757431e572e37a1eede57c7d39704 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 808c3f666c67c20fc0b2db9795d06dfb |
| SHA1 | ee8b90b7c6bf1fcabd8c43e8a725e0b297ab0766 |
| SHA256 | 7460b5a8ff6d8c9a23df10013639fe30717abe0e26aabf16bfe5fc16835f4368 |
| SHA512 | 4b0c12258663769aea57b4515b36367800fed72ac2cd06f837d70a3a7484148dbf2eb5084d42c840248cf4bfb69686f74e042347f68da2f2e421ad53f5045a17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 154c1dee90edc5f8af9c396d34989396 |
| SHA1 | e2b2d5f865752359c65782b284e3c736d57fb7db |
| SHA256 | e352e578f5e0c6df4d9a4b866d941b709f649c65eccae48f4f6e7b2b916a2487 |
| SHA512 | 42afcf37a2ff4fe9a475b57db08349af97a196617d2cbf769c43a0140d9015bf4457e318f546ff6021a31bbe8d1908f02524a06d76d8ffb7310600b35de7032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5a1b476d3b837b702ee2cdd454b024f7 |
| SHA1 | 9f30dc59667e0d88b9e892cb375715e901dc62c5 |
| SHA256 | 194ccb76ee9f96203d9e361cb9585f0df9829b71aa5329c8cc690ac23a0ea71d |
| SHA512 | 3d8088048d6696577790644a328e3975712880a683a92cd7af85126a5eca36b401fe68f79e7bbf6d5bbc5799627dd447d75e9b7691a204325ea2125d10a7795d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9edaf9c45001b62d00ec5988fa1a9b30 |
| SHA1 | 4a4f79c64bdfa0dbbe7c8e90211bf2c9c8bc0758 |
| SHA256 | ca93f4da8c496345930dbece93ecaa762e383d20a3d91423004f1e04c7603c8d |
| SHA512 | 8d2bf153265555898bcab24bb3e03a254adbdb7eabf473cd81e89435115879cf1b85032fd33f21dc28eb8e7737e05cd34087970a9f88cdf54b393099c42b4d83 |
C:\Users\Admin\Downloads\Unconfirmed 422519.crdownload
| MD5 | 9254ca1da9ff8ad492ca5fa06ca181c6 |
| SHA1 | 70fa62e6232eae52467d29cf1c1dacb8a7aeab90 |
| SHA256 | 30676ad5dc94c3fec3d77d87439b2bf0a1aaa7f01900b68002a06f11caee9ce6 |
| SHA512 | a84fbbdea4e743f3e41878b9cf6db219778f1479aa478100718af9fc8d7620fc7a3295507e11df39c7863cb896f946514e50368db480796b6603c8de5580685a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d8906f3604e4a3bf6cce75b2018963d1 |
| SHA1 | 8cff41ab7d1dd6027a1e6fd1554b0a7c8f6f0a6b |
| SHA256 | 93cf522ec3c7f007702ed7ba9b4f013c07783367330a28172bdba9573a6f5a1c |
| SHA512 | 2ff264f8ec2a321484db4d314f85b4e57bdd109086da00cc531fb686aa428e8848f0890988bc668638d5a8686e980117f29aff8baca8910a57f74f46c324352f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 747eeb440893f9dc2a6aa485a4227afe |
| SHA1 | 2e215397054c796792c45a1fa06ed2dc231549f0 |
| SHA256 | f34252989ca0a68eeef286a6c67a8d03e6dfc456185e9935eb2c5bd94b6f3a81 |
| SHA512 | e19dc9a83bbee9771806411f9ab4936fa7c1041d4ecbe0d8e1164cc53b3511c70ad07c13e4777f65b08e73ea133b9b6d7e97dfb3f13963e0ddf660e442c725c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7bfaa0651a082d1449c0f0f9aceaab4e |
| SHA1 | d9a8206d3d7109ee2aa07aeeebd2e8f9903668e4 |
| SHA256 | b49f7b93e5d8d895578a3f96026940ce466de24d82a390846222f50634d81f2f |
| SHA512 | 48d8b04eb807f2aa1560c2e39c15730b9e990e1674df0bae146ea59faf850b60aac6b137b9363deafa54c7ebf2742888409538e70f0ff94dfd6918f507a9155b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b27db63874965455bdd278827cc4ddf |
| SHA1 | cee0d2b384fd33f786b970fc8f39266b8d51b01f |
| SHA256 | 36d8180d74fd420eaa55e581419728e6880238893c41a0a59d3f1d2f9965905c |
