Malware Analysis Report

2024-10-19 11:35

Sample ID 240822-mnfqfavepp
Target https://getsolara.dev/
Tags
adware discovery evasion persistence privilege_escalation stealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://getsolara.dev/ was found to be: Known bad.

Malicious Activity Summary

adware discovery evasion persistence privilege_escalation stealer trojan

Boot or Logon Autostart Execution: Active Setup

Event Triggered Execution: Image File Execution Options Injection

Downloads MZ/PE file

Checks computer location settings

Executes dropped EXE

Event Triggered Execution: Component Object Model Hijacking

Loads dropped DLL

Enumerates connected drives

Looks up external IP address via web service

Blocklisted process makes network request

Installs/modifies Browser Helper Object

Legitimate hosting services abused for malware hosting/C2

Checks whether UAC is enabled

Checks installed software on the system

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in System32 directory

Suspicious use of NtSetInformationThreadHideFromDebugger

Checks system information in the registry

Drops file in Windows directory

Drops file in Program Files directory

System Network Configuration Discovery: Internet Connection Discovery

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Browser Information Discovery

Modifies registry class

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

System policy modification

Suspicious use of UnmapMainImage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-22 10:36

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-22 10:36

Reported

2024-08-22 11:06

Platform

win10v2004-20240802-en

Max time kernel

1799s

Max time network

1797s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://getsolara.dev/

Signatures

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\127.0.2651.105\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Bootstrapper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AC0900F3-1690-4D05-B6B9-973A4B159F22}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\MicrosoftEdge_X64_127.0.2651.105.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\MicrosoftEdge_X64_127.0.2651.105.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Windows\System32\MsiExec.exe N/A
N/A N/A C:\Windows\System32\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\System32\MsiExec.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Blocklisted process makes network request

Description Indicator Process Target
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A api.ipify.org N/A N/A
N/A api.ipify.org N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of NtCreateThreadExHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.105\identity_proxy\win11\identity_helper.Sparse.Stable.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\man\man1\npm-deprecate.1 C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\src\win_delay_load_hook.cc C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Controls\key_single.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\AnimationEditor\FaceCaptureUI\button_control_record.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\Debugger\Breakpoints\client.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Chat\VRChatBackground.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\lib\commands\link.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\configs\DateTimeLocaleConfigs\en-nz.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\msedgeupdateres_es-419.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AC0900F3-1690-4D05-B6B9-973A4B159F22}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\ErrorPrompt\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.105\Locales\te.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.105\Locales\lo.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\VisualElements\SmallLogoBeta.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\abort-controller\LICENSE C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\shaders\keepme C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\AudioDiscovery\icon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\new_msedge.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\x509\asn1\tag.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\lib\Find-VisualStudio.cs C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Settings\Radial\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\ExtraContent\textures\ui\LuaChat\9-slice\chat-bubble-tip-right.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\columnify\columnify.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\npm-bundled\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\TerrainTools\icon_regions_move.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Lobby\Buttons\scroll_button.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Emotes\Editor\Large\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\bin\lib\timers.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\MaterialManager\Favorite-Filled-Alt.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Controls\PlayStationController\PS4\ButtonTouchpad.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\ExtraContent\textures\ui\InGameMenu\drop_shadow_favorite.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.105\Locales\fil.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\AnimationEditor\ic-checkbox-off.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\AnimationEditor\FaceCaptureUI\CloseButton.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\DPadSheet.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Controls\DefaultController\ButtonR2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-doctor.html C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\LoadingBKG.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Settings\Help\BButtonLight.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\ExtraContent\LuaPackages\Packages\_Index\FoundationImages\FoundationImages\SpriteSheets\img_set_2x_18.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\btn_newWhiteGlow.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.105\Trust Protection Lists\Mu\Entities C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\msedge.dll.sig C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\semver\functions\rcompare.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\agentkeepalive\index.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\fonts\ComicNeue-Angular-Bold.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\diff\lib\index.mjs C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-owner.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\chatBubble_white_notify_bkg.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\npm-registry-fetch\lib\errors.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.105\Locales\kok.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ViewSelector\background.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.105\msedge_elf.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\TerrainTools\mtrl_concrete_2022.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\content\textures\ui\Settings\Help\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\lib\utils\open-url-prompt.js C:\Windows\system32\msiexec.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Installer\MSIB26B.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIB318.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e586bc5.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI72CB.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI87CF.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI87DF.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7B78.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e586bc9.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e586bc5.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI72DB.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7945.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7BA8.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIB80B.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\AppCompat\Programs\Amcache.hve.tmp C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
File opened for modification C:\Windows\Installer\MSI727C.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIB4BF.tmp C:\Windows\system32\msiexec.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\wevtutil.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AC0900F3-1690-4D05-B6B9-973A4B159F22}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\SysWOW64\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\SysWOW64\wermgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\SysWOW64\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\127.0.2651.105\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\127.0.2651.105\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%systemroot%\system32\FirewallControlPanel.dll,-12122 = "Windows Defender Firewall" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc\CLSID\ = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{375D3B39-152A-41E1-BF1B-B648933F26D0}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeMHT\ = "Microsoft Edge MHT Document" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.15\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.15\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.15\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\version = "version-e60bca3482fe488a" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ = "IGoogleUpdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachine" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.15\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FCBE96C-1697-43AF-9140-2897C7C69767}\AppID = "{1FCBE96C-1697-43AF-9140-2897C7C69767}" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{1FCBE96C-1697-43AF-9140-2897C7C69767}\LocalService = "MicrosoftEdgeElevationService" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}\TypeLib\Version = "1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\CLASSES\MIME\Database\Content Type\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of UnmapMainImage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 216 wrote to memory of 1120 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 1120 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3340 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 3340 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 216 wrote to memory of 716 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://getsolara.dev/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8fc5b46f8,0x7ff8fc5b4708,0x7ff8fc5b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5156 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5220 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff8eb55cc40,0x7ff8eb55cc4c,0x7ff8eb55cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2084,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2300,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2488 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3168,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3080,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3732,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4500,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3368,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4376 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3380,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3724 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3432,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3444 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5556,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5480 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5240,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5264 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5608,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5748,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5728 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5764,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5912 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5488,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5616 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6072,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5460,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6372 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5812,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5356 /prefetch:8

