Analysis Overview
Threat Level: Known bad
The file http://google.com was found to be: Known bad.
Malicious Activity Summary
Wannacry
Deletes shadow copies
Downloads MZ/PE file
Executes dropped EXE
Checks computer location settings
Reads user/profile data of web browsers
Modifies file permissions
Drops startup file
Loads dropped DLL
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Adds Run key to start application
Writes to the Master Boot Record (MBR)
Legitimate hosting services abused for malware hosting/C2
Sets desktop wallpaper using registry
Drops file in Windows directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Suspicious behavior: GetForegroundWindowSpam
Uses Volume Shadow Copy service COM API
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry key
NTFS ADS
Views/modifies file attributes
Suspicious use of FindShellTrayWindow
Modifies registry class
Suspicious behavior: LoadsDriver
Runs regedit.exe
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Checks SCSI registry key(s)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-11 22:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-11 22:24
Reported
2024-08-11 22:31
Platform
win10v2004-20240802-en
Max time kernel
394s
Max time network
392s
Command Line
Signatures
Wannacry
Deletes shadow copies
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SDBD87.tmp | C:\Users\Admin\Downloads\WannaCry (1).EXE | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SDBD9D.tmp | C:\Users\Admin\Downloads\WannaCry (1).EXE | N/A |
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\fnhuhmufqzho584 = "\"C:\\Users\\Admin\\Downloads\\tasksche.exe\"" | C:\Windows\SysWOW64\reg.exe | N/A |
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Admin\Downloads\WannaCry (1).EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" | C:\Users\Public\Desktop\@[email protected] | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\system32\mspaint.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Public\Desktop\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cscript.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WannaCry (1).EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\reg.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\@[email protected] | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\attrib.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\taskdl.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regedit.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\explorer.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4182098368-2521458979-3782681353-1000\{511A6B21-62DF-41A5-854F-1CBAC9610B1A} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000_Classes\Local Settings | C:\Windows\SysWOW64\explorer.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 598864.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 62223.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 426061.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Runs regedit.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\regedit.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\SysWOW64\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\system32\vssvc.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Users\Admin\Downloads\taskse.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\attrib.exe | N/A |
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4040 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3480 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6636 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4996 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4996 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6432 /prefetch:2
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\WannaCry (1).EXE
"C:\Users\Admin\Downloads\WannaCry (1).EXE"
C:\Windows\SysWOW64\attrib.exe
attrib +h .
C:\Windows\SysWOW64\icacls.exe
icacls . /grant Everyone:F /T /C /Q
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c 111231723415191.bat
C:\Windows\SysWOW64\cscript.exe
cscript.exe //nologo m.vbs
C:\Windows\SysWOW64\attrib.exe
attrib +h +s F:\$RECYCLE
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c start /b @[email protected] vs
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe
TaskData\Tor\taskhsvc.exe
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
C:\Windows\SysWOW64\Wbem\WMIC.exe
wmic shadowcopy delete
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Users\Public\Desktop\@[email protected]
"C:\Users\Public\Desktop\@[email protected]"
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "fnhuhmufqzho584" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f
C:\Windows\SysWOW64\reg.exe
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "fnhuhmufqzho584" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6740 /prefetch:1
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=best+way+to+kill+yourself
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x328 0x4f0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x98,0x128,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffca8c646f8,0x7ffca8c64708,0x7ffca8c64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,6650414351596581791,1625544546428041099,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\regedit.exe
"C:\Windows\System32\regedit.exe"
C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Users\Admin\Downloads\taskse.exe
taskse.exe C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\@[email protected]
C:\Users\Admin\Downloads\taskdl.exe
taskdl.exe
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 172.217.23.206:80 | google.com | tcp |
| NL | 172.217.23.206:80 | google.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 184.28.176.81:443 | www.bing.com | tcp |
| GB | 184.28.176.81:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | 81.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| GB | 184.28.176.82:443 | th.bing.com | tcp |
| GB | 184.28.176.82:443 | th.bing.com | tcp |
| GB | 184.28.176.82:443 | th.bing.com | tcp |
| GB | 184.28.176.82:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 82.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.140:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:53405 | tcp | |
| DE | 213.61.66.118:9001 | tcp | |
| DE | 193.23.244.244:443 | tcp | |
| FR | 163.172.149.122:443 | tcp | |
| US | 8.8.8.8:53 | 244.244.23.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.173.189.20.in-addr.arpa | udp |
| UA | 78.24.75.53:9001 | tcp | |
| FR | 163.172.149.122:443 | tcp | |
| DE | 134.119.3.164:9001 | tcp | |
| US | 154.35.175.225:443 | tcp | |
| NL | 194.109.206.212:443 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 8.8.8.8:53 | google.co.ck | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| DE | 185.21.100.50:9001 | tcp | |
| US | 128.31.0.39:9101 | tcp | |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.135.33:443 | th.bing.com | tcp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| GB | 88.221.135.33:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 33.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 204.8.156.142:443 | tcp | |
| US | 8.8.8.8:53 | 142.156.8.204.in-addr.arpa | udp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| GB | 88.221.135.33:443 | th.bing.com | tcp |
| SE | 171.25.193.9:80 | tcp | |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 9.193.25.171.in-addr.arpa | udp |
| NO | 185.11.180.67:9001 | tcp | |
| N/A | 127.0.0.1:9050 | tcp | |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | tcp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 40.211.222.173.in-addr.arpa | udp |
| FR | 51.254.101.242:9001 | tcp | |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 199.254.238.52:443 | tcp | |
| US | 8.8.8.8:53 | answers.microsoft.com | udp |
| GB | 104.103.252.222:80 | answers.microsoft.com | tcp |
| GB | 104.103.252.222:80 | answers.microsoft.com | tcp |
| GB | 104.103.252.222:443 | answers.microsoft.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.2:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | answers-afd.microsoft.com | udp |
