Analysis Overview
SHA256
98643a385d75ce12a920210469fe34554d0069b599a5221c5541005c642839af
Threat Level: Likely malicious
The file BODY_PARAGRAPHS.pptx was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Possible privilege escalation attempt
UPX packed file
Modifies file permissions
Executes dropped EXE
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Views/modifies file attributes
Modifies data under HKEY_USERS
Suspicious behavior: AddClipboardFormatListener
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Kills process with taskkill
Checks SCSI registry key(s)
Suspicious use of FindShellTrayWindow
Suspicious behavior: MapViewOfSection
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-12 01:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-12 01:38
Reported
2024-08-12 01:49
Platform
win10-20240404-en
Max time kernel
606s
Max time network
569s
Command Line
Signatures
Downloads MZ/PE file
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\PCToaster.exe | N/A |
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\takeown.exe | N/A |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\A: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\SYSTEM32\takeown.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\SYSTEM32\takeown.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\SYSTEM32\mountvol.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\PCToaster.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_QEMU&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_QEMU&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\System32\vds.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\System32\vds.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133679007396279516" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingDelete | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Extensible Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 5cd88e4059ecda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "19993" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1ab5494059ecda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\SharedCookie_MRACMigrationDone = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "23" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "101" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = fcca5c3a59ecda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 0000000000000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{42BEFBCA-32DE-484A-A6AD-F9E887384994} = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 91758f3c59ecda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\msn.com\Total = "101" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 29b1a64059ecda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\ServiceTabLoadAttempts = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "19993" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\msn.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE | N/A |
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\attrib.exe | N/A |
Processes
C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE" "C:\Users\Admin\AppData\Local\Temp\BODY_PARAGRAPHS.pptx" /ou ""
C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\UnregisterRegister.vbe"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\SetUpdate.vbs"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe76689758,0x7ffe76689768,0x7ffe76689778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1524 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1808 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2852 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2860 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4400 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4600 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3008 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2932 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1632 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3108 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=900 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2848 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5072 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4952 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:2
C:\Users\Admin\Downloads\PCToaster.exe
"C:\Users\Admin\Downloads\PCToaster.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\PCToaster.exe"
C:\Windows\system32\icacls.exe
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
C:\Windows\SYSTEM32\attrib.exe
attrib +h C:\Users\Admin\Downloads\scr.txt
C:\Windows\SYSTEM32\diskpart.exe
diskpart /s C:\Users\Admin\Downloads\scr.txt
C:\Windows\System32\vdsldr.exe
C:\Windows\System32\vdsldr.exe -Embedding
C:\Windows\System32\vds.exe
C:\Windows\System32\vds.exe
C:\Windows\SYSTEM32\takeown.exe
takeown /f V:\Boot /r
C:\Windows\SYSTEM32\takeown.exe
takeown /f V:\Recovery /r
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5220 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3232 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2360 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5592 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5292 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4952 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5484 --field-trial-handle=1820,i,13031461668763812797,18068046346373393419,131072 /prefetch:8
C:\Windows\SYSTEM32\taskkill.exe
taskkill /im lsass.exe /f
C:\Windows\SYSTEM32\mountvol.exe
mountvol A: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol B: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol D: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol E: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol F: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol G: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol H: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol I: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol J: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol K: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol L: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol M: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol N: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol O: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol P: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol Q: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol R: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol S: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol T: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol U: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol V: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol W: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol X: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol Y: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol Z: /d
C:\Windows\SYSTEM32\mountvol.exe
mountvol C: /d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | roaming.officeapps.live.com | udp |
| FR | 52.109.68.129:443 | roaming.officeapps.live.com | tcp |
| US | 8.8.8.8:53 | 46.28.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.68.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metadata.templates.cdn.office.net | udp |