C:\Users\Admin\Downloads\Bootstrapper.exe

"C:\Users\Admin\Downloads\Bootstrapper.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6184,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5440 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6016,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6036,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6068 /prefetch:1

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\System32\MsiExec.exe

C:\Windows\System32\MsiExec.exe -Embedding B413D15D36CB99D83796A407D1C383E8

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 417229AD11A2E4A6AF1FC248B795F047

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5476,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6256 /prefetch:1

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding E3A14205B29F1E9D27F44EEE560D616A E Global\MSI0000

C:\Windows\SysWOW64\wevtutil.exe

"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"

C:\Windows\System32\wevtutil.exe

"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6584,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6492,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6200,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5308 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6976,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5264 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6996,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6500 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5620 /prefetch:2

C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU7C79.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkMxNTc3RkMtQTkyOS00OEFELTlCNzAtMEZBQkYyNDg5NUM1fSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4QjI0MEMxNS1BRTZFLTQ3OEEtQjI5Mi04OTEwMDZFNDI0ODZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE5NS4xNSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYwMTE4MzM4ODAiIGluc3RhbGxfdGltZV9tcz0iMzgxIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{FC1577FC-A929-48AD-9B70-0FABF24895C5}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkMxNTc3RkMtQTkyOS00OEFELTlCNzAtMEZBQkYyNDg5NUM1fSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFNENDNEUxMy0wNDVBLTQ4OEItOTNDMS1GNDZDNDE4ODIwRTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYwMTcxOTM3NTMiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5440,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6552 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7004,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6140,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7032,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=860 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6192,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6740 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=3272,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=7116 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6800,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6304,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5352 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6828,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7152,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3308 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7156,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=6984 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6700,i,6917364043306392518,16836973355951349484,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4336883060868593063,4387141535715443126,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AC0900F3-1690-4D05-B6B9-973A4B159F22}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{AC0900F3-1690-4D05-B6B9-973A4B159F22}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe" /update /sessionid "{634B0287-1753-4B29-BFEA-E355A73E6209}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjM0QjAyODctMTc1My00QjI5LUJGRUEtRTM1NUE3M0U2MjA5fSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1RDQ4QjdEOS00MTY0LTQwMzQtODk1Ny02MjQzRTIwRjNCRDd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xOTUuMTUiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPSU1QiUyMi10YXJnZXRfZGV2JTIyJTVEIiBpbnN0YWxsYWdlPSIxOSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTE3NzE2NDAwMSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MTc3MzIzNjY2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NDE1OTgzOTQzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMzIzZmE3ZjctNDQ0NS00MTM3LTgyZWMtNzE1Mjg5NDkxODJhP1AxPTE3MjQ5MjgyNDcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9Y0tCZHBwR2dnU20yYWJGaUl3UXowcW1ZWXUxWHVRd25VeVVlbE9KR0FZTzVKbENhWWZNTndUa2NZTGNwWUVHTWlwZWZzV0NSNWhnT1NmODNNSSUyZmxYUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0MTYwMDM3NjgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzMyM2ZhN2Y3LTQ0NDUtNDEzNy04MmVjLTcxNTI4OTQ5MTgyYT9QMT0xNzI0OTI4MjQ3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWNLQmRwcEdnZ1NtMmFiRmlJd1F6MHFtWVl1MVh1UXduVXlVZWxPSkdBWU81SmxDYVlmTU53VGtjWUxjcFlFR01pcGVmc1dDUjVoZ09TZjgzTUklMmZsWFElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjQ1MTEyIiB0b3RhbD0iMTY0NTExMiIgZG93bmxvYWRfdGltZV9tcz0iMjM3MzEiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTQxNjAyMzgzMiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NDIxMzI0NzEwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMjAiIHJkPSI2NDIzIiBwaW5nX2ZyZXNobmVzcz0iezA0QzFDOUI5LTY5MjYtNDZBOS05RTM3LTY5MTU1QzM3M0IxNn0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iMTkiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzY4Nzk2NTk4ODg2NTU3MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9IjIwIiByPSIyMCIgYWQ9IjY0MjMiIHJkPSI2NDIzIiBwaW5nX2ZyZXNobmVzcz0iezhGQTcwQURELTA0MjYtNDAyMy1CQkJELTlFRDlEQjVFRUZDRn0iLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUB39E.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{634B0287-1753-4B29-BFEA-E355A73E6209}"

C:\Windows\SysWOW64\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "5676" "1296" "1260" "1288" "0" "0" "0" "0" "0" "0" "0" "0"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NjM0QjAyODctMTc1My00QjI5LUJGRUEtRTM1NUE3M0U2MjA5fSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MTBGRjNGRDYtQzAwMy00MTI2LTg0MTUtMzJBRTNEODE3MEIwfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTk1LjE1IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMTkiIGluc3RhbGxkYXRldGltZT0iMTcyMjYwMTcwOCI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEyMzI4NTM3ODgiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-86c3597a87f4495e\RobloxPlayerBeta.exe" -app -isInstallerLaunch -clientLaunchTimeEpochMs 0