| SHA512 | 8421009350467a7bf0fb03340fdf0a1a75e525a598858bb28deb27839fc707ccc9fe8849fc0b20bec678f2f124657a733788ec4c9e71621e4c635face7208378 |
C:\Users\Admin\Downloads\Unconfirmed 429117.crdownload
| MD5 | d043ba91e42e0d9a68c9866f002e8a21 |
| SHA1 | e9f177e1c57db0a15d1dc6b3e6c866d38d85b17c |
| SHA256 | 6820c71df417e434c5ad26438c901c780fc5a80b28a466821b47d20b8424ef08 |
| SHA512 | 3e9783646e652e9482b3e7648fb0a5f7c8b6c386bbc373d5670d750f6f99f6137b5501e21332411609cbcc0c20f829ab8705c2835e2756455f6754c9975ac6bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9caed339424fad80cf9fe8fb9bcc2703 |
| SHA1 | ad2e33f5d52057cd963f19302fc5de852bc45a74 |
| SHA256 | b6fe07e0c230af29c8bf45410242d17d389c1ec8c58f2ae5354dabd66381d4bf |
| SHA512 | abcecfe847ba84c97f12fc1267bcef821ca690047c00a686a9a7cdfee3906349d8f55b51f98c985561ce643e7db3972a9e68b786b4a34d81ea912e380191268b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a71fda37b9d6b3b0c67e8ad0e7a867b2 |
| SHA1 | b2336cc6d5d7c73e48ff77f3a0b2cb290b1f3feb |
| SHA256 | 5493a42a4d2b9b634967a872bcefeaacd6a5e9874c372b8d2424da89da23803a |
| SHA512 | 34d554f0c819a1e3f93b64401d0b47d6437a076361e516e90d020a80a2c154848f744bd7f0fc485247ef627c7379a7d7d4febb558ac0fcccbfb95a04b345e146 |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Network Persistent State
| MD5 | 970a0bb20000cbabbf94fa57f989ba5f |
| SHA1 | 6efff929f47949df7eaef12410cdaf6ccae78e8e |
| SHA256 | cbc7954b1e16325c280371951b99b4de37b2f2a4028401622d8cfe1cc92b4a65 |
| SHA512 | ccff1f72ac50c3e706398eb364f7478bd8c0291827eec2abff0198fca34b09b370d12387e4c86a299c1deba50618ada6904c474d433b21aeee1ecd6a82a6c28d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aaf989f5779d5d205d919df91fa0953b |
| SHA1 | adb5a957deb72f61b647a289a8530ac3ed2a7513 |
| SHA256 | e5c83601b0a34669d315208c2639eee5ca7e17357ff1fadf15f60de23681b6be |
| SHA512 | 7779a562c7529138e3b3793556f57c3083e1c818636e17ed5438e1875ed3c1d72475389881a8bfcc518c123cbcebd496a463bb5794157acb1b8870baee60aebc |
C:\Users\Admin\Downloads\Unconfirmed 794641.crdownload
| MD5 | 515198a8dfa7825f746d5921a4bc4db9 |
| SHA1 | e1da0b7f046886c1c4ff6993f7f98ee9a1bc90ae |
| SHA256 | 0fda176b199295f72fafc3bc25cefa27fa44ed7712c3a24ca2409217e430436d |
| SHA512 | 9e47037fe40b79ebf056a9c6279e318d85da9cd7e633230129d77a1b8637ecbafc60be38dd21ca9077ebfcb9260d87ff7fcc85b8699b3135148fe956972de3e8 |
memory/7284-7302-0x0000000000400000-0x00000000006BC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0a8b4bc1ba5c3fefee83a4e5cf7d2d3f |
| SHA1 | 68a9d6ed3dcc0a30c91c2f42a180496039470179 |
| SHA256 | 0805be232b79c479e4075ba05a726afe457b3db0308ab9abe704fbe7eb7142f6 |
| SHA512 | 03675bda4e803e5ee81ea51c9baa59bd0b856694d08387b476dfb04f5dc64135dd08669554d855b900e47456c980ca5e5eeb9e1ca66ec022dd4cb587984b2bfc |
C:\Users\Admin\AppData\Roaming\01804491-4d9f-490a-9107-7c7d52803bdf.tmp
| MD5 | b58dd76d4e5b378c347a1a987e30285a |
| SHA1 | abe0baa74e913c78c3e1a69e03df837450885870 |
| SHA256 | 6677301317f4255bb4dbb663d3c795bee8b7cea5c0f8983efd922a6a750685bb |