| GB | 2.17.209.140:443 | metadata.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | binaries.templates.cdn.office.net | udp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| GB | 173.222.211.24:443 | binaries.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | 140.209.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.143.123.92.in-addr.arpa | udp |
| US | 52.111.227.14:443 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 92.123.142.106:443 | assets.msn.com | tcp |
| GB | 92.123.142.106:443 | assets.msn.com | tcp |
| GB | 92.123.142.106:443 | assets.msn.com | tcp |
| GB | 92.123.142.106:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 106.142.123.92.in-addr.arpa | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| DE | 51.116.246.106:443 | browser.events.data.msn.com | tcp |
| DE | 51.116.246.106:443 | browser.events.data.msn.com | tcp |
| DE | 51.116.246.106:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 106.246.116.51.in-addr.arpa | udp |
| GB | 92.123.142.168:443 | www.bing.com | tcp |
| GB | 92.123.142.168:443 | www.bing.com | tcp |
| GB | 92.123.142.168:443 | www.bing.com | tcp |
| GB | 92.123.142.168:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 168.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.74:443 | r.bing.com | tcp |
| GB | 92.123.142.168:443 | r.bing.com | tcp |
| GB | 92.123.142.168:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 74.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| GB | 92.123.142.104:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 20.190.160.20:443 | login.microsoftonline.com | tcp |
| NL | 20.190.160.20:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 104.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| GB | 92.123.142.168:443 | r.bing.com | tcp |
| GB | 92.123.142.168:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.189.173.22:443 | watson.telemetry.microsoft.com | tcp |
| US | 20.189.173.22:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 11.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.173.189.20.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 52.182.143.212:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 212.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| GB | 92.123.142.179:443 | www.bing.com | tcp |
| GB | 92.123.142.179:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 179.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.69.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
Files
memory/5044-0-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-3-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-2-0x00007FFE94495000-0x00007FFE94496000-memory.dmp
memory/5044-1-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-4-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-5-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-8-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-16-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-15-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-18-0x00007FFE509C0000-0x00007FFE509D0000-memory.dmp
memory/5044-17-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-19-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-20-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-22-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-21-0x00007FFE509C0000-0x00007FFE509D0000-memory.dmp
memory/5044-23-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-24-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-25-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-27-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-28-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-29-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-26-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-31-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-30-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-32-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-33-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-35-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-36-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-38-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-37-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-39-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-277-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-278-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-280-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-279-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/5044-282-0x00007FFE943F0000-0x00007FFE945CB000-memory.dmp
memory/5044-281-0x0000020238EE0000-0x0000020238F01000-memory.dmp
memory/1888-283-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-284-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-285-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-286-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-289-0x00007FFE509C0000-0x00007FFE509D0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\5641DAA8-BF6E-47CB-8E98-5EA3CABEE1BD
| MD5 | b693de80791b092eecdd18f754538c42 |
| SHA1 | 611cd4a71fd7e2891c13e2150a8cabefec5bc86c |
| SHA256 | be5ffe816f87487950528e538a35279f8274b04d7bf50f1dc5dae566d413b2a7 |
| SHA512 | 213280504f68c7a8394f601e2f44212a298b4b2654eea6ae00059b2c9d3c6dd85253208b33a1a80ba39de68deed2d460d89cb6917048721f3e92f71d7fe9981f |
C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\powerpnt.exe_Rules.xml
| MD5 | d432601d3794b7fe509bd48cacae3b48 |
| SHA1 | c489c134c7fda0a71d6d108734870da2b2154c50 |
| SHA256 | 9a5ee0aa1b4b1142aa4c0f5f7bbba5dd8caca810423484ea7b3bff1a1ed32a5d |
| SHA512 | 6565b8eaa2d297df190a7001b2974dcce95691b671e5a649e29f63290c2037edc5c178704947314d41e0e3e61c4a687b660e5311f98eb5a23fbb2fe9ea559766 |
memory/1888-291-0x00007FFE509C0000-0x00007FFE509D0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Office\OTele\powerpnt.exe.db
| MD5 | a6064fc9ce640751e063d9af443990da |
| SHA1 | 367a3a7d57bfb3e9a6ec356dfc411a5f14dfde2a |
| SHA256 | 5f72c11fd2fa88d8b8bfae1214551f8d5ee07b8895df824fa717ebbcec118a6c |
| SHA512 | 0e42dd8e341e2334eda1e19e1a344475ed3a0539a21c70ba2247f480c706ab8e2ff6dbeb790614cbde9fb547699b24e69c85c54e99ed77a08fe7e1d1b4b488d0 |
C:\Users\Admin\AppData\Local\Microsoft\Office\DLP\mip\logs\mip_sdk.miplog
| MD5 | 2f4045d87c7602fcdad35fce33155acf |
| SHA1 | 61d1f1fc068eb302b8789d5f2e2c192f71290751 |
| SHA256 | d04980cbd4f5ddaceade722c4fca21d59d851fb0944b53178b46317cfd138cc7 |
| SHA512 | 65a59542a289fd406e911a7207182a6f3e6674a48547e5a43959d2a308bc6b7b17ec1cd70dc8217f5c0d0e2599f7c75f27c8cf71e66e959b13a6ca15f6b843dd |
C:\Users\Admin\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
memory/1888-984-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-985-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-983-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/1888-982-0x00007FFE54480000-0x00007FFE54490000-memory.dmp
memory/4572-1002-0x0000027A75620000-0x0000027A75630000-memory.dmp
memory/4572-986-0x0000027A75520000-0x0000027A75530000-memory.dmp
memory/4572-1021-0x0000027A72A40000-0x0000027A72A42000-memory.dmp
memory/64-1043-0x000002B220B00000-0x000002B220C00000-memory.dmp