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjFDRkU4NEEtQkU1My00NUEyLTkzNjQtNDY1ODkwOEJBMzkxfSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7OUNDOTBBMjQtOTg0OS00ODcxLUJEQzQtNkFGMDMxRjY5OENFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O0o3VmlaamJOeXgxR1ZySFcrUmQvUGdWaXpuRit0cXhpVXRXWG9GdEloZlU9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIxOSIgaW5zdGFsbGRhdGV0aW1lPSIxNzIyNjAyNzA1IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNjcwNzUyOTQ1NzgwOTk5Ij48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjExNDMyNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQyMjQ1NTcwMTgiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\MicrosoftEdge_X64_127.0.2651.105.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\MicrosoftEdge_X64_127.0.2651.105.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\MicrosoftEdge_X64_127.0.2651.105.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.120 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7740919B-17C6-44F1-8D8F-0B628A76A9F1}\EDGEMITMP_56172.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.105 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7494fb7d0,0x7ff7494fb7dc,0x7ff7494fb7e8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MjFDRkU4NEEtQkU1My00NUEyLTkzNjQtNDY1ODkwOEJBMzkxfSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InsxMEI3OUM2Ni03NjQ3LTREMTYtODU1MS1BRTdBNzMyQjYwNUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI3LjAuMjY1MS4xMDUiIGxhbmc9IiIgYnJhbmQ9IkVVV1YiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDI0MTQzMjM0MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MjQxNDMyMzQxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4MTEyODQzOTkzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvOGIwYjMyMzMtZGFhZi00OGI5LWFhMDQtYjM0YmE5ZTQyOTgwP1AxPTE3MjQ5Mjg3NTQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9WldjUm9KaEhXSlFjWEdnNVBodG9YZFI5SzczUyUyZkgxUzZaeUh3YnVpeU96Sk90Y1Q1MlR5TkRERUdQeDJackFueW9Uc3AlMmJBaG5KNEtXVHdzUGRUS2NBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODExMzAwMDA2MiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvOGIwYjMyMzMtZGFhZi00OGI5LWFhMDQtYjM0YmE5ZTQyOTgwP1AxPTE3MjQ5Mjg3NTQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9WldjUm9KaEhXSlFjWEdnNVBodG9YZFI5SzczUyUyZkgxUzZaeUh3YnVpeU96Sk90Y1Q1MlR5TkRERUdQeDJackFueW9Uc3AlMmJBaG5KNEtXVHdzUGRUS2NBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTcyNjEyNjY0IiB0b3RhbD0iMTcyNjEyNjY0IiBkb3dubG9hZF90aW1lX21zPSIzODUyNjYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODExMzAwMDA2MiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4MTI2OTA2MzY5IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMTk2NzU3IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODU1MjM3NTYyMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEwNjMiIGRvd25sb2FkX3RpbWVfbXM9IjM4NzEyNSIgZG93bmxvYWRlZD0iMTcyNjEyNjY0IiB0b3RhbD0iMTcyNjEyNjY0IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0MjU0NyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\MicrosoftEdge_X64_127.0.2651.105.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\MicrosoftEdge_X64_127.0.2651.105.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\MicrosoftEdge_X64_127.0.2651.105.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.120 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.105 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff64392b7d0,0x7ff64392b7dc,0x7ff64392b7e8

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.120 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.105 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff64392b7d0,0x7ff64392b7dc,0x7ff64392b7e8

C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.120 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.105\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.105 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6c377b7d0,0x7ff6c377b7dc,0x7ff6c377b7e8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEE3NjZDQ0ItMERGNy00OEU4LTlENDctRUI3OTgxMjE3OTIwfSIgdXNlcmlkPSJ7Qjg0RDFDNTEtQUNGNi00MjYyLTg3M0MtQ0JENkJENEYyMTZEfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0Q0FEQUVCRi00NEMxLTRBQjEtODM2Qi01RDU1MjczMjBDOTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7SjdWaVpqYk55eDFHVnJIVytSZC9QZ1Zpem5GK3RxeGlVdFdYb0Z0SWhmVT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE5NS4xNSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9JTVCJTIyLXRhcmdldF9kZXYlMjIlNUQiIGluc3RhbGxhZ2U9IjE5IiBjb2hvcnQ9InJyZkAwLjQ5Ij48dXBkYXRlY2hlY2svPjxwaW5nIHJkPSI2NDQzIiBwaW5nX2ZyZXNobmVzcz0ie0JGQzU1NTQxLUEyMEEtNENERS04QjJGLTIyRDk4OTlCQTIwQ30iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIxMjcuMC4yNjUxLjEwNSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIxOSIgaXNfcGlubmVkX3N5c3RlbT0idHJ1ZSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzY4Nzk2NTk4ODg2NTU3MCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg3NzY3NTAwMjEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg3NzY5MDYwODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg4MDM5Mzc1NDUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTg4MTczNzYwODYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjE5MTY2MjgyMTczIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTUwMCIgZG93bmxvYWRlZD0iMTcyNjEyNjY0IiB0b3RhbD0iMTcyNjEyNjY0IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMiIgaW5zdGFsbF90aW1lX21zPSIzNDg5MSIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjY0NDMiIHBpbmdfZnJlc2huZXNzPSJ7MUIzQTBCOTQtQUVCMi00MEZDLTgxRjctQ0Y2OUM3Q0FGNEJBfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjcuMC4yNjUxLjEwNSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iRVVXViIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2NDQwIiBjb2hvcnQ9InJyZkAwLjYxIj48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7NzM2NDIyOTEtM0IwRS00OEM5LUFFQzQtNTFEMUYyQTQzQkZGfSIvPjwvYXBwPjwvcmVxdWVzdD4