| GB | 95.100.245.144:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 222.252.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csp.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| GB | 95.100.245.144:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | ds-aksb-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | consentdeliveryfd.azurefd.net | udp |
| GB | 88.221.134.90:443 | ds-aksb-a.akamaihd.net | tcp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 8.8.8.8:53 | answersstaticfilecdnv2.azureedge.net | udp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 152.199.21.175:443 | answersstaticfilecdnv2.azureedge.net | tcp |
| US | 8.8.8.8:53 | 90.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| GB | 51.105.71.137:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| GB | 51.105.71.137:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 137.71.105.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| N/A | 127.0.0.1:9050 | tcp | |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | identity.nel.measure.office.net | udp |
| GB | 173.222.211.40:443 | aefd.nelreports.net | udp |
| GB | 173.222.211.246:443 | identity.nel.measure.office.net | tcp |
| US | 8.8.8.8:53 | 246.211.222.173.in-addr.arpa | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | support.google.com | udp |
| FR | 185.13.38.75:9001 | tcp | |
| AT | 86.59.21.38:443 | tcp | |
| N/A | 127.0.0.1:9050 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_4272_NFSFWYSCBBHWJFXQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 644639bbda34f0822eb0550d64a97b2d |
| SHA1 | 2f8cfad24d9625330eb53d80fab415c1a7dd86b1 |
| SHA256 | 0ef1001812e58b00c1040bc2c1f00c0a5e61b5d80f2211037a23e91107e0640b |
| SHA512 | b0882305afd840bd725de7b5998bfd5b7a849d47694935aeccaaa6920ce0fd7306b332820577d46d2034a145f0e8c35ee5297f1af4127f10f2209521469cf8d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 48d2860dd3168b6f06a4f27c6791bcaa |
| SHA1 | f5f803efed91cd45a36c3d6acdffaaf0e863bf8c |
| SHA256 | 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77 |
| SHA512 | 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e14d572483a43ca585ad776783c8dd7e |
| SHA1 | 644961670dc438bd60e708d874c497a7d4125d9f |
| SHA256 | cd3e6b29bc8c265fd45b317d0d7712be638b971133f9690a2cf09d15a550fc43 |
| SHA512 | abadc2bc23210ff737b9de8f5b7eb8a385e4fbb8cbe823a481bbb4a8a630c4b715597877796f7fd56c82669afd6d0d1a271736dc734397e9c1eb7c4bf0464832 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b282dfb7880829203c8e47e60f3cd135 |
| SHA1 | 7e572856850edaf59b06c5a550aa4167e3311683 |
| SHA256 | d74cfcdc2688de92facc655753c196ce53e8c1a898a8fb31f837d91cf8ca41e8 |
| SHA512 | 8ac132807e004f174029b53d8d9dd04386c616f850352be8a70e0d6d5b358d96ce78f031dc346a758629a0af1f5ef0a4ef0fe0fd90e2018a2642d1391c6d57fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d971e329ebae6a03c287a668cfcb90ba |
| SHA1 | 79e62ef72040f64eeca9dbe7e111c1d89e760ead |
| SHA256 | 39796aa710ff66c0057a715e13c736133b1cc83766584d6e100691fa5bc745d2 |
| SHA512 | e4050dea0ff32112ac0125ea4f70f42b186f41ad3e553f5280b7deeff856b68b7ca44126747c0c2c5c0d65252ae701bf7b5d5a9a6fa5189512a7a2241e81a770 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5834a7.TMP
| MD5 | f92b4089f63bcd188e81a8618c02e259 |
| SHA1 | 381beeb8dc9f090ebf2799a1f1b5eed6b46a86b9 |
| SHA256 | 787a34f8defd73edd70d6388e4512c7095fe55e6d102b5ae1849126c81626a81 |
| SHA512 | 6dd4089bed6e5c9410bcf05a5054ad3f79c248882a2ff28547fbbcaa335dc4f992c9cc9c2ac145f58c2fa074ef961a186531b9a289cd6e16e2032297475f9b68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 72ce98c2b5a0e6484c3a979319c26107 |
| SHA1 | 1d15f29038c5cb18a14f0aaa4d7d62c0667acee9 |
| SHA256 | 39a43e7b2ba65f726f702976bd75a12b82bdfa5d37ae9bd3798e5b1b1b4e36cb |
| SHA512 | 37c5fa072660433d26e04e05a2cd0849a9a0ac7f72b2f673bfe7361c51395289a254afd0bda246339719c62f9336c78bc5b8f46763d713b28901ad27bce598e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 99f694b23e912db58e553366f64e60b3 |
| SHA1 | efb2e0ff4e99bc516c2d838b4bfa02c1ab7a3bff |
| SHA256 | 08462c7b060cf9ecedbfa968422805e2fb6f9c986b0b63cfe07dba364fdced29 |
| SHA512 | 2a3297d2472dde1c58a0918e571eff3e65887b93d50ba7810c30d7673522632470c4b83fc4c9b063f153e59ddc9b6174e5434efcd560c699481e4eeba9ac9d67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0f260a2262a4c9cc690dbe51bc3fcf80 |
| SHA1 | 345286f945a5cdb6162ef07c3056376a488c8bcf |
| SHA256 | f61e76ee08b40f860024122c5380264b2cad676e8e99d2fc3aafc42c0c0956f3 |
| SHA512 | f65a7f30778f301b43035a62908889a23909714415970ac622b25acc6b35540ac7504b1ca6f9822efb06206576f5f958c5e94e9590d8d01d27cfdabb957be6f4 |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0f3d5bb8525a03a694dbc0e4904f7071 |
| SHA1 | bc193133206ff4e7a291282b819da010622428cd |
| SHA256 | bd580978c6d4003ae0695be5b630bd1b11413d62db579c20e6fa3e71d9d50f99 |
| SHA512 | 2783c8457d495e9e4ef1bed0f6d00e62722dc5ecdc9d72d29b7f540ccd638916fd9ba822ceacae6a68a288466463aad6a59e20acfad7a5858a33a2b0f41008bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9e3af966d7fa0a1e8e60040d4017bbb3 |
| SHA1 | 9b6ac75ba0e5b2b476dc2db8d64b1b078af4f72b |
| SHA256 | d699d18c4d76a473487468b43a48a89bda057c5d48dbcda87afbe34619e5dc05 |
| SHA512 | 89e3d970593792996d30bd5fe1e9312d39e19e24ebcb801ee9cfb60d6d0c25c6cb4c62ea5733337c314f04726cbe5b54516e8fbee038742772eb8790ab91cb59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | a074f116c725add93a8a828fbdbbd56c |
| SHA1 | 88ca00a085140baeae0fd3072635afe3f841d88f |
| SHA256 | 4cdcda7d8363be5bc824064259780779e7c046d56399c8a191106f55ce2ed8a6 |
| SHA512 | 43ed55cda35bde93fc93c408908ab126e512c45611a994d7f4e5c85d4f2d90d573066082cb7b8dffce6a24a1f96cd534586646719b214ac7874132163faa5f28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | a7ee007fb008c17e73216d0d69e254e8 |
| SHA1 | 160d970e6a8271b0907c50268146a28b5918c05e |
| SHA256 | 414024b478738b35312a098bc7f911300b14396d34718f78886b5942d9afe346 |
| SHA512 | 669bec67d3fc1932a921dd683e6acfdf462b9063e1726770bae8740d83503a799c2e30030f2aca7ec96df0bfd6d8b7f999f8296ee156533302161eb7c9747602 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 9f8f80ca4d9435d66dd761fbb0753642 |
| SHA1 | 5f187d02303fd9044b9e7c74e0c02fe8e6a646b7 |
| SHA256 | ab481b8b19b3336deda1b9ad4680cce4958152c9f9daa60c7bd8eb6786887359 |
| SHA512 | 9c0de8e5bf16f096bf781189d813eeb52c3c8ec73fc791de10a8781e9942de06ed30ff5021ab7385c98686330049e3e610adc3e484e12ef807eec58607cfae63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2301eff7be8a09a37ccb1de8a22dbfae |
| SHA1 | bbb28146c1182cb4fc744af240c803b32d00b139 |
| SHA256 | 2fdde75575535cd9969c1f1bbc102a77154600c557eb1b28605f5644dff2d563 |
| SHA512 | 569af4a41f6b7ef8e15bcc039d23ffb14db5a7cd324a0e9d472f41d88cb028cae2ec7818507523f5c1c4852a114b328ac25b01fbf118f58981b54b412fbff342 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c9b3f9e4eecf3cc863206ddee52dbb27 |
| SHA1 | 5824a3480c4eb89eba0f1c5f2b3db7d99abb56d6 |
| SHA256 | 3e97699a84980580b3a12757fd13a1b18640e41b26c30fa17d6dca9e2e718532 |
| SHA512 | 63711dd8ff5716ae645faa3f4ba0e941a4078c0aaa33be420e3d91e774f757b8ecd1989b99f8dedc960f0bf6999eac43684f235aeb637359b26474e4b2cd001d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 08e273e60b7cd9be48a9b0b554ea22fb |
| SHA1 | 5ab8419badca47ed4af3551dbba6681820d186aa |
| SHA256 | 4f4bbda12e0057330da9a4a962bb1d5cd98444665744ea77de7d12825a9f3cb6 |
| SHA512 | a31d3173ade2a4e888a7f37cf899434a08c7f5192aa5f5cba4a07774d851e583bc85b2c2997000b998d3bfed408e72994e678e8a37e94928c544503cce8bf480 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 677f11a02b5c656e464a47f84a395641 |
| SHA1 | 6674bc880db7476b0a8e06a7c7249e08c4dc135d |
| SHA256 | 7e1e2f77a76b9a0e6c15c723cd0779254f2d363ab2e9f6bf5107c2238601892b |
| SHA512 | 9263cf7398e982d4c72f54422e40ffde87932a9a05fcadda29fa8e91b3977783897385c207f9b424e2b09f9ccfecacfd2813c0766b14e2853bd7cffe1fb8fa5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cca5b97c3090260f6e1357ca97a60698 |
| SHA1 | fa86136c03aad34e9dd34988e46bb5613df85746 |
