Analysis Overview
SHA256
633b8266c1c978530726242146a511bc71723fee2cfb4275a8485519a16d2a38
Threat Level: Known bad
The file New Text Document.txt was found to be: Known bad.
Malicious Activity Summary
Wannacry
Deletes shadow copies
Downloads MZ/PE file
Checks computer location settings
Modifies file permissions
Executes dropped EXE
Drops startup file
Reads user/profile data of web browsers
Loads dropped DLL
Adds Run key to start application
Writes to the Master Boot Record (MBR)
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Legitimate hosting services abused for malware hosting/C2
Sets desktop wallpaper using registry
Drops file in System32 directory
Drops file in Windows directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious behavior: MapViewOfSection
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Views/modifies file attributes
Gathers network information
Interacts with shadow copies
Enumerates system info in registry
Modifies registry class
Checks SCSI registry key(s)
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Modifies registry key
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-08-10 03:56
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-10 03:56
Reported
2024-08-10 04:09
Platform
win10-20240404-en
Max time kernel
766s
Max time network
773s
Command Line
Signatures
Wannacry
Deletes shadow copies
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD83A9.tmp | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD83B0.tmp | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\svgirwyi764 = "\"C:\\Users\\Admin\\Downloads\\tasksche.exe\"" | C:\Windows\SysWOW64\reg.exe | N/A |
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\eventvwr.msc | C:\Windows\system32\mmc.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\@[email protected] | N/A |
Drops file in Windows directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cscript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\reg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\vssadmin.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
Interacts with shadow copies
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\vssadmin.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\TypedURLs | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133677358233916164" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B7216 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsVisitCount\url6 = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a48e31c6daeada01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.google.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy\InProgressFlags = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Discuz! | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsTime\url6 = 0000000000000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy\InProgressFlags = "262144" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\google.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingDelete\C:\Users\Admin\AppData\Local\Pack = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 55fbcb12dbeada01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com\Total = "239" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsVisitCount\url5 = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 2437cfafdaeada01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\voicemod.en.softonic.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 0000000000000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "268435456" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsTime\url4 = 0000000000000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 817a8eacd9eada01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url5 = "https://signin.ebay.com/ws/ebayisapi.dll" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.google.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "5651" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "541" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com\ = "200" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\New Text Document.txt"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff8d7bc9758,0x7ff8d7bc9768,0x7ff8d7bc9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1528 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2052 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4508 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4980 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5012 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4404 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4812 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x404
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2156 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4612 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5424 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5384 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1580 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2560 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4636 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3236 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5916 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6104 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6456 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4476 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5908 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:2
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.101.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
"C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.4.101.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe" -ServerName:App.AppXqx982emnayc5vbja1mrpk9zh4r774nd8.mca
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\tree.com
tree
C:\Windows\system32\tree.com
tree
C:\Windows\system32\tree.com
tree
C:\Windows\system32\eventvwr.exe
"C:\Windows\system32\eventvwr.exe"
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\eventvwr.msc"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\ipconfig.exe
ipconfig
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6096 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6352 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5664 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7160 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=1036 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=2156 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6372 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5768 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5548 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4632 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6956 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6664 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5664 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6668 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5568 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6800 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6708 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6876 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6444 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:8
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5776 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=2040 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6108 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5972 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=6732 --field-trial-handle=1768,i,14787599000515792727,7489192609966191540,131072 /prefetch:1
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\Downloads\WannaCry.EXE
"C:\Users\Admin\Downloads\WannaCry.EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 221581723262805.bat
C:\Windows\SysWOW64\cscript.exe
cscript.exe //nologo m.vbs
C:\Windows\SysWOW64\attrib.exe
attrib +h +s F:\$RECYCLE
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b @[email protected] vs
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe
TaskData\Tor\taskhsvc.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\vssadmin.exe
vssadmin delete shadows /all /quiet
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "svgirwyi764" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f
C:\Windows\SysWOW64\reg.exe
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "svgirwyi764" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | blocking-off.pages.dev | udp |
| US | 172.66.45.33:443 | blocking-off.pages.dev | tcp |
| US | 172.66.45.33:443 | blocking-off.pages.dev | tcp |
| US | 8.8.8.8:53 | 33.45.66.172.in-addr.arpa | udp |
| US | 172.66.45.33:443 | blocking-off.pages.dev | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 207.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | screenconnect.com | udp |
| US | 52.55.11.174:443 | screenconnect.com | tcp |
| US | 52.55.11.174:443 | screenconnect.com | tcp |
| US | 8.8.8.8:53 | 174.11.55.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.screenconnect.com | udp |
| US | 35.175.25.29:443 | www.screenconnect.com | tcp |
| US | 8.8.8.8:53 | www.connectwise.com | udp |
| US | 104.18.33.136:443 | www.connectwise.com | tcp |
| US | 8.8.8.8:53 | control.connectwise.com | udp |
| US | 172.64.154.120:443 | control.connectwise.com | tcp |
| US | 8.8.8.8:53 | 29.25.175.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | screenconnect.connectwise.com | udp |
| US | 104.18.33.136:443 | screenconnect.connectwise.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | use.typekit.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 88.221.134.88:443 | use.typekit.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 23.200.147.10:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 120.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | dl.episerver.net | udp |
| US | 8.8.8.8:53 | cdn.bizible.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | az416426.vo.msecnd.net | udp |
| US | 172.64.151.88:443 | dl.episerver.net | tcp |
| FR | 152.195.15.58:443 | cdn.bizible.com | tcp |
| GB | 88.221.134.88:443 | use.typekit.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.28.127:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | munchkin.marketo.net | udp |
| US | 8.8.8.8:53 | s.usea01.idio.episerver.net | udp |
| US | 104.18.37.166:443 | s.usea01.idio.episerver.net | tcp |
| US | 104.18.28.127:443 | geolocation.onetrust.com | tcp |
| GB | 23.214.140.11:443 | munchkin.marketo.net | tcp |
| US | 8.8.8.8:53 | cdn.bizibly.com | udp |
| GB | 23.214.140.11:443 | munchkin.marketo.net | tcp |
| US | 104.18.37.166:443 | s.usea01.idio.episerver.net | tcp |