Network

Country Destination Domain Proto
US 8.8.8.8:53 getsolara.dev udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 172.67.203.125:443 getsolara.dev tcp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 125.203.67.172.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 150.171.28.10:443 g.bing.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 link-hub.net udp
US 172.67.135.50:443 link-hub.net tcp
US 172.67.135.50:443 link-hub.net tcp
US 8.8.8.8:53 linkvertise.com udp
US 104.22.23.72:443 linkvertise.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.134.137:80 apps.identrust.com tcp
US 8.8.8.8:53 50.135.67.172.in-addr.arpa udp
US 8.8.8.8:53 72.23.22.104.in-addr.arpa udp
US 8.8.8.8:53 137.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 202.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 104.22.23.72:443 linkvertise.com tcp
US 104.22.23.72:443 linkvertise.com tcp
US 8.8.8.8:53 cdn.exmarketplace.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
IT 95.110.204.9:443 cdn.exmarketplace.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 use.typekit.net udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 maxst.icons8.com udp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 p.typekit.net udp
US 8.8.8.8:53 js.chargebee.com udp
US 104.22.23.72:443 linkvertise.com udp
GB 18.244.179.5:443 js.chargebee.com tcp
GB 88.221.134.115:443 use.typekit.net tcp
GB 88.221.134.122:443 p.typekit.net tcp
GB 89.187.167.38:443 maxst.icons8.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 exmarketplace.com udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 9.204.110.95.in-addr.arpa udp
US 8.8.8.8:53 115.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 5.179.244.18.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 122.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 contextual.media.net udp
GB 95.100.244.20:443 contextual.media.net tcp
US 8.8.8.8:53 publisher.linkvertise.com udp
US 8.8.8.8:53 euob.bizseasky.com udp
US 104.22.23.72:443 publisher.linkvertise.com tcp
US 104.22.23.72:443 publisher.linkvertise.com tcp
GB 18.245.253.98:443 euob.bizseasky.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 api.ipify.org udp
FR 142.250.179.66:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 api.bing.com udp
US 8.8.8.8:53 lnk.thinksuggest.org udp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 www.thinksuggest.org udp
US 104.26.13.205:443 api.ipify.org tcp
US 13.107.5.80:443 api.bing.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
DE 176.9.175.232:443 www.thinksuggest.org tcp
DE 176.9.175.232:443 www.thinksuggest.org tcp
DE 176.9.175.232:443 www.thinksuggest.org tcp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 98.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 66.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 170.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 205.13.26.104.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 232.175.9.176.in-addr.arpa udp
US 8.8.8.8:53 obseu.bizseasky.com udp
IE 3.248.162.96:443 obseu.bizseasky.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 api.taboola.com udp
US 151.101.129.44:443 api.taboola.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.22.23.72:443 publisher.linkvertise.com udp
US 8.8.8.8:53 96.162.248.3.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 44.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 am-api.taboola.com udp
US 8.8.8.8:53 cdn.linkvertise.com udp
US 8.8.8.8:53 images.taboola.com udp
US 8.8.8.8:53 img.youtube.com udp
US 8.8.8.8:53 imagedelivery.net udp
US 151.101.129.44:443 images.taboola.com tcp
FR 142.250.179.78:443 img.youtube.com tcp
FR 142.250.179.78:443 img.youtube.com tcp
FR 142.250.179.78:443 img.youtube.com tcp
US 104.22.22.72:443 cdn.linkvertise.com tcp
US 104.22.22.72:443 cdn.linkvertise.com tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
FR 142.250.179.78:443 img.youtube.com tcp
US 104.18.3.36:443 imagedelivery.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 72.22.22.104.in-addr.arpa udp
US 8.8.8.8:53 36.3.18.104.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 c.bing.com udp
US 13.107.21.237:443 c.bing.com tcp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com tcp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 172.67.203.125:443 getsolara.dev tcp
US 172.67.203.125:443 getsolara.dev tcp
US 8.8.8.8:53 o1051356.ingest.sentry.io udp
US 34.120.195.249:443 o1051356.ingest.sentry.io tcp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 getsolara.dev udp
US 172.67.203.125:443 getsolara.dev tcp
N/A 127.0.0.1:6463 tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 pastebin.com udp
US 104.20.4.235:443 pastebin.com tcp
US 8.8.8.8:53 clientsettings.roblox.com udp
GB 128.116.119.4:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 235.4.20.104.in-addr.arpa udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
GB 128.116.119.3:443 roblox.com tcp
GB 128.116.119.3:443 roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 www.nodejs.org udp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 104.20.22.46:443 www.nodejs.org tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 108.138.217.124:443 static.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
US 8.8.8.8:53 nodejs.org udp
US 104.20.23.46:443 nodejs.org tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 46.22.20.104.in-addr.arpa udp
US 8.8.8.8:53 219.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 124.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 89.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 46.23.20.104.in-addr.arpa udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.134.170:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
GB 216.137.44.124:443 images.rbxcdn.com tcp
US 8.8.8.8:53 170.134.221.88.in-addr.arpa udp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
US 8.8.8.8:53 124.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
GB 95.100.245.144:443 www.microsoft.com tcp
GB 95.100.245.144:443 www.microsoft.com tcp
US 8.8.8.8:53 144.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 18.244.155.96:443 roblox-api.arkoselabs.com tcp
GB 18.244.155.96:443 roblox-api.arkoselabs.com tcp
GB 18.244.155.96:443 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 96.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 obseu.bizseasky.com udp
US 8.8.8.8:53 f6a304de.solaraweb-alj.pages.dev udp
US 172.66.47.197:443 f6a304de.solaraweb-alj.pages.dev tcp
US 8.8.8.8:53 197.47.66.172.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
FR 128.116.122.8:443 lms.roblox.com tcp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 usermoderation.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 pulsar.roblox.com udp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 aws-eu-central-1a-lms.rbx.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 mia2-128-116-127-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1c-lms.rbx.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 8.122.116.128.in-addr.arpa udp
DE 18.193.57.231:443 aws-eu-central-1a-lms.rbx.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
JP 52.194.121.40:443 aws-ap-northeast-1c-lms.rbx.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
US 128.116.121.3:443 pulsar.roblox.com tcp
HK 43.199.51.229:443 aws-ap-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 2.20.12.77:443 tr.rbxcdn.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
JP 52.194.121.40:443 aws-ap-northeast-1c-lms.rbx.com tcp
US 128.116.121.3:443 pulsar.roblox.com tcp
HK 43.199.51.229:443 aws-ap-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 231.57.193.18.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.99.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.127.116.128.in-addr.arpa udp
US 8.8.8.8:53 77.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
US 8.8.8.8:53 40.121.194.52.in-addr.arpa udp
US 8.8.8.8:53 3.50.116.128.in-addr.arpa udp
US 8.8.8.8:53 229.51.199.43.in-addr.arpa udp
US 8.8.8.8:53 presence.roblox.com udp
FR 128.116.122.8:443 lms.roblox.com tcp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 voice.roblox.com udp
US 128.116.121.3:443 pulsar.roblox.com tcp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 aws-eu-west-2c-lms.rbx.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 c0cfly.rbxcdn.com udp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 205.234.175.102:443 c0cfly.rbxcdn.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
GB 18.132.175.192:443 aws-eu-west-2c-lms.rbx.com tcp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 192.175.132.18.in-addr.arpa udp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 88.221.134.122:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 18.165.242.74:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 39.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 74.242.165.18.in-addr.arpa udp
N/A 127.0.0.1:57462 tcp
N/A 127.0.0.1:57466 tcp
N/A 127.0.0.1:57481 tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 135.47.7.20.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.214.172:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 216.58.214.67:443 beacons.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
FR 216.58.214.67:443 beacons.gvt2.com udp
US 8.8.8.8:53 67.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 13.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 lens.google.com udp
FR 142.250.201.174:443 lens.google.com tcp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 getwave.gg udp
US 172.67.73.56:443 getwave.gg tcp
US 172.67.73.56:443 getwave.gg tcp
US 8.8.8.8:53 56.73.67.172.in-addr.arpa udp
US 8.8.8.8:53 roxploits.com udp
US 172.67.154.132:443 roxploits.com tcp
US 172.67.154.132:443 roxploits.com tcp
US 172.67.154.132:443 roxploits.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 obseu.bizseasky.com udp
US 8.8.8.8:53 132.154.67.172.in-addr.arpa udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 172.67.154.132:443 roxploits.com udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 api.sellsn.io udp
US 8.8.8.8:53 cdn.sellsn.io udp
US 104.26.14.120:443 cdn.sellsn.io tcp
US 104.26.14.120:443 cdn.sellsn.io tcp
US 104.26.14.120:443 cdn.sellsn.io tcp
US 104.26.14.120:443 cdn.sellsn.io tcp
US 172.67.68.227:443 cdn.sellsn.io tcp
US 8.8.8.8:53 sentry.sellsn.io udp
US 104.26.15.120:443 sentry.sellsn.io tcp
US 8.8.8.8:53 120.14.26.104.in-addr.arpa udp
US 8.8.8.8:53 227.68.67.172.in-addr.arpa udp
US 8.8.8.8:53 120.15.26.104.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 h.clarity.ms udp
US 8.8.8.8:53 presence.roblox.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 20.7.47.135:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.214.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.4:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:56445 tcp
N/A 127.0.0.1:56566 tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 199.232.214.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 27304926d60324abe74d7a4b571c35ea
SHA1 78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1
SHA256 7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de
SHA512 f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