| SHA512 | b3f59afa17cf2e6c35248e76ef6037aca89089e078fc49ca9da7acbddc03e592685a7321cdd71131254dd14fdeeb83ca3afa80e0c8453e8ba3dfa8ba1091c8bb |
C:\Users\Admin\Downloads\Unconfirmed 38370.crdownload
| MD5 | 9d0d2fcb45b1ff9555711b47e0cd65e5 |
| SHA1 | 958f29a99cbb135c92c5d1cdffb9462be35ee9fd |
| SHA256 | dc476ae39effdd80399b6e36f1fde92c216a5bbdb6b8b2a7ecbe753e91e4c993 |
| SHA512 | 8fd4ce4674cd52a3c925149945a7a50a139302be17f6ee3f30271ebe1aa6d92bcb15a017dca989cd837a5d23cd56eaacc6344dc7730234a4629186976c857ca9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2219da1e7c4208cd3d28421a95185b8b |
| SHA1 | 1b98805381fa62c9769b2750819afd1e86ce74ef |
| SHA256 | 4b9a30fee5364f4175957d224b7961e794ef9277b7633f378e77f18b15242c82 |
| SHA512 | 2da661f23965dc54978672a10691d4fcbaf0352cf28ffd09654b545f71d84b390e6b52069e043d2a024c18fd4669e4a34a982af695b4cc8b346cc11ae78b7cbf |
memory/7284-7408-0x0000000000400000-0x00000000006BC000-memory.dmp
C:\Users\Admin\Downloads\Unconfirmed 850329.crdownload
| MD5 | 9c3e9e30d51489a891513e8a14d931e4 |
| SHA1 | 4e5a5898389eef8f464dee04a74f3b5c217b7176 |
| SHA256 | f8f7b5f20ca57c61df6dc8ff49f2f5f90276a378ec17397249fdc099a6e1dcd8 |
| SHA512 | bf45677b7dd6c67ad350ec6ecad5bc3f04dea179fae0ff0a695c69f7de919476dd7a69c25b04c8530a35119e4933f4a8c327ed6dcef892b1114dfd7e494a19a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c377ae5d4d56368071b355825fc346e6 |
| SHA1 | 92f6ce80ce324ddf743d64c9ec0808e7f23ca83c |
| SHA256 | 507712ac2de9b236f927184255a17d18e337be392da8f38f32e609cdd6298543 |
| SHA512 | d553c59bb5275aaac33c4e6a056c4a3a8714db5faa43ecc517dee9ad9e5f6f6dd7b95477bbba7e3b23255f7a20dfb75de5aeb642c8bb65a20a150e89c36f385a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0884af3ac4d63881758bd272886c7b23 |
| SHA1 | f2d0dce94a52dc7b3d9a1d6b057c78e34384aa3d |
| SHA256 | 518fa3bb13beaeba9836f20ad54481d3d2320618c84c82c3af7298d941566336 |
| SHA512 | 0130a3cfbaa49baa436ef729c3abeb2aa0870a7b7e565569e016c2563d7ce76897dc2e4968dbd3452bf42328d8dbc058f9b5c2c18d9a110c960c6a8ab76146cb |
C:\Users\Admin\AppData\Roaming\RBXIDLE\Network Persistent State
| MD5 | ba1bdb2d3a92fad4ec21237d6ca6a6ed |
| SHA1 | 1d6ab7447eca2741e9164a2fd73b82a1ec5dd480 |
| SHA256 | 330f59ab73cf5f184f137d8026c07b075ea335434b95a6176100787bf4237720 |
| SHA512 | dacd7101b336141d9fb5cb581d1e414824b911140370183c83d96a812a00cdf26dc0d55251ee240ffd77b1d0f14a3e7a7081a291fabfdc23d2b1c7d0d6436eb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c4b0dbed94e1e5781fe73cbc8b5924b0 |
| SHA1 | e80dd475a9f0165e7dfa8c7435bb506640cab633 |
| SHA256 | 3d90de966bcd4ddfb2b0ddcde857d0fb6444995fa9c5d4e85face5fdb082bbf4 |
| SHA512 | ec6d09f6dda6446e6f222428310840faab8c199cb4d7cad5dc78b638b89ea2d02fc0e69bba4e507d6a844c028e3c6ca0f6cc14562de278ee74fd61be04d5a1ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ae1aae9f874583ef9ba1c10030dc9caf |
| SHA1 | 6f6f203ced4a513fb756a995ec585f0e311d0fdb |
| SHA256 | b97bc8e1549018cff583694482036039736b7e69c9f596722a21ac28417e62e9 |
| SHA512 | 0721f0f7cc1308b0be9cf66e4e77c1a7286fe4252252d0929ddf5b746a6831b474261ecd0e30b3c0ebd0f63724fe1f30886194c7f57fa39d9bdb3e0984b92fd7 |
C:\Users\Admin\Downloads\Unconfirmed 471507.crdownload