memory/64-1062-0x000002B2315C0000-0x000002B2315E0000-memory.dmp
memory/64-1063-0x000002B231C40000-0x000002B231D40000-memory.dmp
memory/64-1069-0x000002B232620000-0x000002B232640000-memory.dmp
memory/64-1091-0x000002B2320A0000-0x000002B2320C0000-memory.dmp
memory/64-1100-0x000002B243A20000-0x000002B243B20000-memory.dmp
memory/4572-1110-0x0000027A7D8E0000-0x0000027A7D8E1000-memory.dmp
memory/4572-1109-0x0000027A7D8D0000-0x0000027A7D8D1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\VR9TF073\favicon[1].ico
| MD5 | 84cc977d0eb148166481b01d8418e375 |
| SHA1 | 00e2461bcd67d7ba511db230415000aefbd30d2d |
| SHA256 | bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c |
| SHA512 | f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\SZ4L2Z63\www.bing[1].xml
| MD5 | 8128a6fdfb67d905dc501d61b430a958 |
| SHA1 | fca1738de08138398aca7ca312c8459a1852c115 |
| SHA256 | 343323e2fcaafecfa3dc4a79766ef8cc029b98e72b3d873bcb05636932f789c3 |
| SHA512 | c7ffcf2edd5f5d210b3d08c1c4f1d022d78f89ad8eaca230f70299adce13908f5de8aec82c12582bff59bd49ef31cbab07d5f40d55d9a8173c834f755332cb82 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF4A3D99A981F598D3.TMP
| MD5 | 034ccbddb996051e88ebe77652092eaa |
| SHA1 | d35f3dddf09e8af0da11b044566d0a69cf72a10d |
| SHA256 | ff2b6a28e424ff83320d116ab8195cd26dc7dd792198d4d0848d18d7032e8607 |
| SHA512 | b1173f727cd72eeb07b3f4e64c164895e959894996b6a995965339e73b176ab55055fe95cc85c3f43135fbb25b720789500d6ce530d54a03d81d55ae8f8d2442 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\o7B3FK6ymEOn7sBfZSmifVTwxPk[1].css
| MD5 | 77373397a17bd1987dfca2e68d022ecf |
| SHA1 | 1294758879506eff3a54aac8d2b59df17b831978 |
| SHA256 | a319af2e953e7afda681b85a62f629a5c37344af47d2fcd23ab45e1d99497f13 |
| SHA512 | a177f5c25182c62211891786a8f78b2a1caec078c512fc39600809c22b41477c1e8b7a3cf90c88bbbe6869ea5411dd1343cad9a23c6ce1502c439a6d1779ea1b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\VE4Q3JXI\favicon-trans-bg-blue-mg[1].ico
| MD5 | 30967b1b52cb6df18a8af8fcc04f83c9 |
| SHA1 | aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588 |
| SHA256 | 439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e |
| SHA512 | 7cb3c09a81fbd301741e7cf5296c406baf1c76685d354c54457c87f6471867390a1aeed9f95701eb9361d7dfacce31afd1d240841037fc1de4a120c66c1b088c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\xvEz2IbMlyghPZ3oNAHr9N-xMOA.br[1].js
| MD5 | dc221228e109f89b8b10c48f2678fb46 |
| SHA1 | 1bfc85cba5c424136941ac1dfd779a563b5beed4 |
| SHA256 | f4fb7234959f48c2b2ca73fd6c35d36eaf65d8c431d982a1ba208f5cdc766419 |
| SHA512 | 46f49e5ac18436251778d1f50c027729a2442ed6541c3162d878720703e37797b6028d96eb1568c23ec5006fb022c8e05855e250d6a1a590f41e890866529cd2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\fRSNKQanUHk53F1a1Bi8UA71Qt4.br[1].js
| MD5 | 9085e17b6172d9fc7b7373762c3d6e74 |
| SHA1 | dab3ca26ec7a8426f034113afa2123edfaa32a76 |
| SHA256 | 586d8f94486a8116af00c80a255cba96c5d994c5864e47deac5a7f1ae1e24b0d |
| SHA512 | b27b776cb4947eef6d9e2a33b46e87796a6d4c427f4759c08cf5aa0ee410a5f12e89ca6ab9cddd86c8471037e3c505f43c8b7fc6d8417f97f9fe3c5c47216bc4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\tlifxqsNyCzxIJnRwtQKuZToQQw[1].js
| MD5 | cfcd208495d565ef66e7dff9f98764da |
| SHA1 | b6589fc6ab0dc82cf12099d1c2d40ab994e8410c |
| SHA256 | 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 |
| SHA512 | 31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\9MqrCXB0EVjVIRzDOArDGhu3yeM.br[1].js
| MD5 | 56afa9b2c4ead188d1dd95650816419b |
| SHA1 | c1e4d984c4f85b9c7fb60b66b039c541bf3d94f6 |
| SHA256 | e830aeb6bc4602a3d61e678b1c22a8c5e01b9fb9a66406051d56493cc3087b4b |
| SHA512 | d97432e68afdaa2cfaeff497c2ff70208bd328713f169380d5afb5d5eecd29e183a79bec99664dbee13fd19fe21ebae7396315ac77a196bfb0ab855507f3dacf |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\th[3].png
| MD5 | 63343141c64682bd3e0f711730475354 |
| SHA1 | a2a7298e8f58a74292885bae9a3f44c76c7aa945 |
| SHA256 | f90e661a7731c97e3478027d07afd8c86e461c5f379932e15efad17d0e96d402 |
| SHA512 | 17f7f14b0c929164283d5fd7bc829d907b923bb12a7b9d6124a6aac64eb79aaa47163583acca91fc71047bb7bb707d649407801c8762d8942a44531da9559edf |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\lVV08F1da0WpM29E8OkhXe0yr9o.br[1].js
| MD5 | 02f23d233e9c3ff79a227592a1ef39ed |
| SHA1 | f4160ad9edeea3009d57373a83b6395409c67844 |
| SHA256 | 10d583a958ddf9850d7a9d2d85fa2da4cf468e3d5b5f8ab82e3e47ee03366048 |
| SHA512 | 64ec3227bedb820ae760226bc2b24325dc3eedafcdded9a813bfd2137b22337870164bd1fe6ba415f8c64d64fb14e651b027daa0fdc23ab514e549f222ef22bd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\_2I169N92jVtSc_VEsV0nma5sRY.br[1].js
| MD5 | 3104955279e1bbbdb4ae5a0e077c5a74 |
| SHA1 | ba10a722fff1877c3379dee7b5f028d467ffd6cf |
| SHA256 | a0a1cee602080757fbadb2d23ead2bbb8b0726b82fdb2ed654da4403f1e78ef1 |
| SHA512 | 6937ed6194e4842ff5b4878b0d680e02caf3185baf65edc131260b56a87968b5d6c80f236c1de1a059d8158bc93b80b831fe679f38fc06dfb7c3413d1d5355aa |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\9xGNA8UskvA9WHF58zbLOHZ5HvI.br[1].js
| MD5 | d6741608ba48e400a406aca7f3464765 |
| SHA1 | 8961ca85ad82bb701436ffc64642833cfbaff303 |
| SHA256 | b1db1d8c0e5316d2c8a14e778b7220ac75adae5333a6d58ba7fd07f4e6eaa83c |
| SHA512 | e85360dbbb0881792b86dcaf56789434152ed69e00a99202b880f19d551b8c78eeff38a5836024f5d61dbc36818a39a921957f13fbf592baafd06acb1aed244b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\V_fBQ_iVmAgE_Ta_T-6BNXc0ZY4.br[1].js
| MD5 | f5712e664873fde8ee9044f693cd2db7 |
| SHA1 | 2a30817f3b99e3be735f4f85bb66dd5edf6a89f4 |
| SHA256 | 1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2 |
| SHA512 | ca0eb961e52d37caa75f0f22012c045876a8b1a69db583fe3232ea6a7787a85beabc282f104c9fd236da9a500ba15fdf7bd83c1639bfd73ef8eb6a910b75290d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\8CgcSSLayxEVUBf0swP_bQGMId8.br[1].js
| MD5 | a5363c37b617d36dfd6d25bfb89ca56b |
| SHA1 | 31682afce628850b8cb31faa8e9c4c5ec9ebb957 |
| SHA256 | 8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f |
| SHA512 | e70f996b09e9fa94ba32f83b7aa348dc3a912146f21f9f7a7b5deea0f68cf81723ab4fedf1ba12b46aa4591758339f752a4eba11539beb16e0e34ad7ec946763 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\n21aGRCN5EKHB3qObygw029dyNU.br[1].js
| MD5 | cb027ba6eb6dd3f033c02183b9423995 |
| SHA1 | 368e7121931587d29d988e1b8cb0fda785e5d18b |
| SHA256 | 04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f |
| SHA512 | 6a575205c83b1fc3bfac164828fbdb3a25ead355a6071b7d443c0f8ab5796fe2601c48946c2e4c9915e08ad14106b4a01d2fcd534d50ea51c4bc88879d8bec8d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\Gyuq2bqitqDJM0BeAkbKXGlQXNw.br[1].js
| MD5 | a969230a51dba5ab5adf5877bcc28cfa |
| SHA1 | 7c4cdc6b86ca3b8a51ba585594ea1ab7b78b8265 |
| SHA256 | 8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f |
| SHA512 | f45b08818a54c5fd54712c28eb2ac3417eea971c653049108e8809d078f6dd0560c873ceb09c8816ecd08112a007c13d850e2791f62c01d68518b3c3d0accceb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\lLk8XmbdNzzlnPRzVzDhaF9yjqw.br[1].js
| MD5 | 3ff8eecb7a6996c1056bbe9d4dde50b4 |
| SHA1 | fdc4d52301d187042d0a2f136ceef2c005dcbb8b |
| SHA256 | 01b479f35b53d8078baca650bdd8b926638d8daaa6eb4a9059e232dbd984f163 |