\??\pipe\LOCAL\crashpad_216_HNSZFJDHGWYMJRZA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9e3fc58a8fb86c93d19e1500b873ef6f
SHA1 c6aae5f4e26f5570db5e14bba8d5061867a33b56
SHA256 828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4
SHA512 e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 52627618b16f3da6742587ba2b23163a
SHA1 334a9bb7cd869607348956d45f7e9fe2ced6ed06
SHA256 01155368bc4580b600cd3eabc9c308a33c3158e157bc59d650e63ba472008650
SHA512 8e1e89fe7d7eda4a84dccb9a1349e1600f98df0439adf4430fb32fea40c066b22167b67d32ee10ec6020ebbf8c762b2f09f2d90832ac23f14ad412105f2b1122

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 aae9dcefa02c390074b69e369d91f4bf
SHA1 0292022c71181ac02ef3f5963a133f5f0b820411
SHA256 4ebec7aa3990f50a42ea984d4a7609824f847d6fafc54a07d204d42625a1e7b6
SHA512 969e14ab3e3c1a81d75c156282f2afe9e993a3825d8a19b63e8d03e9144c2bdbd59e4010f0921869e70dbe6a482ec4ca364bfba7b388e642054e1cb234b89d0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 47f78c191bac7793c80b9bfaa3b37a05
SHA1 cb7c3e5c54450df8a23b5e9f51a1278879e28930
SHA256 86a1ff22e3de5784271eb49dfc0ae375e8cd60bf77c4d4a19fb6020e7570f727
SHA512 a143ca64727ac224523385233ae8a6e02c1f9d3589021ee2907459a0afb629f8ff6888ca3e1efa03763b4f93efdc362e7a38406bde1939b0b2a4dbbd2ef1d931

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 65e7d4ce0149db1378901817de9fa67b
SHA1 0f692c3856c43fbab4ad23fca47585f3d9aa03fb
SHA256 2196141f08039e26e4a83298988b64a2724d99abf5cb391c2192b753d07f6bde
SHA512 5b8cbf978d4a1be5ad922837828ba17636ba9a29f9edd8ad60576fb618423c4ae7463bdf205a3ba577a023dc3e2d35630ef544fd10cfe4e26f71200f82610ef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0bb2a4be27f2c54d83446f90a9e2474f
SHA1 36fd511dbb2e767942e7da8cbab794d19eaf8779
SHA256 9d33e008df27c47c95c9ba7cd3bd5ebcdb1b5a2b75f2cfac30d73d4a4953f43f
SHA512 2c509a23d58684b676ec3915a0983307e7608e5329b37c7b31d9797c23d7cb037bc12b04431249a9bc90e889bf62e5eea296fd60284950e788d976911908c446

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4e9fd5800b3ed84ad285c12a42d9ba25
SHA1 e18c354a7727e5ea6c3c35ce14be27407cdf5897
SHA256 553e65795aadb4d38e0d6d72d9197b498429df865b3c517edd493ed44b6667b3
SHA512 1489480ba1b3a388b4f290aa7cb1a273fd4fce275e7567a56f2caad3f76603e042fc7122eddea6750c8c65dd4b6285757b952bfef59096c9e9cde1297781779e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9216d73f2a02ea8feba5508dce658cca
SHA1 ef3ca5abd8432326eb84d101be6054d7be6ff593
SHA256 488d3987afe6057288beb7adc0ed252427204e647faaf69573aa3cdc9a657b08
SHA512 f7b7affcfcc1a597f8ffc7da2591ea1311dd6451607b35424411c9e5e10dffe24083cae6eb4287548dba90aa51aeff0a7f4786196b9f05a16e3fc9152cb419db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b56eb69ab43571092505727b1250962
SHA1 16d4a9b181dfc3b97d227087fa9478deecd448ad
SHA256 9c8199889125ee5a5a30c9d6656df8b8a5155f0d2f11ae50912cfb8e65d05535
SHA512 cefa7661ea2a9c8aaf12f54c5e1655c436d489e7b05a1aaf9fa655540434e42eb4a297f95eab671a08b3bd15b151125683266539cb232bf2dfadc844f45e8890

