Malware Analysis Report

2025-03-15 07:59

Sample ID 240812-z6pghszhkj
Target goodbye-chat-hello-chat.mp4
SHA256 07a51158cd66442991065b7eb6ad87e5b9fa3838284c34e2dede0597df92db23
Tags
defense_evasion discovery macro macro_on_action
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

07a51158cd66442991065b7eb6ad87e5b9fa3838284c34e2dede0597df92db23

Threat Level: Likely malicious

The file goodbye-chat-hello-chat.mp4 was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery macro macro_on_action

Downloads MZ/PE file

Office macro that triggers on suspicious action

Executes dropped EXE

Enumerates connected drives

Legitimate hosting services abused for malware hosting/C2

Drops desktop.ini file(s)

Drops file in Windows directory

Subvert Trust Controls: Mark-of-the-Web Bypass

System Location Discovery: System Language Discovery

Browser Information Discovery

Program crash

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

NTFS ADS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-12 21:19

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-12 21:19

Reported

2024-08-12 21:50

Platform

win11-20240802-en

Max time kernel

1800s

Max time network

1772s

Command Line

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\goodbye-chat-hello-chat.mp4"

Signatures

Downloads MZ/PE file

Office macro that triggers on suspicious action

macro macro_on_action
Description Indicator Process Target
N/A N/A N/A N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Public\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened for modification C:\Users\Public\Music\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened for modification C:\Users\Admin\Videos\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened for modification C:\Users\Public\Videos\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened for modification C:\Users\Admin\Pictures\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened for modification C:\Users\Public\Pictures\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened for modification C:\Users\Admin\Music\desktop.ini C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\K: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\P: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\V: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\I: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\K: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\B: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\M: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\U: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\A: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\G: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\Q: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\R: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\T: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\Z: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\H: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\O: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\E: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\J: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\N: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\Y: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\L: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\X: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Local\Temp\{6F865DE5-121C-476E-A6CE-E4BD1B60C196}\8tr.exe:Zone.Identifier C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
File opened for modification C:\Users\Admin\Downloads\rickroll.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\WindowsUpdate.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\unregmp2.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-970747758-134341002-3585657277-1000\{D1672BB0-3325-42CB-8B60-5CBC6DE24ED6} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-970747758-134341002-3585657277-1000\{3F8F2032-04D0-4458-951B-E8E29E2E2556} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-970747758-134341002-3585657277-1000\{67A4EFFC-DC68-438A-B82A-FD7DF20B7739} C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-wmplayer C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-wmplayer\CLSID = "{cd3afa96-b84f-48f0-9393-7edc34128127}" C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-970747758-134341002-3585657277-1000\{1A7E6861-3A46-4414-913E-315FBDFD7B91} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\MEMZ.4.0.Clean.zip:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\metrofax.doc:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\WindowsUpdate.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\MEMZ.4.0.Clean (1).zip:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\AppData\Local\Temp\{6F865DE5-121C-476E-A6CE-E4BD1B60C196}\8tr.exe:Zone.Identifier C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 25134.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\rickroll.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 272711.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 296487.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\system32\unregmp2.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\system32\unregmp2.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\WindowsUpdate.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 900 wrote to memory of 1240 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 900 wrote to memory of 1240 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 900 wrote to memory of 1240 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 1240 wrote to memory of 2916 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 1240 wrote to memory of 2916 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 2876 wrote to memory of 4532 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4532 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 5004 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 2996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2876 wrote to memory of 4652 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\goodbye-chat-hello-chat.mp4"

C:\Windows\SysWOW64\unregmp2.exe

"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon

C:\Windows\system32\unregmp2.exe

"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 900 -ip 900

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 900 -s 4128

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb1c423cb8,0x7ffb1c423cc8,0x7ffb1c423cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2040 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5180 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3344 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4628 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6156 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5644 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004C4 0x00000000000004D0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1968,5154709662246395550,4598353504277323758,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7236 /prefetch:8

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Downloads\metrofax.doc" /o ""

C:\Windows\splwow64.exe

C:\Windows\splwow64.exe 12288

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /Automation -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb1c423cb8,0x7ffb1c423cc8,0x7ffb1c423cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1892 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5752 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6092 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5296 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3872 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6384 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,2192203155445452656,7395293826437341198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\srchadmin.dll ,

C:\Windows\system32\werfault.exe

werfault.exe /hc /shared Global\75e53d6034024f4993e8705e8c654c6b /t 4576 /p 2516

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x110,0x114,0x118,0xec,0x11c,0x7ffb1c423cb8,0x7ffb1c423cc8,0x7ffb1c423cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1872 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2508 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3424 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5432 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5396 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6016 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6280 /prefetch:8

C:\Users\Admin\Downloads\rickroll.exe

"C:\Users\Admin\Downloads\rickroll.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1

C:\Users\Admin\Downloads\rickroll.exe

"C:\Users\Admin\Downloads\rickroll.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6920 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7036 /prefetch:8

C:\Users\Admin\Downloads\WindowsUpdate.exe

"C:\Users\Admin\Downloads\WindowsUpdate.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6936 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6924 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1852,10719659763334290656,14235172298357912530,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7008 /prefetch:8

C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe

"C:\Users\Admin\Downloads\Windows-KB2670838.msu.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
GB 95.100.244.7:443 musicmatch-ssl.xboxlive.com tcp
GB 88.221.135.33:443 th.bing.com tcp
GB 88.221.135.33:443 th.bing.com tcp
GB 88.221.135.33:443 th.bing.com tcp
GB 88.221.135.33:443 th.bing.com tcp
GB 88.221.135.33:443 th.bing.com tcp
N/A 224.0.0.251:5353 udp
US 13.107.5.80:443 services.bingapis.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.110.133:443 objects.githubusercontent.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 140.82.113.21:443 collector.github.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 140.82.113.21:443 collector.github.com tcp
US 140.82.113.21:443 collector.github.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
GB 88.221.135.33:443 th.bing.com tcp
GB 173.222.211.41:443 aefd.nelreports.net tcp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.193:443 r.bing.com tcp
GB 95.101.143.193:443 r.bing.com tcp
GB 104.123.95.154:443 consent.dw.com tcp
GB 104.123.95.154:443 consent.dw.com tcp
GB 2.22.132.254:443 static.dw.com tcp
FR 23.55.153.31:443 commons.dw.com tcp
US 8.8.8.8:53 31.153.55.23.in-addr.arpa udp
GB 18.245.187.24:443 peach-static.ebu.io tcp
GB 143.204.179.85:443 logws1352.ati-host.net tcp
IE 34.248.8.108:443 pipe-collect.ebu.io tcp
GB 104.123.95.154:443 consent.dw.com tcp
NL 142.250.179.162:443 securepubads.g.doubleclick.net tcp
NL 142.250.179.162:443 securepubads.g.doubleclick.net udp
NL 142.250.179.193:443 3c665c9a9a277c7e47c366aa680a0c5d.safeframe.googlesyndication.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.129:443 cdn.ampproject.org tcp
NL 142.250.179.196:443 www.google.com tcp
NL 172.217.23.206:443 encrypted-tbn3.gstatic.com tcp
NL 172.217.23.206:443 encrypted-tbn3.gstatic.com tcp
NL 172.217.23.206:443 encrypted-tbn3.gstatic.com tcp
NL 172.217.23.206:443 encrypted-tbn3.gstatic.com tcp
NL 142.250.179.142:443 encrypted-tbn0.gstatic.com tcp
NL 142.250.179.142:443 encrypted-tbn0.gstatic.com tcp
NL 172.217.23.206:443 encrypted-tbn3.gstatic.com tcp
NL 142.251.39.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 196.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 206.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 142.179.250.142.in-addr.arpa udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
GB 95.101.143.193:443 r.bing.com tcp
US 52.167.30.171:443 fpt2.microsoft.com tcp
GB 173.222.211.41:443 aefd.nelreports.net udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
NL 52.109.89.19:443 roaming.officeapps.live.com tcp
US 8.8.8.8:53 89.16.208.104.in-addr.arpa udp
GB 95.101.143.202:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 88.221.135.11:443 th.bing.com tcp
GB 88.221.135.11:443 th.bing.com tcp
GB 88.221.135.11:443 th.bing.com tcp
GB 88.221.135.11:443 th.bing.com tcp
US 8.8.8.8:53 sydney.bing.com udp
GB 95.101.143.195:443 sydney.bing.com tcp
US 8.8.8.8:53 195.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
GB 173.222.211.40:443 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 8.8.8.8:53 40.211.222.173.in-addr.arpa udp
GB 88.221.135.11:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 sydney.bing.com udp
GB 95.101.143.210:443 sydney.bing.com tcp
US 8.8.8.8:53 www.safetydetectives.com udp
US 172.66.42.246:443 www.safetydetectives.com tcp
US 172.66.42.246:443 www.safetydetectives.com tcp
US 13.107.21.237:443 bat.bing.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 45.55.107.35:443 wsknow.net tcp
US 45.55.107.35:443 wsknow.net tcp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
NL 142.250.102.154:443 stats.g.doubleclick.net tcp
NL 172.217.168.195:443 www.google.co.uk tcp
US 8.8.8.8:53 195.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 154.102.250.142.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 173.222.211.40:443 aefd.nelreports.net udp
US 104.17.8.53:443 www.itprotoday.com tcp
US 104.17.8.53:443 www.itprotoday.com tcp
GB 2.18.190.81:80 apps.identrust.com tcp
US 8.8.8.8:53 81.190.18.2.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 th.bing.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 sydney.bing.com udp
GB 88.221.135.42:443 sydney.bing.com tcp
US 8.8.8.8:53 42.135.221.88.in-addr.arpa udp
GB 184.28.176.58:443 tcp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp
US 20.42.73.31:443 browser.pipe.aria.microsoft.com tcp
US 8.8.8.8:53 31.73.42.20.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 88.221.135.27:443 www.bing.com tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 133.251.213.23.in-addr.arpa udp
US 8.8.8.8:53 27.135.221.88.in-addr.arpa udp
GB 184.28.176.58:443 tcp
GB 184.28.176.58:443 tcp
US 20.42.73.31:443 browser.pipe.aria.microsoft.com tcp
US 13.107.237.254:443 t-ring-fdv2.msedge.net tcp
GB 163.181.57.238:80 ocsp.digicert.cn tcp
US 150.171.22.254:443 ln-ring.msedge.net tcp
US 8.8.8.8:53 238.57.181.163.in-addr.arpa udp
GB 95.101.143.202:443 www.bing.com tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
US 172.202.65.254:443 arc-ring.msedge.net tcp
US 20.141.12.34:443 fp-afd.azurefd.us tcp
US 13.107.136.254:443 spo-ring.msedge.net tcp
QA 20.21.56.51:443 de9f77d374de72aea7c30675185baf78.clo.footprintdns.com tcp
US 8.8.8.8:53 edge.msiserver.lan udp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 88.221.135.26:443 r.bing.com tcp
GB 88.221.135.25:443 r.bing.com tcp
GB 88.221.135.25:443 r.bing.com tcp
GB 88.221.135.26:443 r.bing.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 edge.msiserver.lan udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

MD5 7050d5ae8acfbe560fa11073fef8185d
SHA1 5bc38e77ff06785fe0aec5a345c4ccd15752560e
SHA256 cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b
SHA512 a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.DTD

MD5 90be2701c8112bebc6bd58a7de19846e
SHA1 a95be407036982392e2e684fb9ff6602ecad6f1e
SHA256 644fbcdc20086e16d57f31c5bad98be68d02b1c061938d2f5f91cbe88c871fbf
SHA512 d618b473b68b48d746c912ac5fc06c73b047bd35a44a6efc7a859fe1162d68015cf69da41a5db504dcbc4928e360c095b32a3b7792fcc6a38072e1ebd12e7cbe

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

MD5 1553f4412f0373d5333a9f12e49e863c
SHA1 c117ef6e8cd55a9bdf974a228bde97aadb440cad
SHA256 ffdb9c3d8773e354d5a048e7b48ab4bf684deef7d72482a1762c437ed23d0c8a
SHA512 ca76ad53c021753f43c166d147f03b873166c63e494f55e20da0077e96fc8dcb48a4012e94b14ae12cce86dfde5901e53ee233ff72b4d68ae7005d0744103ebe

C:\Users\Admin\AppData\Local\Temp\wmsetup.log

MD5 eea8279678c56a2b9d3af391a06f3159
SHA1 3d30ff0551d46cbac17f03760f15be36b9c29cb6
SHA256 4394b291e00d2884f1bd3683e2821658e0861a7bf9a6bbdbc6bf6ff95e80f395
SHA512 84e48b55274361fcda75ab3324dd967abf3fa17f539fbad4e71692268915e98bb3a856cc0185b6441e42aa39c63c0bbc3ee555ee7129e4d6dd0cc8e2e780e405

memory/900-31-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

memory/900-32-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

memory/900-33-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

memory/900-34-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

memory/900-37-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-38-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-40-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

memory/900-39-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

memory/900-41-0x00000000091E0000-0x00000000091F0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

MD5 e53635a7a42f1aa9ab8a1e2adef636e2
SHA1 0d37c2d735fa30481799d5b673509daf3ce337f3
SHA256 35465b8e87f7c41bd3924353b8bff98e28de0ee648a418bb0cb1cda5d1eb7a88
SHA512 1bbe1ae5d6782272847373e12f5c4edce7fe5c625c2d258bfd3628e67ca0543915708d3979a36b74637daec1e99c4b9a74e916238d9582a7cb7a0bd5705c2c46