| SHA256 | 136b89afc60e0023cdcdedf5fb4da847b44dc2425c8f929360b0abfb19e6c237 |
| SHA512 | 3fa5c892b878088b2194eefeff0d0b3194560f43d61ec16471d4c40459627325bc10b682c9cb9d30e2990663e95f02c260c52b39da72fd18148279f947193809 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b893639c9a76761c464fac2890dfb4e4 |
| SHA1 | dbc51d2bb07bec89bffc74d7e2b38e13c6244a8f |
| SHA256 | 5b050665ba68cff0b25983b2bc8b167890acd511012452684feb162b905f056f |
| SHA512 | df6113b329c790ef0889139bc20a15ac10ab2a38717b0b81470c7f5dac50d28c7b07cb971d4d1afa66d80af59cdf53d002822a095fcff31e3d3a4bfe2e6860de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 28e720284f4304c720ff3027ec34860f |
| SHA1 | 19f52b766f6a3ec75737a8a69d360e222b8ae431 |
| SHA256 | 3ef489ae5523440f65518337d90f750434567218f07b37f7645ed6a9fbd4947f |
| SHA512 | 3cb3ff64a6b573284480560e20f729ff114b23aafb24004d835792ea6679877fea53a76dfe7c950c0e08833e515f57b492a51f31b6f2f57ebc3ace34259e63d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | 84c82835a5d21bbcf75a61706d8ab549 |
| SHA1 | 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467 |
| SHA256 | ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa |
| SHA512 | 90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 32054e1ed03cbb0e1bf0ca5e4798219a |
| SHA1 | ac09752fc90843935745162121c714e60f283b99 |
| SHA256 | 8ccc0c614e41701a4563797812a65ca791f266e458e5a46b3e9685716e04edc9 |
| SHA512 | 6e41d503baed01543f061274677a1f8643d8786217ad06405546be5857f6078932328bcd90d151ddeb1655929c7936038cc431cae8fcbdd946b7960aeb280cbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 51f6374fcc91df0977c1515e378116fc |
| SHA1 | 9589096b1033fe3de2b73c30f108704ec836de18 |
| SHA256 | d07c26bd9f8cd582f81c5752b7dc7f444d22e0150d629d06881b27897de2b794 |
| SHA512 | 3b31bc6b729fb302eecb82d97d9be38971c18a1a81f4fec6eabc66a248810e32e9e683539c8068e4e25c6fa0b7b27dc651c85d0cd3f8632350765de30a8c5bde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 53304c9570553c3a3f7ebb2b29579c52 |
| SHA1 | 3d598fca82439de016a3808ebd2bdb8f0c24fb84 |
| SHA256 | 526ee8414ca921dcc40ed4eae991d5442ac5fa4d8df9af9cca02149bc05569c8 |
| SHA512 | 7ca435e652347d0bcf67bcc20055703241ad190b778286eb59bac5814f99379b6e899cafc01d39d0e1584dfaa7d66af5aac20e7d1b66ebfa0c7827374827685b |
C:\Users\Admin\Downloads\msg\m_finnish.wnry
| MD5 | 35c2f97eea8819b1caebd23fee732d8f |
| SHA1 | e354d1cc43d6a39d9732adea5d3b0f57284255d2 |
| SHA256 | 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e |
| SHA512 | 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf |
memory/5124-1200-0x0000000010000000-0x0000000010010000-memory.dmp
C:\Users\Admin\Downloads\msg\m_polish.wnry
| MD5 | e79d7f2833a9c2e2553c7fe04a1b63f4 |
| SHA1 | 3d9f56d2381b8fe16042aa7c4feb1b33f2baebff |
| SHA256 | 519ad66009a6c127400c6c09e079903223bd82ecc18ad71b8e5cd79f5f9c053e |
| SHA512 | e0159c753491cac7606a7250f332e87bc6b14876bc7a1cf5625fa56ab4f09c485f7b231dd52e4ff0f5f3c29862afb1124c0efd0741613eb97a83cbe2668af5de |
C:\Users\Admin\Downloads\msg\m_norwegian.wnry
| MD5 | ff70cc7c00951084175d12128ce02399 |
| SHA1 | 75ad3b1ad4fb14813882d88e952208c648f1fd18 |
| SHA256 | cb5da96b3dfcf4394713623dbf3831b2a0b8be63987f563e1c32edeb74cb6c3a |
| SHA512 | f01df3256d49325e5ec49fd265aa3f176020c8ffec60eb1d828c75a3fa18ff8634e1de824d77dfdd833768acff1f547303104620c70066a2708654a07ef22e19 |
C:\Users\Admin\Downloads\msg\m_latvian.wnry
| MD5 | c33afb4ecc04ee1bcc6975bea49abe40 |
| SHA1 | fbea4f170507cde02b839527ef50b7ec74b4821f |
| SHA256 | a0356696877f2d94d645ae2df6ce6b370bd5c0d6db3d36def44e714525de0536 |
| SHA512 | 0d435f0836f61a5ff55b78c02fa47b191e5807a79d8a6e991f3115743df2141b3db42ba8bdad9ad259e12f5800828e9e72d7c94a6a5259312a447d669b03ec44 |
C:\Users\Admin\Downloads\msg\m_korean.wnry
| MD5 | 6735cb43fe44832b061eeb3f5956b099 |
| SHA1 | d636daf64d524f81367ea92fdafa3726c909bee1 |
| SHA256 | 552aa0f82f37c9601114974228d4fc54f7434fe3ae7a276ef1ae98a0f608f1d0 |
| SHA512 | 60272801909dbba21578b22c49f6b0ba8cd0070f116476ff35b3ac8347b987790e4cc0334724244c4b13415a246e77a577230029e4561ae6f04a598c3f536c7e |
C:\Users\Admin\Downloads\msg\m_japanese.wnry
| MD5 | b77e1221f7ecd0b5d696cb66cda1609e |
| SHA1 | 51eb7a254a33d05edf188ded653005dc82de8a46 |
| SHA256 | 7e491e7b48d6e34f916624c1cda9f024e86fcbec56acda35e27fa99d530d017e |
| SHA512 | f435fd67954787e6b87460db026759410fbd25b2f6ea758118749c113a50192446861a114358443a129be817020b50f21d27b1ebd3d22c7be62082e8b45223fc |
C:\Users\Admin\Downloads\msg\m_italian.wnry
| MD5 | 30a200f78498990095b36f574b6e8690 |
| SHA1 | c4b1b3c087bd12b063e98bca464cd05f3f7b7882 |
| SHA256 | 49f2c739e7d9745c0834dc817a71bf6676ccc24a4c28dcddf8844093aab3df07 |
| SHA512 | c0da2aae82c397f6943a0a7b838f60eeef8f57192c5f498f2ecf05db824cfeb6d6ca830bf3715da7ee400aa8362bd64dc835298f3f0085ae7a744e6e6c690511 |
C:\Users\Admin\Downloads\msg\m_indonesian.wnry
| MD5 | 3788f91c694dfc48e12417ce93356b0f |
| SHA1 | eb3b87f7f654b604daf3484da9e02ca6c4ea98b7 |
| SHA256 | 23e5e738aad10fb8ef89aa0285269aff728070080158fd3e7792fe9ed47c51f4 |
| SHA512 | b7dd9e6dc7c2d023ff958caf132f0544c76fae3b2d8e49753257676cc541735807b4befdf483bcae94c2dcde3c878c783b4a89dca0fecbc78f5bbf7c356f35cd |
C:\Users\Admin\Downloads\msg\m_greek.wnry
| MD5 | fb4e8718fea95bb7479727fde80cb424 |
| SHA1 | 1088c7653cba385fe994e9ae34a6595898f20aeb |
| SHA256 | e13cc9b13aa5074dc45d50379eceb17ee39a0c2531ab617d93800fe236758ca9 |
| SHA512 | 24db377af1569e4e2b2ebccec42564cea95a30f1ff43bcaf25a692f99567e027bcef4aacef008ec5f64ea2eef0c04be88d2b30bcadabb3919b5f45a6633940cb |
C:\Users\Admin\Downloads\msg\m_german.wnry
| MD5 | 3d59bbb5553fe03a89f817819540f469 |
| SHA1 | 26781d4b06ff704800b463d0f1fca3afd923a9fe |
| SHA256 | 2adc900fafa9938d85ce53cb793271f37af40cf499bcc454f44975db533f0b61 |
| SHA512 | 95719ae80589f71209bb3cb953276538040e7111b994d757b0a24283aefe27aadbbe9eef3f1f823ce4cabc1090946d4a2a558607ac6cac6faca5971529b34dac |
C:\Users\Admin\Downloads\msg\m_french.wnry
| MD5 | 4e57113a6bf6b88fdd32782a4a381274 |
| SHA1 | 0fccbc91f0f94453d91670c6794f71348711061d |
| SHA256 | 9bd38110e6523547aed50617ddc77d0920d408faeed2b7a21ab163fda22177bc |
| SHA512 | 4f1918a12269c654d44e9d394bc209ef0bc32242be8833a2fba437b879125177e149f56f2fb0c302330dec328139b34982c04b3fefb045612b6cc9f83ec85aa9 |
C:\Users\Admin\Downloads\msg\m_filipino.wnry
| MD5 | 08b9e69b57e4c9b966664f8e1c27ab09 |
| SHA1 | 2da1025bbbfb3cd308070765fc0893a48e5a85fa |
| SHA256 | d8489f8c16318e524b45de8b35d7e2c3cd8ed4821c136f12f5ef3c9fc3321324 |
| SHA512 | 966b5ed68be6b5ccd46e0de1fa868cfe5432d9bf82e1e2f6eb99b2aef3c92f88d96f4f4eec5e16381b9c6db80a68071e7124ca1474d664bdd77e1817ec600cb4 |
C:\Users\Admin\Downloads\msg\m_english.wnry
| MD5 | fe68c2dc0d2419b38f44d83f2fcf232e |
| SHA1 | 6c6e49949957215aa2f3dfb72207d249adf36283 |
| SHA256 | 26fd072fda6e12f8c2d3292086ef0390785efa2c556e2a88bd4673102af703e5 |
| SHA512 | 941fa0a1f6a5756ed54260994db6158a7ebeb9e18b5c8ca2f6530c579bc4455918df0b38c609f501ca466b3cc067b40e4b861ad6513373b483b36338ae20a810 |
C:\Users\Admin\Downloads\msg\m_dutch.wnry
| MD5 | 7a8d499407c6a647c03c4471a67eaad7 |
| SHA1 | d573b6ac8e7e04a05cbbd6b7f6a9842f371d343b |
| SHA256 | 2c95bef914da6c50d7bdedec601e589fbb4fda24c4863a7260f4f72bd025799c |
| SHA512 | 608ef3ff0a517fe1e70ff41aeb277821565c5a9bee5103aa5e45c68d4763fce507c2a34d810f4cd242d163181f8341d9a69e93fe32aded6fbc7f544c55743f12 |
C:\Users\Admin\Downloads\msg\m_danish.wnry
| MD5 | 2c5a3b81d5c4715b7bea01033367fcb5 |
| SHA1 | b548b45da8463e17199daafd34c23591f94e82cd |
| SHA256 | a75bb44284b9db8d702692f84909a7e23f21141866adf3db888042e9109a1cb6 |
| SHA512 | 490c5a892fac801b853c348477b1140755d4c53ca05726ac19d3649af4285c93523393a3667e209c71c80ac06ffd809f62dd69ae65012dcb00445d032f1277b3 |
C:\Users\Admin\Downloads\msg\m_czech.wnry
| MD5 | 537efeecdfa94cc421e58fd82a58ba9e |
| SHA1 | 3609456e16bc16ba447979f3aa69221290ec17d0 |
| SHA256 | 5afa4753afa048c6d6c39327ce674f27f5f6e5d3f2a060b7a8aed61725481150 |
| SHA512 | e007786ffa09ccd5a24e5c6504c8de444929a2faaafad3712367c05615b7e1b0fbf7fbfff7028ed3f832ce226957390d8bf54308870e9ed597948a838da1137b |
C:\Users\Admin\Downloads\msg\m_croatian.wnry
| MD5 | 17194003fa70ce477326ce2f6deeb270 |