| US | 8.8.8.8:53 | 10.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.15.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | lp.connectwise.com | udp |
| GB | 88.221.134.122:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | 417-hwy-826.mktoresp.com | udp |
| US | 104.17.71.206:443 | lp.connectwise.com | tcp |
| US | 192.28.144.124:443 | 417-hwy-826.mktoresp.com | tcp |
| US | 8.8.8.8:53 | 11.140.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.37.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.71.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.144.28.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ob.fishrobotflower.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 8.8.8.8:53 | px.airpr.com | udp |
| US | 8.8.8.8:53 | js.driftt.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | tag.demandbase.com | udp |
| US | 8.8.8.8:53 | cdn.metadata.io | udp |
| US | 8.8.8.8:53 | tracking.g2crowd.com | udp |
| GB | 18.165.160.45:443 | ob.fishrobotflower.com | tcp |
| GB | 18.165.160.16:443 | cdn.metadata.io | tcp |
| GB | 18.244.114.91:443 | tag.demandbase.com | tcp |
| US | 151.101.193.140:443 | www.redditstatic.com | tcp |
| US | 104.18.31.176:443 | tracking.g2crowd.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| ES | 157.240.5.10:443 | connect.facebook.net | tcp |
| GB | 3.162.20.115:443 | px.airpr.com | tcp |
| GB | 13.224.222.33:443 | js.driftt.com | tcp |
| US | 8.8.8.8:53 | embed.navu.co | udp |
| US | 8.8.8.8:53 | cdn01.basis.net | udp |
| US | 8.8.8.8:53 | s.ml-attr.com | udp |
| US | 8.8.8.8:53 | pixel-config.reddit.com | udp |
| GB | 87.248.205.1:443 | cdn01.basis.net | tcp |
| US | 151.101.193.140:443 | pixel-config.reddit.com | tcp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 68.67.153.60:443 | s.ml-attr.com | tcp |
| US | 104.26.6.174:443 | embed.navu.co | tcp |
| US | 151.101.65.140:443 | alb.reddit.com | tcp |
| US | 151.101.193.140:443 | alb.reddit.com | tcp |
| US | 8.8.8.8:53 | 45.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.31.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.28.18.104.in-addr.arpa | udp |
| US | 151.101.65.140:443 | alb.reddit.com | tcp |
| US | 8.8.8.8:53 | 11595271.fls.doubleclick.net | udp |
| NL | 172.217.168.198:443 | 11595271.fls.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | obs.fishrobotflower.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | api.company-target.com | udp |
| US | 54.83.110.109:443 | obs.fishrobotflower.com | tcp |
| DE | 37.252.171.52:443 | secure.adnxs.com | tcp |
| ES | 157.240.5.10:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | s.company-target.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| US | 34.96.71.22:443 | s.company-target.com | tcp |
| GB | 18.172.153.61:443 | api.company-target.com | tcp |
| NL | 172.217.168.198:443 | 11595271.fls.doubleclick.net | udp |
| NL | 142.251.39.98:443 | googleads4.g.doubleclick.net | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 104.26.6.174:443 | embed.navu.co | tcp |
| US | 8.8.8.8:53 | 1.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.153.67.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tag-logger.demandbase.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | attr.ml-api.io | udp |
| US | 3.165.148.44:443 | tag-logger.demandbase.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 18.172.89.61:443 | attr.ml-api.io | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel.sitescout.com | udp |
| US | 8.8.8.8:53 | c.navu.co | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 98.98.135.24:443 | pixel.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 172.217.168.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | loadm.exelator.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | 52.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.71.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.110.83.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.148.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.135.98.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| IE | 34.254.143.3:443 | loadm.exelator.com | tcp |
| IE | 34.241.121.50:443 | dpm.demdex.net | tcp |
| IE | 54.77.158.234:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | page.connectwise.com | udp |
| US | 172.64.154.120:443 | page.connectwise.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | partners.tremorhub.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 234.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.158.77.54.in-addr.arpa | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | c01.embed.navu.co | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | tcp |
| US | 34.197.20.7:443 | partners.tremorhub.com | tcp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.20.197.34.in-addr.arpa | udp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 172.217.168.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | dpx.airpr.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| DE | 3.125.1.26:443 | dpx.airpr.com | tcp |
| GB | 173.222.211.56:443 | snap.licdn.com | tcp |
| US | 8.8.8.8:53 | conversation.api.drift.com | udp |
| US | 8.8.8.8:53 | customer.api.drift.com | udp |
| US | 8.8.8.8:53 | metrics.api.drift.com | udp |
| US | 8.8.8.8:53 | targeting.api.drift.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | dc.services.visualstudio.com | udp |
| NL | 20.50.88.235:443 | dc.services.visualstudio.com | tcp |
| NL | 20.50.88.235:443 | dc.services.visualstudio.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| GB | 95.100.245.12:443 | tags.bluekai.com | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | cdn.mouseflow.com | udp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.1.125.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.88.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 104.18.27.50:443 | cdn.mouseflow.com | tcp |
| US | 8.8.8.8:53 | s.yimg.com | udp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| GB | 87.248.114.12:443 | s.yimg.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.141:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | a.quora.com | udp |
| US | 162.159.152.17:443 | a.quora.com | tcp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| GB | 87.248.114.12:443 | s.yimg.com | tcp |
| GB | 199.232.56.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | vidassets.terminus.services | udp |
| US | 8.8.8.8:53 | js.adsrvr.org | udp |
| GB | 13.224.81.116:443 | vidassets.terminus.services | tcp |
| US | 8.8.8.8:53 | ws.zoominfo.com | udp |
| GB | 18.164.70.100:443 | js.adsrvr.org | tcp |
| US | 104.16.118.43:443 | ws.zoominfo.com | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | cdn.getsmartcontent.com | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.27.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.152.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.56.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.70.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.118.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| GB | 54.230.10.82:443 | cdn.getsmartcontent.com | tcp |
| US | 8.8.8.8:53 | trk.techtarget.com | udp |
| US | 8.8.8.8:53 | siteimproveanalytics.com | udp |
| US | 104.18.36.196:443 | trk.techtarget.com | tcp |
| US | 172.67.163.237:443 | siteimproveanalytics.com | tcp |
| US | 8.8.8.8:53 | ibc-flow.techtarget.com | udp |
| US | 104.26.6.174:443 | c01.embed.navu.co | tcp |
| US | 34.111.208.231:443 | ibc-flow.techtarget.com | tcp |
| US | 8.8.8.8:53 | insight.adsrvr.org | udp |
| US | 8.8.8.8:53 | bootstrap.driftapi.com | udp |
| US | 15.197.193.217:443 | insight.adsrvr.org | tcp |
| GB | 18.172.89.105:443 | bootstrap.driftapi.com | tcp |
| US | 34.111.208.231:443 | ibc-flow.techtarget.com | udp |
| US | 104.18.27.50:443 | cdn.mouseflow.com | udp |
| GB | 18.172.153.61:443 | api.company-target.com | tcp |
| US | 8.8.8.8:53 | q.quora.com | udp |
| US | 8.8.8.8:53 | a.usea01.idio.episerver.net | udp |
| US | 8.8.8.8:53 | 82.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.163.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.208.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | n2.mouseflow.com | udp |
| US | 52.55.71.71:443 | q.quora.com | tcp |
| US | 192.96.202.198:443 | n2.mouseflow.com | tcp |
| US | 3.94.218.138:443 | targeting.api.drift.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | sp.analytics.yahoo.com | udp |
| IE | 34.252.40.201:443 | sp.analytics.yahoo.com | tcp |
| IE | 34.252.40.201:443 | sp.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | 1344940-40.chat.api.drift.com | udp |
| US | 8.8.8.8:53 | 71.71.55.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.218.94.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.40.252.34.in-addr.arpa | udp |
| US | 52.22.99.60:443 | 1344940-40.chat.api.drift.com | tcp |
| US | 8.8.8.8:53 | 6046319.global.siteimproveanalytics.io | udp |
| DE | 18.157.106.94:443 | 6046319.global.siteimproveanalytics.io | tcp |
| US | 104.18.33.136:443 | page.connectwise.com | tcp |
| US | 8.8.8.8:53 | presence.api.drift.com | udp |
| US | 8.8.8.8:53 | event.api.drift.com | udp |
| US | 54.173.95.250:443 | presence.api.drift.com | tcp |
| US | 8.8.8.8:53 | 94.106.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.99.22.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.95.173.54.in-addr.arpa | udp |
| US | 192.96.202.198:443 | n2.mouseflow.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.teamviewer.net | udp |
| AT | 188.172.236.218:80 | www.teamviewer.net | tcp |
| AT | 188.172.236.218:80 | www.teamviewer.net | tcp |
| AT | 188.172.236.218:443 | www.teamviewer.net | tcp |
| US | 8.8.8.8:53 | r10.o.lencr.org | udp |
| GB | 23.200.147.33:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 218.236.172.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.teamviewer.com | udp |
| US | 104.16.62.16:443 | www.teamviewer.com | tcp |
| US | 104.16.62.16:443 | www.teamviewer.com | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | s7g10.scene7.com | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.226:443 | assets.adobedtm.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.226:443 | assets.adobedtm.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| US | 8.8.8.8:53 | 33.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.62.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.108.18.2.in-addr.arpa | udp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| NL | 142.250.179.131:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| GB | 2.18.108.59:443 | s7g10.scene7.com | tcp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | teamviewer.scene7.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| US | 104.16.62.16:443 | www.teamviewer.com | tcp |