C:\Users\Admin\AppData\Local\Microsoft\Media Player\LocalMLS_3.wmdb

MD5 709041e59b78ac9d0f7997341a99c62e
SHA1 bb338c8c736740115e72fcfe7f7c2ba430ec3d38
SHA256 9e372139567b008500d90232c3ac9dc248518f0e5fedd2dff88aa7c21bd88552
SHA512 33cbbeda27912615529213d550bf51eb585fa30aa6a10e9dbf89024220d856decb2dbe23b467d03e66e99a4179fbd39d0861b1e0cc6dab982bd423f1b60b47e1

memory/900-56-0x0000000006B20000-0x0000000006B30000-memory.dmp

memory/900-57-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-58-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-59-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-60-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-62-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-61-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-65-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-67-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-66-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-64-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-63-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-68-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-69-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-70-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-73-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-72-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-71-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-74-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-75-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-76-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-77-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-80-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-81-0x0000000006B20000-0x0000000006B30000-memory.dmp

memory/900-79-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-82-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-78-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-84-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-83-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-87-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-89-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-88-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-92-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-91-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-90-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-86-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-85-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-93-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-94-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-97-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-98-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-96-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-95-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-99-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-100-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-101-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-102-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-105-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-106-0x0000000006B20000-0x0000000006B30000-memory.dmp

memory/900-104-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-103-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-107-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-108-0x0000000008FC0000-0x0000000008FD0000-memory.dmp

memory/900-109-0x00000000091E0000-0x00000000091F0000-memory.dmp

memory/900-110-0x00000000091E0000-0x00000000091F0000-memory.dmp

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms

MD5 bfe5850eb328eab50aede6ae44cdb524
SHA1 951d5b3bb5f11852e8683819347171fd94d9baee
SHA256 56906e6c96ee08500ffc48ffe936e513918ed5da3734db2d89c448094ade21b7
SHA512 84e0e92fe289aaef23148fc118854a42119d1d4fc9d32e3e3ab04fc69505b30e26852ce7a44a3ec1f21dac007212cb6a65281cd8a53025f4040596b35df7f88c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\74d7f43c1561fc1e.customDestinations-ms

MD5 4b06aac3d57b563c11d27066f630a67f
SHA1 a844b540fa74bc177c33589f8757a4b6a61d26c1
SHA256 b6bba272e4e7cf1b0687c08d744fbd4476bb19a43b104653f0e36be7c93d1945
SHA512 b560d03485b7ac6b1e67bcda3fe3d265c0c8612c163cd44b8488bc38219a39625b6e25238e51088c3e3b7e097f9ebc78bf3191b8d5c8d9db2676efd7a6be6a27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 058032c530b52781582253cb245aa731
SHA1 7ca26280e1bfefe40e53e64345a0d795b5303fab
SHA256 1c3a7192c514ef0d2a8cf9115cfb44137ca98ec6daa4f68595e2be695c7ed67e
SHA512 77fa3cdcd53255e7213bb99980049e11d6a2160f8130c84bd16b35ba9e821a4e51716371526ec799a5b4927234af99e0958283d78c0799777ab4dfda031f874f

\??\pipe\LOCAL\crashpad_2876_NCJKRLMUIUYOMGRX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a8276eab0f8f0c0bb325b5b8c329f64f
SHA1 8ce681e4056936ca8ccd6f487e7cd7cccbae538b
SHA256 847f60e288d327496b72dbe1e7aa1470a99bf27c0a07548b6a386a6188cd72da
SHA512 42f91bf90e92220d0731fa4279cc5773d5e9057a9587f311bee0b3f7f266ddceca367bd0ee7f1438c3606598553a2372316258c05e506315e4e11760c8f13918

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 959ed2cbcddc11a3d595a39eedbd04a2
SHA1 1d476fe14ac228dba69d2a52ece70ab22488a9d9
SHA256 60f75f0ef7f00296980048820be5126b864cff7cfe592c2ed1b2c466a8b680da
SHA512 663f7b392d140b6489c23f1355ccd41e75c554a3f24489dc8490f0f121713902f4ac6fbd1ff5f23e3630bce677351d75fcae6a8acf3d683c4cc5439bfcf3a66c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f9386e726d5b5ef122ccf447b1141681
SHA1 82e2259528be8aa1d979da4af49be1b00fef45bd
SHA256 b33a70d3a58ac126f2ab90cf8b0d6aff36ccbddee3bc817608c2b1cedd58dadc
SHA512 5915760d7d38fd83bcf649b8c9c3c42b54a74066edf13149371e4fdbb929c2aab613be70a9edcc03e7ee1008bd20bcecbfe911a2a8aa9c6c7d7e27a5b32f4421

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2849c33cd0f0b38e6d3dbcc949497999
SHA1 61e0877dcb90230d1fcf59b3daf9e8dbd5fdf16d
SHA256 5375e89d664259db4888f1e924ce7e9d5a9dff16f8fa2a9bcb6c0a53dca93ba2
SHA512 dc8e0d43452eadba301d3a785876709f9e37fbc4acebc8e62b28e56c373faee02daf6476a9b6312a9a9ca9d95ea5189aba463a6ce797492e52015f96fab691cc

C:\Users\Admin\Downloads\MEMZ.4.0.Clean.zip:Zone.Identifier

MD5 24a5fe5fb1e09d682063f604f58a287f
SHA1 7ce6e8490413d86363283d135cb4ff58c8dd708e
SHA256 eca56e7e75277759c3cc4d447ad23be8dee54967c2407ce7bf0b8cae3b7f8621
SHA512 883f0d83d66fb3346523f97e7bfeaa86a43e9a7e0060084e7d6709991f21421f6338eaf300a0b0d2e39548680c42eed34aa21ec972ae384b199952577d9cc80c

C:\Users\Admin\Downloads\Unconfirmed 133484.crdownload

MD5 8ce8fc61248ec439225bdd3a71ad4be9
SHA1 881d4c3f400b74fdde172df440a2eddb22eb90f6
SHA256 15ef265d305f4a1eac11fc0e65515b94b115cf6cbb498597125fa3a8a1af44f5
SHA512 fe66db34bde67304091281872510354c8381f2d1cf053b91dcd2ff16839e6e58969b2c4cb8f70544f5ddef2e7898af18aaaacb074fb2d51883687034ec18cdd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 649803ce3e04aa1a8e1a2a1017b0c071
SHA1 a1ea84ed2a140e235f26291bc544c54fedd0f302
SHA256 7725472ed42a4844a9979020337181989b6c6c732914f02e1d8891f8b8050175
SHA512 1e02986d63e966b425314ec02c048b70e3357d152962af56b1e5ebf6716eb9674feef17fcaf5ad5f6bf407cda8b321ec3135b6a3f05087ad8f9dc1c579432e34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 af0a22805463fb4e12f86d4be5f238e6
SHA1 b9f30f48c3e2777138275153a3837721bf2b5bbb
SHA256 8b2677619783e23dfe2f8def5907766f741eb5bf05530c46562e9d81d9086945
SHA512 1bf5deee1ac3eb09b6f72173363005bf19da3be594b5c1a17c29d14463eeb70c69452e5490f3b523e797784545aeef77eda0c864583d2cfd286e048aea7b2b8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe587e34.TMP

MD5 1db6952b4e90f8fc6c8d8479b3d5d018
SHA1 ac06f9c68c8f6efe1cff84c60a4cfcf13edc7162
SHA256 aa334de8154392ba416a37bec963f5353bc08c4a200709ca48b659e9410783e2
SHA512 42ae2a131a453074ae340e54abf482e43249f8c4c053e979d9e76647f8096fdfb543cc68e762d8a83f5c134cb9b161f8a8a6c1c1bf0ec18984b7a2c4491c2919

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 70a7c1883999392f156aa93bba538340
SHA1 b1d8d847d5d766a516cfa017f5f4d09a50b1185b
SHA256 7e58d1dd65135637fef7da099de13039d5ea3bc9eb0a5cb60c3d820e059e9e06
SHA512 d65e57d08a40922babe718494523b9617f1bf04dea52dbf3eeeff0b8f57cdc2692531e4292858095791fd3b27522e0f1a4a31237391b4756ad81a9c245511a81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b9c46031774ed925f8943cdc2e814b2f
SHA1 b1f45ad3d7c94335e0d6c73af09c3756894bb235
SHA256 c6e34244def1248d621765e6125f65e9edd81ff9e25a83b87860d1512c2d02ab
SHA512 ffe943a31f1eff7c9f22842259e7c3e765d3e6e0649cb16f31c771bfca491eb0d0ba01cfea7138a5752f5efd686388978857397f3b32965899508ca3508f0559

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a254ba2cd3aaf071419bc30f092906af
SHA1 9b154077cd4cb75a046a455fc7118089385273a9
SHA256 816677d3f332525a656de58966a6cff45765b38ca76ee0229c2b3390b8b326c5
SHA512 d93bbe0ab2e4e5c5ffadd663c98690d19cf9be59462fa56cd8dbca94991b67a87e2c7731ae951b2711ed5ad080824faa5c3393ac63cf1753fd60d8d10d2bfd19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 a074f116c725add93a8a828fbdbbd56c
SHA1 88ca00a085140baeae0fd3072635afe3f841d88f
SHA256 4cdcda7d8363be5bc824064259780779e7c046d56399c8a191106f55ce2ed8a6
SHA512 43ed55cda35bde93fc93c408908ab126e512c45611a994d7f4e5c85d4f2d90d573066082cb7b8dffce6a24a1f96cd534586646719b214ac7874132163faa5f28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 a7ee007fb008c17e73216d0d69e254e8
SHA1 160d970e6a8271b0907c50268146a28b5918c05e
SHA256 414024b478738b35312a098bc7f911300b14396d34718f78886b5942d9afe346
SHA512 669bec67d3fc1932a921dd683e6acfdf462b9063e1726770bae8740d83503a799c2e30030f2aca7ec96df0bfd6d8b7f999f8296ee156533302161eb7c9747602

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 9f8f80ca4d9435d66dd761fbb0753642
SHA1 5f187d02303fd9044b9e7c74e0c02fe8e6a646b7
SHA256 ab481b8b19b3336deda1b9ad4680cce4958152c9f9daa60c7bd8eb6786887359
SHA512 9c0de8e5bf16f096bf781189d813eeb52c3c8ec73fc791de10a8781e9942de06ed30ff5021ab7385c98686330049e3e610adc3e484e12ef807eec58607cfae63

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\26C212D9399727259664BDFCA073966E_D84AA834FA79E192D6B55D4ECAAD497F

MD5 50099768131983a7128ba28f774916ce
SHA1 3879001d58d500c12e07c39e8bb687f9368a4803
SHA256 75283d94fc4d44e640d73cc3d60b4943759574425bc3702ce2e34c572cfec199
SHA512 063f570074fc96e49e79bf6b3494f4ff3fbd1bf5b87a8e1d85d56c08a0070b4ef306e770a830de743592beb1c078b5b3936b14a9a6b5b214fdfcc1b210ff6d97

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\26C212D9399727259664BDFCA073966E_D84AA834FA79E192D6B55D4ECAAD497F

MD5 adbfe8df5a3a78fc942767f0c06fd2be
SHA1 2bf86f7dafca267c1dc0287dbde373e3ef6d6b18
SHA256 de917883595ff4e91fe3a33ef6f43a4acb72aabffeaa19d8f42c4b0b73cb4dc9
SHA512 696235131767d49375e6e02eaea3e271f5ffbd5465e3d091711cb2eec39a3dfcd488708d49850e46f7245b3d46824182e789b5dab284fd5f15b35583337f1fda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8d62c80194c8b9fd82972b76c8d6edbf
SHA1 32ae06bd9119695f668125bb0862e09a65c2d839
SHA256 479e40087593089b9b0592319407c60e65a1c952e43b783ffe795bc2678544ec
SHA512 083c5a5273a735803b7c2c9b5552e7b5edc9eead1f756f7e7f738524ac7cb593fdd0ff7a1c7e327cd45462b87b891f7e4eea4ef0566de0a35178013e103266cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 38bb74e7cfaaff700b48648890b35c68
SHA1 a7d39d2ac7008498752f5ff2209f9018d1a4b05a
SHA256 418401483be56c8e50ca117da50953041d8a3493ebc6bef866c683a78fa895ad
SHA512 cde72d29ece4cc444bd839e40b0336c4327e1c0f3a99234925f898480d17eabfb93089296b1f944a8d4079a78d0d1db8345ecf075e0da1866b536ff608befc19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 808e7050a26949a75c3dd4fbf855fb23
SHA1 a47e8c224edddd26dde54e56118eae00899ee5f0
SHA256 5b6eb2fbf1d475ef8a0024f018a46dde21ea750431973ad67e8dea41d9abecf7
SHA512 ea9c49718946bcb50728cf626627ebec705ca03db93b5c42a405386061bb29d098a5fe5343a0574bc191b0aee5deb117a5d4d3f0116adfc65842bbe6769da9ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 209af4da7e0c3b2a6471a968ba1fc992
SHA1 2240c2da3eba4f30b0c3ef2205ce7848ecff9e3f
SHA256 ecc145203f1c562cae7b733a807e9333c51d75726905a3af898154f3cefc9403
SHA512 09201e377e80a3d03616ff394d836c85712f39b65a3138924d62a1f3ede3eac192f1345761c012b0045393c501d48b5a774aeda7ab5d687e1d7971440dc1fc35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 a5e9a2d809b86d0758e0f2a1d183200f
SHA1 07c694f63c2675197d7e7d990282c3d672125f41
SHA256 3c26f5ce2a281e3d9635e7d14ac3b8dbc934fdfee1591f1717437c709165fd74
SHA512 3f914cb6c180400a202b7cea53fb473dc477a31ed9ef007ba9468f661402a77f8810b38572bd378380e871b59e2c357553b647d8b341b889318f01e1a44f3106

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 cf604c923aae437f0acb62820b25d0fd
SHA1 84db753fe8494a397246ccd18b3bb47a6830bc98
SHA256 e2b4325bb9a706cbfba8f39cca5bde9dae935cbb1d6c8a562c62e740f2208ab4
SHA512 754219b05f2d81d11f0b54e5c7dd687bd82aa59a357a3074bca60fefd3a88102577db8ae60a11eb25cc9538af1da39d25fa6f38997bdc8184924d0c5920e89c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 c3bd38af3c74a1efb0a240bf69a7c700
SHA1 7e4b80264179518c362bef5aa3d3a0eab00edccd
SHA256 1151160e75f88cbc8fe3ada9125cc2822abc1386c0eab7a1d5465cfd004522c8
SHA512 41a2852c8a38700cf4b38697f3a6cde3216c50b7ed23d80e16dea7f5700e074f08a52a10ba48d17111bb164c0a613732548fe65648658b52db882cacb87b9e8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 3051c1e179d84292d3f84a1a0a112c80
SHA1 c11a63236373abfe574f2935a0e7024688b71ccb
SHA256 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3
SHA512 df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 68f0a51fa86985999964ee43de12cdd5
SHA1 bbfc7666be00c560b7394fa0b82b864237a99d8c
SHA256 f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f
SHA512 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7c43187e79bed79e4db6b113a00cc858
SHA1 188897896ad9d8ecc0e1931f93e93641ae8d9112
SHA256 ad99adef7a18a261509b54490b306cd3316e0a27a825495b910e54ca0858df39
SHA512 383ed7c376e0e0244734890b25ef89dd85031394ae757d0deed022fa388ee97788dc8fc2fc8b3011b75f472e0731d4508758ce2edfb18166ed5ddd2cd554cde0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eea5f18925aff94e58b4912a57ef22fd
SHA1 a18fc69127482726a6dfadb036367b8b7a724078
SHA256 f9de58656f2830c621495fde99ff20f73649fe5e5ff0a8c385052b00cfdaf3cf
SHA512 c82047ad7053680d8dc4badb4c04b520a4c27db0083a378199086ba4c27040df7829bf70fde9d9bd6a41105d9c48c52bd16a51794660f81a559f667d7f5b8791