| SHA512 | 49e68aa570729cc96ed0fd2f5f406d84869772df67958272625cba9d521ca508955567e12573d7c73d7e7727260d746b535c2ce6a3ace4952edf8fd85f3db0dd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\K3hC1_cQXGFr6cxRJVWYpzZJaAM.br[1].js
| MD5 | 02b0b245d09dc56bbe4f1a9f1425ac35 |
| SHA1 | 868259c7dc5175a9cc1e2ec835f3d9b4bd3f5673 |
| SHA256 | 62991181637343332d7b105a605ab69d70d1256092355cfc4359bee7bdbfb9c6 |
| SHA512 | cbb43000a142807ff1bb3bfac715cef1240233117c728f357c824ce65b06be493df2306c7b03598817f09b02e9e36ec52314f88467679c5bef3ee1504a10c7e6 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\gKwIRAF4fg7noG1zyeUz8x3Jdhc.br[1].js
| MD5 | 47442e8d5838baaa640a856f98e40dc6 |
| SHA1 | 54c60cad77926723975b92d09fe79d7beff58d99 |
| SHA256 | 15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e |
| SHA512 | 87c849283248baf779faab7bde1077a39274da88bea3a6f8e1513cb8dcd24a8c465bf431aee9d655b4e4802e62564d020f0bb1271fb331074d2ec62fc8d08f63 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\9cuwOQ_qE7qTGKohzrf_gIjTlPI.br[1].js
| MD5 | fabb77c7ae3fd2271f5909155fb490e5 |
| SHA1 | cde0b1304b558b6de7503d559c92014644736f88 |
| SHA256 | e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c |
| SHA512 | cabb38f7961ab11449a6e895657d39c947d422f0b3e1da976494c53203e0e91adfc514b6100e632939c4335c119165d2330512caa7d836a6c863087775edaa9f |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\nt6a1ZR520utsLoZmSYgwxdOPgI[1].js
| MD5 | 0c2672dc05a52fbfb8e3bc70271619c2 |
| SHA1 | 9ede9ad59479db4badb0ba19992620c3174e3e02 |
| SHA256 | 54722cf65ab74a85441a039480691610df079e6dd3316c452667efe4a94ffd39 |
| SHA512 | dd2b3e4438a9deaa6b306cbc0a50a035d9fe19c6180bc49d2a9d8cdbb2e25d9c6c8c5265c640ac362dc353169727f8c26503e11a8a061a2517a303f61d0ccd3c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\psgXZvzYJMEW2ydikIk493Va1d4.br[1].js
| MD5 | f4da106e481b3e221792289864c2d02a |
| SHA1 | d8ba5c1615a4a8ed8ee93c5c8e2ea0fb490a0994 |
| SHA256 | 47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9 |
| SHA512 | 66518ee1b6c0df613074e500a393e973844529ca81437c4bafe6bf111cba4d697af4fe36b8d1b2aa9b25f3eb93cd76df63abfc3269ac7e9f87c5f28a3764008e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\Gw7eETSwe7GHmKwW1lRqGPQJXRo.br[1].js
| MD5 | 17cdab99027114dbcbd9d573c5b7a8a9 |
| SHA1 | 42d65caae34eba7a051342b24972665e61fa6ae2 |
| SHA256 | 5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de |
| SHA512 | 1fe83b7ec455840a8ddb4eedbbcd017f4b6183772a9643d40117a96d5fff70e8083e424d64deba209e0ef2e54368acd58e16e47a6810d6595e1d89d90bca149a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\5L3iD467J3iJWEPwIjxlK0MMDpY.br[1].js
| MD5 | 2ef3074238b080b648e9a10429d67405 |
| SHA1 | 15d57873ff98195c57e34fc778accc41c21172e7 |
| SHA256 | e90558eb19208ad73f0de1cd9839d0317594bf23da0514f51272bf27183f01da |
| SHA512 | c1d7074a0ebf5968b468f98fc4c0c7829999e402dd91c617e679eeb46c873dc04096cbf9277e115fc42c97516a6c11a9f16afa571e00f0d826beb463e2d1f7b0 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\Cg0Fx_6iq4GfMQyER4CqKFOWfG4.br[1].js
| MD5 | d1a3f36278cef68c424ba8f333dfacee |
| SHA1 | e7ffb9fb0cbcfbcbe8c360275837ed33613d3131 |
| SHA256 | 8cce330e73bf63f6eb5759619ef04540b0e2f2cb82960da66890bfab9989fa17 |
| SHA512 | 6bba736db191c4a9be8b3a2672730f6db6aa180bcde05263d0656aef799518609d977ae416e26608ae486b492a1c401aed223a1422209ae8a702f90af7e48e72 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\K_V1CARn2Q2lTs5njJKUvUkHyi4.br[1].js
| MD5 | 6c2c6db3832d53062d303cdff5e2bd30 |
| SHA1 | b7a064a64ceae5c9009ef7d6d8f63b90d3933c9d |
| SHA256 | 06b77ee16a2cd34acd210b4f2b6e423762ea8874bb26ae5a37db9dd01a00ff70 |
| SHA512 | bc2d115b53035b700d727af9d7efaf32dd2a39a2344f3f5fa1a82586be849ec7803e8320661e66ab7dd2a17e64b7897e95bbd84502b91997fa46eba4e67e8c7d |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\IPjqENt_x1c56fZCsFxov2V2J84.br[1].js
| MD5 | 9a4dafa34f902b78a300ccc2ab2aebf2 |
| SHA1 | 5ed0d7565b595330bae9463ab5b9e2cdbfdb03c4 |
| SHA256 | ba98a6ebc3a03098ca54973213e26f0bf9d1e7e335cdfc262346fb491c3cad69 |
| SHA512 | 1a8b4fce1c0e585bfcf8f11e0192fb04a80dbde7035a9c8fc426cd6383d6902bd77222331372ea33aa50d92b7cc7965656b11f480085af70267b3fd8355ebfd4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\3US3nNU_RgsSNFm9Bzw6xgeuOHk.br[1].js
| MD5 | d42baf2a964c88aaa1bb892e1b26d09c |
| SHA1 | 8ac849ca0c84500a824fcfd688b6f965b8accc4c |
| SHA256 | e3a15dab8cc5adbd2cfa1a162bf06583da6fb7be3831323d819cd881bfb0672c |
| SHA512 | 634bb1c984c9d74876051937240295a5ed5dc6404379decafbc4df074aefda5246ec33be84d2b21e0099c7bdd406e9cae6ebdf0ff01ddec3806b89dc50810c12 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\Fg2XDmqCcbCQfFAmgUaii1kYwF4.br[1].js
| MD5 | b0d02d6cc3e1f4747becc08d1f9fee57 |
| SHA1 | bddfb34b88dda0efa406f656c24f3fd15668af61 |
| SHA256 | 90062e0a018849fd093e5ef5f814f993c46919d8ebc5b20b51c069f434805e21 |
| SHA512 | 9fd106ff0a784c91a5aac8e08c38c75aeb0e8b64bf833e9fae47abe9295ba1522caefc21a9cc3859a56e5b67b35086fa6b00ef87c604dcec6e3a2d97b05f268c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\zlfm-hC70pZAs62UVTTl3KShKOE.br[1].js
| MD5 | 8c8b189422c448709ea6bd43ee898afb |
| SHA1 | a4d6a99231d951f37d951bd8356d9d17664bf447 |
| SHA256 | 567506d6f20f55859e137fcbd98f9e1a678c0d51192ff186e16fd99d6d301cff |
| SHA512 | 6faa73d59082065426769a27081cbedcd22146ef948afdd9a86801f205b2dddc63e03ac5d555ef0af23ef05901ebffe7e8aadd82260ef505cb89d99e572fdf4a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\yZjAz6-B4hIBhJ6D3nAyY_Ebn44.br[1].js
| MD5 | 2df9793cf020a37c88178be84311427a |
| SHA1 | 29cfe86239722d4f4af07c494d676092896a8600 |
| SHA256 | a69d257eee41e843881d548d2e4ee5a0727b889ab22bffdaa8ed1074e802bcc6 |
| SHA512 | e9a35ec1e466feb3e273fb991a3282ba1c45fd0eacea956e9821914cc4261377684b062bde888ebf5767bbc055db191dc14e00af8037b5607449c06e5d2dd082 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\UftfQbYuKvGGEUHPU3QGHYd90Z8.br[1].js
| MD5 | 8d078e26c28e9c85885f8a362cb80db9 |
| SHA1 | f486b2745e4637d881422d38c7780c041618168a |
| SHA256 | 0bf9f3ad9cdbbc4d37c8b9e22dd06cc26eea12a27ef6c0f95db6cbe930177461 |
| SHA512 | b808a972cd44e6bda01ac1f8d904d5a281f33b9238b8caab03decb6adb6b494b19dd9bb35e3d1ea3ca914ff4957155f6d2cb5a9b3a00c2195f80f52804ffb244 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\JigriHckblqcu1XwKpT4wumVS2k.br[1].js
| MD5 | 602cb27ca7ee88bd54c98b10e44cd175 |
| SHA1 | 485e4620f433c02678be98df706b9880dd26ab74 |
| SHA256 | f1c39ee3528b8f6bb887150c10152cd3bbf849c4b305da9be3d4a92614e2f3f8 |
| SHA512 | b27a3b7737ce984e6ad448f68b31074f8a98c6ca5d66f3165d1dec650097077da9c80ef3045758c591a1cf0dda74fa4ba8039426d312f50f082d2a0f8e7de21a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\6mZmj1db42G_jniFgdT7MCvBgyA.br[1].js
| MD5 | 2ab12bf4a9e00a1f96849ebb31e03d48 |
| SHA1 | 7214619173c4ec069be1ff00dd61092fd2981af0 |
| SHA256 | f8b5acf4da28e0617f1c81093192d044bd5a6cc2a2e0c77677f859adcf3430ac |
| SHA512 | 7d5aae775be1e482eada1f453bea2c52a62c552fa94949e6a6081f322e679e916b1276bb59ff28cf7c86d21727bcc329ecb03e5d77ca93204e0cd2694faa72bd |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\mOy7YpeLJ3c40BBAFNUI6SmOUTY.br[1].js
| MD5 | 16050baaf39976a33ac9f854d5efdb32 |
| SHA1 | 94725020efa7d3ee8faed2b7dffc5a4106363b5e |