| US | 104.16.62.16:443 | www.teamviewer.com | tcp |
| US | 104.18.29.127:443 | geolocation.onetrust.com | tcp |
| US | 104.18.29.127:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 66.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.29.18.104.in-addr.arpa | udp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| GB | 92.123.142.66:443 | teamviewer.scene7.com | tcp |
| US | 8.8.8.8:53 | cdn.engage.teamviewer.com | udp |
| GB | 18.172.89.37:443 | cdn.engage.teamviewer.com | tcp |
| GB | 18.172.89.37:443 | cdn.engage.teamviewer.com | tcp |
| US | 8.8.8.8:53 | 37.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.19.162.3.in-addr.arpa | udp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 56.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.143.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | engage.teamviewer.com | udp |
| DE | 144.76.236.241:443 | engage.teamviewer.com | tcp |
| DE | 144.76.236.241:443 | engage.teamviewer.com | tcp |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 104.18.29.127:443 | privacyportal-eu.onetrust.com | tcp |
| US | 104.18.29.127:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 23.200.147.33:80 | r11.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 241.236.76.144.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | www.ppl8022.pages.dev | udp |
| US | 172.66.44.100:80 | www.ppl8022.pages.dev | tcp |
| US | 172.66.44.100:80 | www.ppl8022.pages.dev | tcp |
| US | 172.66.44.100:443 | www.ppl8022.pages.dev | tcp |
| US | 8.8.8.8:53 | 100.44.66.172.in-addr.arpa | udp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | downfor.io | udp |
| US | 172.67.209.164:80 | downfor.io | tcp |
| US | 172.67.209.164:80 | downfor.io | tcp |
| US | 8.8.8.8:53 | downforeveryoneorjustme.com | udp |
| US | 104.26.6.8:443 | downforeveryoneorjustme.com | tcp |
| US | 104.26.6.8:443 | downforeveryoneorjustme.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.26.6.8:443 | downforeveryoneorjustme.com | tcp |
| US | 104.26.6.8:443 | downforeveryoneorjustme.com | tcp |
| US | 8.8.8.8:53 | 164.209.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 8.8.8.8:53 | driftt.imgix.net | udp |
| US | 104.244.42.131:443 | analytics.twitter.com | tcp |
| US | 151.101.66.208:443 | driftt.imgix.net | tcp |
| PL | 93.184.221.165:443 | t.co | tcp |
| US | 8.8.8.8:53 | 208.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.42.244.104.in-addr.arpa | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | connectwise-privacy.my.onetrust.com | udp |
| US | 192.96.202.198:443 | n2.mouseflow.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | q.quora.com | udp |
| US | 104.16.118.43:443 | ws.zoominfo.com | udp |
| US | 104.18.29.127:443 | connectwise-privacy.my.onetrust.com | tcp |
| US | 52.54.61.52:443 | q.quora.com | tcp |
| US | 192.96.202.198:443 | n2.mouseflow.com | tcp |
| US | 104.16.118.43:443 | ws.zoominfo.com | tcp |
| US | 104.16.118.43:443 | ws.zoominfo.com | udp |
| US | 8.8.8.8:53 | 52.61.54.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.189.173.21:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 21.173.189.20.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.69.250.142.in-addr.arpa | udp |
| N/A | 10.127.0.1:80 | tcp | |
| N/A | 10.127.0.1:80 | tcp | |
| N/A | 10.127.0.1:80 | tcp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| N/A | 10.127.0.1:80 | tcp | |
| N/A | 10.127.0.1:80 | tcp | |
| N/A | 10.127.0.1:80 | tcp | |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 104.18.111.161:443 | tinyurl.com | tcp |
| US | 104.18.111.161:443 | tinyurl.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 161.111.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 57.110.18.2.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| CA | 172.217.1.3:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.1.217.172.in-addr.arpa | udp |
| CA | 172.217.1.3:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | mcafeecomactivateretailcard.com | udp |
| US | 104.21.86.66:80 | mcafeecomactivateretailcard.com | tcp |
| US | 104.21.86.66:80 | mcafeecomactivateretailcard.com | tcp |
| US | 104.21.86.66:443 | mcafeecomactivateretailcard.com | tcp |
| US | 104.21.86.66:443 | mcafeecomactivateretailcard.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 66.86.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mcafeecomactivateretailcard.com | udp |
| US | 172.67.216.89:80 | www.mcafeecomactivateretailcard.com | tcp |
| US | 8.8.8.8:53 | 89.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| GB | 23.211.236.95:443 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | tcp |
| US | 104.21.27.152:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.11.207:443 | stackpath.bootstrapcdn.com | tcp |
| GB | 23.211.236.95:443 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | tcp |
| GB | 23.211.236.95:443 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | tcp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | udp |
| US | 104.21.27.152:443 | use.fontawesome.com | udp |
| US | 8.8.8.8:53 | 95.236.211.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.27.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| GB | 23.211.236.95:443 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | tcp |
| GB | 23.211.236.95:443 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | tcp |
| GB | 23.211.236.95:443 | 8150e502a00d512ce440-4f545a264b21ec0a641efaa20af32482.ssl.cf4.rackcdn.com | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 199.232.213.91:80 | softonic.com | tcp |
| US | 199.232.213.91:80 | softonic.com | tcp |
| US | 199.232.213.91:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 151.101.1.91:443 | www.softonic.com | tcp |
| US | 151.101.1.91:443 | www.softonic.com | tcp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 151.101.65.91:443 | en.softonic.com | tcp |
| US | 8.8.8.8:53 | 91.213.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 151.101.65.91:443 | images.sftcdn.net | tcp |
| US | 151.101.65.91:443 | images.sftcdn.net | tcp |
| US | 151.101.65.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | articles-img.sftcdn.net | udp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.129.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.65.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.65.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.65.91:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | 91.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.129.101.151.in-addr.arpa | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| FR | 212.47.244.38:443 | tcp | |
| DE | 193.23.244.244:443 | tcp | |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| NL | 212.129.62.232:443 | tcp | |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 144.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.62.129.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.244.23.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| SE | 193.11.114.45:9002 | tcp | |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.114.11.193.in-addr.arpa | udp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| GB | 13.224.222.64:443 | sdk.privacy-center.org | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 151.101.1.91:443 | articles-img.sftcdn.net | tcp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 128.31.0.39:9101 | tcp | |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| US | 8.8.8.8:53 | 64.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.131:80 | o.pki.goog | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| NL | 172.217.23.194:443 | googleads.g.doubleclick.net | tcp |
| NL | 172.217.23.194:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | voicemod.en.softonic.com | udp |
| US | 151.101.65.91:443 | voicemod.en.softonic.com | tcp |
| US | 151.101.65.91:443 | voicemod.en.softonic.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 151.101.1.91:443 | voicemod.en.softonic.com | tcp |
| US | 151.101.1.91:443 | voicemod.en.softonic.com | tcp |
| FR | 51.254.246.203:9001 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:60545 | tcp | |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| FR | 212.47.244.38:443 | tcp | |
| US | 199.254.238.52:443 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| CA | 198.50.191.95:443 | tcp | |
| US | 8.8.8.8:53 | 95.191.50.198.in-addr.arpa | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| DE | 131.188.40.189:443 | tcp | |
| US | 8.8.8.8:53 | 189.40.188.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| FR | 163.172.176.167:443 | tcp | |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
Files
\??\pipe\crashpad_3032_AFLWCRUOQDSYOHJC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2ea1b1e2585f0360c117fbc46af0f84b |
| SHA1 | 0d7e104ec155f4416286843b1005b60b96152aec |
| SHA256 | 8cd061c9b7c92cb882fd1e2080ed2e63d5ee3498116c0398b45a0c17e24aa847 |
| SHA512 | c92ddaa60e3a1dd9b268d28961c485d72b6e55ebd8f4930ee0eee3e93de226ed7e6374925bc3af77fcac64744a3ccdc54a97c5d8526c1ce48f27f2a2758fb071 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4e2a3080e117131e3e741ec1cf833467 |
| SHA1 | 526d066e9741e916201a299a799b39ed19c75b80 |
| SHA256 | ff3d40cdd4da989415c000f0ede2582d6b1e031cf5cd78f088f195b63ffd03c6 |
| SHA512 | 8f68ddf00ef67ea1ad3dcb10d5c7e2290e11c7becffbdb802c0a949b9f1dbe9e3405665032790c1f75e4646f5c81494af48529753d2b496569df5762b33fd074 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ebf683aee3298788d1524f23b39581d6 |
| SHA1 | 9eef6010519d52885c547adf8538d8a530eceb1c |
| SHA256 | f853780715460e79737f96679df76988d0bded44f26d7f804964c01ed5b8d475 |
| SHA512 | 67e650368f8e0525b973a27d93ae67cd6b74945185462639661a7b02cd9313a96320a7b0c88c696df506959347a15691719cda7bcf0aef6aec3aacf71b9090a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | dd72b27356de900d91f43f60d0f659c5 |
| SHA1 | fd3deba3c80fd8910cfd5a5692383d3525f9c5a5 |
| SHA256 | 8e4c6530be43714ec3fd2d7c4d304421735ee4793bb1d88c245eec767952e4c2 |
| SHA512 | 2f89d92914ad675b84d6b5858ea0c9666143ae21e0baeda9dc04f18042a576bc234f4217deac750857baf82e1acced14f97927f2e70701fbcdb5a60afaf2b826 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c79d8621f53dd4a0f7c8f935c2790a14 |
| SHA1 | df2f8c27174c6ea5e70c5be448f7d5abfde262fa |
| SHA256 | 05675aff86c355c58dd2ada3ab90029a14a11b83301fb8bae4854544bc175a82 |
| SHA512 | 4a2f86f9b31274e8a4d1edd27986af2dea92e5b96a80fc33b74a4025f21d755ae998c32bceb7496b219a2e8e19e18b11ea93dcfc4a0090930aa3cddaf846b3b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 233d427faa939a8a947fe0722d0c7615 |
| SHA1 | e790c1fcf9a351f6880db5e083e425908adb4c7d |
| SHA256 | a92f1020aa0a0dbd5de352f556c3a45fab38a49ce5ef629cc7d95419848347c9 |