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 622c2d8e24fa471c9cdc60e884f621c8
SHA1 7f746cc5b60ceffe1a1254c9a8ae4c313d31cb3a
SHA256 db4f33a5df52c12bcda58d0f6b6700152b621eb36f0c3e30f3c8911f1b3a8a23
SHA512 27b39b656e6403b756b4fcf083ef634dbda816dc5043d6fcc04c156d694bae88896facd1c4e2808cd5f1d3d7e9f149ab014796b5aa38a7273883950a8841a20f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\index.txt

MD5 63026df0caf912388cbd97bb917baf69
SHA1 89685c954f8f0cfbde33e6317de362a3308b64fd
SHA256 91591555924fc17ec0809721c5a4f6d205fb3fd0b4787352fadf75bc570b998b
SHA512 4a560ef9d99f51903bc015ccaf4102b884350ae3b81d930c75a3ef6b7f8a54cf2429075f6d1545ff6ddbe4ba658d216cc09c64e6811597c798cf5a4283b00303

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\index.txt

MD5 2dc40e95d726cf3131b1b5f381734bcd
SHA1 df6c97687cd50fc59815bc672a65fdb34cd208c1
SHA256 7a778e79d013496d84b7ea8730f0a268de07011eb3b5504dce829f18c369119e
SHA512 5cb360ced48c22aa538c491e7f5e1984628add1d02d3e4f15b23fbd2cf41df662a2271de405b482523711776d00ad08fe0aa5f0df031009670e7f8237692fd5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4c1721261a2588190f06681caafbb883
SHA1 6f8dd269211547d1edda377e97675dc82a4bce57
SHA256 b27c264e1ddc2042e6da0164492e11101fa23cd48e11c6e43b4a7f0aa6d2c0ea
SHA512 132626743cd8ef61978913b27d8a909a34995033a04a444e0897051ddf3301eba260fc08a519a89c9a5f1f6decd96ddf1875a533de74f7471b5ed2022ac71035

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 86a03f531a4e88f0bd5fe03da54bc7b4
SHA1 dbd570646fd16ded72f082649bed2222d572f855
SHA256 52b2b444a808a95e305638bd8b026bfd13ddbf4188e5cf237073d9459529996d
SHA512 66b6e858d8d9aa412bebaabae1286cedc9a4cd3439855389b04cc57bd0895214cbe012fa05ba584f893f9880a49ecb3853ee75c0b495432ad3ef12aae7db78b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 fe87cb998c938fe8581a8c22baaee4c5
SHA1 7adea7517ef2d4b1d0942d44add3a6043f500a75
SHA256 3aecb96c2a425c2c63e1afa42430f80d498b5f08ca26ee5634d6c246ec64a2b0
SHA512 1f66203fbaad1ec5cd22a105dfc5cc288819a0bd309cf337307d824f51f3bb0415ac0b8af8a254f743562d6eeb84bb5aacc12daa028dcaf46215bf30bebb7a02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59d99d.TMP

MD5 e0dfde5f60bb93547c9ec5509903fb56
SHA1 908da5887285bb5a36d4a675ebcc51ba26c9c4a8
SHA256 8c3a34f121597c8920503981757df73863aabab79ecc62cab6f2dc29049bf829
SHA512 5ab8a04beb4ffb07e4a2acddeb2eb71f423fd6f7264539c22fd73520b169013c98868c96976a5581c746b2b489b58c8f231d4af17018facf9b51851a7d0250fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dc4ea6c18e42c2e1d56356c65cb3a87d
SHA1 d2d9f52c0ed6614d42a76ea7a6cfedd278414ebb
SHA256 14cea7301170dedcc192aa53956bd19fe1f4532fe5ef85cc16f4b00ae386ae5b
SHA512 6604a5b2ddd7b781e74936218e5f6f170fb8bce5b9ee142e54b21abcc998c260677f4d4c1f0f8b54a4926ec11855681afa4f61859d1c651d8ca1e7e34a60c5c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\e3eb815d-ddcd-4a5c-848c-182669b4c94e\index-dir\the-real-index~RFe59e63f.TMP

MD5 86785894fd0f66c688ffe861c8fd27de
SHA1 663ae00dcb62ede6eda9e18a8b79314c19dd6757
SHA256 7e7ccb9bd0e983428d0d0769540c3cae7f437b7421b787b62d1c390fe796959e
SHA512 ff6e949ad9e2b5cd841f216396f350f3da8c9d2a2c8d3ff23de494c6a1004660090100e4b63e2ee4c580b2c3b95e818f3b1479e33d0308c436fc2c424e739c19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\e3eb815d-ddcd-4a5c-848c-182669b4c94e\index-dir\temp-index

MD5 6a96df00f84455f7df75082e347cdf35
SHA1 79f9397cf50fa06faaee9d68cdfb31baaa67236f
SHA256 afb231bcfa2a1075d35d8a7e7fd5a110fec0471669f902fd492c6d087d0c3c4d
SHA512 7d11d49631567059e86a7c45a514f048f948f9fc9e8d43c91fae37c3c82e1c9985db353cee3c44e9317ee0118971b87be8dfaef75829794b8391a8b0bb3ba269

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d87f196e3b15c1f5fb930d581b1e3bd6
SHA1 cf55bb23c91967dc4b53ba8fbcfaffbf1acd5905
SHA256 1591f93df98bb311027be72542ee7200015cd1232e00e38b8b98f97e15961594
SHA512 a01231191edd5d6baa66c3ab6e24a324d3740bdd663e792b5bdfb1e4637ef5e4173ca8c46ff97af6bbdadcade16a94041feb48d808088d0892ac46fb439221ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0

MD5 2da6b43f8838ffc4b26459c973446569
SHA1 c55ac02145fb927dcf8a5e4c0adba1b394098e68
SHA256 fff2cce9f5f048a0f8be0c49ab5b3ed3b20f15ccde76f51f76d5d8d59324d7a4
SHA512 67ed124a343bc6e5e47881c76b182f087e031290ba96abcc0931657234f0e7558ed7f125036b8ef5391ef331a7a49ef1e0bfc299a57341d054d081b338457e4c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0

MD5 a5fd965cca52ab25a51b0ad91110420f
SHA1 c8590c91b142ac27006bb484fc207db48eed0175
SHA256 5f391da0e665fb1bbcf126c22a1efbf9aebf9892ef784ef235f9c2e56ac5071b
SHA512 3dc22b83cd4fe4f712378e89d26095a459f885e7bc0c5f6162a7628d49d600a3b668921d9ebfdcd591ba66498f594946d762de35a50f782324497c0512e1fc43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 d769365ba9c0db55211a32cb278beb21
SHA1 d35fc8f0dab92d074926777b167c8099307ca3bc
SHA256 4abd1fb4ac7a1716bab040f0bb8846b7bcaf62936f2481022bf8bfbcfefa98f3
SHA512 45f4a56befa40c6808e0c7cda2c215ffa6f6a993bb19055248a291bc6fef9ab5b44c4fee4cbdc83aee782edb04bbfae7ed76dda677e5baed6b0b072a1e5e5a17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

MD5 acd7fcab12def310d86522bbb509766f
SHA1 9d6ce259f6347287aa96d021f73d83da8beaa46d
SHA256 b42f36e3871dd89d8e13e66665c01d01c82338d13d706dd931b880e52e52b4a6
SHA512 6cd6d012070922a893474f1b094be4f28a216234a6eae473a96c84f4327fac571d4156e818c588b5358d7942df178ee5a058c7a707f4e9d0cf097ebbb40a025b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 2747d05d41744eba745bb2c0d517929b
SHA1 d10e2ca5bb7df3715bca65301fd836fda09ff348
SHA256 21dfb777bbe663f71b3033c5378256b7972d826de3a7b2719e0a984d2fdd47a4
SHA512 2c99f63e1f26adee0f52a81dfa03ac8f84f7381deef2be3d11908e802b6589004d6f421815db6505bfebd78d8d1151c6ab692a217dd2ee35a3e0117afef8a8cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 449fbb896cc20d35f235e81777e34699
SHA1 0476caf0236a6199b49a984ec046a55dab42268d
SHA256 609741ac780757b826722571828c4844875c4fb9168073229c4503bbe03ddcaa
SHA512 52da36502760bbb88877d43227df6c7cfab70571781a166697d3c3a12efd9c12fb91fd8689ca138fa448d0bbd89e90118d495d0e2aaaf864730df518cedddf35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 f29e12caa51f9be1e14742ac1e4aa65c
SHA1 69b33c2886cee8b23a9b5f59cdfa3980a7c286fd
SHA256 53bd88d90614a0869849eed12df6dd03fe2094a686ff49c084e0b459b5f5a0b5
SHA512 ae4825109acc2d657dfe9ebcdb2880874c695f88c4375c7a4da01f4f9477d893da2cf957102dad56645622b41c82c51dc09c158c7c86f99ef7a9ba8d0f3fc473

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

MD5 a9cef4ad0b008f21570611f36fad01ae
SHA1 3a9b2cc081000a2f972b4dd114ba6c8f431ac10a
SHA256 02320af1dc3cfe18ebddba294ae61482c77a0271557dfc96fb54fe88ed85e8ed
SHA512 96bd1d5ec3905eaaf56456c41c535720ddd49661c8ed83c5f916b33a70b133d7c73b2ac4507180ddab1059d684727a2428e594595a393db0b0fe71dac32e4e5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0

MD5 101e9570ab89b1a0df42d9c43756a100
SHA1 428703318967964c266818f41798e86190051e55
SHA256 262875283cd57f85b323886e7894e2adc2c447b9e2d19fb9d7cf89b4411b7b48
SHA512 5960e9c2790d4e4b3a6a48b4bdb894129f194ffde646c662844f834749add507bcad50490400324cc5552886dc5bcb433e806e168a837bf83a98216ed4f76b72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0

MD5 9619015bc3a8b99c49d00d85d2dc8c15
SHA1 6cf870419d03b616de4053689e9c1e63b1b41508
SHA256 8a1dc8cf93bc58b4d9683e73dba241806b0ccd1363ddbbd64dee5bed9571c7b1
SHA512 aaf9388fd31a1c6c022a1f480163492a80d109db527c204d30bc05071cca931048d3f06ff1b09d9c21e31d3c6b92fec9aff70c189fc620afb6708b2414f28f8a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca5bb3c84b908d6e_0

MD5 d81e63a60b785c6a19aa7ec36e5a3d36
SHA1 a3daa3c8a4e0f9c31d9bec539d87867307efeb2b
SHA256 799f008d221bdc4b0c0567d13bd93238350072a26061db47423de4815d5e001d
SHA512 64d80f29ac5f654f68177fb482a14ba8524731aa75a0c467c1e289e3e0aed806f1b83c7b93ee54154beab3de1e8b58af497e18cac3e5cbb2eff499bb8660dc54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\d116ef99-3f0f-4b68-a3f4-989382b4d7ca\index-dir\the-real-index~RFe59f13c.TMP

MD5 8312156ef95f296d3ecf5652f97154ea
SHA1 1598a66600ff30f3ec1e499c2df9e7d12439f8b8
SHA256 42bbc788b588eba12ba3aaa655c9ee0bac5d0483f7c43530fc286fa7b43d3817
SHA512 bff18e3df90a85becd398b6d672793f5f6e00073e324e1ba27f7e6299df4e5e455138a97b69c04756abb4eb45e2af71c2545ac24a5a74836bfe2ccfeefc50684

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\d116ef99-3f0f-4b68-a3f4-989382b4d7ca\index-dir\the-real-index

MD5 9327f3c6dd6a492501850caeab3af38c
SHA1 896f210d8dbbcd883bada3cb3f34449859cb0bdd
SHA256 00be3dfd942633584a0352b018d5a72925b008509072b233881d4db53a26c42b
SHA512 a15f459544f4dd99070637f1f5d9e52e2f79541f873da046fd38a90d2b839cce5fb449f6dde899be25b1c36e3c07b3dcbb07cab2539da68bf4fd08f547fc1c14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ddc05977063bc57c12dafa2e9338e7b3085bc428\index.txt

MD5 cb11c249c9dbe290fab322e2907b3fba
SHA1 e16b234c00fd15236783a8d760c1e44f12b78028
SHA256 4847f999503d9cb3c67e90711c353db05b8408114dd296c39885acc49dc42e78
SHA512 62938fe2563376bc48d1cda5bb7f8a2a212146c2bd429a0ca6f695cfa403c01bfd1f1e1333d0a2788087395521c8d337492a2214ec94d0ede4ebf797967f70af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b4fbfe3b01ba0eb12eb35bb92cbd76d0
SHA1 966859e804dfceb642b761f4b5765677b6a6b1b2
SHA256 6dd3db37db4f42b9738e666e3e47f187bcb960f0e53b067e9a0e7b607f453d9f
SHA512 b4b9814d3cc63a5d36b5cac4cc179a4c64a1aeee4ddc34a2ea37a2a830a44f9e89749844c8e09ca114ada62c9efa807420f1076516d6f80b19bfbf0b4d19fb23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cae408c028b84166e70bf64dadefedc4
SHA1 d9956b6601d69ddb83a7e08162e68740404e7464
SHA256 7c59b710e5b79ccd080f252b087046cc27517b9f21db2eca26a5bbd26e1da271
SHA512 6c97d9dee260201c84923c53f072fbf1a6381e091c3e08860036c86a4cfa96068e7dbe2ce92fbf2b5a0975d6f12dfefb3c9c84bd8a1303118d836e4e1a5e5a97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f66c8ca3ed7be57d9b3cc14cd7672c7a
SHA1 bf257b2c1daad866792c08931636000525ffb93d
SHA256 0dcfbdab7a46c276733cc9e97e7fe1db2e22638c80a3529c58ea411abe542c14
SHA512 83a49cc324f4bf08e201e0b954ff0ca162223abd6dfabff99f9be3f82d72ddd5f0b22c446bfa75a2348e0fb932c17d49d0dffd68166cfc5883fa9e9938a6e53b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e83798036165846c_0