| SHA256 | 039e6b3df1d67341fb8e4a3815f0d1bb3292a2040334ceb9cfc4a8d6abf2fb55 |
| SHA512 | cf0d54f0368ffbc6908216fd2573df8f5fe4c34ac08e17301b8734b3fabc674672a7f456707f632f82f44b36812dad8a0cf81a51d5cea21ea7f0e18500298375 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\NfTD8Ovh04Y_Ni14YxqYB8R_2_Q.br[1].js
| MD5 | f1cf1909716ce3da53172898bb780024 |
| SHA1 | d8d34904e511b1c9aae1565ba10ccd045c940333 |
| SHA256 | 9abac0cbfa6f89106b66cd4f698ead5ccbf615ecf8cd7e9e88567a7c33cfec01 |
| SHA512 | 8b641e93405565b4a57c051edefc8e02d6c929ddd4c52f9bfbd19c57896aa40426bf5ed6760dbd479719561c4f0a25bfc4102f0f49d3d308035c9ca90b1d0fce |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\910ptS3pcIDQ7a5acMaHuQliuN0.br[1].js
| MD5 | 8898a2f705976d9be01f35a493f9a98f |
| SHA1 | bc69bec33a98575d55fefae8883c8bb636061007 |
| SHA256 | 5f30270aa2dc8a094d790e1e4a62b17c7d76a20b449d9b69af797a55fada9108 |
| SHA512 | c8575df93fbd1f65a285d484257adfe12733e47a6524a18d5910d33562eefd1d9da7197d16c7a3cad3bc5ad89546ff0fefe90e5c96e7850ecec9708c90334349 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\1rUTIFRcUHTZUBaDs_0q8KvUlR0.br[1].js
| MD5 | c63e610f6bfb2687ee044cee7d3e16c7 |
| SHA1 | b78022432ac754cc41335341a8e07f2676bad789 |
| SHA256 | c150d5e192ece8d69ba8029d87ecbc66674013b8418264cc86f0abcb0da0a38b |
| SHA512 | 11029009d8d0885d16a4b546816cc0f22f51ffd035fdd87d58eaf432017947460a1a78a543c0eb3875af49342a240ea606aced23654bc190ba6a4b7101e13a3a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\CcMXS8Oo0OUnUE0LzYK9AFJ6la8.br[1].js
| MD5 | 0c0ad3fd8c0f48386b239455d60f772e |
| SHA1 | f76ec2cf6388dd2f61adb5dab8301f20451846fa |
| SHA256 | db6dde4aef63304df67b89f427019d29632345d8b3b5fe1b55980f5d78d6e1e7 |
| SHA512 | e45a51ef2f0021f168a70ac49bdcc7f4fb7b91ff0ddd931f8ecbd70f6494c56285b2d9bc1170804801ce178244ccf361745b677b04c388b608d1471e0695ebeb |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\Q1Z1cF6gZCkTBd0Gx8Q7LjbPAlQ.br[1].js
| MD5 | 7a0dd3b8ac06a6b4a01953955606ed27 |
| SHA1 | af6453882542d8bd119a768c025af1c94bf7b3ca |
| SHA256 | f1b3acd8757d2c9db87cb851eebf25909c0355483520475c2ed1f29bb36e062a |
| SHA512 | e5cc3aa206c4a62e746ea9743ae92fd5efb4d46f12c9f51ba04eefffc58e04fc8b085eb0fbeca42290a8ecd3d8c07b40ad80f80db3cf3309d098022f948865c2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\jZFLtxR0-7YK00dCRetnnI_RbSQ.br[1].js
| MD5 | c2d40cea8de8565795daa1073ac63dca |
| SHA1 | 529fadf05e5216d446a70d7fa6dc02218c2b16bd |
| SHA256 | d98f9657f020dfc33a9f31612ba5777aab2511431e896232cbdbe1b31cd5e2f5 |
| SHA512 | 9082a00a146c6372e119c66ae14c72e4117876dd5de922f81874b1bac687663177cdbc524847b37ae361d3de69201a36d3876eaa9473c82a053fa83b959981ec |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\qx1mDV_aT1GTJKYWQ_V5_Jkndf4.br[1].js
| MD5 | 747974cb4dbdae8a8f4d0de4e15cf042 |
| SHA1 | 7d58ab812b24388a2b6a2855fa671ea6c5737893 |
| SHA256 | d2f21722f19da161686b0be14f5bb21de0c06393120e584813f47eb0d9cac211 |
| SHA512 | 5583b6d70bb8a861feb433d225c92855e45e0b4cd71b8f5132df2771af666c167b259822452d62d36d30e99dfaea7160bc87f92089a95da4f81be91e686ec127 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\ydDuUFvQrnTEDpvE14Ya7abrPGk.br[1].js
| MD5 | d807dbbb6ee3a78027dc7075e0b593ff |
| SHA1 | 27109cd41f6b1f2084c81b5d375ea811e51ac567 |
| SHA256 | 0acdce370092c141b0c6617ed6e2163f04bb9b93d3213b62c2bc7a46fe0243c7 |
| SHA512 | e037dfc31d595b459660fe7d938eedb4f43d208d247174ee8d6fd0d125f211142cd73497e4601893cecb6f565b7e2e7815ce416d72bb95504d3f277e4e806d11 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\ID-70CBAEOXh6Nwxga-CxgpUq4k.br[1].js
| MD5 | fd88c51edb7fcfe4f8d0aa2763cebe4a |
| SHA1 | 18891af14c4c483baa6cb35c985c6debab2d9c8a |
| SHA256 | 51f58a23f7723b6cbd51b994cb784fbc2a4ab58442adaeda6c778f648073b699 |
| SHA512 | ffe417fa00113273fe7ac1b1bd83c98a3a9dc12d41c77b60c52cc5ffd461d9ca2020c2444ac43771d737c70c58eca40786a5c5762b60f30da523f709684510df |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\2IeqNnpxuobNf8w1fP2Oy2HEFfk.gz[1].js
| MD5 | 22bbef96386de58676450eea893229ba |
| SHA1 | dd79dcd726dc1f674bfdd6cca1774b41894ee834 |
| SHA256 | a27ce87030a23782d13d27cb296137bb2c79cdfee2fd225778da7362865eb214 |
| SHA512 | 587d5b5e46b235cdcdf41e1f9258c1733baee40b8a22a18602a5c88cba1a14edf1f6596c0ab3c09f09b58f40709ac8cf7e1bb33b57293aa88eaf62d0ab13fbf4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\43BJuM7qM_8Wd1WfIZM2_oK9zrw.gz[1].js
| MD5 | b743465bb18a1be636f4cbbbbd2c8080 |
| SHA1 | 7327bb36105925bd51b62f0297afd0f579a0203d |
| SHA256 | fee47f1645bc40fbc0f98e05e8a53c4211f8081629ffda2f785107c1f3f05235 |
| SHA512 | 5592def225e34995f2f4e781f02cc2b489c66a7698d2feff9ac9a71f09e5284b6bbdb065e1df9c06adfb1f467d5627fbd06e647abf4e6ab70cf34501232126ad |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\6yHkeoctgwgMGxeIhCJOH603zvY.br[1].css
| MD5 | 3116a5ec82518e57f535b4a6555a17c0 |
| SHA1 | b1541be3ae51d4769e1b7eaea413e609f9a22b9a |
| SHA256 | c857954354946e635d866468d64003d4067471fb56cc41fefb9618c1562f6bc6 |
| SHA512 | 8a7f7d59d36fa0111ee85b7ce43448505538e60373646acb993543cd6f7e123e01fea2aa55f090001c11259fb1d9b6c6c1eb6b9ec6110eeb4f1f354167bc31ec |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\Iw1wuOlOJSBVJTQIlx1TQm9L5lo.br[1].js
| MD5 | 748066b332ab14953a5a7c0b27e3865e |
| SHA1 | f0971f2269e6b6ec178a39388adb8afb3b2aa030 |
| SHA256 | 7ca19a8380f79799d9acfbf2b3d793eadb9d4341412c4ade6353989f8950d368 |
| SHA512 | 35f33ee7a63576d7dc6f16deda75abb7e0cf41f24781afa8a03bc7313970cc627c8a4b2680a7ceab3a687d184b8261b5c5c0d4f17890eba24c184f46f1896c88 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | be3810fb22472ec158ad1b18d7e83a2d |
| SHA1 | 0ef1a1a7f4ee973d376be2e90b92c989496eba39 |
| SHA256 | 3b623fc36940a3a900160ab09e3b35c0090ec37a51e5a061116408f0a68911fa |
| SHA512 | 156fecef670ef34c2e06df6916c09522912fb9600df8302ce669f634dde90789ae68757eb095122f9390d093ab30e7212de1eb1bb889d46771057ff4ea1a3f4f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\26C212D9399727259664BDFCA073966E_F9F7D6A7ECE73106D2A8C63168CDA10D
| MD5 | ce1a9dd8da4628ba0e97a90d34d09c20 |
| SHA1 | 11f82285b854104e3d2523c656ba49e85ff428ee |
| SHA256 | 0289277f904ecbb5e6872a9ccf95792ed02ab3eaeadd09805abfcadf4ce446ef |
| SHA512 | 236753d08558f29ed52f30cffc14e714d86fb685fdc89d403e993493ae8e6f1a5b8c26c1821ff43961953a19403ef310e57048a2e373c87ccdf48366345a2c03 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\S700J7PI\favicon[1].ico
| MD5 | da597791be3b6e732f0bc8b20e38ee62 |
| SHA1 | 1125c45d285c360542027d7554a5c442288974de |
| SHA256 | 5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07 |
| SHA512 | d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\The-MALWARE-Repo[1].htm
| MD5 | b818c8ee5c490cab540f7e0e32d5efca |
| SHA1 | 1420fc7102ef7ad65d67194cc1196972fbcebd80 |
| SHA256 | 7dd03e68d09fb1eb0b075c3ea7ef7d130886799f937a7f9361b3f3532a2fa679 |
| SHA512 | b3d610749099fa57866940d28e02e8b359a3082cc544f294d77566011a923d317ade8be1126d9111c6cf3e16788e4146334b7f6ba7434c6ae83375bc378d59d0 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
| MD5 | 27b4ac4d33ea87ea34c6bf4463e9f5fe |
| SHA1 | e4dac1f826d4b0acd8e1f247fe95fe5847eb4809 |
| SHA256 | 95999c081ad63d5303fce13b5f586f6a82d9c795ea7fcc76d3b3e9f45c34c023 |