| MD5 | ea534626d73f9eb0e134de9885054892 |
| SHA1 | ab03e674b407aecf29c907b39717dec004843b13 |
| SHA256 | 322eb96fc33119d8ed21b45f1cd57670f74fb42fd8888275ca4879dce1c1511c |
| SHA512 | c8cda90323fd94387a566641ec48cb086540a400726032f3261151afe8a981730688a4dcd0983d9585355e22833a035ef627dbd1f643c4399f9ddce118a3a851 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5839ce0ed092a9c8ea8514371c8922c5 |
| SHA1 | 6e45a04cce3721f478b2c142b06e8a11dc906639 |
| SHA256 | 64cb935d966e0611e3ba150d86a6e800411ab70b15232e1ddab2a867ff94ab5a |
| SHA512 | 4e0e7163e088046265c8aafb572c3deaa0930f57c001a50c0ba6606a66229db8585260c4a5a0f97956fabe8b7ecad56dc747a79e9ccc665859e038b8d183b038 |
memory/2304-7589-0x0000000000400000-0x0000000000454000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 793fd94ca993edfec8bfcb03a4f124a4 |
| SHA1 | a4869fa46f79c9e06e6e26a40aaedc81e52ed336 |
| SHA256 | c2bb095e6a2116774bc2c808970d27d7eb207940019e76c930781b23fe5802b2 |
| SHA512 | 3945200e8ef774a326d1f1b0e730ae85793ef230ca8e11f26b636a68682e1c6d0e0c4033c4a5c31ad7c77850d433c102ee7ff707d060fb24b067a2440ba0deeb |
memory/7804-7602-0x0000000000400000-0x0000000000454000-memory.dmp
memory/7804-7600-0x0000000000400000-0x0000000000454000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 37e78a5a22b4a28f01f69c4a5fc2c3e1 |
| SHA1 | cd46cbba65b3ed0787a43ee03536d7c1d46e7ec7 |
| SHA256 | 3b1c0e4b19bb304688994aad705ebed866eb564843364d2af83ee112019fc808 |
| SHA512 | cf18cfcf6e1fa110e458cfe56f600082b4cdce4a54bee33eefb6c97e1cd8ae709f1acc9515f2b29ef4d62dc4db644f6f4c75489b07b5ac76b419524c03ebcb4b |
C:\Users\Admin\Downloads\metrofax.doc
| MD5 | 28e855032f83adbd2d8499af6d2d0e22 |
| SHA1 | 6b590325e2e465d9762fa5d1877846667268558a |
| SHA256 | b13b29772c29ccb412d6ab360ff38525836fcf0f65be637a7945a83a446dfd5e |
| SHA512 | e401cbd41e044ff7d557f57960d50fb821244eaa97ce1218191d58e0935f6c069e6a0ff4788ed91ead279f36ba4eddfaa08dc3de01082c41dc9c2fc3c4b0ae34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 935fe441b5bee0b9c49db012d14c4398 |
| SHA1 | 27f0f514b8c332f0ad92e14175250e9bb93fe53e |
| SHA256 | 1c11c92a86747d593e8f0fccb3be479c80e012a3fdd65f212ff6519c04cc26cb |
| SHA512 | 75984d7281e67b9688e64a169b3e31abad7246ceae19e69bc11c25ecb8a7f93578aabefc3fa4e2cef1f84ff8608436b8a5d07bea73e1e360ce482bb772eb7b8e |
C:\Users\Admin\Downloads\Unconfirmed 401521.crdownload
| MD5 | 40228458ca455d28e33951a2f3844209 |
| SHA1 | 86165eb8eb3e99b6efa25426508a323be0e68a44 |
| SHA256 | 1a904494bb7a21512af6013fe65745e7898cdd6fadac8cb58be04e02346ed95f |
| SHA512 | da62cc244f9924444c7cb4fdbd46017c65e6130d639f6696f7930d867017c211df8b18601bfdaaee65438cee03977848513d7f08987b9b945f3f05241f55ec39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a7bd111ce220459147e9f826d097355c |
| SHA1 | 03bfc0921448aad65804dd91ec175d82aac22c23 |
| SHA256 | bc796970ed825a4c33aaad47035dda453170fd4257260d08bbbdb6b9bc1ce58c |
| SHA512 | 3eefb8ee2b98d44686551db719db849fd3afe83ce4cbd3492361ef5f9ac60c23e2681bfad4522248f1b414b6f884730a31895d4ff1964253b20445f09820a316 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b883908031d2ee3e890178568644b9f0 |