MD5 121b003e9e8c358640fd1eb8c2cfc0d0
SHA1 d8c6e898c572dc453d21fc57efa701e6cf00fedd
SHA256 a11e9ac0726c4f3cadab8f185dd130554e53c2fcc4dd177d0ed7b422ab7443bb
SHA512 0ab293f5ab56fe73e400ae16b7f5d73991703fdb582c455bc7f8bb313a41c6ce03ed911c87bebe0352f0b9bc92fb657cc15af40d5765f1a796553fae716feb8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0

MD5 44d40b0114db23b236ea9e70961db8ec
SHA1 516d3cf62f5b7b4004a61ac0ed04b05a26c7c67f
SHA256 5fed2e1c3b646ab884aeb7b5d70aa5e935b0caf396ae0dbfb0c1b3521792e974
SHA512 bd30fdff2209c77e626c8e82e30a7355137cf3797bb147c47ca42c09db574c49454ed5ff427cb9504ae331e3f762139d1259c5f28340a4919e3b43cece48349b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e23bcf4dbf5c221_0

MD5 5e1b66b8283f5ddce6e7fab4d3c29e68
SHA1 edc2378fa60f3071c5ea9656f2350ad3c80323ff
SHA256 d1d1e7b01ab2c3a75b53e275f7deb2db531fffd705f86147b374513ea2c210a2
SHA512 fb95656d4637c4fbb09c35884d0b046334428ad7bee3769d069f0ae68e79468e8ddc564844cac2b8cfd26b230327ea1c102acec3027f4b846de6ed14160127e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 a77f373dc0c189e11c5fc45f4d9ca9d2
SHA1 dc29a32e3feff8d8ecb66a6503410dd535817535
SHA256 b1ade8fb4117d13507b36ad53092a39feb5a8d74768dee07e1fa0697ae79bede
SHA512 0bcf4d1eeed7330b5550fe65e3e2c0f893ff7f881e6f0d2c202e9baeb551488c811588b340002609e32097396d57e6ff4437c093bac22f016c2e14d21e74e72f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0

MD5 178f7480ae604ddacc847d2c95f61887
SHA1 7c12e67780f4299e3e2647b6a7b756256fc2fced
SHA256 497afc2ad66848a3fedb939c0ea5281ec1630e299861fd6a13459796b039471d
SHA512 357cb726611f1fac83daad9797dcb3b67bc3a8552dfca016a018e06ea1ef688af1852ae6c52b6dc7e7d5ec2fb8f914505055f6b1237f32c9a4865460e3d1c0be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df86a3897c9e7849_0

MD5 8149fa221d8125a0e0b2b2c3f2ff6223
SHA1 7fd1f95c6cdb3d4984638d690aa86fa70b215a25
SHA256 76a7f4809ab7f5d4984d3ce5150e2fce5fd7ede9ddb08b6522bd4fea0505f8f0
SHA512 2d9ef777abddef452110bca84c0e8a1c25b774e418c19748f3fb237de83ef03c5354b1da820d9e5d50c7712bab645a572287017ac36d6fa9d99d03b760e91e19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 a1d147917bc6fcf7d17ea6292552c054
SHA1 39d50eaa58cd654f8c140f878d484a19a1665e77
SHA256 990646a2f307d481b93a62b3b1e7e6168eea9be3421ea06445c1aafe297f16dd
SHA512 373fd808998f07418dbaad855d058e3bf60c24bcbcab1fdc2e78270c753e777d6927c5e84ef6a1a8ad9e20ca9a4b8d589ab303dbf584f188728588838d4387f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ca892b448ce010ff_0

MD5 db6f72998b6cd1f77ad021c78c38a4b4
SHA1 6e346e74ea856767210a98684b920757277903fa
SHA256 bc9cd14ab4975e4d1b79316b51cf499b1f05d225fab0a8f3ee0111d279417b2e
SHA512 bdfda16da2ba84205f57221f9f5bc7bbe5656593132f99425864014714a50e9024aaddf59fbec78198d102ca43e2543c9ca811ba3699124f94e05d224302c35f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 1c5b4caa349cb5e9f946d745a80e36ea
SHA1 91b5132c47aac1ea4a87fc05b9818db7e9585506
SHA256 16b6a2e7485bf0c49990b1401565d0f46e94a3ac8f92e996e6ce1164c3428fe1
SHA512 c2fd020b43dfc844e631bfb9b756cae8c04e6bd2419fb23b683e09f1c525a2411d3212c95ad1edf3c50054fe1d0b36b58a2bfab8afa6d9f11e4837f30f1ec74b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d37cb16ef5eb861d_0

MD5 dd0dbedb76280ef76488694cf81aa697
SHA1 45ba2bc7203ed8513fcc42800b2b33fc602fc2b1
SHA256 48ed2dc8eb65c56f709d02b3aeae06e3021048a03d9931eca852149d38dfb024
SHA512 2ec443e090033d5bbca724637587dbe7a1e18adc1eb7f7b3341748b3f526334628d38e4211f22465fde59e3aa4f02c1e1ed921b27c9db6aa67f316bb484edac5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0

MD5 10f53d39d06a62c20cb5360995656d7f
SHA1 d154c1fdb5585c72e54c6a1b5f70907ef21e7107
SHA256 0d8ee715833db509a3541c7e6066dd77dd32ef0f07349a7729b32020a6bb5026
SHA512 2d056cd8b34bd1b923dca4aa24090c159a2d5b1f2e4fd8fdcec2cd0b75c42568f4f0e7a2dde0a333bf41d312a977d4ae8fcfc7f6577b28af4ce22b19738b4abe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0

MD5 b4a99a4d5d6e8b90ee704fb53b346edc
SHA1 bb13d93a83a8ae54736eee03bcdbc01309cc3f8b
SHA256 3d1d3e0a218763b7a7dce9e07aff2ebe314314521e1b3524cd91ec5df89a27e7
SHA512 9da81d46d6c1804369dc3aad5bc38332b328fae37d90309879876b2a3b4d113892d2d9b43f40740eb4e77da2b436ca30705ef79f0cf9d1cb263251e528713df7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\537f62c2e00def92_0

MD5 b2c571e2cc86003c150eda52ad330ede
SHA1 7496a587a0af9b3c08b53fd3489b5b173d6776ac
SHA256 7e2f0bccfafa04c39b93b2d1ea352fb58b6959d566eebad233cd723bfe391097
SHA512 b096a9507c07bea0d8799fbfedb6fc8274fd7bd1123d60ca32d8a4e179986894ac031e17b54bbddff9904f01593a59ef6226551af5e65e06e933ed90ba29fe7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e504183595893c5c_0

MD5 0be95b614da9b6fc02cdb749f7966eff
SHA1 2187d6baaff6dbd96b3532e09a1d67eec236a9aa
SHA256 7a7995a6ed241d4c6d86e8e1da1d83d5eee34eea32cdde2c979fa68910885975
SHA512 5c6b8d99094347de9f3bf180be815a3a7a23d2a74fb9ebd52c7cb91d4a7a39dcc786548362688be5fd99deca4dac43c86b8b4bcc090235e7de2029a985099ddf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

MD5 386a8dc18b59470ed3ae8bd8cb4343ae
SHA1 0383a71a6afcb8fbcc1fff06ce784c282cf4836c
SHA256 555431a3aac959ca18a09a3b4f9bcabb76d7db9b9030d62703c03a6baea7f404
SHA512 78fddc9227d1a9f23a32edcda313427a98071a07a33c57e347662470535f3bc24d062ed245fae1a4d6f92811f53f442c8f069a58ff021b4ef99679e26a980082

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 65a5572c33187b79f77e2d685f045493
SHA1 bde983ce9f88e685630027c44e0b8b06efced3b5
SHA256 5201ba06317de2203b2008dd3b2031b1d2956b26ae0d36b45fa081ab42410d80
SHA512 9eb2424042d31e396fc36286dc9910e2d50dea81be938deb104b0afce51639d0732efd199c5cdd2d9d907eb130f5d4f6e7489d7618cc637dd08c2e368e241090

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 cbaba0698d4451c38f36aaa481f85cce
SHA1 0b31a60f3c6e0a07444c42c5a1eaf6b7f2e0fdd1
SHA256 7ed4590be4b9004c8af9fe160456cfbf13c7a3c20b55aca7aac04961a496db9d
SHA512 63b64268041fdf287130654168716868f469e17736995e441c2079ae28a3670627041114c074eaeeb22a2dba12103c9ceba4c7d32ba8c9b1b00865eeebf33e7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0

MD5 30fd1a7d39d7124dae05b8a11cc4f42d
SHA1 ff58fa1f8e81971e2cf65b916286e74324a79c6c
SHA256 f36de09a923a384295ef8d01f98b4dbf8f0e68b94529a3c2b48e91c30339d767
SHA512 94d4603f41c90803149d1da9808da5ca09af229a0592c14ae127e16a690be2bbc604b6897c4ed10151e877c28ab8dccc4bccb30c95fa5f956e2f3321a67e1497

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0

MD5 aaa984813f1c326448f6a55b8c1525a9
SHA1 8be3a7e5e7b4b92eca1c9f3b99d64d838a23526d
SHA256 4e6b0409843fcb2561f340bb040475b42677e4dfeb36192bbe03121c8ead05ed
SHA512 5d40d515d4f7b7728ebb6d55c6867110f46e44cfdd0eead99963b4697d6a44ba257a923337d21307a765ac905f86a64506f688e4ef35e920b3a5ca728a0e7465

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a51ef587dc6dd4bd_0

MD5 9845c0350b29d1197e205018d6bc2a97
SHA1 d142947d6e8e1fdbea0654f0a311bf3af9690d89
SHA256 9cab48f538c9cc4e9b45981cae9518029e6c6a3a9062225ee01e6424c958e7d2
SHA512 0c904df03e45e605bfd4198149a637e761516f4a6b70e1a16f6219022d093f2132983bf41a8836f78e43ce45f84cf65934d62e73bca8b9d4eceaab5b007630f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a5270be3c23293a6_0

MD5 eb533c6604139f6310aa9eba01f13aa2
SHA1 2b280925e820d85ae95dfbed9482bbe6e4676434
SHA256 cb6ec2c94029a976ccd55f01b4c91e9cdac35e1e4152a152ef397314cb972ad6
SHA512 3328fa702ccf532455f4c116e3d906017686936a7f173928c0fdacd01cef3322f403ec03737daeb9a27a06767a3f0be59552ecd58ac885996ebd394d3a907e3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0

MD5 0bbbdedaa77627ad7792397d0440af78
SHA1 64700143f6e7297ba79a903ee2e8a370817da05a
SHA256 71705ed5d248af629d31ae6a76cc96f626031b43a3e13cbe04bfa4dc05396c6e
SHA512 d31966457d780b83f7b49249257b05f2c993566f3c168dfe530969b3d4c5abe93d7f0771c7d00f5c98e38dd9f6568f47f86eb682e1912f91892f96b95db6281a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\feadcc6fa014c0d1_0

MD5 69390cfbeb31f03a76a356e802b8abdd
SHA1 595fff25c629c94821946640ff97b36e7a765532
SHA256 2590f5af7c2098b6584e1c4cb2d6dd448baf9db5a94f5682cf8057a68bc5f215
SHA512 7acee1ebe372cd9740821f72aca63bc1ad99658462febeb12ba4cb3036dd8f54de69269da3d7bea62a1fd119e8c05e25c983b3992cb87fc19462a4c32d0353b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0

MD5 159274df31357aef7eab75fa6762a6ac
SHA1 cd88668f8f5cf8c9ec80bec88c3e046243807358
SHA256 5c7d72eda8b1f750d8daa3f6aeb0c19919d26c0694e7def433f27a269da22275
SHA512 d29c8e8b1c10fe5b2afdcaa6f90c9afd87f7248680ad6a095176a3417af1b466e58089fd95cfc8fd359ba1e6e5a10c377fee4a00fd8ac9bf523e0e1426a3605a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54621936eea23565_0

MD5 60fd1f3c73d2a9e43722cb95a7bf9dfa
SHA1 b409d6d9d2d8b660d200aa4b4658874958b60925
SHA256 83de5cac07de3d28b1c850bc3029d180c4ee882bda90370ef857d35dfaf3e02c
SHA512 e59bdf9d623d024dd5504d322dfcc926be2728ab257f71b3224f9f1675ac7047bfaa78145c4a8aed4116591ffe0c4d82f8723bb77dd499cf7697cbb6274bc29d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0

MD5 484ba2eeee69198b13fd1936e11a6971
SHA1 ac93d374848428eed73bb3f17cf6a1bf2025de1b
SHA256 4e4ec0240d7c5d5008f7603be2cca192fcd37c41b43b97e46ec428315e87c958
SHA512 2c941297fed33de8eef0ccffa9ddd52f7b5f174ab43a2ae4532edccda6184728cd3ec4ff3cc4e58b17215b856c6f7501fa6f22fe3b422959576615f636c110b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\97e5761b2a976f35_0

MD5 88bc575a41d11de1eeab84fcc25fea0d
SHA1 3cc9d981c2f090a00b4c276759f69bba3b185e9f
SHA256 511e9c8484074c1386dc86ce583fee8cad230f4114bf3d05751fe351ebd2400d
SHA512 973a0d27952759370342288a7aa38493ef3c5c277e6c0c4bcc289198687c93b1ae70e9dcc869afd9e3b86b2e61d6a32d7969a523cfed49baec49108dcdc3ad23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a47c4ca6d8d2a71c_0

MD5 d951f1a56c3925da4b449ff64f875210
SHA1 88696e8bb96ac6fb82a2ace3c80ab1b9463418b5
SHA256 e832b6a17ebeeaaf4433f1ff1e328ce749b021b48f1529051b1a43903ec313dc
SHA512 d6d70ef78970ab9d99c5ec6c5fe686d5b5eed368fec5f23740c182c5c4ee8e8d1561bce76118854e4ae9049128db61af17e6d771af0b10011854956130a1c55e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ed2ac88af5e704a1_0

MD5 6e81bc074977c7dfcc187e0fc4cb0c16
SHA1 96b4b36a0437afc186bc56fb4463e1cc40ce194a
SHA256 ddf6b7aadd99f47c60cbbc88cf9091b096b32c30a7f7237b572315cea8540f44
SHA512 71a374721d6693a6e48ab21756ca6496e0676c7e497d7fc0b25009d4b47c235ea8ee3a2e6cd6623caf2ba5ac8f4e3a605641dc77349bfed434fd5ffdf2ba95b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0