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 5bc25444e4209bb5640788e37296f6ed
SHA1 aebf775ab04aaaf389f6ce603a9145949c211da8
SHA256 d2462cca91b9c3609b484e631be9f76a98722dd28620bd3cb7c920c05f53726a
SHA512 86e259a7191c354d022db022258e346c2b61f44aba8b4d3bf15cae0f5daacbc880c5f37a6fc6bae4d171474105fe26131635d9e5eb880ff81d9fa0f622f6f214

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e56a08f79055d993cb9421076f31e4c4
SHA1 e3c13612ac82a9055014428dc6c374f58fe43a16
SHA256 874e491a0171bff710372535aa6d0bb16d92d2212c8a85328e3465149963fc23
SHA512 e4fd87d4d3ba2543779828c22f0ff85c036434ad157dceeea34c636e72004975dcc01cdf328b958eda308d5e811f0089e0ff5d3489a8a9f296445de8d5fc6565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 3a6a125a523cd9fce0e751930e9bcd89
SHA1 c1afea160d6cd8f4b82a85ed6dffdc1ad7f27279
SHA256 9fb861a3542a17aa982006bf5b27a8fd0950675b8242d335978fd0a7c93df048
SHA512 35523a7b14d9b8d2e0ecb6bd4d8fe151183e3c59a4700757200fcbf7d47cf19e9814b2060ef3e668b5910c8802e40f397818680c8aae2550ed6e7ed2b0692748

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\18527654-b8bd-42c8-9f65-771ce83b15b4.tmp

MD5 51fba53b86dd808b8720c7ef4b2173e2
SHA1 1aea5937188e297d20a936bd72408836225485fd
SHA256 ccc38f435aeda888efee38cc6ca8fda2428856d745468ba3d2a486b58a8560f0
SHA512 cffb88fcde6c28f8a0b102b3c6eb2d32f919803a16e6ff2ce027e690460a78c181dff94f107b34f83be6a1ff0e86d8489fd5919065e100043fc2e49960c89379

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 10733c4575472612e5e37683e78532dd
SHA1 3b9c75264864a4c70ffe9f9be609af4c1e0e03ad
SHA256 10d926f8e32da313cd1e9aa03e28c389ed41a5a374624c2995ab52563cb9f4d2
SHA512 48f654d146207950c2b0a35d461e141899bfd0c11d87c3742177277814f93b0678ad3486726911297cfa5ef965871389b4a83b93473050b03e9f85e1e536abd0

C:\Users\Admin\Downloads\Bootstrapper.exe

MD5 76639ab92661f5c384302899934051ab
SHA1 9b33828f8ad3a686ff02b1a4569b8ae38128caed
SHA256 6bb9ad960bcc9010db1b9918369bdfc4558f19287b5b6562079c610a28320178
SHA512 928e4374c087070f8a6786f9082f05a866751ea877edf9afa23f6941dfc4d6762e1688bbb135788d6286ec324fa117fc60b46fed2f6e3a4ab059465a00f2ebee

memory/6092-356-0x0000023690280000-0x000002369034E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8aa1752b0b1d0fa69ed62f9d4109d290
SHA1 0e70bf87a5127677dfe6cc55547e9692efb8c7b8
SHA256 15ae158e6fb709a0c58f07b39dc06044b95517da67aff5c5534d0adb52e26e42
SHA512 c70c9ccbe995e8ca6d408e7558ac9ec18981ea889f2c2f95fbc454e05456047c755bf2a99e907e2100280a76224af54b868504e79c82c1214f9ab5d88d620d2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e86bcfe4448a3224dd2a337d409588ad
SHA1 aa13f2a062a4d78841a3fff606e91b3a5f28d622
SHA256 51b4b0eaad660c9bc8ee323725d6322c99b8c7faa0cbc0464c54c45c27920e9f
SHA512 1585a4d611b02bdcde39943601430b5e00026fe914825ccfb9a786e8c0e94b064f3ae4e2613a9562f774d33732b672de47a4fc385e312bda88f4ac78d8ce6cab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d54ad0bed857744db0116d717fa2aca
SHA1 fe952a2837237bdc340b6c14e1bee5d0bc7099a1
SHA256 44a6c291aa2bdbdfb623c2f1f48da32adbb5697a15d966da245b2c9f608691b1
SHA512 5dd6d611c761842c7fcf371ddd08a78cfe2ce23524f94877b8f497893d603083dee868c45e8ea8f812a0f5647d56dd93999954e83f5c55e72ff3521d44ab7bdf

memory/6092-385-0x0000023691F50000-0x0000023691F72000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi

MD5 0e4e9aa41d24221b29b19ba96c1a64d0
SHA1 231ade3d5a586c0eb4441c8dbfe9007dc26b2872
SHA256 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d
SHA512 e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c2273cbcabc537e40c9bf1503b16fd4
SHA1 3a338ba4eba62d6a58e937785befa2e728698cb3
SHA256 560e09607a24230420be32a2def4db84e12e0ac77c575cb7043d4070b9bdd59b
SHA512 7ca6c1300a7b35c1e4be260267fd088111b47036477ee528f750cc87f9dcf92b4e35f7c8ce74c4d2096a4d56556bd45f068826dcdd67f84dbac19cdded81f33c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 424fa2f5b6134b035cdb81c22313d82d
SHA1 67e0181151cdac816bf567fe009d8247bfffc708
SHA256 0f00a3edc53d418e1c5c43ee61b6a813eaaf79d3a3e29cd485edf40860972b62
SHA512 e3310c1aae9ffacd5371aa72cd0aeeaecf4690302b6289d7302b64bed0c068c8f656516120863064751f8802552c0e710e9c010b568be743ef5db6084ea16a0b