| SHA1 | e325988f68d327743926ea317abb9882f347fa73 |
| SHA256 | 3f33734b2d34cce83936ce99c3494cd845f1d2c02d7f6da31d42dfc1ca15a171 |
| SHA512 | dcf4ccf0b352a8b271827b3b8e181f7d6502ca0f8c9dda3dc6e53441bb4ae6e77b49c9c947cc3ede0bf323f09140a0c068a907f3c23ea2a8495d1ad96820051c |
C:\Users\Admin\Downloads\msg\m_chinese (traditional).wnry
| MD5 | 2efc3690d67cd073a9406a25005f7cea |
| SHA1 | 52c07f98870eabace6ec370b7eb562751e8067e9 |
| SHA256 | 5c7f6ad1ec4bc2c8e2c9c126633215daba7de731ac8b12be10ca157417c97f3a |
| SHA512 | 0766c58e64d9cda5328e00b86f8482316e944aa2c26523a3c37289e22c34be4b70937033bebdb217f675e40db9fecdce0a0d516f9065a170e28286c2d218487c |
C:\Users\Admin\Downloads\msg\m_chinese (simplified).wnry
| MD5 | 0252d45ca21c8e43c9742285c48e91ad |
| SHA1 | 5c14551d2736eef3a1c1970cc492206e531703c1 |
| SHA256 | 845d0e178aeebd6c7e2a2e9697b2bf6cf02028c50c288b3ba88fe2918ea2834a |
| SHA512 | 1bfcf6c0e7c977d777f12bd20ac347630999c4d99bd706b40de7ff8f2f52e02560d68093142cc93722095657807a1480ce3fb6a2e000c488550548c497998755 |
C:\Users\Admin\Downloads\msg\m_bulgarian.wnry
| MD5 | 95673b0f968c0f55b32204361940d184 |
| SHA1 | 81e427d15a1a826b93e91c3d2fa65221c8ca9cff |
| SHA256 | 40b37e7b80cf678d7dd302aaf41b88135ade6ddf44d89bdba19cf171564444bd |
| SHA512 | 7601f1883edbb4150a9dc17084012323b3bfa66f6d19d3d0355cf82b6a1c9dce475d758da18b6d17a8b321bf6fca20915224dbaedcb3f4d16abfaf7a5fc21b92 |
C:\Users\Admin\Downloads\b.wnry
| MD5 | c17170262312f3be7027bc2ca825bf0c |
| SHA1 | f19eceda82973239a1fdc5826bce7691e5dcb4fb |
| SHA256 | d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa |
| SHA512 | c6160fd03ad659c8dd9cf2a83f9fdcd34f2db4f8f27f33c5afd52aced49dfa9ce4909211c221a0479dbbb6e6c985385557c495fc04d3400ff21a0fbbae42ee7c |
C:\Users\Admin\Downloads\c.wnry
| MD5 | 8124a611153cd3aceb85a7ac58eaa25d |
| SHA1 | c1d5cd8774261d810dca9b6a8e478d01cd4995d6 |
| SHA256 | 0ceb451c1dbefaa8231eeb462e8ce639863eb5b8ae4fa63a353eb6e86173119e |
| SHA512 | b9c8dfb5d58c95628528cc729d2394367c5e205328645ca6ef78a3552d9ad9f824ae20611a43a6e01daaffeffdc9094f80d772620c731e4192eb0835b8ed0f17 |
C:\Users\Admin\Downloads\@[email protected]
| MD5 | 7bf2b57f2a205768755c07f238fb32cc |
| SHA1 | 45356a9dd616ed7161a3b9192e2f318d0ab5ad10 |
| SHA256 | b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25 |
| SHA512 | 91a39e919296cb5c6eccba710b780519d90035175aa460ec6dbe631324e5e5753bd8d87f395b5481bcd7e1ad623b31a34382d81faae06bef60ec28b49c3122a9 |
C:\Users\Admin\Downloads\@[email protected]
| MD5 | 7a2726bb6e6a79fb1d092b7f2b688af0 |
| SHA1 | b3effadce8b76aee8cd6ce2eccbb8701797468a2 |
| SHA256 | 840ab19c411c918ea3e7526d0df4b9cb002de5ea15e854389285df0d1ea9a8e5 |
| SHA512 | 4e107f661e6be183659fdd265e131a64cce2112d842226305f6b111d00109a970fda0b5abfb1daa9f64428e445e3b472332392435707c9aebbfe94c480c72e54 |
C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\@[email protected]
| MD5 | 74219e1e7d65415a0c9fa490e188639a |
| SHA1 | 8230833d5ec62fdc370bd0f353588124fe6d954b |
| SHA256 | 452a33f856737db6ed84329d9985fd280be846e918f528d45bd4225386b9ab61 |
| SHA512 | 54227ec7bc9ed64672962b650cabbe83672c6e3b05e9d767fc3991478bf666b33b3a869e971ed56ed0f4d084f8e9d7d665c2ea1db76c34e0032ec1c3f3175851 |
C:\Users\Admin\Downloads\TaskData\Tor\tor.exe
| MD5 | fe7eb54691ad6e6af77f8a9a0b6de26d |
| SHA1 | 53912d33bec3375153b7e4e68b78d66dab62671a |
| SHA256 | e48673680746fbe027e8982f62a83c298d6fb46ad9243de8e79b7e5a24dcd4eb |
| SHA512 | 8ac6dc5bb016afc869fcbb713f6a14d3692e866b94f4f1ee83b09a7506a8cb58768bd47e081cf6e97b2dacf9f9a6a8ca240d7d20d0b67dbd33238cc861deae8f |
memory/5840-2692-0x0000000073DE0000-0x0000000073E62000-memory.dmp
memory/5840-2693-0x0000000073A60000-0x0000000073C7C000-memory.dmp
memory/5840-2696-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2695-0x0000000073D10000-0x0000000073D32000-memory.dmp
memory/5840-2694-0x0000000073C80000-0x0000000073D02000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fdaf955e328d46a9ab32145019872c12 |
| SHA1 | 2fdcc911b606fb78d10d9613a8736abc71d3cfe9 |
| SHA256 | f3cd9f39602adae4194e1469c498372d6d351f0518f5085dd9e4c095d98ef02c |
| SHA512 | 530efe3119757b0bae73315c52e387b1c04dd3cf41234cb0e9fafc3c528c8c1f0501a643ac70d471b2df42010ff0c10fb118a6f5816f116a241c944506f06a76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 252f21cd3b7a0f21e4ab41e2090b1822 |
| SHA1 | 41eef526e60c7ad778b5ee844358041177f2f352 |
| SHA256 | 3e06110fbc899afee5bfbced19a9ad9dc879e4d096eaa7076b9592da4a2e4d21 |
| SHA512 | 50ead581700b790013c1a0fe7fd4e38cb4a43511d7bb2a481b2e15a281721bc6404b2ea7642c99f74b8e45b35ef46615e73eb85b10c6f0ef4944b57d7c314fe2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2ea18fd99e5c519bac0ea1a22fb0a26b |
| SHA1 | ab58c3387dac97fd6390b97228e7235fe38e4a82 |
| SHA256 | f28cd62342451fb6fdd72e6ad433495c8b57d2ab471f0503d8c35704faf79060 |
| SHA512 | e1e6a592fa6427e99269d57b5d6a45097053de48cd01f3d1977a8c8a8489c1f76e3cefd48daecf87c67b6b8778298a72cd0f762b29812a27196fe91aee261ede |
memory/5840-2727-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2733-0x0000000073A60000-0x0000000073C7C000-memory.dmp
memory/5840-2732-0x0000000073C80000-0x0000000073D02000-memory.dmp
memory/5840-2731-0x0000000073D40000-0x0000000073DB7000-memory.dmp
memory/5840-2730-0x0000000073D10000-0x0000000073D32000-memory.dmp
memory/5840-2729-0x0000000073DC0000-0x0000000073DDC000-memory.dmp
memory/5840-2728-0x0000000073DE0000-0x0000000073E62000-memory.dmp
memory/5840-2737-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2748-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2754-0x0000000073A60000-0x0000000073C7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a64a6addeaac6a342151252a296c9d3e |
| SHA1 | a73ccc7a4e8a3e612592451882315844fb754a22 |
| SHA256 | 6430b801cf9eaff4e8c23d9184170633d9944570f3e8588bdcc4e61e5876c0bd |
| SHA512 | 340c2622549d3a429271300bceb239da5f72f41f4d0557a840995095cd836d75e1be390325a5f7e2f6f4ac9ebc4cf9b187400c02e308cadbbd75bef96f0c1aac |
memory/5840-2785-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2791-0x0000000073A60000-0x0000000073C7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 054ac252d818c633531cc5f3ad14e827 |
| SHA1 | 0b39d7ebbf41e8f94283f11cc4474bfc9f1d28b5 |
| SHA256 | 43d2726ab18f85f4fa33e53f731a5fe97996b79e7c9bf0a8f16602934c37cfc6 |
| SHA512 | b9089c3281e3d52476168b7c20e617daf14215455053f9d17f9e54fc1231d5f06157b3120d547c5ce697800071c0265adc7212173aee1747ee1707c6e0ec875e |
memory/5840-2840-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2846-0x0000000073A60000-0x0000000073C7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 67ea1c1eb554d81176018b195cc993f1 |
| SHA1 | e383d7b84d28405da8c0a48c360b5ee94de33000 |
| SHA256 | 31985cfec5ac6d302ea1ce2d7862a766e3ead07e43b28b048ecca8cba54d979e |
| SHA512 | e075713db4ce697292e32d7a40fbd0984719a82d0f55abc19dd02a585a81eaea4a16366e2de4c4454be7bfb78dff20dafd4461f14b1237c1be2f1206020f283e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 209af4da7e0c3b2a6471a968ba1fc992 |
| SHA1 | 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f |
| SHA256 | ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403 |
| SHA512 | 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | cf604c923aae437f0acb62820b25d0fd |
| SHA1 | 84db753fe8494a397246ccd18b3bb47a6830bc98 |
| SHA256 | e2b4325bb9a706cbfba8f39cca5bde9dae935cbb1d6c8a562c62e740f2208ab4 |
| SHA512 | 754219b05f2d81d11f0b54e5c7dd687bd82aa59a357a3074bca60fefd3a88102577db8ae60a11eb25cc9538af1da39d25fa6f38997bdc8184924d0c5920e89c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | c3bd38af3c74a1efb0a240bf69a7c700 |
| SHA1 | 7e4b80264179518c362bef5aa3d3a0eab00edccd |
| SHA256 | 1151160e75f88cbc8fe3ada9125cc2822abc1386c0eab7a1d5465cfd004522c8 |
| SHA512 | 41a2852c8a38700cf4b38697f3a6cde3216c50b7ed23d80e16dea7f5700e074f08a52a10ba48d17111bb164c0a613732548fe65648658b52db882cacb87b9e8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 672dbb435d78534bc580b053111d665b |
| SHA1 | 591bc575397030495dcfadd77810447ef9c7ee36 |
| SHA256 | af8a4889bf1491188c57019be337ad885f171391869326bee0e6d512c9f5a25b |