MD5 4012c66d0f8733612bd0e235f0495199
SHA1 89403694f834005a4a4edbe102752b203542ee06
SHA256 ed7ed189374cab5da0b43e940522c9a0816fd999af8ed05a19f0fa2726618ba8
SHA512 009bf814e7c85ac48dc7c41b7a64ae2014a5d36bb5d65d6d5016eca3773bc7cd4aa19a561e61d9687708bded2df3d36c401002ccbbf4928e064f3ffec0aa2281

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0

MD5 c23407ebe051aad3644f6c61c988f693
SHA1 ca87e22fb0802495ce309f37393b999fd4402efe
SHA256 6a3a7ed56922a218f66abc0e2037eb89e193828cf97edf02f7a2cdddc3e00eab
SHA512 8f2de20f0a8141b5f8c4b3a0c183daad707a9cda9b638553de20a134395f8e6a1f66251ab6a98d1bde8213e906c1b17e968908f4bbe1dc9fb17df42beeb5d343

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ae8d0b05a4b538df_0

MD5 ec0643617b234a9dabbd4e0bda3bb903
SHA1 83e123a526e4397a1fd447190f53ff97aef09a85
SHA256 6c5fd24ce2fc7949705f9511244fbf962559946aab44ca898f0f7c5f3db7e5f0
SHA512 425f3b2ccfc9d0bae26b1e3921e30fdd5e3678929216a460bf57fe35ca46f8db43e8a6996c6169685fcc24936e2a8399de4d69339afc19d31bea1f636c5140d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1275a9493decb4e4_0

MD5 de7c1417a19f32d178963b048738a2b8
SHA1 2e9200b6086363a9fc24011b282c82389d046a99
SHA256 130fa9e4f169446836c843ad2a1294ff436d22357c482a37a55fda3698543cdf
SHA512 6915bafcad1acdb39bfbcda312c3c97b6a61ba958f7e23fee6329dc967d2e6461f5861a69902cba8f6cd9abc76b13b0457e02e09db2485c1191fecf44bf222b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0

MD5 b78f26a4aa4398f4a23eca2e4c41b82d
SHA1 3bcfb3eb1ae09e742ef7733ceaeadf8613335950
SHA256 d249ec8888c9425fe7baf55802368a521f82ad6ee6fbc147ce178db572d6f1bd
SHA512 a2a01804dbf5c6c3021d8c3732d48951bb002e9b91c0ea570bab0728cf529f780d3ccfeca23b8a8ab1051b9a4a374ec099ba3d682cde8e7dcc5937aab1948fe2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a5159f2b9b360363_0

MD5 55d5ad440392ac7555815e39c1cee5af
SHA1 50b4f5db997e7581f1b5de54d2e0790090af7257
SHA256 66bae0ff12da69c712fdd4dd6471180c9419f511567d3ca31bc198fbc1c7ddf3
SHA512 67757bf1964fb5db13825a0bccbabf734ae742407bed1d2583e1cbd6c78d5f94bea3fb853a8f4876f151897c8fcb67860bab4dedf7494f97571310b7416bd54f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9c0109f54c03223c_0

MD5 ad19d7a227d7fc4635f3db4e2b227554
SHA1 72a41780f40b065fc56be7c7aba50527d045e689
SHA256 740dcf3ef07efd538e7134bbdeabcee4c6443247bd6a511c6ac75e7f155f8977
SHA512 e88927d6be3baf865de92dcc82a32f7d18d1a9d8af182cd933932948fec52f552f555ea73839c073942b1c23cc01b339e965e5f8a9fdc5c68365c05701fee387

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0

MD5 2b4c00754feb6b7d7d833ed3b473847f
SHA1 95d70527b56958ae4a6bb03166c73129fcdc8a2f
SHA256 62d0b8538b39a6ecde3168bfe4f5a769f1b1fb7307aa818de772a8f5a58474d9
SHA512 5b661a456a31b0325033688759c434b5eb0e18f85e388de04705f75a80733af8ccab0c502a97c6151684b5317a50c3eef4506987be0d379c31a314d7e507ea37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0

MD5 de03f69d3d69760668f85c3d887745f0
SHA1 1a06f269ff7945ff0d8c3770106b969e6031ecc0
SHA256 1090711881e362de7da61291b1119b2431171acbbc8801c8ba8e79721c991dba
SHA512 d544e495300ac69440de45ea441738df88f768a863eccec74ae090ffc3899b52e44f53a973f87c73d1ea7ebd1ac872f95964b5e5314bb393a5fb4741d8e5a921

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3557d97bacb52931_0

MD5 0ac57fa02c8448fe91d417b7161cc1f9
SHA1 714bf69fdf33154814fad204591b41f9ebcc50e4
SHA256 fd08ba96fa9d54feb865fabe8069b364ea2ce73c22c989a126fd0fea232bb17d
SHA512 f86f09b49ecc02487a330265d27477a25aad12b6d8debe3566a8a2caf403bdd56eff7fd4ae650acfac667a615a1cbcd7e3e4b3585ad7d918dba97ad53db8a54d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0

MD5 faaf56d6961f70d8d95baab1c1f0b521
SHA1 02d9416583d2040d8f2fa05062306d88b0184ccd
SHA256 e8583371c7ac4fd06cc71ca9120f90bf31d9e18f75b7c6ba50049a34362f11c2
SHA512 a1261a89abee51a0cb5b3d203e56da7ffa99c0498467cf94c3d0334af97a92be6bdcbb40a2bac3658bd39a35ca07f72747d17b40db2ea746574f5ac59fd677e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0

MD5 ce1673a373f07da73785a73d0912655e
SHA1 a66e08234c555db2c13672f23d353d7e6144d4a5
SHA256 154a62543a78fdb35a48688d6d68a3e4748b1c50df7ed1dc2b7041e6a9ac3465
SHA512 02481b5e1bb2f0c3d48776477e81dd252f12973d7f7124625cc3aa83ce8ab179492b8fc53b0ac09ee9f32d9a1f2401a352a39605d22fcedfeac691ed42164c94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 90b1d72bef47f6876a2911476e682719
SHA1 cd3e1183ee8321215fb3d9377356a27cd6cfda60
SHA256 8fde589f05a8eb81bba00f955f115b6cda5ce42cece10d0c9aefb25061a4317b
SHA512 98802dc90c6f7d45c14d338a225ac72b13d734d01ddb7f3d62c6fbfd686626b7ec140d46fb56d08e68c9c6e0b1485e359fe3f5cc2d4971a0b5fc2eaff21b2fd9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0

MD5 9173b6b0d972566779aadbfbc0636f3b
SHA1 11e420a61dc04f416d58aa19b10a9792150bcb88
SHA256 7a0716071a56d4b4e0b1f749839daa9a69e2929c814d008eb8c748e98087f296
SHA512 fd5b458c81dd7c6a4e194f7b6d04559f51f4f62fbd8a02b8c406bc3eef724f4a95b5363ff20fe6e1ede1d93ef82a3ef7f659c5168e6e8d3f7911e1af159db6a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0

MD5 b31b3fc708d0eb7418f3cfa4a2e9ad1b
SHA1 2a7879fb6d7a07355508656528d7f1a5304cfd6e
SHA256 6cc8c031919f237faa37b5cf05dac5162f5ae4cbb202b6344d4d4eb5c6a15a05
SHA512 d5fe1195b087536ef79c1ff254c631bc942f69e1238654c86169410baffe712d59d6ea00f25607c24e8d74d57bb0678882805c0ef37a3cfcc444d5a89ab43c66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0

MD5 e5d34dc03ffe211f61c53292c65698aa
SHA1 21445424c53e5d5be100ecc0cc66e2c9d4596523
SHA256 3690da237af6f47f440e48c287fa94db4a64cc07b4427b05b38cb6167921efa0
SHA512 c2564e073b2232788d753a1d9e0e20ce486518328d39dbeb041538fb5b1ac11ef1cd5ee4cf36ec3316bee0573230857cdf6255d9ea202211a610cfe64f478baa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d016d0e9b56b1042_0

MD5 0d76a91544e768aeaa2656684285420f
SHA1 fb4ede4b88bc61ebb4c21fdfad0729f8e42faeb4
SHA256 2b60536e0bdf6c9c7646ccb636d97413155022b4f57e49487e49db519a8a2384
SHA512 96408626fe65df02796b5da59a9273ae0c7bec1819c0c696c1bd3d99273a781c0bc1b3f4f84032772e76be951b97902951112176e3801a98b6cdc43deb9f426c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0

MD5 d4ea43df71af1cdaa6c3c5e3f79552de
SHA1 6f31c9665ebd66074966765cac814a314e947f57
SHA256 27873bfeb64771b2b32b82fbf0d5165530a4e50c99d27e9d0a603c5c5d5f1728
SHA512 fdecc81f4de27752a82340bdc404388b313b2110edc5e6dcd7ad4b8467fd570e9702b54d2c2577eba46436a5b438bf568242d6f07920c7df115c64723b4f37fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64fa70d4ab69732e_0

MD5 45f30762a10a4ebdfd4708d5ece66d6c
SHA1 d58cefb4a2f068ff70510aae1ef760f3c35390b2
SHA256 d2da01284531f964744b3203846d8de8308ac16f10476102bd571f045375d6fe
SHA512 46318e6ee6224fc9f48ee23e1f0041cba250fdbae51d2d4c906e191c9c166e378de3aa8a7285e5460478faa202484d110a047b4b9519a8a586431387a937e10a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0

MD5 7e88076c539c0dfe6914983dd5b82353
SHA1 b1dc5f2a9e7cc781c31ac99b358bfb3c3c52e88c
SHA256 09c4d7226065a976487b675ad9e073aa5d3c0cea221a1929ff273cdd6f58fd52
SHA512 9598c50df48d19f0db25818bd3d4fbd23add4126a75d067fc9b92199cfaa63e60566f8ef5c4d2725e5f37cfb1205278f7615842a75efeb6a83730ed8b1b199cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c807b8e9088e4030_0

MD5 a5bb421d8ef28bef5167a7006af0f043
SHA1 93c3189d80ae4034cb4dfb9fcd65b89fbf38061c
SHA256 67d6e35bc21ba6e7381f8bfb89784278ce6900a91ec3f9785ac1d940539aa66b
SHA512 a54b8f6cda0d4e1a2c144c6f2e40964c2854d337e406bfa424d5f2cdc2b841b1b00dc9b2ba7b42387f87ffaba50d5ed0ba2a67ab0e2ee9442bdeedbe2ecc6457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0

MD5 86b33ba77922775793a3239d43f25db2
SHA1 6c3ca551b3278f468ec1da99f7f103cc10b3b610
SHA256 e8981ee6d2cda17d66d2c0fd60f7ab3427603e2ddce9222b256f623125bf98c6
SHA512 d20dcc6a02c25868452d9e881f81b9b033dde219dcf53eb337da211e3756a7dcf6e84a65c7a2d193b0a6ceeb63271582f95a7eefcf3e47c87641f1168839a2e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\120ab24e8b469464_0

MD5 6909f56bea0daf51505d2b2e3744d64e
SHA1 3e319b0a450d8fc1c14ed5244b0bc92042ecc39b
SHA256 b8bed2b97bf13f8cd8b693d327e2c79077c40c86810f8fce6eb8a717c2e831f2
SHA512 cb922cc15d8d766dd16a20db75bcd4bd6017eb224551097af54e6aa64b82705f30fee0ccde2348f51aea5199c1aab00fb998a509cceb5516232be4cbc014153b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0

MD5 9509d620b608011d33e9d3710c47603d
SHA1 343fb85b60ed11d1786bc0502920338e0f8cd0c2
SHA256 262571791090265c39c423d57077d87dd4367f9b8be4db480944f1fe73625324
SHA512 1472e0a18a51221700e049191c9ef21b63bbf79f485960ea0602e7157a6b0a25c01db7c39ce862ba801cefd6bc3b211093a04683ac7af8671d40af870d0f128d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0

MD5 58df9eac08b7381a7f78ee1bb967f10e
SHA1 483889977b58590515e47c897fe8461cc84ab29c
SHA256 de46b67941f2c538e5ac7846526907d143d9af5d8a5b5c713e79f6513414196c
SHA512 7ae8bc5a9efd582ef21d71c6f1cf86cc5720c57b1bdf81305eee409bd35a76ef78aabe0fc652a85255c06d43ff7d7875adcbf9898f080867610f2a825e3c1fbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0

MD5 a479bbbf5394bf2f73aebfc6c0cfba27
SHA1 2d22fb6db3a8762f3ce1304af41ef1530b8832b6
SHA256 84386d6bbd17ed53870238541c7d0d2d49f596df683f09153eb06301f43fc19d
SHA512 a3346ca8537ac5c08b1409d0430d71e4deddb77ff1ee4d1c1ddce211dc22620745d826350a16c24079a0c4ba52cea27b52ad51bd01f6bbdf62707e048d4963ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d1d5771f5974fe10_0

MD5 6d5fd116cb7a72551228697137186af1
SHA1 3c9deedc4212e3c397c36c7ed26539f2054a7907
SHA256 763f11241443a80d26f159989bc6be295f2aae3eaad4ad3f8a1d2d853654db4e
SHA512 df16f3b5d3f5d64f89695e444a8fe54364517a28710535e4db3ea421be2c0370a182d96f2704832a13c6cacf20aaea3782c285c304bc3687e9cbe1965529a23d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8b65cb26998de8ee_0

MD5 51c4369787d1f88dba2e1122000e119e
SHA1 5c5ea04bf60459d45bc7df0f06a894216204ea74
SHA256 0db35e64c83561dfc31dcaf20c54583af10f15563b00b9822ae8e7d174101b56
SHA512 b89811f30182b6dad387468aecbcbb3efb64b73f4fc3fe27499f4d86a1c41d5f36c9ee0ff2a51be22aab63f3045bca7272615f96b11e46b3fda88cf74d7d0ab9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9da953a0b88ebafc_0