| SHA512 | f359086dac50291abfb54790d7d3d0486ab90b8dfd31848a44861a79a81ac17474f233aad97c7218301a41957da367a2913dbcf54cb5a298d1a6c35feda22851 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C
| MD5 | a66b7796ff6187b51f5747254c94f21d |
| SHA1 | 980d0fba2fa21527709831b7fcf92e0443696c11 |
| SHA256 | 661b208091012d429b08254dad6b7312ec5ce369dc3a7d03b0359308ad0793b9 |
| SHA512 | 4ffaf245aeb244fed74200585f5a3c197fec954c399e201901ea50a02e9ff012519deeddbf03b195b1d5e6c0120272e7db64b83f882f17d2a206fafd957111ee |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C
| MD5 | b6f50d01890f009c5bad62b2315d37a0 |
| SHA1 | 9471b2979fd72dc0a9d8ef1c682a8b57053032b9 |
| SHA256 | 02ae7b926c0157bb8c2da0088536973affaf0322e03ee82c48489de3f8fac961 |
| SHA512 | 53d8631cbde439622cacdcbba93901ffa23c3cf953e9ce998d70d0629dc91ba3c18a7bb251606e02e0d359f804c3e3effd2d93bec9585724ec19ec0b0723bd22 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
| MD5 | 5d6dae1d7d3c9fc51cfd907674ae2459 |
| SHA1 | c027d7158cbe1da2953a70d6790018092a4dd999 |
| SHA256 | 5d95365c08dd688efe20765e3f6a3b6b0c4870db4c92edd27d5f89d18ac6c4c3 |
| SHA512 | 5406b1f7817544d06d5fd47f630e629c0df7e54d16c23b45ab0916bad823bb3390f20c82643aac59064271fbd349ce219e1348389c4825286731fa5beb53747b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
| MD5 | 252806933314845c35b185dd7563eee4 |
| SHA1 | 9f3bf0dc9d5a205f3b6ff6a309c51f6e7521441a |
| SHA256 | fe2d20fc82f2fe49ec0ed3e256ea886a6185491b2f57dfe68020e4234c3e685b |
| SHA512 | 2b5062970c364aa41cb961ad0f07f2d4521a4aafd91632d43e368d18701987a6699b74c8e9150da7ce6be37af8e94e009cc07c0403eb4ed92649acbf82ed0e43 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
| MD5 | 94bf570a2a16182476d4128c190f3d67 |
| SHA1 | 5fccafdca69506545cfe50280585d30205af31eb |
| SHA256 | 3be5d46133ff88aa68356a9640c9312d53ab0136536cc27154bffca5956a2d97 |
| SHA512 | 5aec582433f21c599db161c4893de81a430e8aae19d11a61e481739cd87ccda957cb845204e0045a02e962d0d0fc332c9e05e47d543381e386bf076365703117 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\light-efd2f2257c96[1].css
| MD5 | b8473fdb0f4749de99341662aec850f2 |
| SHA1 | f593c957a26528558217837aead34cf718d27443 |
| SHA256 | 8aabc55d211fc93acb563c9cf30732577212a998196f73b067f9795c8d1ef72b |
| SHA512 | efd2f2257c96c12eba6da741c677030ac63c34a925846080ec606e5a974706726479bd5babea6dd0ac7e8e421704263787986fb07a9c384994cf403bf8bc3dee |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\dark-6b1e37da2254[1].css
| MD5 | 96ba1deb375c1c66bb092fa0a1765be1 |
| SHA1 | 03f188ec52d09882b8403ed57d7aa73a224ddd62 |
| SHA256 | d6bc29d6a4e33c7f4da1d4b8060cce6dedf384d7334b71661c277e985ef8c156 |
| SHA512 | 6b1e37da22544d5626c6f78691a8d8f723c49c95a782f5195f4b00b0e1b9d4408402c25d5915e097ef31273c3c8d06d81d1ba1bb08e12677941b8b1f24d92848 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\primer-bbda46ca867f[1].css
| MD5 | 77d264a65da1bdf6226a7b14304b56dc |
| SHA1 | 8925706abc2ab2aa391b2b6a9cc58b4dc8ba841f |
| SHA256 | a2b62581aa107332cdab817fa60dcf7387d60e10fef392a98827abdc8e57ea75 |
| SHA512 | bbda46ca867f036551a1712a90c927f0b16dd413900a1c25dd022c8e80c54864989365097d4309b027f0067f0e57647357d19e48237da8b180079b74c9b702ce |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\global-6f01bc73955b[1].css
| MD5 | d6812d1d48e66ed6a712831148f3368f |
| SHA1 | 2f5467552f20463a132e84586927777ddc40f4f3 |
| SHA256 | d7a08128a2e72d4a5afc37419dbc3d0cb64b1d874bc28a5129cf47b115a994b5 |
| SHA512 | 6f01bc73955b50e5482a3d1f6f49d4e5696c416d5e5a93f1ca65072200ba40c1034813cbadb83830baa46589a562e0f2255107adc4d3a055218e5aa6dbd78ce6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\github-4bf1effa8118[1].css
| MD5 | 418283681ac0343ff1b0c1799d220cb5 |
| SHA1 | caf0bb7f706325a884b240f939e148487e2e3511 |
| SHA256 | a1eb4fa6aa620527b4814dbd830f71905c40595e54301d132c47ab69a9f654ef |
| SHA512 | 4bf1effa811897e902f0fc0d73bf0251ce87bdb64d85d2fbf2e4485961ee1a85830dd6b73d23d2925442e9de2b1d7a14a36236db4e1b7ed7ea9f5cc6bd58c3d8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2DPNO5JS\primer-primitives-8500c2c7ce5f[1].css
| MD5 | e9c08b9ba681ad6606bd18f264e73ef6 |
| SHA1 | 04d1e96739d82e07587f10bd2d953c8e70b93d9d |
| SHA256 | b08c9718118f5b814e632ac3dc0d8e009e5dc2913df183f0ed322e6817e997df |
| SHA512 | 8500c2c7ce5fdad5fa01aa92156964108335c704a127ce290d201395009914c814ac6e08a467e45d1ca0fc75b2269b7f09a6d437939d91c9513c659a80cf472e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\repository-992e95451f25[1].css
| MD5 | ba1468dd22fb87a14c2e6e2204531deb |
| SHA1 | ade22d3c001f90fb4998709fa1062c2964742ab1 |
| SHA256 | d47b5116f66ce8d8840e44fbcee18453ec46cd6a12f863308a1f456380c35707 |
| SHA512 | 992e95451f25275a9263e398d325f64591772d9ac887be883b8ad97e09008bd31a0e2f59f62c0cc97a983cbaba7b20bd4ae49748a834c1862323bac59e318bf9 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\wp-runtime-d3abd4f6434c[1].js
| MD5 | 47e2d30e207b280b9c3321f4fe9e61a2 |
| SHA1 | 73312658e685c85e866de18183b0f1f303bd6647 |
| SHA256 | db19370847a6edf2aa0e0fb17275cf92b384555e18abc6736e3487b24ba5b8d6 |
| SHA512 | d3abd4f6434cee4821b31f0ed4aa23d4d22e8bdfbbac6e5f622b926d31d92b4119bdc8865c7edc57c2ae0d5acb3c95470c596f1b0cf2e04f509abee6545b3858 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_dompurify_dist_purify_js-89a69c248502[1].js
| MD5 | 36f04458790e19bb99bd77a1cdc16295 |
| SHA1 | 8f25cd75135fec8c088728f53d39dcc21d375fdf |
| SHA256 | cfac43b55a6b86258b9d3495eff18f26f598313a14cf76a3dbb1e3e7fd341f00 |
| SHA512 | 89a69c2485029e3393d81637b2eeac776d0765835e6ffcdddb1394f4421c5236b5cfee873568736d8a233b6c9bafe6ea828d2b718133aae8f0d22f220165fb9e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OJGPMD2X\code-34406d39e629[1].css
| MD5 | ee14556fc6c8c5e35d7acf63edb7c840 |
| SHA1 | 6e106d8fb2bcdbf90a553b2db5ad3faf8b5b1d35 |
| SHA256 | e98b22b626274eb24481f138c7aed6681b3ade70d4427bc0cb05ceccd9ef4a61 |
| SHA512 | 34406d39e629a65f5162757c5142f9b02149d2d18caedf15a528315a5dddccc86f3445c852f7e42a2979004b3c07ffe62c1b0c13cf5b60f6b8a06e5836027b67 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-56729c905fe2[1].js
| MD5 | 2eb9961e08f81bdca617ddb67c2fb708 |
| SHA1 | 15cb6d7ffe93324b38bb62bcc4ff14d1a57f94bb |
| SHA256 | 0f2cd40ad364711db1fee03cf9f6ca04fc56f5c3ba497dc476c5879e129d968b |
| SHA512 | 56729c905fe263a6b7978bc67c09b8dab69592e21aa9addba78866790bdb2dbd85e41e6a6663d511e73a8edeb75933b549b3c393a465748790a6fd50b337cee9 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\environment-cd098098ff2e[1].js
| MD5 | c946fb5a94c699f0b69bbcf7e85dd938 |
| SHA1 | 81f6899e9f2d5e0357cb42792801c38f31e455a6 |
| SHA256 | 29dba15e8182dbf52cd9dbde2287d57fdde0f6fb2e4dcfa0ee8381ee099f752d |
| SHA512 | cd098098ff2e8f8b50d62e959c8a4190fc01fd7f96b651005059d18e0ac9e0c24ebeec4011308e7dead2614f83f2d3626ec5bf14e3eb1be8eb159042dd7432e6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-686488490524[1].js
| MD5 | e3f26045b6c949207e83b64a3049fb97 |
| SHA1 | 93d1e9454d48afdfd846149723dcf845804552e2 |
| SHA256 | 0aec79ad0107317829bd0d38cd83a44a1e3a14c9c62b7d1590298c4caa56ac0a |
| SHA512 | 68648849052442cf704c50e9abae2eccc3c289c388c4e4a7f32071d2878cb6c1bdca49a401fa820469a90658543fa1ff92649d232fcf0f94955a2872ff0899a1 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-c9086a4fb62b[1].js
| MD5 | 19e28fe2dcffe5582e6352b53d0b22ce |