| SHA512 | 5ea41c8cefe1d17375d26e72814e6504abdd1be2b3cdc927214a14bf05a69971b63d334040f7ecf9996f11b8644375201d3591bc01114ea912fed37095ea435e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
memory/5840-2983-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-2989-0x0000000073A60000-0x0000000073C7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | a6d2a865e9f16ea305950181afef4fcf |
| SHA1 | 082145d33593f3a47d29c552276c88cf51beae8e |
| SHA256 | 2e5d94863281987de0afa1cfd58c86fde38fd3677c695268585161bc2d0448a2 |
| SHA512 | 6aa871d6b2b0d1af0bda0297d164e2d685bc53f09983e5a4e1205f4eb972a2017323c99c3cc627c3fb01381b66816e570f61d013d3775cddad285ac1b604cdc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 919d13ecf08e3da7e9f337e7b60d6dec |
| SHA1 | 3d9bd4aa100f69cf46ad175259edd6ce9864830c |
| SHA256 | 9d4575044d2efd5e90503beda65571b5158a3f32d999191ac1f82d1a5ee62ad0 |
| SHA512 | 98d8236ed1c44826b4489b9fb7b76c62502a032547374446c53dcf2eee2f5fe3548c6587fce66df9d075294bc2ab6be97c3cb21457bc899451ebd3b476715985 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | c4b8e9bc1769a58f5265bbe40f7785ef |
| SHA1 | 07ff14df16d4b882361e1a0be6c2f10711ddce50 |
| SHA256 | 2786986a3139e9722e667f81b4902609a4cf458e1c16206cd11feceee0254192 |
| SHA512 | a39157460b523ee2b9e1eacccf7aed99ff002767a8f87287c1c4662b6711b97f7d4955df64a86a882417fe71e598719e3934e14f787c1e6b3348c8a4c813e3ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | a2ade5db01e80467e87b512193e46838 |
| SHA1 | 40b35ee60d5d0388a097f53a1d39261e4e94616d |
| SHA256 | 154a7cfc19fb8827601d1f8eda3788b74e2018c96779884b13da73f6b1853a15 |
| SHA512 | 1c728558e68ed5c0a7d19d8f264ad3e3c83b173b3e3cd5f53f5f3b216ed243a16944dbe6b2159cfe40ee4a3813ca95a834f162073a296b72bbdedc15546be8f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 93acf02790e375a1148c9490557b3a1d |
| SHA1 | 78a367c8a8b672dd66a19eb823631e8990f78b48 |
| SHA256 | 4f2513f353c2cdd3177e3890f216ea666e4eb99477a56a97ff490f69a9833423 |
| SHA512 | e6354f4e4d35e9b936a7ddaebdd6527c37e6248c3f2d450c428903a32d77439cab78020a45834379cf814a79149c3dddf4e1280b9d06a7f972e5f8e61c463d6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | cfff8fc00d16fc868cf319409948c243 |
| SHA1 | b7e2e2a6656c77a19d9819a7d782a981d9e16d44 |
| SHA256 | 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a |
| SHA512 | 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | a336ad7a2818eb9c1d9b7d0f4cc7d456 |
| SHA1 | d5280cb38af2010e0860b7884a23de0484d18f62 |
| SHA256 | 83bdfb7d266fd8436312f6145c1707ddf0fb060825527acfe364c5db859887a3 |
| SHA512 | fa69455b3bfc162ab86a12332fe13322dfd8749be456779c93a6ab93e1d628e246a31a0a55cdba0c45adb3085acd62ba0a094b2115529d70cb9f693f3b1da327 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | bc715e42e60059c3ea36cd32bfb6ebc9 |
| SHA1 | b8961b23c29b9769100116ba0da44f13a24a3dd4 |
| SHA256 | 110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745 |
| SHA512 | 5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ba21047d433729e2922f59eab66a3dba |
| SHA1 | e0a28cd45e53fa8721a50e4617b24bcf15faea80 |
| SHA256 | 033c066cc6970305f1a3b6bb460d7528f11046b3129e9e73c398ea368d9f7c50 |
| SHA512 | 8faaf483d3a852df68ccba2cc3371b2cb89d126a32ab7cb59ff03323b0134c46238532c8a5b9b265f46b21f760a08d14fee2c01bcea387ae35e9c8898cfee82d |
memory/5840-3154-0x0000000000D00000-0x0000000000FFE000-memory.dmp
memory/5840-3160-0x0000000073A60000-0x0000000073C7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 6d4606f89ed7f28fe3ca9d4e8b56420e |
| SHA1 | 4fc4d04aadf8f9beb8b89d419138748b0f621882 |
| SHA256 | 34a829bcf5228c1947ffd37f2f75b63ed000339d95452507b6f2b69965d35bd3 |
| SHA512 | 638685d251808fd47d244d3196e4c162a7d7f4ba7791be9e6e728e02fbdd1860e81d90e0ee88c80dcb450a8d7abec79afdb0fb59c35ff5c3c523ac33b0725a16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0
| MD5 | e010dcd423e1f985650ef5d59e02293f |
| SHA1 | 7c79efcf2fc804e50f0b556ba453f9a3c846405f |
| SHA256 | 9fedfd0d888545cbd41f047524af10307d9bc40f8b005a7771d52c3e71c20daa |
| SHA512 | 0535cbb103eca38fdd78a8d33f48efd17e081e7c86307721965f401a9e1f8ba1b8ac2ea44ac2418b4c8806afe4ce821e0d0059862459d0b9ca2304264876895e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 35e29d50cbe600f2f593d845ea9c5b3b |
| SHA1 | 23d06d86238d1471149b767c81bfd7b93a21ce8f |
| SHA256 | 355bf5bc06facdb27b035c58513e125520a0a90686c4ad51bebd6e6ea106e88a |
| SHA512 | aa487cef4b7dc38e49783a91469e87383411e192cc7a244c279fa95c5b4fd17fae6de196e4a0aaea8483978739b93a2b7c5d1af6aab6871f115122943b8fc77c |
memory/5840-3289-0x0000000000D00000-0x0000000000FFE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f72542fe-cf24-491f-9426-b0727dca0a67.tmp
| MD5 | 1aaf2783dfaace26ff2f393c18509a1f |
| SHA1 | 96390e0b3b6fd45b5a4be7fddb8138ec34ec2c3f |
| SHA256 | 7e2d11af41f70205698d77f3146e2e621d00622fbc484429114f3607d1723914 |
| SHA512 | bb4a18c2143bf0bc84880feda4798dab81bf9eb946ad50ba382effb2c939ead7c675cfbe9dbae6d879936eace2ce50337ede07bc6e6c7e8feb7fa71adc50df10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | 7d3ac487e90e1ba288a0e5bd909fe6af |
| SHA1 | 562bc4e45405ca6b9bd87f7435c352603987a543 |
| SHA256 | c994c7ac33afa41a16eb320fbfff737a93a7a93fda0ea052f78a6bfce184c041 |
| SHA512 | 3ebfd2e6d576dd34cfb48343b1944a0ff3a3f92b3b1fc2058252dc6e810bc5ad5bc3765811939079929df57d7b1f90f8d779f49a83efbfffb62ff6ccb3d5f55b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | 1644336a77c37f0a67e630a5ad090873 |
| SHA1 | 85e72ab8fe4c666854f449c84976247491b86042 |
| SHA256 | b6f1bb84640c1779e878891366d242110f07a72578942066eda4b05cca3da682 |
| SHA512 | 83da382376134b1029e2efd9f40bf2ad88e2e1fbb9b88f9c348b19e6cff18535f71454967751529fc33606ce4131f62894c27aab2fe9ad66d70f45b45be584ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4851f064a3e29df2_0
| MD5 | 6f6af84fc375f5b31a225d5fc82eadac |
| SHA1 | b25200a9b79e68b04969ca74b11f2489d6eedce5 |
| SHA256 | 72493cfd9ed4f39f049f20965a4c1782d7a7789600badfe5c9fc201c707d1da9 |
| SHA512 | 28bc7b6bf8dae12d132eb02c55f92e8727eca42f8da3d978b6f2c3182ceff59c08f7f421df3281dab908675dfe36de266a7cb51acecba60580226225321086b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | b8b250148df70314d7b518f762cff144 |
| SHA1 | b210a71bbdaa8e79acb6795671c16ac88fb9235b |
| SHA256 | 516351fdaf99d0bb4b748cbe6514cda347489f9e1e548830661e7f0008f5b81c |
| SHA512 | 7b9ddd18f75e27ff36fd816e52099e1c4def56f3ca1aeccb6d0a61f62b1c33ad550ade322cf38b06be26181da660bd24c158a3ff18732cb3f219a4244675a343 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0
| MD5 | 71bf666f6311e99e372ff38b8d3b4d91 |
| SHA1 | 8e03701f5fb384e7b08f2e2732d62158f16a4bbe |
| SHA256 | fb299d27f76a0c62510f6375a32a855a78dcad0a1c7db6a2509a4196c20aa51a |
| SHA512 | b57b1719241b15c8a7b2ad400587d6197cbf811a2df164422250eac0e246fea36723146d0b75696f87ffdd7d4d0877f953b814e13d45069c7619417c7cfd99fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 235190dfa729f9a5c6e2748b138a0c45 |
| SHA1 | a63950185e68a666b9a1cdc748f1dae21aa41b4c |
| SHA256 | a7ef57781d5e41cb416a5ee6eba864a35846a3d7874e672d3a8bb20aedaea434 |
| SHA512 | eb4f51e4348aeae8cd44c4f333121ed55dea260736872f920805a3ba92c7f04df8971e2a5ea96a4b665007ba382bd6421e81ed9d00f967e236bb95834876e493 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eca3b165e0b0f776_0
| MD5 | 90f6d90755102bf08aaccfac36ca6ba1 |
| SHA1 | 765ae4ab2df9817b50f43ac13def350f5bee0d9b |
| SHA256 | 4b2ea3f1da92f40e5ee624910b6bc7ca8703e7317ec92c0fa7c910c98e339e9f |
| SHA512 | 2e63e6a331affffda323f0b1dea68ce048b2815d726d3c1db8b74f3b8ee7974a5e1c7166449dbe2e46bc58a25bd07faea6911fe686099734240857bd56f186c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca892b448ce010ff_0
| MD5 | fbe90705551d466188dbd2d95fb2a27e |
| SHA1 | 117f4bdff1c7036a8d5af4013f6812c64072b61a |
| SHA256 | 7cf7ca163cb22080eeabf0f6f576c62676fdee22b7ce83532f368cfe13d3062d |
| SHA512 | b7a388ef97522ead56289128033230a53968c13786ee39ba77e6f6d40b9fe8a380c8b4eaca4efd8beb09f46f8ddfcaa13fc5eaa866a61c5e79e88558e3e67e7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\537f62c2e00def92_0
| MD5 | c55bfa1c79fcb70e8c1ad5df2ea05576 |
| SHA1 | dc1c8215b4455933a030fab94efcf88103e75ef2 |
| SHA256 | 29203ccb1baa931fc384e713c82e61d738ef5828dad62f76be90df0391b20f62 |