MD5 824cad94dfcf83e663b012af3cdf832b
SHA1 657acbeef0db371ffbdd2455b7e96ba6c92a5e10
SHA256 e5d2e0d8b384a34dedf489427a66d1e74bf5e67c173476554fa0eb3391944438
SHA512 2aed4d9ed0b420ebe71cc06ce666b9c694d69f42ab99ebb631c2a7a04759ef439a5a539d858021ca171109e51bf8f69fa16a136ab1a593adb6e34b23c1e383cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 109a8cceba33695698297e575e56bfad
SHA1 2b8c6dce1ccd21a6eea2dd9aef2a8a6bde389053
SHA256 dd82d9ac034f0a06524fc1d5ef884c29a7e4d586a1e7db66e339dc54fac3636d
SHA512 6d51ed30c45560838df921212370a0044640a8e3c0433922106225cb6fec8cc115ac6191c753da13def21c4e0db4deb5782fb7a75ada822ced1db7c7d13beaf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 7715176f600ed5d40eaa0ca90f7c5cd7
SHA1 00fdb1d5b1421ea03d2d33542a4eaf7ac543d3d0
SHA256 154632629a0698587e95c608e6ed5f232e2ba1a33d7c07fea862a25293a9926e
SHA512 799cfee1969b6137813c98b83b90052c04527b273156f577841b64828c07c4e6a3913a6ddd49ae5021ed54a367ddbc5ab2193226960b0ffe9a618c663c8d8a1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 c4b8e9bc1769a58f5265bbe40f7785ef
SHA1 07ff14df16d4b882361e1a0be6c2f10711ddce50
SHA256 2786986a3139e9722e667f81b4902609a4cf458e1c16206cd11feceee0254192
SHA512 a39157460b523ee2b9e1eacccf7aed99ff002767a8f87287c1c4662b6711b97f7d4955df64a86a882417fe71e598719e3934e14f787c1e6b3348c8a4c813e3ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 f5b631335f170065edf1b148e10b34d4
SHA1 ca34f82af577fec763ed38f0436d20f1cf766f62
SHA256 99be964ed51ca453ccfaa264a1ea9490da11e32b53765919172b6d3749a9f846
SHA512 c66791cbdc7c0d12e7295eb26eb583b26e03692c8986ab7d5dac0e6a561b8b68a8a9e33814121efc700ff6b472aa4f685162b0c75439b144f12286c9e28c7cc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 919d13ecf08e3da7e9f337e7b60d6dec
SHA1 3d9bd4aa100f69cf46ad175259edd6ce9864830c
SHA256 9d4575044d2efd5e90503beda65571b5158a3f32d999191ac1f82d1a5ee62ad0
SHA512 98d8236ed1c44826b4489b9fb7b76c62502a032547374446c53dcf2eee2f5fe3548c6587fce66df9d075294bc2ab6be97c3cb21457bc899451ebd3b476715985

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 a336ad7a2818eb9c1d9b7d0f4cc7d456
SHA1 d5280cb38af2010e0860b7884a23de0484d18f62
SHA256 83bdfb7d266fd8436312f6145c1707ddf0fb060825527acfe364c5db859887a3
SHA512 fa69455b3bfc162ab86a12332fe13322dfd8749be456779c93a6ab93e1d628e246a31a0a55cdba0c45adb3085acd62ba0a094b2115529d70cb9f693f3b1da327

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 bc715e42e60059c3ea36cd32bfb6ebc9
SHA1 b8961b23c29b9769100116ba0da44f13a24a3dd4
SHA256 110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745
SHA512 5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6c8fe8593748ba863d23a273e2ae64cc
SHA1 4b1dd9c7307d53de3f3ab8c9a6432bbe3a690c92
SHA256 b1fcfe448b5488f618ca10a18f1d4e411b60cf0e985d70664bd77d8e907b25c1
SHA512 8b23b409ea2f3436a8a03dabbb895da717140f9c66f6da7d0cfea311459d905eacbec718339e69158d62a3286033c9b6239ba2461b29ce15744a2bff09733e99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 191cf60d78d46ae56498dab00c4252e0
SHA1 be0c64bbe0f6f3da6d5fae458441b86f6a8cb30c
SHA256 c745e80c5c30a8e0296d81df1458ba026002bc0f753364b28ca5e21f634f57de
SHA512 833e0700413df5d86c445c6c7505d2343111ceb3c728fd393a5fbc6980fd1af0c5274bcf1e914aaa00f670877b2dcc5ab8d0b3906d241c8bf3040d1f5bb42ce3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6b6ddf10be9d0bba19d71bf62814e9e5
SHA1 4a6220a5039eaad58132547cfd2924fe9debba5b
SHA256 11701ba99746192390cc942d105705b11e199978e209704b26d0d7793ab49a78
SHA512 956e4d18d731a85c7a0107ce854ebc0706c0efde575379de394adbd5d50ee04142314ce6d8f3074cab6a124ef9d79a045eaa2c827fb448f9bba8d89846b7abbc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5d488534bf71c3c928911719dd9dd226
SHA1 80bffcf8ef6e021065deedfb3bd6768088cd8103
SHA256 ec47dd7f9bdb6f5335cd4f669ed40d496216c9359126e3aadbb4b09515002cc4
SHA512 0ce124f2f4bb66bd58addb9f24673669ea89dde3a165f8b5184446b2a408fc47b10cbcd172c5880316c39b6c63ea64b3a4532d570c77a48f1ee86e2cf79dfb1a

C:\Users\Admin\Downloads\metrofax.doc

MD5 28e855032f83adbd2d8499af6d2d0e22
SHA1 6b590325e2e465d9762fa5d1877846667268558a
SHA256 b13b29772c29ccb412d6ab360ff38525836fcf0f65be637a7945a83a446dfd5e
SHA512 e401cbd41e044ff7d557f57960d50fb821244eaa97ce1218191d58e0935f6c069e6a0ff4788ed91ead279f36ba4eddfaa08dc3de01082c41dc9c2fc3c4b0ae34

C:\Users\Admin\Downloads\metrofax.doc:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat

MD5 270e18b0ec6dd9ef2fd728c12e0e6352
SHA1 a4a37268b953acb278612c8fae571f663fb8d58f
SHA256 2aab67892beb3dc6c51acac7ba71d000d2b17575489f462a14a4ac89d9361444
SHA512 8088e27704ed87825daf9604d2d84ce721627c952d96feb2417809a935aa213754bfca4d5acd5ac628a912d9baaf943a8523e6b6b428737aa1a083f2f4ed77c1

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\26EE08BE.emf

MD5 0ed5bc16545d23c325d756013579a697
SHA1 dcdde3196414a743177131d7d906cb67315d88e7
SHA256 3e430584cd9774ea3b21d8e19b485b48212fe356776158dd5f3c5f63a5bde7d3
SHA512 c93072d11058fa50e3b09ff4da9f3dbe2637c2b5df05e616bd8ddd04557ea1e8b0db106b1545fad334619118c467776f81cf97ca52d3f2fcbbe007f30032b8af

C:\Users\Admin\AppData\Local\Temp\vbhja.rtf

MD5 16d225fd82eff3ab3020c63bf4bb7b6b
SHA1 a80b8c79b42682f429f111ec5770dcae1df430fd
SHA256 04f9f6ce46f354a0cf0ab1f5e3615759c754d57962344cfc2c66d4b3b53c774d
SHA512 6cefc9612090b6f5ae7ba899c517b194b8f3813b015fa0dbfd3e9e6860e4a2f07ea5a0000dc5b39f722de8695b1616c1461d0de6f2675962c55d99cd9949b3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0cdb4051a2c4343aefc05b22e6678256
SHA1 0cbee5aa9609397f483df68d93811e2293d38f9a
SHA256 6bdca5fc754451f1d6366df5df418096b7b0b69822b643f0db4a524a265e6458
SHA512 a6491d4fdeefaa667cc4c3f92ed7c5747b231786b659021ee9a43517b42902778ce77aa7901b47f0d6e72f55cc66c28fd32da52bd8fe53734f22f0118570d13e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5067bde57287daf5ad03177663e96746
SHA1 8238da515fce576af513b55227bae00fb783e9db
SHA256 6d1c55239eaca1f63957a18328ec161291dd63d0406b0dbf54c1bb9173c1bf2a
SHA512 e56ffc0a0c04df6afd3710c6319e88ff20503cf00381c63553453689299898f30c675a870f3c1796c047c4425f3f6f93f5def7a56ef9c95b66ae530089c0dc97

C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\334C7BF9-8BF8-49A6-93F3-66C9800311AD

MD5 911cf230230d184a093aab3d4cbc03de
SHA1 006425a4a5f40ed84c7eae03a684f93c85e8bb8c
SHA256 c2b936a70141823c9738591d3a459f94221e74b18ce54367cf6096d6075c3370
SHA512 c6e9c313c7f6554897dda8694736c25a38fe797925aa93b2c4890653abe74e93bfed2537f97d9a856044b8b55a21b400652c8db86ab89c622f147799c0cd7ead

C:\Users\Admin\AppData\Local\Microsoft\Office\OTele\winword.exe.db-wal

MD5 da059991148b91a9ae2d063abd0530c0
SHA1 bf3726ef71d1d745f3819cf9d396b7028440b5e8
SHA256 b00c8307015bb65808165af635321716ad712591d215d35cb67baecd4b0c9792
SHA512 d548ef4e5cc4c809e9aade09362a1f3f56d8c2e9ea6d5f07c9847121d828eac3790b170bed03e3adcae789c0e59e55a118e253d99aa55631c14a88026700a529

C:\Users\Admin\AppData\Local\Microsoft\Office\DLP\mip\logs\mip_sdk.miplog

MD5 37730de81bd52b00956e077bdf6f9b57
SHA1 581e285c9ee3a74fd2a3c9d15d7c95086edd61c1
SHA256 0f2ddfdcff13f7ee5a103090da411314fbd4836f7b723d46f6298d9d0c5a1ebe
SHA512 5a2cc5af085ce9a2c21fe02bba6ba75900232e8a88b3553b26981ef495b70518d29e5746d1ade25b218346535bd7468c719488156fd7a2ce8d0edb02ac3dfa93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 18c186555f5d6118cd652669734875b7
SHA1 97d22eb055dc81b9447460ea328f82c8f3fc0ab2
SHA256 590229a0746609014e3870166b90caf7c2294d7ded238b7d1623ee1fbb657ec3
SHA512 d6edf0a73f021afc56319ced8e673ee35502210c019e8e081225045b47f766c24b868b1b4f53ad3af86a209aa6770436dd8fb07cf454ecd2d853f6e02a08983a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d954376f4a62ab52c4cea7b01c67b1f5
SHA1 dc83298a85a6220290042819b1422a6a82694a43
SHA256 9450c8afd7ef41473681cdf72cdcf47b8e4e8d8457de71c918e803f57faa3734
SHA512 a2e0df0697e7496c1cbda17e971b3b5023265ab5c64dce041f1a92ac1c2ef12136fcf78eeb340aa7900f6bf77ec70e2f9d3ee2fe71cfe194166b554e84e6bb66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 894a76231cd83b159e55b6776a85aeb5
SHA1 5fd1965a4723a510175927a4920b3b8f7b8226df
SHA256 6ff9469620e384197715df7cd5172e8820d1f5521b818b5d3c78969f680746cf
SHA512 b77a38038d7e1a8c27336f3807d471d1523865e912262ae8a8b002652dc09512535dc96d8b8c098e8e75af20871b9b0f27142503598edb3f1184254fcfda5b2d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms

MD5 bf7f0ef9c97a84281283540d633dac9b
SHA1 8ae832446d23fe33a94691092d943cd6665f50f7
SHA256 f7de388773d1e12cd2f0c3ad66659e046cd082af9e3124e612137355324dfac9
SHA512 c323b538860c0be806ed60ee719f4443d2ed10c24c164c1c9cd54c81fea6ce39c21f538f70b43163779881a3e1bb91303dedce04fb6f594d8684a9060130aad8

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms

MD5 137ff19e4e01fdc88775ea8c7ae5b641
SHA1 d3517bcd21e16ebb68e57d1060d36bdea29446d3
SHA256 ab11d62ec3de471a10a1cbcc88bc1ac7dc6e665dbd38f7997c544c1712b72845
SHA512 54e53f0afff89fa3623cfba9125b912a44a2e3f2d436c037631b3f5a63f7d110187c374d99dee3c4b9a120f50d1b92794ec86ef546ab85666406129d32a33707

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

MD5 2880ac73a8b13a49db4a540c4421f0b2
SHA1 9c4bf6f49560ea2384d9a5c6073a34a8d3deb33c
SHA256 bc99e5e9e2e8d55ac421505a8cf2752bd3f09c8a46b1a58f6aebd3d3652c7d24
SHA512 cad5aa9a2aae37735af450b9b682aa40ece4fd27be8c289a707cae44eeb4140856f3217a5c2203e1441767bd0a93f3e7ee72e5be9c6afc5203275eb548c4ca63

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E2C6CBAF0AF08CF203BA74BF0D0AB6D5_363582827213C09529A76F35FB615187

MD5 2fda4e4ea23d1e74dc3d09633955fef2
SHA1 3202aa5c718fb27bbd7ddef23b1516bf7cf96ff7
SHA256 3bc66e7e934e7e1ea2c068a9c87b588b465eb6e320cb81e9b87deb207e2d6185
SHA512 ef56ede99fbb7c4b41dca31e03f03decc0bb963a9d4dde7fc4347dbf2f9c01d65746f435ebb1eb61c6970c6695087f58fa504e0fc2173b767808bb4cf8f3ebb1

C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.SurveyHistoryStats.json

MD5 6ca4960355e4951c72aa5f6364e459d5
SHA1 2fd90b4ec32804dff7a41b6e63c8b0a40b592113
SHA256 88301f0b7e96132a2699a8bce47d120855c7f0a37054540019e3204d6bcbaba3
SHA512 8544cd778717788b7484faf2001f463320a357db63cb72715c1395ef19d32eec4278bab07f15de3f4fed6af7e4f96c41908a0c45be94d5cdd8121877eccf310d

C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.CampaignStates.json

MD5 f1b59332b953b3c99b3c95a44249c0d2
SHA1 1b16a2ca32bf8481e18ff8b7365229b598908991
SHA256 138e49660d259061d8152137abd8829acdfb78b69179890beb489fe3ffe23e0c
SHA512 3c1f99ecc394df3741be875fbe8d95e249d1d9ac220805794a22caf81620d5fdd3cce19260d94c0829b3160b28a2b4042e46b56398e60f72134e49254e9679a4

C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\Floodgate\Word.Settings.json

MD5 e4e83f8123e9740b8aa3c3dfa77c1c04
SHA1 5281eae96efde7b0e16a1d977f005f0d3bd7aad0
SHA256 6034f27b0823b2a6a76fe296e851939fd05324d0af9d55f249c79af118b0eb31
SHA512 bd6b33fd2bbce4a46991bc0d877695d16f7e60b1959a0defc79b627e569e5c6cac7b4ad4e3e1d8389a08584602a51cf84d44cf247f03beb95f7d307fbba12bb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9ddfcad7f32786f1c023877d947e538d
SHA1 d896d7524429a97a845cdfbb667406b89471f6b0
SHA256 da78040e00e337dcc127dc0ebd75ad3c3cc6ca0bd68971fe2e215bac9c2d7392
SHA512 80ab822d13af557ff1c1009683f7d4be2681956d8008dabf073b1d832b65829af87ce1b93a1c80faaa32265f1d4cd7967e3417b01c0488e9305f22d447411133