| SHA1 | 1e656d3443915c4e4bc9782f4366b4eebcf45720 |
| SHA256 | 345e3daa928a64bc11b3778cfb36228d0025c260defa0b78e4c0ebe66c419737 |
| SHA512 | c9086a4fb62b90cd43e0a47621528a23582de79c4bdb1b2eac386f8e331c5ac891aa69975fdfb487a4cf508852c1c3ebc2df24e00ffca5443fb6e22f3b3ee99c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_github_selector-observer_dist_index_esm_js-f690fd9ae3d5[1].js
| MD5 | e131f8c9b77918aeb94fd82199a423d6 |
| SHA1 | 71eaae086cd44a8904f39d27fb5387bb957976f0 |
| SHA256 | 01f9a0ec0bb24312ae0395b6aa238f8d910dc35c08ef5a25a1e9cd8feac83c32 |
| SHA512 | f690fd9ae3d5a240e479fea97ac82940f136f3f2e0262cac840345f2b956123117ca94424dc354d90d13f1c0169c24b19526505bb2fad70c8c364899474a9495 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-841122a1e9d4[1].js
| MD5 | d50f30bd48bf15a39fb0de84d338b063 |
| SHA1 | c974701a469b2ae91195cc57a42c3157c0210646 |
| SHA256 | 21c5e70f201ea5ebcaff6f1244e6a7fbfca84d1878cd41d4400696bbbe09af5a |
| SHA512 | 841122a1e9d49b8484e68dc82869b7835e54a9d632909ec4f0c386ba843d2eaf20416c75c19c4a250a8cf22de8ef43f1fff6d77d29630132266c6f533c487e2f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_primer_behaviors_dist_esm_anchored-position_js-node_modules_github_combo-aea225-dcf5851b6d7d[1].js
| MD5 | 556926c8c4f4c260199af81f6ee8f769 |
| SHA1 | 6f2f2fe4ae2a9d7004cfe457360a421662e324cb |
| SHA256 | d071d751492d02b4b56e30b993b533adb192bc5796fbd6b184614288db5152be |
| SHA512 | dcf5851b6d7d7cf28ba9563f7abc4fe35a7c14d493469042e65002726dd9b7b8d82a794d0ccba75113c11acc57cf67dc3b6ec628f6a6588e2aca44d29602f30c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-2355048ff048[1].js
| MD5 | c6175500bbb3bf8dc98aa0d4229caab6 |
| SHA1 | 59fa80835b3a054500c80573c5403dbe3b6c72dc |
| SHA256 | 936cc4f56aef6760208636c671f028f76a6a896b1a113df7f64b4fe10ac9cbfc |
| SHA512 | 2355048ff0483d1b53126ffa8506d15da3baf9cac2570b99cf6c1d019b4702231500ec72485e529b4ab8250631e664d080818ec91cf9339770528948489f92a8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-54763cd55b96[1].js
| MD5 | 80708c39dbd42e80616bc4a61b51c1bb |
| SHA1 | a87eb08671b07a1c2689a6caca2486727af9ae3e |
| SHA256 | 10e085fffc04da9cbf0a46c8a6e120d34947c4ed859f05e26cb0abaae312e094 |
| SHA512 | 54763cd55b96117e15652c12e9ca5e8ec71e58eabbd9537a7e6c833ec124199eae23091ef59275513f2cacf055e9ae69d7683474fc31f81ef823578118c462ba |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-9d50d6f10c3d[1].js
| MD5 | 68bf738bbe44db97fd2a1d1938b71130 |
| SHA1 | d9974d77d8e043244205080d6edbee1d203fed50 |
| SHA256 | 99c010c6044b291ba2433e143e654cf95f625092f1744d8f2ba47a7fc5e0f24f |
| SHA512 | 9d50d6f10c3df9a1649a6b61f25d8d648e4beac1edd8e04512815376fc70ce24c7cad38b5901e9ca9806cb2bc3b365cae134281b7290a31f6d0e53bf287caf42 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\element-registry-dca7cb8f8b83[1].js
| MD5 | e05a7e3dd06e2fca8b32491d2dfcd3ac |
| SHA1 | 375beabdc1aefad3f01441fd2e6e10af173b2289 |
| SHA256 | 80fb22525f857c7d5b63d1bc1fee0ec530035c382fdb3e9f3437f77528611500 |
| SHA512 | dca7cb8f8b834a9a25b09935ed8a208fe547bf5ec318dbb55f0c4285af89d22fa3e976e62696c1c47d9e89279c60a54665d733f051d7ccfa96855ab6b6bc0d0f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\github-elements-b5a402753026[1].js
| MD5 | f9cc152ec6d75ea78f11fe32f50ee7c8 |
| SHA1 | 416e6d5b3e363f8503eb9df01bb358a77b534b42 |
| SHA256 | c5a7eb1092465b4d26ccea3e2108bcd3efb1ee6e9b03f7bda5e9a9eabcbfe95a |
| SHA512 | b5a40275302676715b2a28d24c5eaf987bad9f588849a22e5bb0e44b9afc434ec13274df89e94b794ea9678c5325f464eff2f39df1e4fc395edf353d248b1f06 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZPYFVRLX\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-f8a5485c982a[1].js
| MD5 | e87764e4b54806bd9528e9413f05201a |
| SHA1 | 5d1c284dc8e2d047de24f8380f71ea9989d732bb |
| SHA256 | a38e79c76a05e2473cefde9829cb125563e2bb06965aa3d0a41b314816bd1097 |
| SHA512 | f8a5485c982a797682c4138b024f83ea2669b7b7458c2d9eeb2c18526260e2dde0b3bc68d98415f8513e4ce099e46783a9ef8ad08b58929ca66972630953822e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BLQDLNEB\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1M3407YQ\warmup[1].gif
| MD5 | 325472601571f31e1bf00674c368d335 |
| SHA1 | 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a |
| SHA256 | b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b |
| SHA512 | 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc |
\??\pipe\crashpad_5428_BWIFHJYKUXMCIEWJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2f062a555ffd730917d6e3801e65e6fd |
| SHA1 | 859d374daa4b9bcab240d559a24771dcaf3bccce |
| SHA256 | e0efa009b0602b36a4bed36ad50107e28fe9e948f99f885209730ba6aa9a2a26 |
| SHA512 | b9228999e6b0d5c04d21e5b119759fff93636e025de5beee5177c270ca037eca114dd811cc51a49779916b2e238050aee4bb79830f7912af1afbc837ca3c4f5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1e2c4eaba63a3a70fd60e312b559bfb8 |
| SHA1 | 6338d8c89234ed8f7cf5e30bae3bf844f3067330 |
| SHA256 | cbb615581475e6e1f510febb60fba80d1469b6d62999e3ac1be8d77214f62301 |
| SHA512 | c7d52e29258e55c65563e0a23809f1d83c23108f256435b235506e4094ca747acb543ea5d25d4261c00c965056b49e67d0242f5caeff83f3bda17360ec252c12 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8a286ccaa5b27b8a77eeb99166f8760a |
| SHA1 | 474f1054c4de3501a12814ca91d0c0fe685f58c6 |
| SHA256 | a962d24ae3e8d31f688dfa00df38f4f2933b53a84fb85b915a853adcca5030f9 |
| SHA512 | 0e650181d1c72bb7620bbdb7c2bd727e874688a4c103405873837311c8d5788f39fb70b117d534d7fb0499add83f5401a229aacea9b16672915c8dc1d65b56eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 7ca2d0fe21d310b03c628dd2f2a3adae |
| SHA1 | 9aed6228f6e9c07acedf089eff4600106a689bb7 |
| SHA256 | 2b01a2438a2e973bae895fbe54426bee210d60dbe0d48a7bbec0eb1959ef3039 |
| SHA512 | 9283fc473920f721eb03203d1a86b03f2a74da5cf59d44a11831487c6918be7ed892048365c7d5be2d6a91221ddb16a581d7df37c32a7e402ad01eb2ba0739ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4c18ea168a8436d60ee54a4f65c7246f |
| SHA1 | 0fe3c692c6d2a64e8c03fc61a27c3432f4c761ea |
| SHA256 | d202e7ed5df29ab499f4352b10cfd0adb929bb09d72c2fc91c7c09a1cc769351 |
| SHA512 | 9392c9a60c1fab1521fa2de2ed8cf1480b400b36caea97171416de7bf4cfd8d98c3b6091f31e012bb3370eab8c41f61e8dce02480dda3b3fe2d17c3dd729c631 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f22fb4ee5233e74cf7b8fce0e933fdca |
| SHA1 | 8948dc79d1eaf9b8873c9ba1b6d164e861ded5b9 |
| SHA256 | 3abe5c2dba2f8742b772d654f977ad6158be962ac4ce16e70ea4cad68138cc1f |
| SHA512 | 52bf8d571061b91289af88a00eac7a18642a2d67516ef731dd314f4dff94ebe3db4827e58564b158cd90df5728465fdcaf984635c9a66f5641c2602b8e5f30ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 316596e9c261159ffda4678d075bd0ce |
| SHA1 | 36b5f5ff58e802ca609fb0dbe7014a8e09aa0ae6 |
| SHA256 | 0fab4d62ea39d64a737255aef4f1a86f728bc85034a9eed61464d71844777258 |
| SHA512 | d2379aefe6f55c33efe0ffeeba7169cb131669a4d1e8715a0503a20cef4855c1cd46cb1627bbe65d3d3aaf943d4c208e91de1409b78284b1ff86202759b4c888 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 804e6eb727c4a9bd62c580022fc937fd |
| SHA1 | 9d1da72522a520cbca3bca9cdaf701a8ac8303cd |
| SHA256 | 9f35b44960db1e84ca677aea4895e0e80661c8b2a2b7fb68478ed7d9c3782f95 |
| SHA512 | b8722ff23181166a847b47e8474b12c33202b95e94327f9ea68cbb62e42dcc1e6c000b145612535148e2f8a229e6438d3f16f376bd4cdca3f97ca30d40aa0d77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 564b4defb619057470a48b3988ec7819 |