| SHA512 | deacd460419bf34c68db29cd7e792038f3064b2d245b935d92271406939fa4b1946c648a1eb5582a49bfe61958df4a50a51073788285ef98099a88016025fad7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 687f1ac9e569752b133adb62b9d9d385 |
| SHA1 | 8008e64d9ca7eea1d9884e4cd9247a39c3ba8e46 |
| SHA256 | d29363429f20ae229d48ebbbf6cd4445db80532d44b4c133497d8362abb59f00 |
| SHA512 | ccfdf0c969e69f2012c01ee20506f5da3f82a70a7bd6ea24bf37cf23312caf6079477b2f8fa18bc3cbb04c957726ed95ae44f373306f313ebf9b843ab8203cca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580097.TMP
| MD5 | 76e7cbcfdc7e8d306877f109eaed6a23 |
| SHA1 | 278d6ce9a7cdd9b540c0294843e9b0e1b0dfc430 |
| SHA256 | fd4fd814acf5076bd59cf08a24588eae9d93c9c6d8158bd275e81a1b19f7f919 |
| SHA512 | 34ffaea745211c64f9c7037e0f7771ed21606ab1fbc4899365dc807ff6f9cbb26dd46caad6ba0cbf3d0cd74ed0cf463751a8d52def41165e4489eab15e7c6f8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 13eccb2ae7809ceb1a1657bf3acc3b69 |
| SHA1 | 49158ae5160113e6f44724da1ac35145c5b6cfab |
| SHA256 | 0c062f4b3aa0d5c34d6f4460681de92f9d0f8444ff27c7d647e6f862f2de88ff |
| SHA512 | 745d8412eaf8d2efae7519f8a7f669198121f512ba233653973c58493e6dfe2c342bf5e2f9428d9e919f08e012be2c92388f61ef18be5131612a1b8d9ce374e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2498ac1da6ab4282e38bfeb619ac5f0 |
| SHA1 | e0ef76f02d3e6a8ae5bd3f9f679ff9e98ba52113 |
| SHA256 | 07d6db2e2e86b636dd8ce6287450e0c50c2ee1276ba09a4e76efced6e803ff98 |
| SHA512 | dc0083538961e1eeb417eb25173924fcdca9c58aafeb0aeb10bcfb5dc615350df5e5a19be3b2aab650b7304588be909b1842d07888b2874bab49e4ac0ed6ec5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18a2d75b24568a239c77e313a7c1d784 |
| SHA1 | bc5d7edd6e623e709944aacd5c1e6eea3e5263dd |
| SHA256 | 13efa99ce10a915cd00e1482b4ac8dd382223be2d87f37329b5de55c6b759113 |
| SHA512 | 436e279483215bdaddc3a706ad1929e56f4050e87770ca809fd2c2fbd3fd7e1eb9fde2ddc1f934ab9b436912debd29b75f13f302270860dbd22111487abbe78f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 97e243d431b8aa885488a12cf39c2896 |
| SHA1 | 039074ba2028be2a9a81af7272f7aab6c4644f15 |
| SHA256 | bd9ecfd0cf0cc94d96b5d7743bf171ef6f6bdde82be9d3a805661887199224f4 |
| SHA512 | 9f4efc5f79ba51c714dd73b9220a718b7effcd342ca247e6d5570e792bc6f863ed948502e7f889e1a699cf40ea6d0dd373d8408b4dded218243044eb894719f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 66183f81938c525bdf699fd03695f4eb |
| SHA1 | 462cde45757479b4ea767db5fe74f5309374a2eb |
| SHA256 | c4b549ba2d12bda13e3caaee8d85a9a08b6c94aa5582f32c26f512b5015f04fb |
| SHA512 | 32d720b77d542c458fcc3b1c56a231ab552832c71332a470508ea37fa4b64329c691bcd8fda8e1b4a7507cec764cb40e2fb417f71bea821f0a4f582dbd45f2a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 272794b872d06d74767fa00fae72fa6d |
| SHA1 | ffb7321b3a7902d1661b3b54f53c26c8198283fa |
| SHA256 | c07c4c567d85f023bc94d46c557e6c1804f2347f7622d0bd9f3327c21e26a06f |
| SHA512 | a98a952d7caee4c4d92ca0b779c0fd1a6e3225f91503a8c1073be419a67285333b1729b0e59f61479e71a3cb2169afdac8ee4c79f30203a04b4bf37417f75171 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | 726ada77a3cb0e3b2589e8b16970edbe |
| SHA1 | cd84c23150faafe39ec2a2a6956297fd33856640 |
| SHA256 | 2de698aa14a34df8954b839067beaaa030bed286d7d8603e2f2b0ceca05dd155 |
| SHA512 | 7b1dd534d147b65f1debc806b6fdf73c8d3d307ba523b2b780d484d7d6001abbceaef9a919928ce1d8e7b5422772437cc61b9b38c5a40955a317a5c0eaa76cab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 447c78270085623fdb46a712d54b3d43 |
| SHA1 | 0ab276d406ffcc5549387a557af1de845c90828b |
| SHA256 | 5816803bda5c9e51324e766b0fab74f13d22c72a70d9d37a3d3c76cbd8a0e707 |
| SHA512 | cb5273978af540b8be53c6a841033576e09a288286822c4cfcbc628cf5d92ebd949888c3292f939f0f73e975bf63c561ee1f5aba8c6f3098fb707ac3554e9323 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f19a4f30080984a6a23652d84dea775e |
| SHA1 | ba211c481c07f0cb6094d53c5d555643d5f4d11a |
| SHA256 | 4c9a7d48a32fe7c6112e0ba46ed37573712c0bcee985548d0e7baa928bbd5ef9 |
| SHA512 | 118fd4d803199d04e009c84e3cce541c44549d38c2797912de9dea98c586ab52e455dc5b8f2fb48182f350e579a6516006107f9408021b1cc38c784846ae92df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2cf7a488da8d4a7ede0b9abcc2f3ac0d |
| SHA1 | 4f4bf8ea6b8c2a541f90aed26b9a0ee02f101690 |
| SHA256 | 9fdd51be54c19b6a5013ca4bb5c498a4413a5246415a79642d42e995b54ed306 |
| SHA512 | 009bc4697de050b9fc6087859601e4e010afbefeca185f8fea2e7ce50c4317dfbbdd0f42b539a768dcf00a083d6c9cf3cf18b3c0642d223bdc56dffd027a296f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | fff5c5e8231883a1b49967cee820464c |
| SHA1 | 2100c8894ea4e2626c1f3000778b30df1abefe4a |
| SHA256 | 4e725ec392efc61a2f450987b03f2b0b92f3780a796cf6c9fc9cfab62f94b42f |
| SHA512 | b73be15ce94ac0ce8def5fe455f28272f2b3d729b1002fd7db50dedc8b652d24fea6bd4b782ab15aae77fb0873c425cbb037a03754ea442133157b81e00f3a6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9078bf2b9517a127d0b9b2fbb79e6deb |
| SHA1 | 20a0a2563cef7e8835d099010549b37c37960ae2 |
| SHA256 | d1778fa702ee10e9a298ab02171a74709cd7b5f6aa94fb41ef0713c6e8fe1dfc |
| SHA512 | 5aa99f5c491f6103d92ee1c0c6b6f3eb25120b41f8653af1296fd220d7d29fa4cb627139e2583eb6c0aef8ab9129f01d2817be550fae655d24300e959778ef21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 62ea5e227505fdb241f2c1ef8dbc9f7c |
| SHA1 | 6f69c0ca847f873378eb40c74d90693e932b5a1b |
| SHA256 | 6f08d37ca446308ded24c13ced6e09494bf0893677ce2c1885d1895c4b311749 |
| SHA512 | 26d5c21b6ddaffe320188477498217f99f4c446bedfabb2a63f26110976702765869cab1fdb5d3c99c8af62a8e782b445fa372c54024163acd92a32bda63f8a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f36647e115de4213241c5cd18cd3febc |
| SHA1 | 0603151f86236feb3f1f537d2164b2df01121637 |
| SHA256 | 782c8b1ec938a13ac5fa6db7162667422f64e6aef589b87f351b110e57712e59 |
| SHA512 | 934d50eed902e090c853ade19068a99af4afa7bed8317f76865719727db1dcef36035d5e7712c7d3c78bdbfb1af8be39669c1c6ab90c5eb42fa522c8bb6577f5 |
memory/3700-671-0x00000193FE120000-0x00000193FE130000-memory.dmp
memory/3700-655-0x00000193FE020000-0x00000193FE030000-memory.dmp
memory/3700-690-0x00000193FB3D0000-0x00000193FB3D2000-memory.dmp
memory/5196-698-0x0000014E00700000-0x0000014E00800000-memory.dmp
memory/5196-697-0x0000014E00700000-0x0000014E00800000-memory.dmp
memory/5284-738-0x0000022E38BC0000-0x0000022E38BC2000-memory.dmp
memory/5284-736-0x0000022E38B00000-0x0000022E38B02000-memory.dmp
memory/5284-734-0x0000022E385E0000-0x0000022E385E2000-memory.dmp
memory/5284-779-0x0000022E39020000-0x0000022E39120000-memory.dmp
memory/5284-784-0x0000022E3A6D0000-0x0000022E3A7D0000-memory.dmp
memory/5284-793-0x0000022E3B1D0000-0x0000022E3B1D2000-memory.dmp
memory/5284-791-0x0000022E3AAF0000-0x0000022E3AAF2000-memory.dmp
memory/5284-799-0x0000022E3A9B0000-0x0000022E3AAB0000-memory.dmp
memory/5284-798-0x0000022E39020000-0x0000022E39120000-memory.dmp
memory/5284-797-0x0000022E3A6D0000-0x0000022E3A7D0000-memory.dmp
memory/5284-789-0x0000022E3AAD0000-0x0000022E3AAD2000-memory.dmp
memory/5284-817-0x0000022E39A90000-0x0000022E39AB0000-memory.dmp
memory/5284-816-0x0000022E3BD00000-0x0000022E3BD20000-memory.dmp
memory/5284-815-0x0000022E3B2A0000-0x0000022E3B3A0000-memory.dmp
memory/5284-859-0x0000022E39BF0000-0x0000022E39BF2000-memory.dmp
memory/5284-863-0x0000022E39C30000-0x0000022E39C32000-memory.dmp
memory/5284-861-0x0000022E39C00000-0x0000022E39C02000-memory.dmp
memory/5284-857-0x0000022E39BE0000-0x0000022E39BE2000-memory.dmp
memory/5284-894-0x0000022E3D420000-0x0000022E3D520000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\T8HH3Q96\recaptcha__en[1].js
| MD5 | 774dab3a2fa5d7af589bb9d159f86e73 |
| SHA1 | 98eb3d1d1e59a1f92288b59003b9f459690b264c |
| SHA256 | 0579319097e8c725b3a3dcc597ec62fad86a379ea3c8c41c290deb379d3e6ee0 |
| SHA512 | c0b15929cf38d0b0fc07cf39299b23cad61af927939f8f676ac345b92b3f6c968b426208cfe4b629d9a8aa802ae1aa1462124c71f640519c0e68dd25ca8133af |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\tkyn2w7\imagestore.dat
| MD5 | 245d321e18d1d76dd1ecae9152f3b539 |
| SHA1 | f97a57bbb4f9d2bc08626e347c0477c9fb55a703 |
| SHA256 | 054c36f286537965f531ea097676e66c3ec3f13e1254b2b5a4693098f8cf0d48 |
| SHA512 | 700564de6109428fb111897789666dafbaeea53adb2f19663f75f656843c462ea0156b49160ede034de522e5a88b322f82fddb8868af6d3de26f590a9428e4da |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\P6D064LF\favicon[1].ico
| MD5 | 3b1b9a193322b703ced72d7819337caf |
| SHA1 | bc05c4a500bd4410fa18e161f0348f6efa0c2a27 |
| SHA256 | 9e6f88a0e72d6a6374406ba80280cbca99e6257e5746bef21ded5d0ef9a9e0f5 |
| SHA512 | 728cc446165f0897beed44e45651c46e367a9c1f68b2c5c07a1aee9febe3aaac66a93ad2ddb3b257ff4b01b46dc8633efbc9bfc522cf722fa702d359a8868a3e |
memory/3700-893-0x00000193855C0000-0x00000193855C1000-memory.dmp
memory/3700-892-0x00000193855B0000-0x00000193855B1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\S6FC0TY9\www.google[1].xml
| MD5 | 3c998e6ac410e6978a1f789c4d8ae36f |
| SHA1 | d721b55d2d527e73c9bb6da153af8489e07a5eeb |
| SHA256 | 62886778759fb3a038f64c56c14488e87638b019f63f7b6031b0576df840c48c |
| SHA512 | c790ad1e1263587d7ec90324aed160f3546cd94d3db8fa117aa3482574eaf0805126590ca49c105fb96547ea3af30bb5c2950fe84419556e3df3aee04e0d84ae |
memory/5284-961-0x0000022E3E400000-0x0000022E3E500000-memory.dmp
memory/5284-1067-0x0000022E27DF0000-0x0000022E27E00000-memory.dmp
memory/5284-1073-0x0000022E27DF0000-0x0000022E27E00000-memory.dmp
memory/5284-1070-0x0000022E27DF0000-0x0000022E27E00000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a7fcab26d7003f104eb7e1fed5c63090 |
| SHA1 | 62d60983a12b3d3d7dc6dec050afc5925a7d336b |
| SHA256 | f36eb4af0e00bbd845f1bf1a363443481b1b6a7bb5534f084e45073064f0198e |
| SHA512 | 943bb9a6b43e8010b6a0b6faff77711ab0a3a0cbbf06972e7d537907c0bd7216eb7d6339b56713136f8f8e16e6e83bc851e7377995ac649fb2b23668bbf43986 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 1bfe591a4fe3d91b03cdf26eaacd8f89 |
| SHA1 | 719c37c320f518ac168c86723724891950911cea |
| SHA256 | 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8 |
| SHA512 | 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\K628XR09\www.bing[1].xml
| MD5 | c9b187691230be1ae837cb60bd9d1298 |
| SHA1 | b1d2f68ce78cb2776af82e23b5b42e40f30838d3 |
| SHA256 | 48336ced4c032fe5251787622b7cb4908d2b60a0f2733e86850dbc298bad04bd |
| SHA512 | 3d8e34982cf7b4a08ec003a3a252bd0a702030cc5b7298e09a1715f668fadb9f88ec529baea2ad4cca05e9b196e4a68f54cce52e8ed389374821799180871d0c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFBF4429F2D0F5D4BA.TMP
| MD5 | 83feb6c935b3478ef34901f186fb3899 |
| SHA1 | 1cb6a81f5cd1f13d611267f84c1be864d86e21df |
| SHA256 | d90b24ba5bbe28f1d76ecf8b1d2db9b0bc68e90b51f844d6c2a3c92b9eb41ea3 |