| SHA512 | af64fb264d149e86f361ee0010187851127adbc0b0706b450990c30933b70423819fe33d46c9b3ecb33d5ca22595c0a2e30ec28ec4bc2f31529c1bac4c132697 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | b3300006e60db3629e8bd2b88ecd3e4c |
| SHA1 | 05d6dce0c38c22594c7f3e1005b5671cfc89bff1 |
| SHA256 | 5b808d825965aeb3eccaa7f3fdb1395b4e416599c0c23c626e39e439ec1b9b86 |
| SHA512 | a5d712b0a6ce8334abfe04100874c65d8dfcd7bf271bd72ea96f8d0bdb5ed5a0b24d99f44efb5eddbd12f6540a17873fc00521a87bd544565d11c46f30f92ab7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 705abdafa942ef73ea86d20b5cd5d5da |
| SHA1 | 228ac7c944844b9c29fa09f2bf1d5bb4c88e0699 |
| SHA256 | fb4aa31f005b2898f8793927ea2fac6551f805d8d08b5f7dd67589176411e6a4 |
| SHA512 | 5ed52a96041bd3a5da8c437508607538cc1590e0a3c48fc60d555778307b09cf8645253734298a00bc84187fd153eb3ba5ad9730ba51498d679cad9771ce5ba7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e504183595893c5c_0
| MD5 | e592026399369e084cb4691d9439999e |
| SHA1 | 9d91b056a0535a34b58708deab16f12ac766b323 |
| SHA256 | 77864d1ac6892486e62ba441b5381116d127a37eac2d60aacf549db13408162d |
| SHA512 | ef4dc355c856104bdd0ab1328b95a4d663101a25dd19ef149e01e120b4cd173f67b1c43e180fdc2dd9469b9b3a6886e305490e0e8fdb636a534e96bb4c24429c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0
| MD5 | 16942e3b096b4fd770ba18ed0540befd |
| SHA1 | 3dae98abf111d5edb4be38ea1b1aea2114770998 |
| SHA256 | f2b69f0a65039f74e6009ef7ae46ef63c45489761b4632ab1a1254e855f57923 |
| SHA512 | f0bf7ac9e4d205e9b50a353c43438d5cd8cfc93a8dd287bbc26a69b8e1c5e82a6f0048e218ae97c26fab34984f97cdb4ca5b8968b531f01362f5584e9f1dac4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0
| MD5 | 0cc72bf9efc82fe555e0b78500e90ab3 |
| SHA1 | 1f267755a79f3f2e499c8c77fa7619942eb59ab2 |
| SHA256 | 0ba2ced636c9f96af8705b93db0e09ae2d525a323bc659c84e5ccfbe352994ed |
| SHA512 | f547e924d9f68e51a3ba7972ceaa96b52325425544887ed789d957cf40dc0dd8e39c56b51a4f3e3102200d5d6a06291fa44fb06f1177ac59870f8dde8f6df14f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | f8a6f80833e3c808dcff815936cd7e7e |
| SHA1 | 4080d5a1fdb77e0212c81a80f14201f2607dc36e |
| SHA256 | b4ee35f93aff81f8f21ab8838a519a289d208cd3143d9b419d4f36acb3b57ba8 |
| SHA512 | 8b39e9410aec4a7f63a627312316a47efe837c7547d41d8b4b089bf25d95f671532076a9109208d7194cb34d324beeb1cf4db7760169cf9d2d9453514ab2c529 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 9e5c3b009744d9a03343f377b320c1e8 |
| SHA1 | 1074fc96b8dc93c8aeae8400a49197c89dc204ec |
| SHA256 | faa8fdefe18fbdc4c24cff12e4ec630dfd1a2353b70279e097c3678332b9178a |
| SHA512 | eae886700a7c8857b21eb06149b44e8b9dae8ac2a0bd1ecdf8ca001caad744b4e9bfd8f3b4b15997617b74f419c440628cfd825774704b36967e15806b0b827d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d37cb16ef5eb861d_0
| MD5 | ba3cbc56c92bc77e8c0821574bae7b25 |
| SHA1 | e5c816d2985cf57867d6d577484c2b76fd7533c0 |
| SHA256 | 5c5e35a707619391474678cdbfe8fa7ca0a6f5d555310ddca20a3e8b7e845334 |
| SHA512 | daf6ac47b7669a03d1608a017a9f483a646d94b740593176feb52ed87e78c3eafbe10a4f36731cc06b1251d5b93a30d2625101040d55a6400ffa00d93a19dfc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | f83a90510b0208d216577a22af51a877 |
| SHA1 | ec4d07230fe069127d4b30ed4fe5453fae8c0bce |
| SHA256 | 10a8335896dbbe7f9e614e7a1c130546526094f96a37ca4455a3026e7b587d11 |
| SHA512 | 1faf50b7efd36fceedaa776a3faa94d253491e58a12c34f7b7502b8294d8b8a8b448f1ffcf74ca34ef87d9e1aa537bc8d73952f3a74514dffbcb8811e8c00b73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | a553ef0a3876e0c900cb8b92ad5adaa6 |
| SHA1 | 911c256b7386551516c0353a53cf3cd9c0be413f |
| SHA256 | c991e13d9f93a8f8c850af3eb7fb0331128023603595639eb43362d4a6098c26 |
| SHA512 | 84dfad0c9388b2879bbaa0184ff82e40395bfc4a29ec7e55324168a68613a31c32ddb9c70768b1b62437e49d653cdd7818b7f644059dd63444dcad5d9d8228a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0
| MD5 | 5a142404abbcb4797ea0c15f9b9db8e7 |
| SHA1 | 0705293cc25eb3cd5d2d7cbae944a04abf595971 |
| SHA256 | b8b5e09eac351c2ba3a94642f3c0c5e372218e83db91f1f5b498d4ceb9986cba |
| SHA512 | 6f3b9fb174291f7136120f0d636260b5193ee3e26dd1befaedda3caedb5e5ce9be3e3520c6c844d8ab0c846301daa759c1cb3ba7a8d2c49821c20f840efa5f9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 0d6e2c5c3d66dda042cf5609aa125a16 |
| SHA1 | 979579c639996685c4eb09db153e07a5bfaa776d |
| SHA256 | 356057eb41684d145a2ae3be551af1eba0d5df06a246e745e1df95eac3a3f400 |
| SHA512 | c757f8b562629f76e91e4867e78ad98af758d904082d3848dcb399c611a74351eac1e834fd651b89e60754cca0a1f44a41f391fbede3f1c1059e175bb6948137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | 82869aa8b5daf4d91cc9c1674d646745 |
| SHA1 | 194da4bbdc8ecbf493c8eb2694a40a154569d32a |
| SHA256 | ed34e6f35c3c6db43651cfc97ef08caea9cf7f7e97a14a535455dd06fb060ad6 |
| SHA512 | 95ec9726365905b02596ad4a92a279b0f2dcb2c926f06b47b9e5b11f1b4b8abd91ed80f40b32cc82b62e596f97b15ac5ba026cc9361ea5a08fbc4f6dc2b7dbd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\32b5cfed7bfa9faa_0
| MD5 | 542cb79ab8b84281b98cafb788f57c1c |
| SHA1 | 1c9bc1688ebac6391a9759ebdf2ce656884acfa9 |
| SHA256 | c92581d05feabfd8f24ea5cdc7f5cdafc09be1de2b4b44e19650302ea95050e2 |
| SHA512 | e622286123185496d4b36a33bc940639968a45d34f1eaf5040bf08c2e4007e018fcc4540873096bc4ad1207a67810c1aa7568cd6d4baba172ffe3ce7c15aea3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | a9547d2d00e94cb6c5d3e302377dcd22 |
| SHA1 | 9ac8dda9d57ebe8c9737adb8506f2b7cc0244151 |
| SHA256 | d438dbe2dc43698ccf484e292043e09d38985941b04d00e059a9baa7f3ac4a34 |
| SHA512 | 2e7dfb0125ea3dc0ac7e6545a1c53263a4916c84bf06685a5065a225d8fe03e69b8b433a6f1075422c5a56a6ef8b2f85461958eef14c4630a9be36d6c638dfa0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a51ef587dc6dd4bd_0
| MD5 | 1a384e9c2a4919d73028bb179b7edd81 |
| SHA1 | d964b7faf79e1ec8bbea568118740f4b4468cb0c |
| SHA256 | cf35ea721c1cab393d9cd116ce0b012d554b777682d6e41072ae179d4945bbb7 |
| SHA512 | 15d5266be87347385a5d57de19604cb7aae163e4a2bd35d1398436fde426c3afbb0a2e5720b0a75e6d31d927b5a8cce165e7bb60f9fa0e2e07eb29ae286278d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 92a26da14d368fc62feee561dacd726f |
| SHA1 | 2c98eef82e55c7ca374a9e64a4057de80d1695f2 |
| SHA256 | b9b5232a53865f8b7af340e58da365e089f71dc383d361546c4c7007117f4a0c |
| SHA512 | 5c9b99060dcc457a55d57c1c1bd0cf43b864c3a800d50beca94c7f094cc4f02a5f92210a1aa51ee9ead5a703b439312cdbddf62f2e6e4dfc9c575c86ce1e372f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54621936eea23565_0
| MD5 | 56693c8ad64000f19727f5354af3df7c |
| SHA1 | f2bed33beb9d56d7e3540e89f07fefb33a517ff3 |
| SHA256 | 6cb6761d6b4de7e55d266411ed9344f6258a149c27f5dbf785dd115813495367 |
| SHA512 | efddd2622b9ed3c84e40bd3efd3cefcf20f191178f6d8b5a817e8479a8fcf81be76977d99bcc9d33db88cb598163b7ca0f7df44d90cc6ae1eff2de6c72897939 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\97e5761b2a976f35_0
| MD5 | 7942ae365c618c23285dd3449fc8fde8 |
| SHA1 | 9c235b289508aebfd86cb2e0bf04f8e51b705db8 |
| SHA256 | f3560925408c7a69012b41d4147259ad779111aa5531b7415dfff4d35f4e6543 |
| SHA512 | 8619f179736cafe485114cb08315e2d02f3a5a1055d9803a29221822e94c5700cb86731f91474bdeb9529e9a323f23020df7840ca8d46927d834efdcadbe2bc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0
| MD5 | 49d26906d70ac7e66446ab9b94d209ba |
| SHA1 | 5f38a39d0a82b0ab2121ebe1e29f3aee92373ea3 |
| SHA256 | f12e70660758796d27bdb5d5b2a6ceebd8a9a512952d8e2363e1385335b55dcb |
| SHA512 | 33cf96f3a5d271d3457e97a3bb5f02250a02d1e63b6b4a0992a38f8b002a2f3044e25114fdcc866e44655d74de8d52304c9b273421660cf6f28757c8b9d4e76e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74dccc6303c84dd3_0
| MD5 | 7d09b43d3e98beb2cc286a00e20c1e99 |
| SHA1 | 0681cf71daf96bcf843c5b4b8dc2058428ba2944 |
| SHA256 | 3a41666c5c8123baf2589a6dfe8c1008c2c1914c4df727fee09e8e2250de65c1 |
| SHA512 | 806634731abb0fb188133bfba26eb23ccb6505b0313ea32725b8c4fe15c4c03d02c7b0d5564be59548f512779d5b57dc3d9a5f1a1ad9f82def7f80663f440cdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0
| MD5 | ad3f4256ba42bff5ca0d520f50c238e8 |
| SHA1 | 2f2abd8442601de1bb15673e31fa7b765498d29e |