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fd01ad1ec59993125f501d763d18aaac
SHA1 0cb578cc4798b0615e42d60cbfb615c74cc643b4
SHA256 f8b6c1472bb3be6826740d7a2677db7670ebe20d479a473d345ea6f819ee5139
SHA512 ca8de9b00cee6fce09df2fec02be55af7f9e01c634fba61b4b620971522eb235d3c5f90eaba9c5069a1c23749540ef9f0891486ac20036bb7b26a95346aa6985

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b27ac8988f16bcaaf0a3e3a2955669d8
SHA1 d93cf029098bad325003f9722be6933ace36bc77
SHA256 d1729883ea08435365209f08aec01e2d3fe81fbb4fcc92fc3096260b15adbd8f
SHA512 8c51547d28a0cbad11b6650bd6a0bfa3394d412c1f9057982c83252da5ac7168a34faadc925e288aa3cd26cfabd8438cd1090e44f9e19ee8901ec85727a33036

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4d5dded6c31d560d3327762b5785e62a
SHA1 03582379b374d9e8d82644abaa5f0e2bca95478f
SHA256 bedc20917e0e3bae7817f413e7480616e7de747f992a9619efe0bb020a0e1602
SHA512 a7d735b1cca62e6cd8178410859474127c4d46bead9a7a1d1826989905e8381fdf05ea65e33eb3fd974800d4459b6501033bbf07772f20c365712e5810969131

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066

MD5 7830409f93c9d2c88beca6b993987fa0
SHA1 000c224c92813c533da04cfa6e4456ff12e5f8d0
SHA256 b74a72d5c1119c254b61f9468df709ea03988e044d83389bb03ecd8f70eaf9e3
SHA512 e23231833960d2a58b664e6d54931217a90e3303c2dcbea59a14bd3d157c6b3219fa6fd9771477e7de9700f00e629cd666139321a893576758ca13b837e4ca37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3dd9f10e88ddbc75eabd7f555be2f7aa
SHA1 704fd00f8a5cb52cb3baf17525abbcf39dc9c127
SHA256 6438110151aa95f3d0af11de6a5a63d8637285e745fcc3bb6746cb9e279ae27e
SHA512 e1ade49afeea83834ebda58a8360af8e6008178a9b85af089a11ae5db1052c23cf67dd5c58ce54c3196c356e209d7c9a96158d566758c2c266ba23cf914b61ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cfdb6365831ee742684fe398b5b827a4
SHA1 a2f90f4f2fcbf3dcdf16c46dcb645f8cba71b11e
SHA256 d5f70eed833590a1bb933d4c358748384b428bc6b6c0d90a3b5e88ae8296d879
SHA512 6910a80bff559d005beb3a031d39bddd1e8d54dab317f34e9453a6152face0d24a539a8e43c46df3762adaa03f9bec999a68c39b5de968e01e6125735b3b6580

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b343d1e42ea40510b22e98867325c4c9
SHA1 59ac27fdd48a855c795081dd823fc44ca08e50c8
SHA256 621ad6a36fc8104978662817f3773c1a06d549e9dd774d8f4d69fb4b7701a847
SHA512 382aaf0ed99f3726024da413efbb789fb9f04e48a0b5be317383e3cef3177ae50d643ccd069ddb521eccaf3128df3747c9857ad0d0d015de5961bf522abf1c82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a

MD5 cbf5578af1029aa0f0b35ed5f49c14e3
SHA1 c44114ca91855b15b312fafe846081074f655c76
SHA256 a1825687ae8230de06e53b09ed77de9fa1a5db12c6eabf6b45f5cc6c0dbb3ba7
SHA512 af1c9d87b33c92930becdc7fc5d74e09c46c4e9615ca234e1a0c47fda2b569b0e8f1318b722b460c3a42f364db3ea7c15b8aa1b6eb87abe88d90ec8a3ba263d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 173f9bb13314c3b756fc61cd69dee324
SHA1 9c6083be0d08a0a123a66cf0149eb66b6b506d59
SHA256 41f4214a94591c71a5ae1f298776b865e7536c67d4c0a544e9fd18f286282012
SHA512 9b93a5e50eed99b30a17933f4b7150fef25fbf11bec564a9eab921eaadfae8220b7b75bfedffd0e7b527934df0236b22ec1cb275efe7d7e120476ecc33476d47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 516c97f30bba2e797df05bd1b8fb35c5
SHA1 6a6b668f52773857a318c34759e63b1552a906fd
SHA256 2cee4b4820fc73a6557eca81662cfff0287779b2bb5b16c08a40e67574ef0a25
SHA512 f3a4c7f810c1ea1c37fd2340136afe930cb975d607e532ea1207b08cd5cd2cae20b5f4aa05898cf5cc496a0264ff1f0634c661bff5f824ecb17c5c1368dd2c92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 98094b6eff8f4d1bd59e25c1967ecc21
SHA1 68aab3dacf6154b001d1c81ae0ee207027fcce05
SHA256 3f69ffa7026e06b1caee835b0e007ebefdcd3a8d2320500bce982f6039e7e6f3
SHA512 dfef3f4cf444da5d2d24a5d5a02237ce7da6844ce51903eff6f0ee869bf715ff8a44b41701f276d5ad95602a7345e7fcc61a386ffb58d12bc85b6992042ca711

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2d9b7d091cc7cf998a2a39a6a33e257c
SHA1 697b564dc9bb04ac82d2413b49954ffebf8bca98
SHA256 e6207f2af291a77fa5d4c55d5062b141aad6d53ea343830d7026376432faa332
SHA512 cb03ac9b5c61d4831d5899c99f1ab6e222c43f8d23bd4b911c3c1f19a4873eea97837a6962c0e1b58af6bde97627ad100c507f314ea7f73763aab856c5f43e7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8d9c34c8-6c81-4b48-9129-ea3bc1957c09.tmp

MD5 185c0537dd3f9fd954a6a7ed6dd88550
SHA1 5aa7bd9b0e2ef76b92ef91aa72200563a7cb2c96
SHA256 80216ed58016d76023b16885b3ea529bf2b13717cc8dff09f7bccae0b57ac297
SHA512 93c7f45f59c63dc24a4e7a15e3b5427d55507316bd61f6ca899e78c2ec1742bb9e594aa09a969e256ae0c68d148ca48445b4a40805a29f90f84b2a1ea97e3c96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ec9bd24f8afba850ffedca77e03b0d1e
SHA1 1d295c7694523732668e2d25eab4d2f6301e6eb8
SHA256 a3c99d254d1f3e6c1462c19bdabda0fec1e125ab0c7c09add1f5daa295b91ede
SHA512 a42d487ebe43dc80405241121495ffbb4f6769bf4324e854cf927aba640e56dc85c3b92e4b4263e95a25861d84c73b19c8995e7f1dfc00d2973e16aa044a130f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 67aeac0eb48df66ba2758aec0869d2f9
SHA1 0b4bdad8b7622aa1528530ffb0fefb6ad7d84efd
SHA256 472cfd159336aa3a3254cdfe87d3a2ffe371e53dd2200380a6aa277e37f0822b
SHA512 66efa8864f16b8774808fe0418553f590b1a1339bf1b21654626b2c299dc4fb46ba96f9dce63939e5359fc3b5c63672e43c459ffd5eaa9920d1ecfdb32648538

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 89f544bda1a18e3298369be637b4696b
SHA1 e0830b2b245c78ba735250806c06bf832301404e
SHA256 e24f88006f597789eb78bcbddc1e664200e18961cad209be427d02818531ce9e
SHA512 99cb9aeac13910e3deaedcf2f58108be9523a93a394061a49751f8d000e13462cec5bb8362c84a8675623e29990b74507291411f646550aee9f0baf3b63d5a44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 24e729349f1af10c724db060b02d3a0d
SHA1 9c74c47f587b0acad33725227e4e33e51b35124a
SHA256 361cf7bbb4aec3d07d4c5f91b9a5ccc3dddc9c4e93ce61b0724171a6449d7db5
SHA512 efcd57f5e804c651e2f883508a24b5646992e253e0db126aa952685124164d6e2a5cf3cd88a6349188ac7d120807aa6c68548cedb30d872fca89fde1c9ca5219

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 076d84f8f7e510d064c905fb139c4e95
SHA1 a0f3c2bf063c5cbc5ccee0c552a97badc144c1eb
SHA256 7e5409ef31e79e09281c1a3d8b40945cbdbe824be82b926762d94ceca8bfe490
SHA512 fe9a3ded9671c0da72163c37f479caef426260d320ae674f9af3330157a79e97c46cea68ccb77d76fbdca1ae32a32eddbe47b4baef7129f54be78d130cb49c7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ccf5181b8a5a39dc67215b50fe5104bb
SHA1 f4c5602dfec24f55c0d4b8933b6e6146707c51fb
SHA256 e2f3ad3893e61444f17b611c0a3f915e710a58943d5a856ad9a9ae7ce54454c8
SHA512 8c3ee4444c1d658aa184f86e1958620ccdc3fcf99ba738927700af96ffb25d2400e1fe41f2bcc91206304b971750b92a5b5522f651474ad30b344bdd27007366

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3e60f292b03eff0a1b5bd37349c54bde
SHA1 067d0155a0d368de8fffff0ae5defca02925680f
SHA256 8cdff771919c2d45e42ec74ff2a3c5ca7d31ed8c05e80cc5b82ed94220cdab3f
SHA512 04eb29c410a48f17b221e63553a121a715eef36c27f855fe88ea6010ca1ad8c016fda2a50b330b1da4ff9583c56974be761c5f4f7b93eee46dae049bc853c9c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 081878c624ddd00c95fc42793095face
SHA1 1304580a7b52b0032c2e93191c2caab7b63e750b
SHA256 16c04b49674e69c7d663b467107e23c8193444567f23fb6f03d56370851fb56f
SHA512 6f7edc7d06f628a8e425e18a3bc25a4ecb030593290f44452911599c866c58ac17db413aff0db8122ad852eee56799fb67dfe40303dcd16b42a28a288b55c3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 05027fd51a43cab2d5509a537d6eaa3d
SHA1 2431aa80c90e9e8ab6d5be94c0bc818b1f9a5d6b
SHA256 4f6bf455d48477282bfe513f4541d69d7557928486d00f4e03d21f4aa2899d49
SHA512 3705d8c9f098c78d1fb7403df5fd8764d52e5ac05c18f2a79d6a200b0d26e33c1762e08be8c32f9990ec4d1f72687d631bc115b49bb02a4b64212b339ba0156f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b437633c5d0a629c70d937ce6840122c
SHA1 d0396a73d721c93d9327da0dfd7cad2a00a42298
SHA256 48a73b2364c29d2ebea53dfc605ef5eda2a5cc0fce531d88c1d33cc96a603e20
SHA512 2334d57dad3b2b2a76da76f3af2e3d747b1744155c4d1276ad4b6277784b85865ee3721aa2d8c29e52e4f35ef14e1095d08c440d98ed88778a9dcdacd4fc51ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 af741decc43aeba68d9db3da1f82d33a
SHA1 5fad7a3b44a33d1b03b3304200305bec7bd89765
SHA256 994c9fd7c32a9e96bddc137bf1b32a771562c0b394e68a981faa7aa53a7c5278
SHA512 01b9a2e65ff650cb6f3474a84db8b0a7eee38d718eec2b1207bc071d272e867273d9e7509df2b7736cb383e95dbb5876bc7f03fbdccf223deca8aec3300c45b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ecb0a482d3ac001e5b8fed169940afd2
SHA1 63c3db55b91e49601342d0ed0a2ff688568eeda8
SHA256 d7a74587ecbde0c4fa89137bde5d57b6f46dc8f64cb6db90dbe72ea1f9eefb29
SHA512 b5cb4e051189f891ee829a5613ba73cfb2cc04399d341db26e29208cd7fb20c6629097df4961452586c2ee03fd1c520505775b4c9851728e987b05b0b3baed97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 563f2d2e1198abea6900d1f27f4e2489
SHA1 a751e38ce8d643b415c662ad58efca9669289ee0
SHA256 bc129cf7674134cc0c16cf0f52244f9a35f637cec482320e1d8f33ac2b59998d
SHA512 abc9c99a5400e2d94468b2caff39b02fef0de300cc980dff8d21eeb93074544f7b2d827e02fde1cc502394d7fbe791f9fdf3ea0a68f2ae0b485a0aa7bbd14024

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5c252657d74421a0e4875a93c3eb6c0b
SHA1 1e4cbb11b11e136bb8750371839611896c490cc4
SHA256 2b8636ff32c8e398c49e923b3aaf4391d62e725f45cd2318341c57dcabd59208
SHA512 d48264832c2a65b027053a25cd677997f525cde6a575b1b34bc2b5729c6de493c2969b2edc1cf35730de16b6760882f361fa9183c4241a872a401b1a530b6fd5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b1303e8c3530b7ebde7cbdf4c7d922b5
SHA1 f3dbf23c74584ae53138f146423afb8b64029e70
SHA256 8a1ad1520a1f48ce7f1233d281a95e4283537c0b2717a40524573ecf178c374a
SHA512 3c8a9484d2f8c8bff726c4574e78f0a0616db8dccdb9a6c02cd43094c68e0b2a0256b9ddb103c320d3f851039348610fe008eb03edb8d01f110efd5b61f14610