| SHA1 | 89fa19bc5a75718e9a8557888271270dc3edab05 |
| SHA256 | 462c4dee3bd136ca01dcae66ede7b53c8de0ebb165d8589915b3d978ff3ccb7c |
| SHA512 | d2f79e70e65fa6f3ca2aa4fbce3c50376ab3f7ee86c4ccbbb6c93981a5b773a1c4c2468bc466c6dd3c586816c33b27b97be6207c5da2bbe35ed0b1eee750ec84 |
memory/6444-7736-0x0000000000CF0000-0x000000000129C000-memory.dmp
memory/6444-7737-0x00000000063A0000-0x0000000006944000-memory.dmp
memory/6444-7738-0x0000000005CC0000-0x0000000005D52000-memory.dmp
memory/3944-7757-0x0000000000400000-0x00000000004DD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\taskhost.ini
| MD5 | dbfea325d1e00a904309a682051778ad |
| SHA1 | 525562934d0866f2ba90b3c25ea005c8c5f1e9fb |
| SHA256 | 15a3a3303b4a77272ddb04454333a4c06aa2a113f210ba4a03314026e0821e6d |
| SHA512 | cd853c67c2b1a44c3f592ff42d207b2251e8b9bc1eb22fc12cd710329069ef75abffccd169418c4f9bd008a40f2fbbfc6904519f27fd658f316309f94b8ff59c |
memory/5940-7769-0x0000000000400000-0x000000000084A000-memory.dmp
memory/6924-7779-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/8164-7782-0x0000000000400000-0x000000000084A000-memory.dmp
memory/7660-7792-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/6028-7795-0x0000000000400000-0x000000000084A000-memory.dmp
memory/5756-7807-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/4460-7810-0x0000000000400000-0x000000000084A000-memory.dmp
memory/2248-7816-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/7620-7826-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/7200-7838-0x0000000000400000-0x000000000084A000-memory.dmp
memory/7260-7848-0x0000000000400000-0x00000000004DD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\f998435c9a34461b89f7e7058f5e6dbf\icons.res
| MD5 | 45d02203801ec5cae86ed0a68727b0fa |
| SHA1 | 1b22a6df3fc0ef23c6c5312c937db7c8c0df6703 |
| SHA256 | 5e743f477333066c29c3742cc8f9f64a8cb9c54b71dbc8c69af5025d31f8c121 |
| SHA512 | 8da0bf59066223aab96595c9fbf8532baa34f1f9c2c0dee674d310a82677b6c7d6a1cc0bbaa75262b986d2b805b049ec3a2bfb25a9ae30fe6d02e32660f15e83 |
memory/7064-7851-0x0000000000400000-0x000000000084A000-memory.dmp
memory/7612-7864-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/8160-7867-0x0000000000400000-0x000000000084A000-memory.dmp
memory/6464-7877-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/7204-7880-0x0000000000400000-0x000000000084A000-memory.dmp
memory/6468-7890-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/6848-7893-0x0000000000400000-0x000000000084A000-memory.dmp
memory/7740-7903-0x0000000000400000-0x00000000004DD000-memory.dmp
memory/7980-7906-0x0000000000400000-0x000000000084A000-memory.dmp
C:\Users\Admin\Downloads\Unconfirmed 456507.crdownload
| MD5 | ef7b3c31bc127e64627edd8b89b2ae54 |
| SHA1 | 310d606ec2f130013cc9d2f38a9cc13a2a34794a |
| SHA256 | 8b04fda4bee1806587657da6c6147d3e949aa7d11be1eefb8cd6ef0dba76d387 |
| SHA512 | a11eadf40024faeb2cc111b8feee1b855701b3b3f3c828d2da0ae93880897c70c15a0ee3aeb91874e5829b1100e0abafec020e0bf1e82f2b8235e9cc3d289be5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce60019307e561269ff47dfe434b5433 |