| SHA256 | d1d0fc3a8477f606c9c91bdac05bc7ca5d69710903d143ec5855440e5e416076 |
| SHA512 | e202cbf59f5a00a31748cee0679e7adbf8f1a0cd4167c357fe2eac924321e63678d85b17bc79f1430abbbe96ed5028c14d650c5893414e1a22ae4d9b76aa5e98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\feadcc6fa014c0d1_0
| MD5 | a8b79a1fe57f10c5dde9cca2fcc5dc14 |
| SHA1 | 41b72488dcface4067fd8d3b9ae4c88e7bd1e69e |
| SHA256 | b338b758bc9f7fb2f3415944977fd4083552b8add00360a413c8127def95533a |
| SHA512 | 83d6dc451d4c8d9306a014569017d5294752b3f3708880dc5925c19bf78456db4232f6413f39f7f3ef73c2cb5dbfee8d928a9afa4f6b8b1927e073f2f1264150 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a86a5b1bfad41ced_0
| MD5 | dba7dd3dcf27291530896c048986314c |
| SHA1 | b9e2c71f136d0107db8eec737c40af14a0790574 |
| SHA256 | f785a96d17915f8d63556f6903110dee27f87676f25d6621b47e61646db276c2 |
| SHA512 | a768a5a83bfa7acbd562bc6533f103a30d0ce95090d8926633d0b330a466fab54babc2d64026f2ab9e002287df375f2318c9890b4a1f735286fc8d6bd574cdd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0
| MD5 | b368e695899092d261faaf5f680cbeaf |
| SHA1 | 901b1e0ff81e9e1f34c0ba741adba6a1157591e2 |
| SHA256 | 045691272bf393eb8bb4e795a851f01d380f3c8a5a0589f8141b3b22482a3559 |
| SHA512 | f9574434017a927d8bcf3cac4eb8d93ce5ac6d0e0cd84864c80256ebcd579097f1bae8dfcb29d087b23c1d7d416e452516f67ccf03b757e8900545ece338086c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0
| MD5 | 4f2d927bbdc5aa5d6f7c5f59e4bc435a |
| SHA1 | 944cea0c2ac969e2d55ff107180d0edb38a99286 |
| SHA256 | bda815b72c0c9ddde40b409b1dae901497ada0b70fd56461a0d5681010b664cb |
| SHA512 | 05c8fcdab16549c49110e9401111da3d27515ca326514d2d1b679cad25daa8c3d68dc08a1f89ee409379be4aff97b08b371cbf5671b521705ad89b360d11627d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0
| MD5 | f083bae29fd955653484c5fbebae70bf |
| SHA1 | fa297bc4a08b0bac9e99598472114ba70459e9e9 |
| SHA256 | b988ef1e71534fdf508477828c834f744624712531f64e48762b99202bf84e67 |
| SHA512 | eb8cdcc05ee0bd8a761f4a0116fba2e9d598b7a4b041caa4982a460cc97ab3ef4c1b8c2a079cbc2bf513ed546c440809c98677506cde85b1980ab11f16d05982 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0
| MD5 | 1052c451da5419ffa669783b342f759b |
| SHA1 | 8e5df83fd9f5306b4df760eadc34d75b70acf524 |
| SHA256 | 75e9b0a847d3a0bbea23c114d54103c43d2ff1ff68a295dc3bf4e4b52015c216 |
| SHA512 | 1b7e0cc1a464a30d9bf3aad22d0e5c484beb1efcf24649bc09893dae6aa4cea3bc2b13a6fe806ca4f1f2ccf201a3691e061dccfd95f694b1e1480ef831c6e8d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3557d97bacb52931_0
| MD5 | 7b0528777f02a6e63435fb142ed44d57 |
| SHA1 | 8aac966e90fc523cbb291cce37407e93af70cd06 |
| SHA256 | cc9647e8b8c0a168e2fb1e8cb12fcc2b9e5ec7794d4eca829938894f10d54309 |
| SHA512 | 081babb1738b44a8add120ef5d88d189823723f8996fc1c2b5ca14bd02923dd1dad9c50a4a46b90e1f2da6329ff4f734ec17ab2980dc83ffb96eb26163770692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0
| MD5 | 79d6798abbae96e7a3e231db4f6f2ecb |
| SHA1 | b775ab50df5950f91ffefed7f766dcdd48a6e24b |
| SHA256 | eb3f6e63d75089e30a30e6d3850287ca1b7ee7956afd61d9b0829fc5da8deaed |
| SHA512 | d87154ad2b7c1078f5eae293a64312aaeda7d1d3d9fc66adf6e48ddec300d35c698672d52c5963457639d269d05e7aaaec722d24e10019abfebc516a2a19f3c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0
| MD5 | 772bfe8bedd564666607a4f3eb892341 |
| SHA1 | fc064d66e5e18e338fab4caf0a01635ff03bf5ff |
| SHA256 | 02adb51174367b2a46daa5f848866c92113c885b361fc14f018b2fbb9b7f6d04 |
| SHA512 | 9046ac967b945846faa462b02bbaea77c33d7050a97da7bfb3626e2f6e926a35761098d377552e0451e178db2ab5cc2084d26851ab403a44b58ebcf5af5733d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | 0a67a7d63ddb57264f3738458e9c283a |
| SHA1 | 9867918ba8b05f2a5d5d4dd579925f39923bc5a1 |
| SHA256 | 5810240ba8b7e971976ac473c076509ad15961ac8e55167e2cb0d5201f6f4861 |
| SHA512 | 8f84991691ea5d6aa9b893012c6c88446cad5f9c5f8ab263aced5dd812328519aaedd9b6b2db3ca604cab6c84e3563535d33b9a416d5875677aa88942a4b3910 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0
| MD5 | 01ffebbac846aeedc79e6323b00cc70e |
| SHA1 | 5c217c24e544cb2e6bd2635dc3658f842285ba49 |
| SHA256 | 388a57371a8e5db299d016e54d41281b0f7dc0efa63511124096868d8751d4fa |
| SHA512 | 3fccb4975c9e118c8ea69dcd9a5955ede2dd344df08fe325462611dc9a7a02ed4479f93e235699bcdb627a6e48056e4c3718c475b14d5071595f5e318c9eea9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0
| MD5 | edd79362175aaccc626e16f4a609804c |
| SHA1 | 8b2f7751e2675dca951f5c25aafebf1cbdb9d215 |
| SHA256 | 93e0d6deb4d518793b769b3164cbaf32afa02819d5ece807afddeed231ca5fd4 |
| SHA512 | df72b2e25f073f27e15665eb9caadeb4f0c8cc12a11ab5f064862179ca7a0144a0c57a9d5f78f022d8c565786997c9514d45724928d3e53be0f5c2e28e98d838 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d016d0e9b56b1042_0
| MD5 | bced48b3718ca2d818a8ff4641deae47 |
| SHA1 | d89c8ca98ed121e4263decba187fb3878f36931e |
| SHA256 | 7b3a7b0bc9292a1e6c64a152225c22319be665b91a65ce7513cee8211543b75b |
| SHA512 | 20e48e935099dd303352e79565e0e43c39be232e9fa5067a05e5ee0bb0b2c6ab695468a3ea08f9b77461f7b46669a20591e5856559e1e04e3272a457134196b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0
| MD5 | 207ed47db3c9fa669402bf86ac6ca583 |
| SHA1 | 2952570521aa242f3e019a016cc826a3df5aad13 |
| SHA256 | 98a5c8176b8cfc1151c955e6a998789c5e50644da0ff3378500e4914f95903d4 |
| SHA512 | 0c624d185efa484a605adc56994b0df9a8cfdb2215bdb806f78848aa2e57af5ff09f4f14609030304762009c15f4f5447c81843de863ced901b958ba22205028 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cbd83c2e90693c9c_0
| MD5 | e69b709717c9d13f0a335f4367c74d25 |
| SHA1 | 551166c310b8e15b5c887f361776c3cf266afbe3 |
| SHA256 | 2238059bc08920b1abf2d091a43337d74dfa338805e5557d856160d7b58061ad |
| SHA512 | 09963700e248a0268c1ad77938766cf5fdc59ac0802807b84cab819ee54b33a6a2803f1e2dad040a494babc4504286927783433b3144c5fccd8622e681a01c9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0
| MD5 | fb0904f84500aed86b6f1c9a65417abb |
| SHA1 | c67df941c20d51e9f0a3d06e4748f949d0f08ffa |
| SHA256 | bf3a2b34f0b1b4f4eb7cc30e06dced9f786dcd073913d48e89a47b88c4b0647a |
| SHA512 | 4805d84f2d5a796c7ca3a8b0aa36ae11128a0def31e0b766f896e99e9149d4c8bba08043372b497204c52c3bb73b52c37bbf0dc616a5545af5e3e16d62b5cdfd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2c2867a2f63ff615_0
| MD5 | d9e0646a1b8ab48388f7db2eba5c5c99 |
| SHA1 | d423db8f69a6922e99d8aeaf73728ad9019b7fc8 |
| SHA256 | 4f9a2deecf34ed245826abe2f2d4877085b87e739d27855d227ede2e8788ee1c |
| SHA512 | 9c9550e452692318525b142fa4a80f7d8d56b0306e6e7b4a2cf7a99fa35f7d89859d0418f26115902b1f87c4adddc44ead1da05ef65cb3b6146b6437722430ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a67769912ffcf13f_0
| MD5 | a670b63d243fafcd96bba618b2a5ae8e |
| SHA1 | 048826b8a2d0cf8a0bdf2f047506bf678ba15733 |
| SHA256 | 64c7dae4c7b3565728ed98c0b0c2e5748508c0371a3225217165305a783b6a41 |
| SHA512 | d2be73438ea824cb2bdea7d04d30f685ea2cd2d5d617a142b4cde3495f2f86df6fc39893e4d03ae37422f56b033c97503292b73a65f5774577707ac1d919ed1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af2cfcaf6d9b18bc_0
| MD5 | 2d45f7c768ba271dcad2962aa84c7093 |
| SHA1 | 39faf02089dde20ef3d21b157060d363cf355b13 |
| SHA256 | 08a4bc56556cf57f6a174c03cb9adf6aef9663948a1f3bd10a088c1146ec9459 |
| SHA512 | 567668f55c7b4cd21d49a732980af5951c51eea4be8f0f7381a5d2a140a4edeaea2376afac70a5f6af756c8a3a91787bfd31eb84faf1a97217d83df66b2fe72e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | 4a96dec68dc88fe351157600419fa8c2 |
| SHA1 | d34b9e3cd71e0c4facb48229d22c1261db20ab65 |
| SHA256 | 0803f32ab2af77a508412cfecaa9e0823cbe12488e9a0cacb17416e2e49fab2b |
| SHA512 | 5315e9fb9ddf5e1a4911cb0c844ac032aff44f1763cb47ecf48c4cba045662ddd6b64f007716eb1edfb46dac140cd86a4d6dd5c4b2c872a98fdb7806013e1108 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | 9e05b14172a11d9e9045e4e222f6898f |
| SHA1 | c04172fea422c3c018c36b7d8c436514abdbd2c9 |
| SHA256 | a867b6ccb5a69d155443c2544a8d2cd71a0a93158dd98dab88c46b26dadc57e4 |
| SHA512 | e844382e3eb0031d828d1c7aad9d6c90409e699e2bf7db9f87c6546b282bc3c4c905ecae4449816837f26de2a799f28e073a5d178d9843a1866fb57d978fbf9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2759e86450ec3682f945529c5b9e1499 |