| SHA1 | 0282311c5292536796d3ea21649883a9277cd964 |
| SHA256 | 4f6770244d8ef75c57d1d95a8f12f4ffcebcb8586c578a98bc228ed44d10de55 |
| SHA512 | b1837a53a70315c422086156d2c67bbfa6898b54ecbce4a1b5da0bbf9bcc22c52df5f4939a8199baf18cadc53ca6bf3d1e858752bc412b15ee5a70ecc6390c54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ac03a98f9d240d046f5ac6afe7272398 |
| SHA1 | 7d85d4f3600e7efb7578bef90931631eecf36552 |
| SHA256 | 50773ed8cfec17075bb5211bec2c5aaaf2d61f0b749d4cf58783642c213c48ee |
| SHA512 | e491a0c9d888c64f7749683565f6bc51655e1a16395a5510934ffbd5c6b605d91a189d8d34b2a8b62f9f0bcbb6661396a3ca53d16a720bc07ed42ca628201393 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7ba036d965b6363f8b82695a02c06974 |
| SHA1 | 6d4a3f99d4856d84770b4cb3075ab14d60043e1f |
| SHA256 | 0e0175a98135c746f4dbc2e809be9ea31b5517331796e5def23f2f0a0cf765ed |
| SHA512 | e57c1365bcd83ccd5229ef0fd58d2b2d6209ef756916d782362320f828caeca4897a27d7e4bb973d1740f1fd2e45e3709e92017bb4409ef4acf6502839263f83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 63b83b7bfbb6102247b565b0b027c13f |
| SHA1 | 7a4e4ab999fec7380ba54110ea4870a30eacc221 |
| SHA256 | bc1b1ee539dbe8dfe2c23debf3df88d4dd2e04eb132bf7fa083900f23e7c1895 |
| SHA512 | 84712b7e83173fb62622d8e35c3103b04b5325cfc9741a40243e8885599fccc92f442d16f8babc3a3ff595e37b103a1faccb04c3f2d16aafffd7226c09c8d47f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b9f03ae9249a81f992c0814fa6cef7e0 |
| SHA1 | 4b2c7c4dc092113812abfc26cef9e7a4b7701ed5 |
| SHA256 | ceafee04fa334ecb8be5b667f92a8fc36f25347effdad78e09a9dd3371f83c32 |
| SHA512 | 74c9bcefa4be204ad59ee65484692df6521a3468f6096f7ec8fb185a5af6c807381b294f605002a6f016320ed67de1b8748c9cf587ae2674207264f39a8d2a2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 045e976a6a93bd1a333dadebab537f36 |
| SHA1 | 02b77858e5a70a327351977eb439ae711c1c892b |
| SHA256 | 5928ed5737c2297310ed31d8174ca0497a40a1facdd3a5c858fdf464c80e0290 |
| SHA512 | 319648675fdddc0d7582cc1b2c0b2ad6a64a6c0c7f2e05bce53b7c0ab9aaa022c8a89b73023ea26debcbd59038a9892543eed5be8446004823d5dea11b6e518c |
C:\Users\Admin\Downloads\PCToaster.exe
| MD5 | 04251a49a240dbf60975ac262fc6aeb7 |
| SHA1 | e211ca63af2ab85ffab1e5fbbdf28a4ef8f77de0 |
| SHA256 | 85a58aa96dccd94316a34608ba996656a22c8158d5156b6e454d9d69e6ff38c3 |
| SHA512 | 3422a231e1dadb68d3567a99d46791392ecf5883fd3bbc2cae19a595364dac46e4b2712db70b61b488937d906413d39411554034ffd3058389700a93c17568d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | d03574655df47641c694131e892d795d |
| SHA1 | 0bf986464e5b3201e22d484dfea5d8bc43373a9c |
| SHA256 | fbbb59aa0227302dd9d1dd841618f7dede7001c8a5aa205bb042ad86a7c976f4 |
| SHA512 | a13a2afe23f13415bfba8d1522118ec05bba17b3203fcee3bc61612810e17ab2b026e8caebb6ebc68f17c6ebaac5b8c8cf688b34c507a757ec95c179615cd3ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5ebd04.TMP
| MD5 | 202728698a2de376929be08bcb9058a7 |
| SHA1 | fd4aa4727b25570b708de534b3e1edfd58ce02aa |
| SHA256 | 15496f2fbdc150e14b4ce1e653d5e7f615148fdf538c86ddfed7634105bc6c75 |
| SHA512 | e6aa0422b66f15367d83244f9a7169a1a3a2c0c62d012700ece55382624d0f19446173031b0a19ac9607970f630bb2d38880430464cc57c833279ad04dfadd49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2fcb6212fecc4ccccfc99e9a316862d0 |
| SHA1 | 6b044a03877a2c34009e8f90fd07c09bfb6a0b22 |
| SHA256 | cf6d57b0901f464d28557de7f4efe4e0b6df0acc652fc8f13bd7ae86e1ac0b0f |
| SHA512 | 42e8bb90db8edcec8b6e372113c869fe8f7272f8d5375c7b687b9bf914c0e413eff84c73762d607b27cb46d2afb57b3fcdb45105fb0bb2b852ed99187a2b9185 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a72c09710b5e8dd8b24f8327f2dbfab6 |
| SHA1 | 159dfdded224376f71f0b268f00134753bfa8004 |
| SHA256 | f6952b38aa585c9c6557dba59942d70c140180d9b14c0ab0f7f1a706cc186d97 |
| SHA512 | 3a48df246b2a97c5a42f5c3bd12d3c8305d6e562560200943396ca482ca5e4bdded75ac7c44de1072282f3190a39f830858516e22a27ca4d3a7c7da01f51663f |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | 5776fcb573f9d06145538621c2b845ff |
| SHA1 | 12bd9187b08123505d4a4548ccc88e4b9d9af940 |
| SHA256 | bc2fe2eb9383fda9ff95636797944fd9d2faabc11a0aac0cd560df5db47905f7 |
| SHA512 | 20d0b02047dbaa449d23dcf9aa4e0fc067a3ab4349a2b6201f353bd3fc49f6cd910908a1548ac60cc3828dbd9448e19f33c3eb5134ab5c4c78425cc8615f5c98 |
C:\Users\Admin\Downloads\scr.txt
| MD5 | ad1869d6f0b2b809394605d3e73eeb74 |
| SHA1 | 4bdedd14bfea9f891b98c4cc82c5f82a58df67f6 |
| SHA256 | 7e9cde40095f2a877375cb30fecd4f64cf328e3ab11baed5242f73cbb94bd394 |
| SHA512 | 8fe0f269daf94feaa246a644dbeeda52916855f1d2bfd2c6c876c7c9c80b0ceb7e42caf0b64a70bda9a64d4529b885aaa38998a515d6abbe88ad367e72324136 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f827d10e1fe3e8da0cd95eb2cbbea0cd |
| SHA1 | 8111235f4f7acb08bfa2de4ad04b3ce955efe581 |
| SHA256 | d77d114463485a528699cf7d5d6737dc443e3c71c4b9df54dd2079fb75ac6833 |
| SHA512 | d91caac976952c4ca8c8c624452aa26df8c0ea64e2f9ca74358f41d1a11525b40cbe64dd910cf3866e2d4e38d43cf0b71114698ab26fba20a2d5fddbe2967f8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5d5a71f62d80544fcc1ddee637be2f3b |
| SHA1 | 37491ec2ce898f5d9ada4fda237dee04810119d2 |
| SHA256 | 8461c13f46fb9a3416c44bf0ecca78261fcb5fb2f2a801de7ca032c09aa19c52 |
| SHA512 | 99e42107a7b3dc82a6d7ea6bf28d764ca01ca9bfacb307c9861176fe48da3babee6e437dbcedf1fb9ab36393a58fd4d2c5085e22724af743f52323a305c8ffb9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a74428ed6c5fe866d264f10e97fbb994 |
| SHA1 | c04c2618cc92b734f966d49ce8a15af023bee424 |
| SHA256 | 0d3f7c71547355e7ec7535c998ffce8bab12bd2f6701d0585dd16b8a0ac228b4 |
| SHA512 | 4acf6d1a46dd44318faba6bc4b4ab6a00986ad38b89724b536d2340f6ad8ba9971867e31dae02a04a936b31e42436ce8a77074a696602fc401a295f4cf317af2 |
C:\Users\Admin\Downloads\Unconfirmed 590266.crdownload
| MD5 | ef7b3c31bc127e64627edd8b89b2ae54 |
| SHA1 | 310d606ec2f130013cc9d2f38a9cc13a2a34794a |
| SHA256 | 8b04fda4bee1806587657da6c6147d3e949aa7d11be1eefb8cd6ef0dba76d387 |
| SHA512 | a11eadf40024faeb2cc111b8feee1b855701b3b3f3c828d2da0ae93880897c70c15a0ee3aeb91874e5829b1100e0abafec020e0bf1e82f2b8235e9cc3d289be5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5be527e1681aa53517c011444c59208d |
| SHA1 | 585e10344a88a473e6667a276b180215e0a4635e |
| SHA256 | 0bfcd29bbdedf54223e8ca8668cfe13c8970747ed99889b31f1ce5a481cb022f |
| SHA512 | b84e87d408a084b55bb22cd5cecbb0acfe528568af6d2f09d61b0a92485f293f5c9bffbcc08f5b32fd42116e8d17fb0a5f412430d959792e28d687738df281e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 154c2416742077f171a6d700911c27d9 |
| SHA1 | 859ff1a9d98d69425dc50fc65cb60eb60429e536 |
| SHA256 | 6045d427c1af379a0cfeaba99693a3de3762082c2e5d60896d8c6f3ccbe60c3b |
| SHA512 | 29e7e920ffd66ce0f5384488b612161284527fe69683b47b0a6d819d21be442ae5ece6da52a54396d648d257f98de033592536ca7c031702d21177232785359c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b5aaec079b85900d05acc8180fce7829 |
| SHA1 | 29c5d3712fa2ea18fc1262fd1f9d279716c3807e |
| SHA256 | 7675e7442d8bc13d5c27369507232ea61271cfa1c81bd226cbe84759cd5f9181 |
| SHA512 | b63757ffd6b85dc5d09b2a8919d24e371e8d37da3f7084b8c3494e1d2689f3856feb960a91cde32184707901bb015f044006466b950f005a126ad4278262a523 |