C:\Windows\Installer\MSI727C.tmp

MD5 9fe9b0ecaea0324ad99036a91db03ebb
SHA1 144068c64ec06fc08eadfcca0a014a44b95bb908
SHA256 e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9
SHA512 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f259435588393097fcaba27fe199bc4e
SHA1 4636d4a60bf2216bc0f038e0bfd3bcf05a1862e4
SHA256 f55e50b3d779aba62cb2b00a4c340a9bfc3b7a6244a72529d3464361039d9326
SHA512 f777a293dc59a75ccb8a5b3847061fe40fbdfd55f9bfbc70a3cc6599e2f8fa95709e14991037afc137fcedaa1d95d1dcc1e5273087c3fd8471fa1028ed414542

C:\Windows\Installer\MSI72DB.tmp

MD5 a3ae5d86ecf38db9427359ea37a5f646
SHA1 eb4cb5ff520717038adadcc5e1ef8f7c24b27a90
SHA256 c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74
SHA512 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0

C:\Windows\Installer\MSI7B78.tmp

MD5 7a86ce1a899262dd3c1df656bff3fb2c
SHA1 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541
SHA256 b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c
SHA512 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3906af7e09d977a6fec877ba9abd05e4
SHA1 872b53e3a7d76bf0cb73adbd5293b91ac8116a5e
SHA256 fdf0d80afb14370be0b626bf7ea655d2f0e9212565f4eaaf9044c16aa61eb914
SHA512 d583929a73e8f4fb0c08580ee722004250238b3e589b0beaca418cf88abfec4148e96c5462414ad840c4c6923d811486a289c1cdfa42d91ce2ba1950b69001a6

C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE

MD5 b020de8f88eacc104c21d6e6cacc636d
SHA1 20b35e641e3a5ea25f012e13d69fab37e3d68d6b
SHA256 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706
SHA512 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4731a1a2eed88a695114b222528b6fc3
SHA1 b473a412d54a9eb140674d78a0080dc60c0d02e1
SHA256 a4cb585e33bead35f3822cc428895453c775f5482a2435701e31c204d2bd4622
SHA512 fc7875e2f653bfb4888c94eb8f8f20895bb950331ee88633f246da00f2ea21c81783fc8532ff1d23cea21cd36d8e9be61c666959cfe44df0a1660b6a4dc8812f

C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE

MD5 d2cf52aa43e18fdc87562d4c1303f46a
SHA1 58fb4a65fffb438630351e7cafd322579817e5e1
SHA256 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0
SHA512 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16

C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE

MD5 7428aa9f83c500c4a434f8848ee23851
SHA1 166b3e1c1b7d7cb7b070108876492529f546219f
SHA256 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7
SHA512 c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce

C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license

MD5 5ad87d95c13094fa67f25442ff521efd
SHA1 01f1438a98e1b796e05a74131e6bb9d66c9e8542
SHA256 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec
SHA512 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3

C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE

MD5 d7c8fab641cd22d2cd30d2999cc77040
SHA1 d293601583b1454ad5415260e4378217d569538e
SHA256 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be
SHA512 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764

C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js

MD5 bc0c0eeede037aa152345ab1f9774e92
SHA1 56e0f71900f0ef8294e46757ec14c0c11ed31d4e
SHA256 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5
SHA512 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3

C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts

MD5 f0bd53316e08991d94586331f9c11d97
SHA1 f5a7a6dc0da46c3e077764cfb3e928c4a75d383e
SHA256 dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef
SHA512 fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839

C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE

MD5 072ac9ab0c4667f8f876becedfe10ee0
SHA1 0227492dcdc7fb8de1d14f9d3421c333230cf8fe
SHA256 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013
SHA512 f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013

C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md

MD5 2916d8b51a5cc0a350d64389bc07aef6
SHA1 c9d5ac416c1dd7945651bee712dbed4d158d09e1
SHA256 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04
SHA512 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74

C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json

MD5 d116a360376e31950428ed26eae9ffd4
SHA1 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b
SHA256 c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5
SHA512 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a

C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE

MD5 1d7c74bcd1904d125f6aff37749dc069
SHA1 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab
SHA256 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9
SHA512 b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1978f84973e4cc41e5e8ee188879fbf6
SHA1 6a02b6133902aa1b9bbef19be272e21212d4cd67
SHA256 9140dd52d0643baf6014d066bf7b02c649ea456f6fb462ee9df8c1b0e3534a9d
SHA512 447b5a0f9a1f3fd55d343d64b2e4aa4ba4a726b8ac0bb3be42541a3225a1a26ade33cdb852308e6b89986dc66f3935ff96229f6c4e9916e605d5dc3838338191

C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md

MD5 e9dc66f98e5f7ff720bf603fff36ebc5
SHA1 f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b
SHA256 b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79
SHA512 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9656dd786a53796e021969b2faf08ecd
SHA1 83ddacec3f8d27c0e0f84d9bb386643f5cb28329
SHA256 9b91d666ca6e6ac833bf0dc008256fa988c8397b8ad01c00b4ffa3de29e4f280
SHA512 66b83c1c691902f80bc5182400ada567470150e4eee6602894caac5896d0794fc33d4f4cc91d3e6ab4869f3ce29e394497b5ccbed7da9a15a2e114051ede5d36

C:\Program Files\nodejs\node_etw_provider.man

MD5 1d51e18a7247f47245b0751f16119498
SHA1 78f5d95dd07c0fcee43c6d4feab12d802d194d95
SHA256 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f
SHA512 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76

C:\Program Files\nodejs\node_etw_provider.man

MD5 d3bc164e23e694c644e0b1ce3e3f9910
SHA1 1849f8b1326111b5d4d93febc2bafb3856e601bb
SHA256 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4
SHA512 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854