| SHA1 | c78a6a91b6fddf805db24a7040fa6b7c4e991d78 |
| SHA256 | 7294df2f78885c834fd521939336267e8a4ace71a1e0c3a5016a2c82250697d8 |
| SHA512 | 011402a7232332f15b57ff2ed3f1192bcc1c2a28d6b0a6a2a0f954762cf4863a25d3de725a91e5f0944d7a69fd1368daa42944985949877fb200c112bacd1eb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a09ccda8-1e9d-42e3-b8a6-86f95602270f.tmp
| MD5 | 219de884e4a1acb381e34e1a3b2cb023 |
| SHA1 | 851acbcf1670942875d7bd1e38078f2f875dae99 |
| SHA256 | 1a2038a0a5c9485b4d2cfeb405f117ed09f421f8df88071dad8770bc1e943dfa |
| SHA512 | 6464ed6298f92464e5124cf0fd127d3170f75ea6af3ee170c402ebf56afe58db87a9d9ee29398ec29a01dac212b4ad3db053bad1432103416ea87777b28f6ffd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5697a63586c33ffa8e1eaa329b35a438 |
| SHA1 | eec26335d1c271a032cde9c92217a73636756e3b |
| SHA256 | 8b34d0768bb84be8be9a3d9ccc80409c7f08fa1d9d1bb64d7df9e65f8f247b49 |
| SHA512 | f415557b8ff58ded9ff9d7a26a87c869f16807f9ac5406f7750bbe6385f753c9efa9e89aaa9496b9b5a28c0459ae4fe4e3ddb772b0d471bf81e1c91f4dc29b80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | b2fe9ce346ad3cfb532f475018c3c2e7 |
| SHA1 | 3b41da394d17ed6238003be32d1861eb5f109348 |
| SHA256 | b357a92c831b8135a5b410604d34c9ac52a16be3ef03f62c698cd79243d1f4a4 |
| SHA512 | 66af750d843f6c8256679cac84742e19eb94b73d11b821e5a9a4540d280dbfa84166011a0a4fa47d0bbb7db9f7eff2b3156e5e57836104539c6427efc03b91f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cc2f0fedd3e9608a_0
| MD5 | 151eca4a1830bfcebad9b60dab04329c |
| SHA1 | d2c848900dc106aef07f7db6ee7ddea9c7a0e6f4 |
| SHA256 | 0d49d117bdd56825016b0a11d6a5ae4d1df69da8bddbd0d53276894995e501cc |
| SHA512 | a71923a563ea9b2b212fb4146912d8184b9e4515908f4550652c83a86b5fa2c75fdcbfdfaa4b65409a3e8cce76d0da74b8dc170e6df6133f1fdd516db214cb18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a93a5af80c0c9ac_0
| MD5 | 27ab7430125a6c16f62e398868d0ac70 |
| SHA1 | 59b971986b4f88d15d2603a9ad510e2a26b99027 |
| SHA256 | 94383c8240ede3cfc612b8506308267e53bdec7e6295bf1630dfd86f1e3142da |
| SHA512 | 947be9cb7d7ab5dbbaa9a89d0f68b787fdb51120975ef66f775be9fb8e11bc7995284a7a2bf9d6fd8c3f4afb0ed74e1d5d73c624f87aa22e3f089aeabc90d6e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8b65cb26998de8ee_0
| MD5 | 364fa6279d07aad81dddedfa7b23c8a4 |
| SHA1 | f133569bfc26017d0c7b8d8dcb56d2526dad4063 |
| SHA256 | c8c74ee8a9e96e480992fce7824d8c9efcb20c70e39f43b737d711556c49a4ff |
| SHA512 | 306657d8e6e0a9b5cf37b735b895079c696d1ebaa263a7b1831c6f984ac9a8dbb0fb6edf25de897205fb670a09b32ddd71858d7c337b618117df4a362b872199 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 21e725f766a90baaeac1677622df546a |
| SHA1 | 1571332db85c5fbc890580b124f694416baad67a |
| SHA256 | 7ae0a2acd3d8d478195b4d556f39181a36da647d7831616de0264a4bff1ae981 |
| SHA512 | bc643b8466306569ea1fe63df9b0cfe2238c16f743dd27c12b589a382ce9195f6614b8032845a470910e8bbcf6bde658e73f1aeb7e4267a0fd9f0bf65919030f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5bd52c6b7bc6a01671dbabc4e5a8f5bb |
| SHA1 | 635db5f722052c72f76cc7eec753f5be89836ad6 |
| SHA256 | 3c76784560863b8678e61a018881453b1ed8c19b62d631e28b7ebf5fde5e1272 |
| SHA512 | 21249c30e1b3b131a99b14158ccf45397478df8f6a1423efb4df622bd10d90fca6edba9a0dac344540c3a7cdf3621c565a1f1557da49dc12e9f4a13857f46fce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f4e6fae749864e56344d5d14a98344a5 |
| SHA1 | 33e0c4e4c4b8081139fc69979e4a1eaf124054d2 |
| SHA256 | 2b25420d968e69b0709d09cd68e4974e7fdfe6b044d8fb2a979e1396ad32d7f3 |
| SHA512 | 00c3c91e516f41c4a6c754fd15c241d85d1dc02270d17b7901f6e8160052f45c078dd4a8ee11e8e5e30636640556f5c3c2b50b8b43927c5e341bcad8d32cc183 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\34417356a713d1de_0
| MD5 | 886c24178ee5a6baf79f81d2c04587a2 |
| SHA1 | a9e12d0724fba14aee7e8cb1e54490e370e17a83 |
| SHA256 | e0dcf8327902fd6db5d6c16888770fc8476b83381aabefa1920673a3ad54efb3 |
| SHA512 | 69c9978f87b34fa811db36227ab9823fa2bdc847ab754263a431cf28fb9f730c34a9164d42232ec963a4591600956604e4eb9f9fabd9a6ed98b74b21c3380965 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f528c729230d4ba_0
| MD5 | 94c7c72901ac9035d1d75ab6c3699eba |
| SHA1 | 27f18bcbab0dc9e0f0b50d7c9bd1a0e4d2f23f27 |
| SHA256 | 400d4586aa998abf6a2ed3fabf1897d096f569f1c2ae78cdcc6f92274c54cbd8 |
| SHA512 | 34ad099933f194760b2fc8ab61954eaa9d4939ed94454e72251bdb48df1c2552529f1a1830ab24924b9e227f9ce34691b93a4ac3778986a6b22f9bfd51ba3a7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c142e2816e0a3f21f58e47fd627d32e9 |
| SHA1 | d1c1f60125d5dd07b390b86721a7419dbfdfbf1c |
| SHA256 | 8995caf65637fb328d4f90a4e6ca526bb5d4885427a979dd1a25fa6a68366344 |
| SHA512 | 95916d044adb7ee01ba808a1c319b0f747d76dd5f50b21cddf1e1b38aced6c4bf02e4c8f5a8dc7af12849443474684a69a62deb71c2c7aa3dd4d66b1775861c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | df20630e292d295525d540485389ebb8 |
| SHA1 | d03a68117267fb7c0423a9b897084b2ab7683bb9 |
| SHA256 | 9e750d738511b43b964836446eb067a69bf1684c9478ae4febb3f44b7b3bc793 |
| SHA512 | 8f4fc987672ea57d6f1aeb0d18373bd77175073d997939112011819b0e7623e8bd1ed009c41d9a8a7d675cfd15f81748b6ffb92897e8348d34331fd63ca7a1a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 10f1d3403c679f32c1a937bcab410045 |
| SHA1 | c8f9cab1c0686e8ca57f7bdf4a640df487e23530 |
| SHA256 | 0b5084d56a262d18281979af8c5d590166b248ee399a26ac06c77fbed5406d82 |
| SHA512 | 0564490f4c6f8c547c806575b13c5c34bdb8f995f9bc72f30c311a362ad49bb0dda0f142a7f3bd4462986e6227df0e4e1006e748d046b12753dca72063080906 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1661d0a6224ec4eb_0
| MD5 | 089ca67cf3d349a1e9f380487c9475f9 |
| SHA1 | 24faa1767ebaaaafbd8cc8ef43ed258f7b315706 |
| SHA256 | 511ef5b129db0f0858c0aa0e5bb469f5f1ff17c60aba070514fa6b77622a9354 |
| SHA512 | 5962fef901eb63a08756b0fb454e5f7c41317341ad63f6194135ea5559921e17498abe13fff23818cdfc7510387d458ea329b2b27cfd441b5f4e8414d3de18b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | edab606c64e0466797f0830e1437ca32 |
| SHA1 | a85180f1c2c6f3b5ae1cf2754ea6fcf300e7139b |
| SHA256 | d399506b2bd7817b021bce37d9bdf3d614185daee222cd04f3b40ff28c80b915 |
| SHA512 | 016c1c8b0176d0313982ac8be80674fd0820fa2661a3fe82ed5fe6f830a3f702f9bc982ad361acc4b11861cd153e14a41b3e00504d0300798c51ddc19289ee08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4a89b94cb10a3796c0e1901db525bab3 |
| SHA1 | 153b783901501286e3a2ea589e006373c5f46855 |
| SHA256 | 4261944488117afebbb394ceaa5ff294fdea93a1164017269a1d545bd205eb24 |
| SHA512 | 6ee5eb1de99422986e2a1054b64c101304c6b81d334a166911211fa14a174c0f20d4b1d400c28cae2067c3bc07e162846de42ef7f29eaff709105c58a829aa13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 62c3dd5e40751e156cba4a8e6dbc3a9d |
| SHA1 | bbceeed59dfdb2b0dc4a21af8395d0bf359700a3 |
| SHA256 | 12e1761ab676e9e3645ad30d68cc38c088aad810d4c06410d42d9a88aa786c42 |
| SHA512 | 8b8a0e868c0cef8b07127a0a92f63cf764966e53ec4e881b4cc19fbff38e8edf875df8b0db0699780c25e84d162d87c602040e75080643c334c46cac73577579 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | deb17f07b491832a739963b39242d12a |
| SHA1 | a6b9d710007c5f7c7a881f92b7a8e3db4e93c518 |
| SHA256 | 1ce2de0ac5cfbc4a13bc2cedfc8ee932f7283d7298a3bff3c0f06e606af141f6 |
| SHA512 | 5ff9e2540052937c05c9df29118cdb5a8d60035e0864b1dd08ce8996923027bda98c83a8a87d527c46199a74f3efa4b144a89692469950a0a386dac41448809b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0c5600b5247bd6a57c3a54cfd1ee37a9 |
| SHA1 | 9a859a635f5e0d728c19dd7f52cad240ac4a4f5b |
| SHA256 | 6470c93d400b002f4ffff76313eaae791d30140940a40bab049ad80ed3a17262 |
| SHA512 | 56060376e017e6433f2199563a8cb2f5caa57099864f6a4205806bc6e38103d994a6444ccbd4a141386e887e30b0d766dced3498844bb17d8cb4486a185eda74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 27e0a17d4cb2118cde5a054b5586d8ae |
| SHA1 | db8aa68d244fb74f69186ab053643d7c354e6e6d |
| SHA256 | f613a1ba7219638a89b8c166de12934ebd62208fc22819598389174646c6672f |
| SHA512 | afab03daa769bb567a7a3c1a1885b91eabaf8bf563a178cda0232a3bc5aa8cc43633af4b56db9cf026deaf150af2acefdfbfad625445eb0d88b5eb14cbd182b0 |