| SHA1 | 63e4243a82df0afd59133740e4fcce867ce57304 |
| SHA256 | 28d04a53b0924bc7bf48afdcdccbce36487e80afee9f87585140b8d6facd1f99 |
| SHA512 | 10f63bddbf4af6c02d9d16c1c0747ddbab3e5d38d2faec12dd8220a023be40b29ea6a0459ab3f1e8dc277ed54cab0f4db021dfca86ccc3961d65e92d5c8b63d8 |
memory/7072-7953-0x0000000000CB0000-0x00000000012ED000-memory.dmp
memory/8076-7954-0x0000000001100000-0x000000000129C000-memory.dmp
memory/8076-7955-0x0000000001100000-0x000000000129C000-memory.dmp
memory/2656-7956-0x0000000000500000-0x00000000005F4000-memory.dmp
memory/8076-7957-0x0000000001100000-0x000000000129C000-memory.dmp
memory/2656-7958-0x0000000000500000-0x00000000005F4000-memory.dmp
memory/2656-7961-0x0000000000500000-0x00000000005F4000-memory.dmp
memory/8076-7962-0x0000000010000000-0x0000000010013000-memory.dmp
memory/8076-7965-0x0000000010000000-0x0000000010013000-memory.dmp
memory/8076-7964-0x0000000010000000-0x0000000010013000-memory.dmp
memory/7380-7966-0x0000000000CB0000-0x00000000012ED000-memory.dmp
memory/452-7967-0x0000000000A20000-0x0000000000BBC000-memory.dmp
memory/452-7969-0x0000000000A20000-0x0000000000BBC000-memory.dmp
memory/452-7968-0x0000000000A20000-0x0000000000BBC000-memory.dmp
memory/6060-7983-0x0000000000CB0000-0x00000000012ED000-memory.dmp
memory/7472-7989-0x0000000000CB0000-0x00000000012ED000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a0e655b3cf5f23f70ffda8abcb0c6982 |
| SHA1 | 8facebd07940ff8484647ad2be4ad7c2fdccf24b |
| SHA256 | 5de1ac9a7802c6b676721228857b3589e835033565a797a99405839740eb272b |
| SHA512 | a80c4fea5be0d177b6b9ea13b608ee1ff486eb17b9dd4893307985f70f62e849d43c54adaff7461db4029bef86652e0fa32182c64e8a1215461b264e371006f6 |
memory/7072-8064-0x0000000000CB0000-0x00000000012ED000-memory.dmp
memory/7380-8089-0x0000000000CB0000-0x00000000012ED000-memory.dmp
C:\Users\Admin\Downloads\Unconfirmed 74620.crdownload
| MD5 | c261c6e3332d0d515c910bbf3b93aab3 |
| SHA1 | ff730b6b2726240df4b2f0db96c424c464c65c17 |
| SHA256 | 4663715548c70eec7e9cbf272171493d47a75d2652e38cca870412ea9e749fe9 |
| SHA512 | a93bd7b1d809493917e0999d4030cb53ab7789c65f6b87e1bbac27bd8b3ad2aeb92dec0a69369c04541f5572a78f04d8dfba900624cf5bd82d7558f24d0a8e26 |
memory/6060-8103-0x0000000000CB0000-0x00000000012ED000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f5d8b19112d6a1b088fe61e454e53fff |
| SHA1 | f92c8ecfd299c4fe51490a0a6f0ebca5b8c9c2fe |
| SHA256 | 8d63b984b4dead30cae52913bbab4eb8a808ade793569783f5918e3689277dee |
| SHA512 | 1b6b1b00a5bc30881c3c3c7f1ae0f806c8425eeb6570e23f1f8a9c1f883f4f29c9f766dad14096ce8b52e5c44fb809db9db224ebb3850d1b4479de4a2fb29af3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5f12cac554b1ccd679a304cf62e0a732 |
| SHA1 | e091fe302a4ecf1469406bcaeab20e49851f277c |
| SHA256 | 116c634e3451b46af169eefec9b2f3dad98a87d87fd3ba4edcc1f3a2525174c7 |
| SHA512 | 6b84d7c2bebec7c94b09b5f630f9790a052cb83a42921002150c938796c0215fbb878763b0b97c265586d90f7e5409623ed6f87561ab0e75929b8001706d6ce8 |
memory/7472-8134-0x0000000000CB0000-0x00000000012ED000-memory.dmp
memory/8160-8156-0x00000000002A0000-0x00000000002AE000-memory.dmp