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 b9ff5156b1cf53a0bf77f79e14d8bf12
SHA1 fe3cc38106fd9f4b2876afbbada8155cd82061b7
SHA256 f224d37c9dc91b314b94f5013c81aea0303112edef0436c98357aa3b594a3b54
SHA512 22b481c9bd305218a867d5fb45d7878ecc612fc28c303293bf2ab2705c3e8b4c70f5bdc3408af794014e3de1761c2aaa8d4e28458dee5d58aa3d96b1522bcb12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 812e1c5c46380b36fe7b46803f789888
SHA1 f2042bdbadda2684c59def033cef287153a7eef1
SHA256 53091ec744a867ac95d8c1cad7bcc98ed91aa24c094ab7d1d85dc89727cf8625
SHA512 a4b2df0068829bfc0c5fd966ae99c5ee1e326be12deb72c6e6c50144403b3d9a2b4fcaf7566d1c91abc6e082c79b41bdb9a6e71970690dcc2553c3413b1a401e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3ff4a6644e2410ebb34141f5c4547073
SHA1 178be89aacf4c4d5f78e3dbcb9495b92968fa04e
SHA256 07003b4f5fbd8f1e5436c78b3a1fdb51016d6fb1cd792186ba39608dcc9ba852
SHA512 9537b3e8c2f6e96c1ec98a87c7a171b1f26c5871c7ec74c2a0ddf214901f24c907abc2066012c06bb72932bfa06e31a776eba6dd45cd399d105a0c4d13a16b04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 ad913ff5b26b3d13b428018f0dbc832c
SHA1 2d21e9c07d7da590c055251055721f02305c8ba6
SHA256 85c0d60fc9eca4ca450715fccb3344cb1b9f5a1d2f1171be4bbabb547b56592e
SHA512 dac4a962ee6b88a4bcf6404576e7bb74e150f19332013466ff36967548a33eea3ae643e31fa98c45b5128150dea6c70bd2518ed777033a4d4a2f405c4b1bba08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ec71aae4acbbfd779f564a14d9470e19
SHA1 76f7745ab6024e40b2314ae6f886de3197d9d64c
SHA256 54180aa99d9d405360ce115e24cacb9315a6701b75cdeb593c08fc91e1bd535d
SHA512 fed0fa74b67d4c357778af69974aec7ef29f69c9e18456f89d03eeacf1b42163f3cdcf04d12c2b4caa9330f23015949947c218cc8e2076fda10fac73ad66e51f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 39ed12b55afff6413b15dc679ef28613
SHA1 27acf67b88c95e3686cd1541feae7294517411bd
SHA256 6c9a76f97a844749733cf7f5fa836af30d66ad84eb4d86b63fe4f47dad65aaff
SHA512 ece706153bc367aeef8992feba4e48c11bd13d7578a5e7c23b30a3565dddff54bf409d024b022ee578d8cc96ddd5103bb21b7b1522aab74c7919aeb133c27b5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e02f14f3-4506-4762-b097-0a0b485c150e.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3b187b601cd9582096e33cf4b3b34d76
SHA1 e711e561bcc42c6f601e9ffcb7d272e2f4093429
SHA256 30290d18d524bfe1fe5aa3fad795541867e6690045545c22f01feff855e4bed3
SHA512 cf0c6993277c9c4464eb2d2599fd3fdc459170021cd618da23b2ea112364d204990a4128a6191c41521b39a2346d4a0c5afdd51f2ef0c5a29c5b9b38de1b0443

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008b

MD5 f7388a3e6dcb9812fbda3dc14823e2f6
SHA1 0b188cdc906b423cc37ec42f8b6d1460ac8151ff
SHA256 ed259c975f2a290e9f83160e05ac9419e0b21ea6b9f4380ba66d962cd086591b
SHA512 bc4bd0b07ef29a0d2016c385e01d2ca6f9268ef8cffafa111318222ba2be034ade0a3ad668183a21a009a3c71e817024f1eb9fd9d2263704d28d6e46cc82e583

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ff6da7f067336155540439708e342a89
SHA1 19a48efde91689365670b92fb13104508090a989
SHA256 56652f123e274db7cba94ed5a0a59e90249673a04d026cbe993c6862cf56b226
SHA512 c8c78dd5f0fc92a5191936ed7d276913263a360478938e6805daf1a51fa196bc433585750eb846d414e8736f116d215b80f31643c769505e57abba96b64497a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 48df53605c5ea5f36a784cdbd091d02b
SHA1 7dc1d10fb7328f3d5ac44f80fde0d6173e0447df
SHA256 c3dd79c63d527e6006f932376dac2060f74345ecc1de669a029872862fc09302
SHA512 889f640be7f27de85c6ba85648aec0912d3b0075006fff492f8fe521298e90144b1d155758a6798a7a61397b3c43cae4e9e1ab84333a537bdd0a7a5409a62f19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2606550f162a9cfad25ae920cf191106
SHA1 12970a4ccd2c6a543e14f5a46b83cd5630e350e3
SHA256 f0e13811a9c97fecf380234456b8ef195af0ca20d244ff479013e02e6bd19d5d
SHA512 2762a9de7dff18a45af1492cea8718b820e33755d147d3df626372a79b4fc7034567725ed78a0b79c74a40f57822bec3ee27fabcf509684fd2617728aa999fd6

C:\Users\Admin\Downloads\Unconfirmed 25134.crdownload

MD5 0ec108e32c12ca7648254cf9718ad8d5
SHA1 78e07f54eeb6af5191c744ebb8da83dad895eca1
SHA256 48b08ea78124ca010784d9f0faae751fc4a0c72c0e7149ded81fc03819f5d723
SHA512 1129e685f5dd0cb2fa22ef4fe5da3f1e2632e890333ce17d3d06d04a4097b4d9f4ca7d242611ffc9e26079900945cf04ab6565a1c322e88e161f1929d18a2072

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7e85451f2e4b571210df1d5f2cf2bb8e
SHA1 50b7ce0511254d4f53159adfc6befcb28b9e8f18
SHA256 7f6fa646eb20208593bdad7330229f99c913d4cdb85a68da9742d2200f929827
SHA512 797ac6930ac18fb338dc28b2e92e230f379b3f88b4c3756f2568e0f6f6ecaa5a60822b7c9e6eca05af13415c7b0bf8d6e5d7f74b1916b265a09c3c022f935b80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eb3c484cfb8b97e8d783b22c75c5a7d0
SHA1 444ff8af360f1371cb05ae18db3024768b77a1c9
SHA256 dc5a1749ddb3c8086e2aca14cb3e6c0570ff9d827c979e00e672d81b702ff097
SHA512 1bde33df75e6a8e33049842cbb2d27d77642bdfc601136d02d420c2275e9e6ca793f48d392f6c9492d295bfe30cbebf5a43c31ec77f96051e0f16a520af7ba67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4c8e168ae7b7a01c0a484ff2b308f148
SHA1 a58b7174a57ffbb2b1f9bce55e6eaa2becf5348d
SHA256 9adca6484f4ad526e32272a78189dc85c1ae1fd68eb6c02dc8df8c28eeac8161
SHA512 def1b5179435c15a2e3484406cf449ed817591e3e475b8db6bcb303172532646eacfbf428cea59e65bbf1817b701bb6959ed7405c9971e57a51db5815909998b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3dec5bf49134d748c1d0ba740b257932
SHA1 68b6b9098b883ec77aff61901d547b1dc4f4f683
SHA256 a0c8b93a7cbe2006eaccc1188a538e20e2d5bfc8d37abd9f3b8f83da5e2a5d56
SHA512 841720da27bc1906e293d14b224138adec0b3f2b8d778a9c2ed4532549a1b83536a9413e74d114dbc9e112582861ccf0fa424feff1181118a32fd8fce730dcac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 460ceb863d8868bac1c8ae67ec53bffa
SHA1 57833a332877c2ea709d11b954ef7edef7d62875
SHA256 9a13701dd3c977940ce4783081c6f3e00d4eca52d5196ebf4b19d9bd28e1c00f
SHA512 5fce28644c5022201e8314cc4f14003b5d64df8e8efdccac6b53d3c3a46604beeb5d92ebe2f0ff4e2d2608eb50b527f74c9b39a2bd29d1e38858ec9334b9c327

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d4b35f5a7164e486677414dfe7f90ee8
SHA1 5dcd9a3a320d313b94a8532a0a162aae9f7846f8
SHA256 0515e095afaa82bdb4a0b702f21cb34051cdf0d2ef1514af9ff3d2bce74cb2f6
SHA512 605af5dd43ea361cd55840c49eb1aef40d4c341dd35b05fdb7b0a86c90022abcae8ee03d2b687cd52f4be539b0d950de78638f0e2497a0ad748274251d278f69

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7195ee739a8299541b520ac48c0db4e0
SHA1 0ee81ab10cf043960caaac573010876b5125d10c
SHA256 45cb65952909a2b3d31fcf9ffced5223e5bdfae7fdcf7b3c354705748ec95f8f
SHA512 c87ab6f9d61b77731eba22ed7a72a76f79f53194ab150cadb44a0550c4ae5e844f12468c26fcb878d20e37bde0819101b93ef2782b733c687ff02019b94e13f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2ae6a786dd28b1f693e8b3aaac48c16e
SHA1 2effe590af06c6c9dde31f3b3eacc67e0a9fa32a
SHA256 0b71e77d8669287ea1678bbcfe427ee7195af0f4559f5ba6895f343c53fbdac4
SHA512 91e1716a2c71e52b76aa13d0ee253852283d8bfc14bf7fda70f28d9a529e505c463f277984c23484a72aeb50c4d9aa40637c357b329ac3784498f00c77b841cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 302449b2d4df8aa486ffc0bffbd52bc5
SHA1 6e9f7827f18a4989fefd4eb0f6781449013c24a6
SHA256 55ecbf8ea7e31fbffa347384f4bdc592abca078db2d5b4992acba4fce6c6351a
SHA512 967e1c426482f12a862626b11baa6374f2cf4eea52691da7cf45297a28eda2f55b40df206e6f5ef496de260c8b6d648da5c8069e049fa0bc653d89d953e187d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4275cee823334131612076f63cb55fea
SHA1 d2126d2cc540c8d1634a271d599ff665a29ab0d1
SHA256 d8accd95f39065efb3a8397bc2ba6a24f4adcbfb80b3b5be620de0caecab0798
SHA512 82da0138b74fb9352ef07623da354e13070c515677faec03e0a15ee235eb171d62c7f0daa7b91120f8c00aa660e74a6a64aaa550c5b235446e576bb3d40df62a

C:\Users\Admin\Downloads\Unconfirmed 272711.crdownload

MD5 515198a8dfa7825f746d5921a4bc4db9
SHA1 e1da0b7f046886c1c4ff6993f7f98ee9a1bc90ae
SHA256 0fda176b199295f72fafc3bc25cefa27fa44ed7712c3a24ca2409217e430436d
SHA512 9e47037fe40b79ebf056a9c6279e318d85da9cd7e633230129d77a1b8637ecbafc60be38dd21ca9077ebfcb9260d87ff7fcc85b8699b3135148fe956972de3e8

C:\Users\Admin\Downloads\WindowsUpdate.exe:Zone.Identifier

MD5 0f98a5550abe0fb880568b1480c96a1c
SHA1 d2ce9f7057b201d31f79f3aee2225d89f36be07d
SHA256 2dfb5f4b33e4cf8237b732c02b1f2b1192ffe4b83114bcf821f489bbf48c6aa1
SHA512 dbc1150d831950684ab37407defac0177b7583da0fe13ee8f8eeb65e8b05d23b357722246888189b4681b97507a4262ece96a1c458c4427a9a41d8ea8d11a2f6

memory/3896-5138-0x0000000000400000-0x00000000006BC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2f6dd285f7f62acd4257513a4aa57305
SHA1 7b8d1cdf22a4853e06e6330ca44e2b020e0e9e8c
SHA256 504845ff8f08a525c911ca34890117cc044fcd8520ca37abfb4b3c0ab690c7a1
SHA512 3e73161ecd207ad4f9218ac17216aa7fa9b8feb9fcd292d4b293ddba70a43938c6b0ba2c7d199dd03fe670e8a835c90e16e70f15bdbf9dd83d099463997f9529

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e9391b8fe56fd57760a0218637f4723b
SHA1 4cf695c376f9b8bf6a38998a8353cd8f4f71edef
SHA256 2d2692f9031d48ecd8bd7e655f7aa4c223a4a83e42991356e53e8c5a745e529a
SHA512 1e56d883a57232633e05ce462aa329eb7db2d389df41e56018af6d69a46cacdb42a1868b81cf4beb914434c468160685d24b2ded74aa310803da193733ec390e

C:\Users\Admin\Downloads\Unconfirmed 296487.crdownload

MD5 6e49c75f701aa059fa6ed5859650b910
SHA1 ccb7898c509c3a1de96d2010d638f6a719f6f400
SHA256 f91f02fd27ada64f36f6df59a611fef106ff7734833dea825d0612e73bdfb621
SHA512 ccd1b581a29de52d2313a97eb3c3b32b223dba1e7a49c83f7774b374bc2d16b13fba9566de6762883f3b64ed8e80327b454e5d32392af2a032c22653fed0fff8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b6142b084f4a9401b50400eb3602fc71
SHA1 8ec39e9e342ac16c2f516579f063ac970966133c
SHA256 e3a250179c47f8bd3aabf2abbfacf6904b4ca1ad6b7399089dfdda5e0513892e
SHA512 4817b12b14f0d6a6694d4182aacc5acb9f953fda119694bb7f9aa0ab25badf225d3a422a0efd437034bd3a436f044533f588b04e03bcdf9319d048704e6904ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c43e503eb8cb056e1e9d661c233ef792
SHA1 bd425f061ee6b137e51e3bed26281c64500ffa41
SHA256 dd28751385548db8523d5902f41e66d922b4db8aae7f86c64c73d643cf77771f
SHA512 366fb922e2ac84f56a1c14967d211977c1053ef6efa412d9d6a3bbfbbc43da4c70eab460116e59e6a195cd7e3ddef5b08b9dd0c6ca3d6ab1df4625439fccb62b

memory/1184-5209-0x0000000000040000-0x00000000000FC000-memory.dmp

memory/1184-5211-0x0000000004A60000-0x0000000004AF2000-memory.dmp

memory/1184-5210-0x0000000004F30000-0x00000000054D6000-memory.dmp

memory/1184-5213-0x0000000004B00000-0x0000000004B0A000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 40c0727414f15f79da3f75db485f5c7f
SHA1 dff8f19f172b01e7290fbc3ad260c8185cd5637f
SHA256 7b53c29ab1592d6178fd3549558ba3a045ee5cd480d508daf93c719e8f53a301
SHA512 a07699aa04c9f0f074e6a983433d47993328f614848363566ec62737bb31f4895ff2491e560a75ce933b25c66537bd67e9f69052b8092e997bc779913b219a0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 14d2b859461e612a6b339ec3e9b3c54a
SHA1 5a4066a2c16abcdf792407ba4f267039888caad1
SHA256 f540981551b25af914d2ad7bbc5675730bcd50b25bd1bf9dd5509e8289800cf2
SHA512 0689bd7b5810414630361965667a283064f75ccce04e477d4547318d220ad327274fa3d9a3be8b2e9ba6374729adf9fe39caeea89fa8a14cc9304b1e305b4239

memory/3896-5246-0x0000000000400000-0x00000000006BC000-memory.dmp