| SHA512 | f9f9474b1bf37398160d4366d4b6626e585de0edd6c1954cc5041dc4d9d2b4320a0852f863f7511c78c5878d3308fe049e77533c8714b76d806bf2948d156c3d |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.jfm
| MD5 | 7c9b7d02f04f2929382d700bac529fb7 |
| SHA1 | b7c6b44737945240242fda4f0ebf643530d1e2ee |
| SHA256 | 78b7ba735bf0f9b11e92712094929f3671809620be3af95abe59193e3677fe12 |
| SHA512 | 31c169a47179149eafad73dd7849cee685f7b8fd6401a577e931c8e3fe9af4b5bfc223bcb87e67dc46adce73f4f0c274d276dee478723c5f1d48a526e37f1333 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\spartan.edb
| MD5 | c02c82ea74ffe01093069f30b4980a9d |
| SHA1 | 3046042db4051357da417e0d1f958ac3aed1e2c0 |
| SHA256 | b01eeb3c206e44b95c809cccc2629a8b5472bc03882ac09319d70bcdb9370178 |
| SHA512 | 6171b1cff2f80d27264bcc767075376052017aead6247495710b8148604e863a5ad73bc7d08e6d5307e8031958d8553c2c662f684c22ee9184cc1f878d0f83d2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log
| MD5 | 8fe259490a536482e884347725ec615d |
| SHA1 | 5215bbaed97447260d5bd551ac99ac1bd03b3c87 |
| SHA256 | 12d5b32c4a7cd0de88874393b076bfb245a0cbe6a6668131523144d5d1263673 |
| SHA512 | 76757cc0272b83638352ba4fd54be4dd286ade0cb6097b3c4780fdc8f2c37249a27bb4e953011c4eb5980f15b163076e5f97ed6cc28ba218fee3dec008086023 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\edb.chk
| MD5 | d96331134bf30d330a46b3ec7d330f09 |
| SHA1 | 1ee12dda6cbd9c5f372c9c6d1d5b9d42ba56dfd4 |
| SHA256 | 9853b83fcbc527596eee01898078d359b60d382166000421e1b182572d3ab178 |
| SHA512 | 432e02eb13f53aa5ef9afeea6e83457a35d8577435fe02d4d70006f27cdf1e39581f2898a88984254fbc77268644cfe9d4e285f5cdf32052cbf4548732e71a7a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\Recovery\Active\{ACCF509B-326C-499F-8F1D-B811670AB33B}.dat
| MD5 | 37e29ff2170b05aa553ee7fbc8909ab5 |
| SHA1 | 3539d0c54c7477e7fa13b543e2c4cfdbf0b1a40d |
| SHA256 | 3e313ad23cd6aa855c2f2b9fe676076d726851cd786b296619b83094047dd124 |
| SHA512 | 9426c117b3ee881bbcefcfee404d690793c073b9b964c46efc48a83608f437754379623d99a4e2818a7204d7aca3fa91c0970fae53212a15bedae47e39e7c5f4 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\Recovery\Active\RecoveryStore.{71C2895F-59A0-4A99-A1B0-47C9F692AB95}.dat
| MD5 | 12e7d867f066200b40eff671969d8d14 |
| SHA1 | 0a2bb86235f828335b3bd0351574401e993285eb |
| SHA256 | a8f153e50516f4d494467a7c8142a98fef9bde00c2f2642a8f64259839cf35ae |
| SHA512 | 377cbd0df2f612cfdfe481936514be0ce16ab601da4d9f0e9ddd2fd5929d850e1bf27f963550257c9adb2a8362d3f41e22fbfd8c00145dfd0fe1a273d90c6d45 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
| MD5 | 81d9be7f2cf2fb4e00ee0a75e7c3041d |
| SHA1 | 3962b66ab8b1ca9b40d6babfd7b82fbc54e7f363 |
| SHA256 | 6570c2b64173266697a56c945982e23669e98848ac6ddf92dfcf14d0646b6af6 |
| SHA512 | bd435aa3a1285db41d96768f2ff0ba003e4d9a130d4ad26a1a89924583cb7a911169f1bbec4effd3802271ff4c29ada23f595655bec0db527d086b5badbe6c50 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8
| MD5 | 971c514f84bba0785f80aa1c23edfd79 |
| SHA1 | 732acea710a87530c6b08ecdf32a110d254a54c8 |
| SHA256 | f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895 |
| SHA512 | 43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
| MD5 | 462203759c8429c97131a1948e9441c5 |
| SHA1 | e120271ddf3dce65fc8fd04adfaf820ac0923eb2 |
| SHA256 | 27c02f55d7b6e012c9584fdd3ff16205bdf7f924df271f16b1a8f57af5daf110 |
| SHA512 | 8e8b886c0949835193e224fd8572ed07e8ff3d53abeaf4eeea1915b8e3bd5b87fea4a7b43e89302dbf1b33f7dfaed87a3864cea3e83e12a212fce65f30bf6419 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
| MD5 | 7fb5fa1534dcf77f2125b2403b30a0ee |
| SHA1 | 365d96812a69ac0a4611ea4b70a3f306576cc3ea |
| SHA256 | 33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f |
| SHA512 | a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\tkyn2w7\imagestore.dat
| MD5 | 5f49ea465fffd7db33b1b5ed20f2c27d |
| SHA1 | 7115f3c384c1f57602d2d935fb49aa96685a6987 |
| SHA256 | e7aabbc8126a4196e7808fdaa2c1f25674f530d6944931a2e4ad1a17a985a169 |
| SHA512 | 9ef5fc4db422f7650e4122ff3677ebbaf592d3e6f4febb00e1e16acb1e11c21ec05ad555556770908865de166d2826e6b56b0a1f04e77476ef4f739e619e1ce8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | 180a3606483e2d97cc6c261bc1fda90d |
| SHA1 | 287845eade885e92109ca61fb953af5270ae81ed |
| SHA256 | 2e09a6b09bb1a77d6677f89ed079330307f85f3d42058e811c4dede2f184a956 |
| SHA512 | 9e8fcae8e5ace91e4ad705cf35c907a2a70774dd1ba668d1cd165bc892cd94f179299e1dd63f983b8f91911dafa620713d1f84a590dec7c65ee4c653ad60dc84 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | 648d96b2aef3c381532b4c4dfa69240e |
| SHA1 | 2cf7505339856ba3675c03ba73939bcf2e6aa4ee |
| SHA256 | 96c105414a11e7ee6c7a188ff8e076b0e2a3a340efefc706e8b061b529e95b71 |
| SHA512 | d574093e5cad6da4a6b9ea070e9ad1005b25fa2ee87bdcff63636c71df513dc4ceaaf43e7363b73904f16e646935af6010bf4aabdaefe8a84df0c5c3cadb5b91 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\7JVFK8C1.cookie
| MD5 | 5905b8d7879e9c09ef08bc544458e471 |
| SHA1 | 253ff95c136984bbff32b0ce9abbf05b20cebfbf |
| SHA256 | a8ef8c1151517fe73a00370fdcec402d1434e23d4b142f3beef681465000aaf4 |
| SHA512 | c8b60b0e2879482736ea02364ff20d6e6f9cc9ffc9431ac65643336fde8ab064d80518403fd9c2017786170084900f5c71d95db245ec8b8a70f8fc79a9679f37 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\HADR2AKM.cookie
| MD5 | 8abddcade2f2e5737e885f4f893d163d |
| SHA1 | 012fb7704d22b2a98ffd38e92f6c75cc504bcb93 |
| SHA256 | 1c5a058b7900d62260b88533df98db95313b478e19999c199e4c7c041e978e37 |
| SHA512 | 720f17ad042088392567027c65b9286d60fbc7833c94e0c9b6274194246346a62433d15c4e79e0a53a96f96a74dec6f1b0fdb031816bf70f30a51c0e7cac3a5b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5TH9W7YA\warmup[1].gif
| MD5 | 325472601571f31e1bf00674c368d335 |
| SHA1 | 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a |
| SHA256 | b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b |
| SHA512 | 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\Microsoft\CryptnetUrlCache\MetaData\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | 70093f39a910833cc4db457dfcedb993 |
| SHA1 | 4a8a189485fa723cab2df9c79721009afd623108 |
| SHA256 | 30499c6ded0d0616f14153a74c50895954819669742445642cdcfe688b74c7c9 |
| SHA512 | 51bfd8afea5f02af56dab11ae5f06a014ce02105a4a99fd1cbf278e86cb9d49544ad9ffb113310c3d71eee4b296579a10011faddeaa5fa0da9c97679663200f2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\3R08NJWO\7QYx7x_2vILJrhrdTHB5vBChteY[1].js
| MD5 | 526f1192ae3d9d2ef648b6f4c9148de9 |
| SHA1 | 2c734e18a6a0494b0f63e5f1ad0a1b43ac00df7d |
| SHA256 | 7a86a052417800e17b933e207cae233fb3050e015c8aa74f1fc73099f1b4eb4d |
| SHA512 | 57329e1c7148595be34c83308b498bc6271dfc7ec1124587a5f96490b665d2d9e9be97c9c87a14c2ea817e444d86dc4c2e15a132e1e6b11a503426e791faf8c9 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\M2E1PFN1\dcb-PwRbjINh_Wg-9pEP8tD_qO4.gz[1].js
| MD5 | fd3bc41de74066568a588517e770b45d |
| SHA1 | efb41ae431da385de00cb34a73cd099b86a14180 |
| SHA256 | 30518c7e8425a970e7906cb99b42b8c8cf96065dbb234676cb69c7e9af9b1c6a |
| SHA512 | a5ed00a50fc5949b5d45af443849920b066ea4fa7f23fe89947c7f107df1f71b7fa5d8f18c67c149e2d862f4669b2c2754dc8962c56dd77d4916b3989030bc73 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\M2E1PFN1\ss3d0sJoMnwEPabtwPxYd3-17LU.gz[1].js
| MD5 | 74cb8fb968cc8aaf483c659d0b8b09fa |
| SHA1 | 9711d42c492bf652c13bff8ef78ccc680d7c2aa5 |
| SHA256 | a39c8605443327649a1d83277bfcf16c0f72f10057084ae70865f8e91512265b |
| SHA512 | 4164437fe9dd0313b011d747c8a08544082ed257908da9749d0c4b70c2de9ebe328a58153398e460612768f6e682055beef4c29094bdd2df7d38a447809a04fa |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\TSN73DMK\7DRnJ-ywpuG7tVaukb2LDibhBUg.gz[1].js
| MD5 | 87ffaf55b84a7864a9ee7118a28935f7 |
| SHA1 | d276bef785a933621f3a8b6d3ea11d61e7f4681a |
| SHA256 | eb53402d31eefac4902ab2877c447622203f73208a9bd224d7d551d09bed0a60 |
| SHA512 | b9432da463cce1774dc4b1b4995e0ac850009af5e827e17c7dc754bbcac1d515b7d01126aabd4e79621e0b705ce60d84dd740e095792bc931f913682f51422c1 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\TSN73DMK\t4xaeuTBmu-Lp_KEbPyZVrfX8yw.gz[1].js
| MD5 | 8f663343ec709a01813ec08309844c50 |
| SHA1 | 7b52f9471b775f18293607b2e993e21b8f473abd |
| SHA256 | 6596ebb01cef892bd01826257e8707e2b9ea92d452fe965a9f6f1e8bc2e4d847 |
| SHA512 | 252609b1cf511069ae9d6c3e756b431149cd6f825e697d927752de0efeb7d9bbf7b0c10fa32aaab283c97bc65600f5f9a501e94fd59a174193e91a9e18094e6e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\M2E1PFN1\IOwhK4uDW4Sh2EVXk1BBw5OkHPY.gz[1].js
| MD5 | 815043a2748163bff1923bbe4e58fa8b |
| SHA1 | bf0009d6b2e129f68d222ab682ae4bbc6e4bb2af |
| SHA256 | 46e803c1c8be26bf892761a881407f61635c121148c32c0b125adc5472eeb29b |
| SHA512 | 13ece55513a609f1f080fd06d7c1358ce1b4193578394133b3ac5ec960261c016453d3feb443e48a91ac62ef0836ae6477c140e444a98fc3c0a70a29390f5fb8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\TSN73DMK\L3qgZ2pA6whKnPPHkQnZ2_d8WVo.gz[1].js
| MD5 | 38ca33c0793b64a776fbb0951a0edde9 |
| SHA1 | a5ea3cce1f7086578be4da0c62cba5c2cebe5589 |
| SHA256 | 560b5bf0d176b2bd5659731d315e3de0fd66a4cb267b2c243a414225ab569b6e |
| SHA512 | c9027bdb1fdd9cca0e1924e52d0732dd6f03c022b15e7d65b1433175c113db7d7a4a30121b0f2f821936c15c1a48bd25e7f39264a41df59d6c21813ee59bf491 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\M2E1PFN1\DicRs1X5x7sMwnmwcxBuO2kpGeI.gz[1].js
| MD5 | 95029a2b8ed04c57f44599682e9ce9c6 |
| SHA1 | 1e4a4bbec5e408c925bb30fefa2f7f1e5f6febba |
| SHA256 | 15edf8c630f285a9b9d9033d867f4fb1d5288ad3be707f31fb3bf7edfa54eaea |
| SHA512 | 3c1f3eaa0e2d26d8cf854714e4ba4af36b102d7aa8ce4138734406babcd54dc3002ee31a3540009ea7e2c8c8dc3c8cb2ce6e753f410e6c3a0ef055a1e362a608 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\M2E1PFN1\6wzJBpbyuAoCS5bfkKiW0Aw2R6o.gz[1].js
| MD5 | bd7ae7c3176d8081b60f1107a59e2e0a |
| SHA1 | 0da7bd177b96af58fde9c890671bd488c2e2436d |
| SHA256 | 69a4f680a4a443e28d84769abbbcdc1a64f24117e2b477b49df0e6cfd5a83fcc |
| SHA512 | 0145288ab1c74c45790c7abca7b0aa6a0e8c09ab05fc5b9a0ab858be1b6e302f043ee5da81c57158be48a1700d63e9567c8d5dd56ed021508622f81a1d99d168 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\VLZIYTUP\lZfFRIZsGLf3poBW6xAz2KFILkI.gz[1].js
| MD5 | 88b4876820bb8069fe375bc4577dafc9 |
| SHA1 | 86817b30447e742bca57715aaba839031b9f1e3f |
| SHA256 | 19bad3107546f7914ab0f1ce545f187d7dd26f90d05f26c3c326d1bd941f0ea8 |
| SHA512 | 7934c34d8bc724077cfabd29230461cae4c537780c0eb97bad3cd22d6117edaf41188039bbee171a0644a4887ab1eaff9a454baa5d75e9fabcca1dc585b669bb |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\3R08NJWO\4-xJy3tX6bM2BGl5zKioiEcQ1TU[1].css
| MD5 | 94d8383805b336e533d1d234aaa98a21 |
| SHA1 | 4966b000a607b19468968da111169e623a4cf48e |
| SHA256 | 699d6c87c646d3875c45fab214bfe2e385b54f325f25818c72c2c45c1a5f6897 |
| SHA512 | 165f35f226e627d06133b038d5a2f3a29685b7a10b154f00fd4dbfad68e182b69fe25a2a28f3590a5f6a0143a3b616a3cba5f05bb04932aa12bc13074380ae32 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\VLZIYTUP\XxqYiyTu9Zkh9t7nVvBNsDKSLlQ[1].css
| MD5 | cc6e7f4145dc1e08e0557d6bc17ef70f |
| SHA1 | d59629bc379ade3eaa88165b3201e0053801a04f |
| SHA256 | 5890f8abc24b6e6a25be37499163df964b32ee23dada1de7e09cb35abcaa0c92 |
| SHA512 | 2229034df6e6b83af46236b000c1fdc515edc5ae883a09a256d52af65d9bbeef6030f78138e20f933c0f7780f0efa53e4515f547746a2b5489a278eaec7d046b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\TSN73DMK\H7yNdbJxRRAcp5Cd9wD9aQLYG6s[1].css
| MD5 | 2aed393ada7873468390ff25ee6a2743 |
| SHA1 | 640fd31844706cf6fd2a3bcb85a97fd2b1f1f1e4 |
| SHA256 | 9164f94cd712c3537e23b3b1aaa0f2d41cc23615ead70452b25427e83a1be342 |
| SHA512 | d9a42800ae4b656884d5aa08935f95fc440470ef95dfc07b238d19291026187713aa6cccfc261c37f03c954f64357ca1777f548ee411d0c5f476c5b4d0190a5f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\VLZIYTUP\IEOneBox_V2[1].appcache
| MD5 | 47b36f7cc7e9b390fedf17526e81317c |
| SHA1 | 1ab6ea3739597ccb4f44e382e81480b533ebf2fd |
| SHA256 | 13ca32423ea4f0f946db58b11e39b3d423d915c72c72839461fc8b3efcce709e |
| SHA512 | 0575749ba107314b48f5f808242068be29ed86921136f23f0d01b806ffdb382c0bbf38b2a537e3d50549f167f9120ed2dd692e0a939a3be13bfd90176fb2cdad |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\3R08NJWO\3AuqmR1rGd-9n8jGdRiAunNFAZA.gz[1].js
| MD5 | dc221228e109f89b8b10c48f2678fb46 |
| SHA1 | 1bfc85cba5c424136941ac1dfd779a563b5beed4 |
| SHA256 | f4fb7234959f48c2b2ca73fd6c35d36eaf65d8c431d982a1ba208f5cdc766419 |
| SHA512 | 46f49e5ac18436251778d1f50c027729a2442ed6541c3162d878720703e37797b6028d96eb1568c23ec5006fb022c8e05855e250d6a1a590f41e890866529cd2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\3R08NJWO\WAAHGo-kP0xCDM16LGm9-alzHb8.gz[1].js
| MD5 | 9085e17b6172d9fc7b7373762c3d6e74 |
| SHA1 | dab3ca26ec7a8426f034113afa2123edfaa32a76 |
| SHA256 | 586d8f94486a8116af00c80a255cba96c5d994c5864e47deac5a7f1ae1e24b0d |
| SHA512 | b27b776cb4947eef6d9e2a33b46e87796a6d4c427f4759c08cf5aa0ee410a5f12e89ca6ab9cddd86c8471037e3c505f43c8b7fc6d8417f97f9fe3c5c47216bc4 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
| MD5 | 822467b728b7a66b081c91795373789a |
| SHA1 | d8f2f02e1eef62485a9feffd59ce837511749865 |
| SHA256 | af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9 |
| SHA512 | bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
| MD5 | 1f54aa00037d51516bfaa407bdd53d4f |
| SHA1 | 3d1457f56b3fe3441e2a3ae8aac73f09fa95c534 |
| SHA256 | 567af7dfb5e9c41810491b5863700ad6ef5e0cf8cd1f2817bcc699c11850265a |
| SHA512 | 45846ea15724c9bd6980c6ae5668af260dfd37723b090edc5117e1a770f6e662c73234f8e1525fd007725217f820a2a6dd80f9c80420e97877fad2612db9a308 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
| MD5 | e935bc5762068caf3e24a2683b1b8a88 |
| SHA1 | 82b70eb774c0756837fe8d7acbfeec05ecbf5463 |
| SHA256 | a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d |
| SHA512 | bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
| MD5 | 083f82a5317f240a132c6d80cec4adad |
| SHA1 | f6be9078ef128a86fb6626575c0779491a848db9 |
| SHA256 | b23cd234cd80320f80878405e1e77e1f654a8303bdfb1bf53c3e4de002777357 |
| SHA512 | 597155010457e13378636ea28ebd334e032ed2a5c74042a22d746db84d41a9c247c076bcd586d0a6863b0f2c02633629c46e9bb5c50280086604ca8f6249d725 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\UNHHO5HP\favicon[1].ico
| MD5 | 3199ba3c221ce06b3033437a96a89552 |
| SHA1 | fef4817d209707ea1950d54c56bfec1d97e137f0 |
| SHA256 | 2d05c35ac41e62da31432ee19cd8dfa25911fcd51a85f08ad0620c89f3b161e0 |
| SHA512 | c53756cdb02b6575dec8fbad3349865dc2eca456744ef5391af573ebd01972875ae62a1aa12458ef482a35eb482b95e07237e2208838a5fbea79332643ddd6aa |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore\LogFiles\edb.log
| MD5 | bf40326154384016117e7dcb70aa1541 |
| SHA1 | a48e66f22e7170952177d1359f15137d80e2df26 |
| SHA256 | 6637281604b3966ce29f9c8c95fcbeb170bbc2bf37f2e05331e1694f1ca22288 |
| SHA512 | 7640da30353999055d97d24b18d86f344847005e65a468cb62ea8e27164ec7813f2bb82ad04b966beb5dff00c040a1dfce70037641aa6eaa3cbdeafc975bea93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b00c4b0d957e336d33268f8985e5a626 |
| SHA1 | e8cc0499607f00f6d1803194dd6e20389f1f6d8e |
| SHA256 | 2fd39b962cfc474a3112895dc18f90cd3b16cd14679b7ef5a4e4c19e59bbf7b8 |
| SHA512 | 8e60cd2ca1235d05b77b5835b9a26c908495ad6e70646fd234530d8a1c00b5a33ffc9282bae52d8a9e6c4b133ae0d5224e0a9ed14bf1f3380b1099a5fa208de3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cc705c18b4c859c5e929b3e1ef01296c |
| SHA1 | 396ae5dc815a0e96c77412115003cad5223e71f7 |
| SHA256 | 6764d95ecb8d9ef89dc9372ff776cf487418614fd6f889dcfa2088b56cfd1495 |
| SHA512 | 799226f72efead08413d7801190b9ffb65829301962acdda20ecb886847b05fef0cd22af80e700db14f878e956b9bd61980c9c68e47323552e358146329d42e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9fdf5e051b3e9a3d69a47ccfe38cb1d9 |
| SHA1 | 96e5ed7d1ecd89812e18a4589f91997d46fc632e |
| SHA256 | 6e1bfd3a8fd55a745432b99aef065b4be390fb6be295bcb407c8de59bd995db3 |
| SHA512 | 83b8d1f1667ff43d633e4ec7e102f8bc9051747248056b83a7ec11207ddb698b334e9beb2b939a8ad31fdf23148d133ab8d75a1381e9a0adabc20ad52595a0b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5025142c21ac46a48c19fccb20d14943 |
| SHA1 | 9b0ea622da94c5f90b28f55a3d51b78fc7137ef8 |
| SHA256 | d5deae58f9ba3536fcd84a6b53d59f039edf1e75af920f59baf74e816319c1ae |
| SHA512 | 5827f880bbdf7be2cc95c5cf144abe7d2684f5a3819bb9e7c5edbaeecd6cb2dbc4bde21465980babaf2f11adbc20da289eb51fb346a9f991c36cfaf8e7e067a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 424d089dedf3c79e8e44e78028fdca64 |
| SHA1 | e5527ac1a008b98250ef8fbc311edcc2a1987360 |
| SHA256 | 1366b85b4f0cdb853742486b24f7884fe5c573d662e9357f13c17e7a2ac9e15b |
| SHA512 | 115da78feb38b5b1752009f7dc65221351ca69f54fbf19432528a04e6caa77e2e9f9dfec363a5e51f135fdc065689f07bf97e759dd8fbf18ace2e97ff7feca0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c95331b33b97877a19721e3708595657 |
| SHA1 | 32d10b28126cdda3df8d53735c354d74b1d232c5 |
| SHA256 | 94ef760021ee8ada989669a45520b52a941d545234bb8eda6ce8a983589f7888 |
| SHA512 | 1cf10e6fe99173a60816eab33afd709fa58146ccb158e201343d90bfbf726ee505594a5b83cf4e983008b020697bfc04cac1871aa36b423b5e766194b0f4bd30 |
memory/2680-5012-0x000000001F8B0000-0x000000001FDD6000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bae083c112d4224010b272cd4c9197a7 |
| SHA1 | 59d426e8af5fb44441c8098c934e3c582ef2c9db |
| SHA256 | cd9441ce70eac416ed064a4af4b278ef399945c13d181cc6305085bcb5796d10 |
| SHA512 | 6656a540e2aa732aa93fdfe090c07ed76cd65d1d8c04926b9cd6611364835704f39c27584ccad9c035b5b005ccfdd8794595ee04c2aa97e58902aa22fa1fd75e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 868eded6c11953c9463437c0b84f6fa2 |
| SHA1 | fd156b5e1237681f6f0c8334648c46a093f2ee66 |
| SHA256 | 7be7a0b78e021b7e63252273ca9caa414edbc7410a3ea2578a8e9b2e5e75e302 |
| SHA512 | 5b11ab76cac878fcfc613da3fdf09fccc24b21d2e8dd14487a1974865d90ce6565852ae1f4646dcabac1cb27d2dd9e90c89104b36712506aae2e0dbfe471ea2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bc2bc1b68cd1a84134c663a26be1e307 |
| SHA1 | 4b683960dd5bfd7843430c924a12a0fb8a90818d |
| SHA256 | 1c0dcc0332eae9c61feefa0a5440556522a63766aa468808543bbab79addee04 |
| SHA512 | 9ad06971d8ab44c615297ccb3e6e0aeb6abc96e82c91642003f550e959af1a8926c33d1b8a804d94bf94bc89906ca2e756e37772ad42ba9d3214930388d71333 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051
| MD5 | 48d2860dd3168b6f06a4f27c6791bcaa |
| SHA1 | f5f803efed91cd45a36c3d6acdffaaf0e863bf8c |
| SHA256 | 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77 |
| SHA512 | 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 548cd506bcb7badc26c5aa03d8bf9900 |
| SHA1 | 0efa68af3b10d04b416661c59033ebdac1ce5460 |
| SHA256 | dfc7561787501db709794529b96abfebc2820977c5a96c3c8d3b370a5c298f43 |
| SHA512 | a023e0e59bebd4399de91f98ff5f16c256214a0dc25a52ac49b9b0c8d68aed28538b441a738ead9d631fc239764e059d70e6fa981cfc47141f3ddccadf2832d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 07d85bb73f15897df525a3e505b35034 |
| SHA1 | a27acff251922667e7b42c751c01a3419c722ce8 |
| SHA256 | f1368754716c762933fa32a195b7147099a57d654968657f5ec0176b650567c6 |
| SHA512 | 358347c7f135124a67f71e05740ca67fa6f9a9f02294d5343ac190c036a1c78ab036b6f37678c76ed8c0f4dfe5518f6feadef157ea1973b79748b69a5162a49a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 47d5c2cf6e2401381b99347a33dc9fb2 |
| SHA1 | aadc472003395b57b5759998a05829d028bd9da4 |
| SHA256 | cc4ba497d444984d9971125c9e41f3a530c5585cc9275cd0f1d0373889389184 |
| SHA512 | f4bfb0006209a18d815663591d2de5e2c8b4f60a97ab0a783f2f372dc4110eaef6e44026c8ee794f5167c630a832c3f83884cefdd3c89edb1f8efd0d112d1619 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fd208b223b5f86d6bb78c0f4a1d53a8e |
| SHA1 | fcfb9272c2913f6c1d184566e6491b7e18cf1c62 |
| SHA256 | 6248a35a79b3a6cdec97b1d158c1b28e68a628ed79739d4a1f07d3c651d8dfd1 |
| SHA512 | b2d54089c2d2f66aabe5f247c0cd0227f91d8412b7bd82fddf8aed9c27f7882b7b95657d3062cb82efc7900d2aa529bc5464e373e8574b4a106e4eb22de99256 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6a8ec7300d044e63883f0a6c823f23e0 |
| SHA1 | 2195ec867a61884c2c213e0c9d4a8302ba21b88f |
| SHA256 | dc2ec206c0ea8332f0f910622fb4ed110c5dc9449a9328fbc8953cc627e123af |
| SHA512 | 55b4798d1eba296956d71a3a13dcbd8c07cb8438262a87ccd69b37acafaa4ef29cc3b95779decb106ed511786c1a31b6f3191878df5f1f72a446d90de304d575 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 898c079f69d6ff400b3c5d75007417fa |
| SHA1 | 84e3a8558efa1a4e3e4f160271b2597157501ad3 |
| SHA256 | 42df0a43d33a7ff8bb4b912c896d9f5b34862825177ead90f42c0c714212aa88 |
| SHA512 | 77182f812e5aab39e2b1964f9933ee3829e6ac3b1ed9315eaa6fb6da5632e5f32e52c0cf55674a8925a2cea806b30a780c879034e34d86a72fc4e931ea3d4539 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b29d8411826cc011bd0878a401053b25 |
| SHA1 | a64818d60895db2df624e77fe76a8873bc7f0fe2 |
| SHA256 | b6cb4da4897ee2c0275b1a713ad8762809e3360e5693adbf8250941575d8dc01 |
| SHA512 | bde3b639ef21cc6d77383ac95aee94821153618184a19823b757c25f15507441bd98d6b472f56feff8fc9716b2bc9acf93d857e2fc8bb141c859553994a7b4ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c6cf35ac5bab3432919f5133fc646eff |
| SHA1 | de3de52d08b90a12e82a310aa1b2ea37fa5a3294 |
| SHA256 | 7201bcb0f9f3e1c735709ac9b5bd745ba5719e9894efd5f32749c029b97406d5 |
| SHA512 | 3121468b72dc7c3f34518b02a14e53100f4cc96fb962e926eb0b0636c1caac58fc71a049b69167035f0c3caea8881c40fe8f9cf59ca49d08ade87872d1ff44f5 |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 818f4a44445136e0652625113ae0359c |
| SHA1 | bc8cdc25bcf385f253638fc9eebfb6e9ef82c4bb |
| SHA256 | 07a888211ca9cf9395bb8e8b914d186a61df59ea422070141f9687bd850a1afb |
| SHA512 | 9b6af5739f1bfc6e6974d3e76f67eb9e2771d0559133a7b8690f3452e95298ddfe2b718a59113a1f98ec54a321d802992491a197d888f18c46790dede1a6f2bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 345f7df1eed2c16a0d569c9f4c82f1a0 |
| SHA1 | 83a04656fea70617add02934ed4664a305aa5444 |
| SHA256 | 1958d08fe84ccecdd3134d861c36f50da1fa77337a0aa1d3deaf6a4acb9c6737 |
| SHA512 | 803f2ee0d73cce054dc23c440c7cd775779d666e661666fa67a7f3153e0fc3a68282622c0f293b0e9529b3964844fca3525b850bd07958f7f531da0fe7b6f466 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0db1cb8a1d5dac6fe76b2c68cdb124c5 |
| SHA1 | ca260ab2f732854199e5114ca3d1cb7ea9b49284 |
| SHA256 | f7c8cd604baac59566690beb2d4a607222de9cfef72db46b8ce60a2cdcbab0a0 |
| SHA512 | aadf1009ab4ed66c7cda8eb7b41ae84b7c3906fd16b3610d824175e5bc0f91b3c0c12ac8f2b4db9bfe412b485d474906e56ac00759ade6d321b0a2c76b66a070 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 81508cd0bcea64d0596660f0670eed9a |
| SHA1 | d447069dcce49a118e3be36e80b4b9d3218e0c2d |
| SHA256 | 451f503eeaf955f7164ff2f7d31d8755824a7850f25d4cb4c9429afdce1d6c3d |
| SHA512 | cbdea72cded4b0c879ea3a5d3a9e83d0b960b379b121e03cfa75e21cc8c5e08c76f63ae4e6ceb4eb59d2ce348df38b05463d9b41005f2638091d9a6df08d6e72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3704ac0ef0ab20513a703f9fa21b1d6 |
| SHA1 | 9e2a3001727860538890fe82fc3b15ac912ca908 |
| SHA256 | f18671e8d4fd59a704040ea7264b5f16c5fa4cd0775716ae9f21b25d616db3f3 |
| SHA512 | 99132d81aed458f54861b1aeef4d6c23575c459a830cbf78c91b33c087a2655b8ac29d8948e926ee0b57ee61b6e5b10b97e84c7580ee727802ea6ebd8b993121 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3ba231f123a62b622cbe10a0aca45a44 |
| SHA1 | 458920bd721380cbdd15c22e508abdbc0fe542c1 |
| SHA256 | f9b4137de525360edca8a69ccdd2ddd58a1ced4ea21b9bc045052eb2d5d08448 |
| SHA512 | 767f847106a39511bfc0e7599082d1991e50d009437bde0eb15456e1854eea90484bf44904e9efc6c3dc3dc85b259631539a2f130d66e4145742b8044154f858 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064
| MD5 | de8c6574e9057e4b6ea7b9437db4b9d5 |
| SHA1 | 265d520b6a04b434f5c3fc8c28debac183898db2 |
| SHA256 | 51f281fe367854904b3db4b6f4cd70ccf90414335716482aceef382c536ae746 |
| SHA512 | cc8791772d03ee3f4b13654d2bd3354ab1ec28322ae3522187603bde00b1a5d940e99e62dda0fd3a7faf0ba9c3cd42425d0e64196f954bdb93c979f5e990e7dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 14ccc4685125c4c362264d8183cfb2f2 |
| SHA1 | c49b53f4eb2c9c56ccc9d14a3c0639e96930d2f3 |
| SHA256 | 3151cc8d1a56912102e40330f98063e7797e57977e3610c641309f40a8046437 |
| SHA512 | 9e1ec83273905c284f8543f2d16587baf995841a2f504aa43d589ea403f0490ab3c271a562cc3bdc37201961c3ccddb85320d2acce49148a732b77af9f4f2530 |
C:\Users\Admin\Downloads\Unconfirmed 393641.crdownload
| MD5 | 84c82835a5d21bbcf75a61706d8ab549 |
| SHA1 | 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467 |
| SHA256 | ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa |
| SHA512 | 90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3C8XECJW\favicon[1].ico
| MD5 | f3418a443e7d841097c714d69ec4bcb8 |
| SHA1 | 49263695f6b0cdd72f45cf1b775e660fdc36c606 |
| SHA256 | 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770 |
| SHA512 | 82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\ImageStore\tkyn2w7\imagestore.dat
| MD5 | 1e116dc09aac424f0af8d56bd26a58c1 |
| SHA1 | 53fbc9590bb169632a42518a759b3e7292299dec |
| SHA256 | 37ec253b93c8bc1864853174effd564282f920d3dae17116bee339c222201b99 |
| SHA512 | c5cc1d037cae28bf8c209166f9fece7cefc323337f41a1dc3460af9a78756815b100d9ce08744884736d998bd34eae71248049a7c37389868a63d6044767a78f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5TH9W7YA\webworker[1].js
| MD5 | 7ac488f67052e5ce11f5dd9b7d685735 |
| SHA1 | 01ff0c9a199276a992734f3aedbbb25fe13bdab2 |
| SHA256 | 0ae5cc1fdef3c1597f35da1ca946d2b847aaa6b2b76d914221f654912bc12f56 |
| SHA512 | b8dd1c89f52541a95a7bb6b19db3b99d3f0f536f6f03c9f5fffcd129dc6f9f5aebeb7c0041c98f005487d72f6c5d22a4d62505c118675925b3f546f43ec1a4a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3094652da124c9e16b4be2afca599747 |
| SHA1 | fa0efee2468f05042e77ea824edcd89982cfd91b |
| SHA256 | 39b29b71231bd41b8019716ac0b90cd29bc6e4b3c7da78754a54332312d2d834 |
| SHA512 | b7335aa3d7b447de892ca6e7bb5736f910c434334b3c1ea6ca9ce6289155bb736927ec138e496041227e11a5c2ded47135f184f2cd2f2a19897c300f8f353e79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dae6b2057373b3f3e0bcf02d94ce5c12 |
| SHA1 | 02b8adfcd3d9b72746236047f8ef390680c0b10d |
| SHA256 | 9829c105ba3fe76a9b912894e30a45de23b215688173a68c570dbaefcc54dbb4 |
| SHA512 | 54730d12cafc3fb401aec9797e5393d1d5f9e61862584acc637ffddc2261837f71ec63c30a4e4634447f640a80a7c96f88d0a872962af88340f791f64e57da08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | db0759ef90d2c97d17668f01cb677c6d |
| SHA1 | d75e74f851c204596894e34002c0321231bca0e5 |
| SHA256 | 7dd83bc2eedd7df71966c242696aaeb09f1b147a820af7ee25ae32e6482ce23a |
| SHA512 | 0a2847aa579811658ea745c31ca49c1afd2a732882d455d4c386e9662463a1d038eb0fe4a1a27ed81451be2c0b65e473ed063f51157d314767d550d7ece2f075 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d918669224f91c7215db8121017927de |
| SHA1 | 95463135b3101e06f343ae65c0415c3f4d3c9748 |
| SHA256 | 23794905963f2c1078fb07cb4d3d6f81dea57aeaa4d1d1290bd4495092d11481 |
| SHA512 | 84e686eaddb8c752b930351b1ef2c1bfda16f4031147f776967ce38a266b3d5987bc2e313d338a30b02f2ae2a885475acab0ab975c2dc5c91dca823bef81049d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VSH5XF98\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 89e4e7b75ed7331ab847c16876b8fbd0 |
| SHA1 | e900b4532595ed185c2c5d8cc3742299a765ac9a |
| SHA256 | 5dd27bfbb59e1c0961ff38b3bf83031d69922371e3954b5358ff9cb3c6158d00 |
| SHA512 | fb773ee94e06e143bfe016b7ca8e0efb020078f7633d3e61d81ab433ff9a60ea6bcc78dbf370ce8a2b83b787ae7d320c38b4686c5e366b4e2539eab68a7ee248 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5c5d7c813059889882b91c53673b032 |
| SHA1 | aadd5957ec1704c267dd2ea50b3f88487a160261 |
| SHA256 | ca1571d628e1c283bed615c9e893972e24cc3f95ea58840539943b75a82ed264 |
| SHA512 | d8be130cbf4617eabaf198a46b75a21133287253f19843a509c6ee726860d499066480794e0e002cc58057f5c19a06892ae8213d68f2bcfb05a0bc3771293ad0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ce604e23fb5298d60eef871056c25ade |
| SHA1 | da45edb2d4f6650a4b1c428971c498db870a575d |
| SHA256 | 91f8c69a64585699270f072b24becf3b25fecf50de743dff3b419395f8ae56dc |
| SHA512 | 5134a83bb864fc1a0d8f2cf434096dedafbe0b6c599b36c8fb9cbaf7941919c4cc95eb5c2d7ccffbb2e6e9be5153efcd4068d4108003abdfe3e49e085591cf77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 76bc355b8d841da5c2343cf3ab572389 |
| SHA1 | 8b67917e7623194f26669d667afd400a2db1bda6 |
| SHA256 | 477c99ae1ae1415ae0c7793cb165a2d747b6a48f7c19ae8327f7de39428d4788 |
| SHA512 | 23490293766c54505d634e21148129b76c5ea3aebddf4f0f39e7cd55dc9cdb2ff55a394ebf50a30da486457badcba431de9fbe1b2bd7349c0fa7495e97a9325c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\I8EV6B40\b80692[1].ico
| MD5 | ac0cd867e03ed914827807d4715bdfe7 |
| SHA1 | 4051a8c23756c10d9cc00fcde6f7215c780fdf6f |
| SHA256 | b50546da121186fbffd2aec430249cb21c7c2e2c85e561a393a9df9abfc4477c |
| SHA512 | fa11d1d76c39719c218b4ffa34de8dd44d398bdcbb236a666f0be6eeee96bcbe4da9ac65a89441ad284c0de21788c135dc4fd21f6f82c7039f00c8a7c705c8e2 |
C:\Users\Admin\Downloads\msg\m_finnish.wnry
| MD5 | 35c2f97eea8819b1caebd23fee732d8f |
| SHA1 | e354d1cc43d6a39d9732adea5d3b0f57284255d2 |
| SHA256 | 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e |
| SHA512 | 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf |
C:\Users\Admin\Downloads\@[email protected]
| MD5 | 7bf2b57f2a205768755c07f238fb32cc |
| SHA1 | 45356a9dd616ed7161a3b9192e2f318d0ab5ad10 |
| SHA256 | b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25 |
| SHA512 | 91a39e919296cb5c6eccba710b780519d90035175aa460ec6dbe631324e5e5753bd8d87f395b5481bcd7e1ad623b31a34382d81faae06bef60ec28b49c3122a9 |
C:\Users\Admin\Downloads\@[email protected]
| MD5 | f97d2e6f8d820dbd3b66f21137de4f09 |
| SHA1 | 596799b75b5d60aa9cd45646f68e9c0bd06df252 |
| SHA256 | 0e5ece918132a2b1a190906e74becb8e4ced36eec9f9d1c70f5da72ac4c6b92a |
| SHA512 | efda21d83464a6a32fdeef93152ffd32a648130754fdd3635f7ff61cc1664f7fc050900f0f871b0ddd3a3846222bf62ab5df8eed42610a76be66fff5f7b4c4c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 80f0cd27ecbc41b01a3249c8c50f8382 |
| SHA1 | 84bd792f1ef45ae5f7e083b4944497d104324b6c |
| SHA256 | 5f820141ed76d3d08f2fe2bded02d32141523987ff2baed4c07cac44db82fca4 |
| SHA512 | 70a42b443c14c343903fbfd40c339377bb89a8aabda4addd297b0eb688454f31b64e80e502341cf2a71cc1a45278a5d77b5eda9cc9d66fc755b2e52588557e66 |
C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\@[email protected]
| MD5 | e54692e8ed3d13689f9778ba12c25a52 |
| SHA1 | f76965c81a4c1d696dd1ae2e0c51945b7df1d01f |
| SHA256 | f5a64f96ee3d14a08dd6dbdf866b23ac201a2ff30a65e90671534175827ba2ab |
| SHA512 | 57b72e7c89dfebf7e487c6c26c975defd2e7ee987370dc772d0ccddf22372b2dcf72e048ec8e1a4282b6b860760a28f19b384fce4c671a6de100755c03d06473 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\T8HH3Q96\anchor[2].htm
| MD5 | abc1e08454ac7ce1165e751b8d6d0dc7 |
| SHA1 | 56585db831df165b540071aaacf35b3172b940a8 |
| SHA256 | 4ed22db0c59c6f8b96c7f234c8feff92e3ec6b5647a14db870bcc8688efb153a |
| SHA512 | 38a8496b7ebac778caa5f93d7a288f9208a112402e9050a04c36e05fcd9f6d8e8e013de96933c5176f17934f2cbb848163a2555d3c1aa1e864a21f5d381f1372 |
C:\Users\Default\Desktop\@[email protected]
| MD5 | c17170262312f3be7027bc2ca825bf0c |
| SHA1 | f19eceda82973239a1fdc5826bce7691e5dcb4fb |
| SHA256 | d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa |
| SHA512 | c6160fd03ad659c8dd9cf2a83f9fdcd34f2db4f8f27f33c5afd52aced49dfa9ce4909211c221a0479dbbb6e6c985385557c495fc04d3400ff21a0fbbae42ee7c |
C:\Users\Admin\Downloads\TaskData\Tor\tor.exe
| MD5 | fe7eb54691ad6e6af77f8a9a0b6de26d |
| SHA1 | 53912d33bec3375153b7e4e68b78d66dab62671a |
| SHA256 | e48673680746fbe027e8982f62a83c298d6fb46ad9243de8e79b7e5a24dcd4eb |
| SHA512 | 8ac6dc5bb016afc869fcbb713f6a14d3692e866b94f4f1ee83b09a7506a8cb58768bd47e081cf6e97b2dacf9f9a6a8ca240d7d20d0b67dbd33238cc861deae8f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\P6D064LF\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1784918cac99b0dbbfefb7cada7b9a04 |
| SHA1 | a5c562b13b86fff7157cc3db0422b7176d6d83b1 |
| SHA256 | 4ebf2fa5c8846629f0286b94d154bab278634c62c2b6d69808ae4ce6bd228a97 |
| SHA512 | f07d239ad397f8b6c33825dbd855f6679c7adcc01a1f4b626f808271324ff6a95badb40cc64fa2cce77bf2facbd7daefc89d2d9e96fa6cdef85f1f60d6c9fadf |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\I8EV6B40\favicon[1].png
| MD5 | 346e09471362f2907510a31812129cd2 |
| SHA1 | 323b99430dd424604ae57a19a91f25376e209759 |
| SHA256 | 74cf90ac2fe6624ab1056cacea11cf7ed4f8bef54bbb0e869638013bba45bc08 |
| SHA512 | a62b0fcc02e671d6037725cf67935f8ca1c875f764ce39fed267420935c0b7bad69ab50d3f9f8c628e9b3cff439885ee416989e31ceaa5d32ae596dd7e5fedbd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\5bba3-e5711[1].woff2
| MD5 | e571167fbcce8d5081bce96a09930063 |
| SHA1 | e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e |
| SHA256 | 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31 |
| SHA512 | 2a7e28d5e1cc8fcb4089f51a012ba801038c1e115102f68405c730f58b490f3c9fc352ba533e0bf062f965b5fb44239b1b8ba914863a72c68aeeb27101c31881 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\P6D064LF\c6a73-91dde[1].png
| MD5 | 91dde5a34a64a36d8de82112d86249b7 |
| SHA1 | a62281335242dee49863f3d2ab7bdce82453dd32 |
| SHA256 | 673b00e2d93145a1a38ba186d0d5035f3539c0a91b83518624501acb5d41d229 |
| SHA512 | 3efd740b9c2d05c3ebbd51c000c3271a2f634d39e1bca60871fc31fd49b702e57395d8dd32792786813c9c254152524c692a026d5dc82c8a17a896aa69f12751 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\T8HH3Q96\js[1].js
| MD5 | 9ceb4516394d9df9f3e19942527862b0 |
| SHA1 | a2299babb07fa9aa39b491728a18a14404b4f0b1 |
| SHA256 | c6463f3621000d40dc05c928941bd35fa464f63b6a455c1079696c1012c9ea15 |
| SHA512 | a2b428b92442073b784d04216c271d8d5352923d28bceef7791eeb3cf581be0d5f26ad99a38914f3e3084b666ec1d258c938447b05978f73d1be8b460a019f5b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\T8HH3Q96\sft-prebid[1].js
| MD5 | ea5f57a3b02ec13dea081899d96039fa |
| SHA1 | ae1117ab9e2681422f84f294d81fdcedfba489e4 |
| SHA256 | 82f57adf1b2e88e6b72b198302714bb9c9e456c63607056b9f6c6db238cd5fce |
| SHA512 | 080f14e037bcd9df685e67601a9ed25eafe8d55f440adf01defdad58c598859be7cee2fa0be37067bb434bc5e8f0b3817976f9034a6193b18080a96dd377f2d2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\72c3f-fbb57[1].js
| MD5 | fbb57836874b527c6d98da9dd5531283 |
| SHA1 | ba17a99dcb3ea581a48af5d6367272f575073a7f |
| SHA256 | b3970a9e1f30e5dce343164bfd30c543067f8c9c2d3e365d13c8c13ee5d23a6b |
| SHA512 | 56ba182fd5bf7bcf397494d4759ba6d72b4cf4fd875d0ea8b8ee99b505261fae504cbd03ebd91c4c64a62f044efeb2239fc2b978f9b5af98a88dab4c897808de |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\73832-e11ec[1].js
| MD5 | e11ecbbf1c36c57f34c00b83a901c9a3 |
| SHA1 | 58f000243c6289a5dba878da1480fbecbceb1bc0 |
| SHA256 | e237592a9ad5156014eec800c40def39c26981308233b46e67a012b3efd454c0 |
| SHA512 | fd2c550319e2dedf25c935b14b1930f09e7d43e964d993a0ce24c12688459cf6cb8582cf7b9af9a7281350e4b5d9b8643a7f3117bfb02220661a3a159824ad0f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\23986-108c6[1].js
| MD5 | 108c6fc42766407a003fd26a396be17c |
| SHA1 | d0f37780599db7fd06893491b95f900a759b357d |
| SHA256 | e75cced46f9cc0deedbde2679ef185c43b060ac9aeb6d05158685d9915bb6296 |
| SHA512 | 8889f2a53569105bdfee8280d46c944cf0098492f0d76b83f650d12616d59381ff73275ca9e16dbc85f1e43c22ea79e1c40d5dc90aa41a764a695a0f32a8d0c6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\f[1].txt
| MD5 | 43ef88d677e782f6c88b331fec2846d3 |
| SHA1 | b64bd0de9927c3e0caf37ab47bfbb6750e7ee0e8 |
| SHA256 | b6a4f88e733fa2e26d3bb36fe5b0439f00f98675bc72ef78185d74d220493d59 |
| SHA512 | b65f3907701bc433e16a8cf2c3aa96ace9f387bda230359c216c9b584a4686a5436d550e21a7183ed57e2d45e5fecea86e3aa6c90b30228a01b8f45cec9cca23 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\sft-bundle[1].js
| MD5 | ddeb05843e6c3a49af6eb4f46747e1e4 |
| SHA1 | 3fe4084258c6a88adbf80ba4c8d9aa6223286346 |
| SHA256 | 98fc967eebc8af64a182abb2da73d583a3ab43113c81dcf94bbaebc7e16df68e |
| SHA512 | 9b88881115e5fc530dd774cf7df2a2843e9e8887a95da050a45d8cb0dc147e020ab3971ef76ce9eee0b75178f44d2bd6f047275d2cb35beb8e28fdca157cb942 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\e1d66-937fa[1].css
| MD5 | 937fa940a68b8d0ed131ed7cf4c867b7 |
| SHA1 | 09d6df779e486a8af520f1a3ca1f173a39cf1043 |
| SHA256 | db7dd20ef699e523ed669f4d393d5671567d720091c5cbfeec93021203131e3a |
| SHA512 | 50474018173924c7419d5adbcb4d8394f86e583d64c53bbc23fccf11049d6b48b060d83080559951aabd53dd3817371d637ba5a62c432c7f91ddcde835cc4ee8 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\loader[1].js
| MD5 | 94ed267c06b9473dd34ef3ad0e11205f |
| SHA1 | 8496658901d9dc07940b42d9507be829830b061e |
| SHA256 | ccc978f59cc9ac5011493e09097a8d59e6e43c9d4339644714380ced45081054 |
| SHA512 | fdfa3f2c874a1ca1c31b48038433f3ee07e79003c2c57bbaa1681ccadb50c3adfdf52727354dc6091c90da9c7dd8d62b73f8aeddaeb25a06a5219295b0e5c228 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\clarity[1].js
| MD5 | 91e3a8aa87c850b2f9de961f6de75de7 |
| SHA1 | 8a8b08792f023c316f35c101ac0d8308d0ddce7e |
| SHA256 | 1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76 |
| SHA512 | 362557b54834ddce3fdb4aa9ab7fd49372d07ddcdfaf2f721970420ce8f56e74850e05a7d9699a8ead1cd8890d12aea63c48d11b6c6ecbf17b7b9a89bfd0483b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\UNHHO5HP\voicemod-icon[1].jpg
| MD5 | ad4d94c5392c2e5726243c0ef954cafc |
| SHA1 | 68c65b5ff51f222dc4105b0249c8ef680766aa4a |
| SHA256 | a0a960a3f6dbe7d8ed87a44b4e0bb11b15e226c1326e74755e1c3dc29e618936 |
| SHA512 | 4de431013eb1dd4d278516694c7efed704002a1711824088f699c65ddb644dfddfb14f16d33977e6600269765ff5a287a8ab0148f730056a2a3bb4caba7e4f1d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\sdk.a87f6fcd5e15a6232584fb43b37012b231121cda[1].js
| MD5 | 568fb3e7a36fb90057dbb8f9bd4ce582 |
| SHA1 | 8128a7b133aa94e3972c9f5b5244920deb812943 |
| SHA256 | 7915752020d6e24db44181e0793a4459fd67630a9993b786f4b33dce3d4d4d7d |
| SHA512 | c3404c4123249d6d0d8ed72444170a1897beba8f16ae822e7c94a9f441e76b0156e338d6dbe453ee653acf39cfbe3f1ab971673159e9c43ae418e342b6841807 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\I04ECA1K\voicemod.en.softonic[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\G6A9JVZP\f[1].txt
| MD5 | 96f5333a313a567ad3df13b42cc1e9db |
| SHA1 | 62d7b2919f443d15fcfcba2ab45cba8dc05dd751 |
| SHA256 | ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5 |
| SHA512 | 3b94378a7bfe656e70abb0e7f49bcbf87ae8b390937d0ebb76e78de5c0f27792dda32d45e6aac1ed4160470ed2932ff75099896d3a4ca38493b87bc901b0166c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\I04ECA1K\voicemod.en.softonic[1].xml
| MD5 | b711e5f66b7f32ebb0dc42ab89508084 |
| SHA1 | af42a5d8e5c7e5ad02ffe960a4c8085753abac15 |
| SHA256 | 125721889f4104d1b1dde461851bce66c4910ba58c759c4a9db10288e2648395 |
| SHA512 | fafac0ee6fb936bfc0814600616e10773841fe500883142585c41681b1906eb60a11ee3cde3fd89440823c0c00c230a5b5b22708231a5eb30165d5f967be4fb4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\ui-gdpr-en-web.a87f6fcd5e15a6232584fb43b37012b231121cda[1].js
| MD5 | 77325aa248b6196140f67f6d4acea8f4 |
| SHA1 | e4e4e6c4c16ddcda6880880e9b5a6aad51a21d73 |
| SHA256 | 8b288e7dacdbe4acfb2381f0fa99d0e03b2f55676f5372ee96b558639e93d80f |
| SHA512 | 1e4107aa1ee18b507d13465c3909da75d0f84497518c76c483e0880b843e227044f52a7d3ff61c1f3de1cfa5752f8475b522be7006dba38157fac3a0449397d3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\cb75f-83e1c[1].woff2
| MD5 | 83e1c239d8562544166a3645a153829e |
| SHA1 | 7de6c25eafdf9f1b3a7705d7d229e294273ab3e8 |
| SHA256 | d61ac448d4b966bc08a173df6484a32aaa4765dc3a26b1711c908fb63aa42e4e |
| SHA512 | e1672b40c888e149f877b19a56cfa110e164a2ed73b32b787b329ff6e329236f8461353af97b71903e69ff7f313c440d2fc2b892ddd2857d3692c3cd3f0bfb72 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\585ea-68c47[1].woff2
| MD5 | 68c477c4c76baab3a8d1ef6a55aa986f |
| SHA1 | 4af50379e13514558dd53d123db8ea101ec5e24c |
| SHA256 | 0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac |
| SHA512 | 92b34fe3b7f82f10cf6de8027ac08f4a5b8764fb4e0b31c93da6e3d5bd08e0bc83b79fd70b8207a1066b689583e0b6976fa3c885b0c067ea343e6f2031d55d25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4153c9aecf4714e767e7908761806b5e |
| SHA1 | 2c19424f0b2bf6cc642aaca72abaf18bb74d4385 |
| SHA256 | eaf716b1b44d80e026b71bc01d1989b944e9a50cdbab196af68aa4f410645d6d |
| SHA512 | 54e4726fb44844ff3470b27dec948c00840b710266c5baf37c743509e6d0fed8e676a323f27d5d79fc7eb2f35c83f042ca8218871a9476e7a8edae44c38ad635 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5TH9W7YA\bframe[1].htm
| MD5 | 021bf771d460294df51a803a5890c510 |
| SHA1 | 08f0d1d7d37bc66bceef1e51ee3332d5b277a12d |
| SHA256 | de44b606133b4086b97dc1355a4d442cd0431566014e9df6498a8ad44c06f4f8 |
| SHA512 | b640f18d08b3b6f5e356346d0c8163e5bd1cd9b778d5482380157613ee89642b5aa088726dfc06a233fc2b65d5701955716d4090dd999d7ef15e326d99ec84e6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5TH9W7YA\api[1].js
| MD5 | eaf476caa6776ebf7f937e8f2d20f2d5 |
| SHA1 | 04785befcd4af8609c5da336d3cd9136ed6270eb |
| SHA256 | df67dc0d480dd1427085e3226ca2918ee8d7467a0235ff6796691461f2666b52 |
| SHA512 | ec26d33e0e13c00991cb9bf289ab4ff4ef8be32b7f0abde9c1d9d8780eb707c05222c1617a2f0a762602339372dd9c6ed18294307126734d3a021aefa56b81d7 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\60LGMEF2\KMCqiV_wEkJTwFI21kyzyBiD2M1KubXhmTExSqPSBNU[1].js
| MD5 | 5b9c53c2aab6869fe8ee03b24b205231 |
| SHA1 | 86dd3ffaa8a81203969798f7dd121394d79512d9 |
| SHA256 | 28c0aa895ff0124253c05236d64cb3c81883d8cd4ab9b5e19931314aa3d204d5 |
| SHA512 | 02973eb7df0c2e69ec655fd737b2ae4e520b337f634bb3af2e4060708c5333a59394f16865b479784e063c29a17e70229ad81d56dae96c73795328e2a09fce64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | afef4c8e270d8cdce4b3dc9400abefde |
| SHA1 | 8199fe1fdf0a0d8a7d20a9ea8b93376acd4d8854 |
| SHA256 | 11eefeb1ae048eb6efb5582d7fd977a09531e31e84167e64e6de0d802f43930f |
| SHA512 | af5d6d5f2db9c73a8288500708d490d199d412e1d9fb11c87b831047ca74d94a759d719e798bdd235736ba417603024f9ab7ebd550abcd7f420f8ecf5d0a0b6b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5e7fa57698aeb4877bfb994cf345b017 |
| SHA1 | 08b4af8b97ab68573cb8517386c6df3efd6516ce |
| SHA256 | 5f018920eb0a583fb02474668eeda0e459349ee505cf846161c89986c5760a69 |
| SHA512 | b26de3e43b904282ed4b93b0ef2a3ca5f6db7ba610a0a586d18d29a3795a5b2ffd545da356102eb71d381faba26307dda38fd722820941a8032364c489e5dd67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f1ac00161e12306ebe7438762e32ad93 |
| SHA1 | 7b134b3095dbf6db1c66c1a4fbc3563a8196e63f |
| SHA256 | 4d50d7f539fddff14a24bb5118d8c14c8ef5a5ebe58ef0d85d569a28d7f3eb26 |
| SHA512 | d797dec6733fbf3b8f774ddaa1b4c9ca241c0482ad8af40922f15b70a7c1c9ac05cf5dfafb13b0d4d90cf335ad325f9f18b106bf15a25402f3b4cae9f4838138 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 969942e47f6012765d356500ffd51e72 |
| SHA1 | bc0437398b4db09c641fcc3df56553279eee0419 |
| SHA256 | b35d25d8e00f73dcc4f0d8c8afde9b790feea4cd19f8698a882ecd92a87c0226 |
| SHA512 | c313cfb0737c845b46dd2f9fb2a6f88f8ba1f6a847c9cf16f24f4639028705a5541c0020dc3f2dc19867e3c347e34bde83c044ccb9e94ea87c779c9add68a617 |