C:\Config.Msi\e586bc8.rbs

MD5 780edf17ed9ec1a3000478c6253c4d24
SHA1 12d2dd9975250cb99cb6e8e351d2e7452e6181f2
SHA256 d102eb7cd54598a1e21356b611161553312c033de9f2c4c25dccb75ad2f976e7
SHA512 bc1743a7d424012d2f9ef7df5215d1660b72c4002084a7ae061ac4de7046965fc6f482a0d6e59fb5f7724cb2741b1196a3277841a7d5772da7ce02f7882aa009

memory/6092-3065-0x00000236AA860000-0x00000236AA86A000-memory.dmp

memory/6092-3070-0x00000236AAB10000-0x00000236AAB22000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 30c58a3faaba34c4d99589017c617b01
SHA1 fa5cc5a91428e679717fa6bfbcfe057648daca48
SHA256 a2b745ec3fcc499b04f1f55186b3760c41fe4e2a8670c9cd666944b2a97e1e9f
SHA512 d45de1a572e56c32dc402a04daf035ce334e01b32b92e379063db2722bd00c8fe8f345bff38cfd982d9e2de51dcff2a0c088194ac706af8a2d652ebbd0518aef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 02cb69ad532f7f5664e2fd36aa2956d1
SHA1 1c0800344f7b8bbb0afba5f6112d91d5cf3951c0
SHA256 2ed7fc09dd96aa0b00f6559bf18280b3e6a66030bf2596b4fff4669e371713e1
SHA512 4530e70c62a24cd5cc3053af7b3b81b963bac2eea344706e62731b535662ab21eb02bcc6e77b15f5072c6b73731e1c5293360997b4bba183d2fa60d1865180f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0515695e295f9610efa64395c599a32b
SHA1 d04372b264a23001508dd1f4db22fec33048bf67
SHA256 5f00d616fc4563482d94eb852b1c7d2f574668d45c686baa87183f0155640888
SHA512 81a24dfe1ab9bcf2762d78d63e8018031649148b8cc2e02d1b5da4a652f1cff29f8f8e3390a97905f177ea259aa779c335e3fa5c82f14bee3204576242ba33bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9009020c880983121219a3bacf82fd3
SHA1 1db3d4693f35f9d8840dd8cf05e1a46192c4c615
SHA256 31a1f0b1b8597ebf679c7af349fa90dd2cb01e6f797457b360b1d42d044e524a
SHA512 09d87ef07f3f2d7ee5442b20bef8868347f6753b3003947375c72c6a930d298c3dd854b2e8261501202d1a3bbd30415f04458e829d2595fbea3c166fc21b58f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

MD5 fdf09c3c067041ffdefcc9e1bdea9718
SHA1 e31cf28187466b23af697eedc92c542589b6c148
SHA256 144754d90b3eaad27d8a11c86faadb24da4ddc251bead8e43b9ed515fafb84da
SHA512 9e32b294cfc17fd52fbdd62732571f4ee57dc0308d62af476331887d0e2446b483ceac06ba4617cfbb1c347d771c0f7ea12108bc384e93f69b180c7ca1a92268

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7b1fa49ca239dca38645651e25096f84
SHA1 60d62a6a24842df7524c80493a2cb9d199b81e27
SHA256 c129424815c186588b020270b6f51e9a5f6f16933718feaa102f54a4b8b56092
SHA512 f4fe06497697ed7b59deb6bedf925c71e3581ddaf479e07a3ffe8076b8f05e426fefaf44efa3858669dad3f84516e80993e702f9185155746a231c5289421548

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 588ed73141eb886c69ef43622742fa9e
SHA1 365dff28194dc48515566b3260c86bf7560042fa
SHA256 1781a2416ad449fa5386861531a4bf2f54d06751e316bb6f2e35d678cad971f9
SHA512 d001cf59971e74a9e361a9a49434551117ab2ce91d477e29d8bd090a271907d63ca0d30ea2683afb8789714b75aa6326cd4182a190c662e7b00698a8be1b5aed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a9f0618491a998fb23a0db0ce6d7cb5
SHA1 11b7fcfed470a7b2889ae8d41504ca3f303d99e3
SHA256 f3ded31950bd47253ab62e9218d2fe51ca30eea840e6752ca67b88e97ebb765f
SHA512 5d18066faab4e930ce6c04238e341a166c22aa22a52155b532a25fcda4c468b5844cdccd2211910dc0f45f967d2784f901583ab191a4036e5ca3a1f86bb91cbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7ed54e71b67d3892d9fdd8f4aa6e3be
SHA1 1862bb994f0650506115da15684c255a056700b1
SHA256 23e77c27a74511c3617dec70fd305b6854a0dbcfc7268b62896578cdf41c804c
SHA512 4532006994887af53de021fc4ae9e249cbf8b8cd5976a5ea2e04a6999c6d562dca9a896fab01f625234e9ece61ee767e84230872e7ad59091ac67031688d014e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0d39489ed1f08846bb9901a541e3dafa
SHA1 648c33fda9b683183439ff3e398b4868d6f2c5ab
SHA256 390f9af964a64a83ce74da47956f9ebe5a8e44551e85a62e9aeb0901c36c8675
SHA512 6994345ff9bec35a524ef0fd2143403cd2372179126731d9356c9f3375425892dbb516a4a31ae950371d8973e9746744260200f67ff3737b260bd55ffc9ea24b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa04f6b8aebabe2dbd8678454fbbd505
SHA1 83210c5bc38e8bac909611c7f34e7e7d8bcdbdd4
SHA256 b2420b5cdd7ecc6938783ff6a51d97ef44dea1976cb27a0fc1f7224793d5912e
SHA512 d4f4f56fc5940fd43d7ffa8f6395b986b0ab917c67a072e90d57dec9f9341590b8cec2cbe0d0ed74fb115d61def36ea64a59e746f4ed7038d3c1123c93a8616d

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 0a4e6d7286b389e2fd93317e27d46585
SHA1 dcf0d769a94555ce60f1b367b2851477286366be
SHA256 5853f8b5333a0c7a4fa318e2da1400eb1bbd0a52dc22b5521002066f242a2ac9
SHA512 b859cac971f414b24ca53832cab53cc4a424b776923d7f7c2c167f2d60c5aefdd4d5aba255af2e1e3673396101b575bc77dedea3ea06060c962863d635b218c9

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\2eaaec627d05c9a36db0a75f68c21272

MD5 2eaaec627d05c9a36db0a75f68c21272
SHA1 9c123e54b8fed65b0c768c1e248a3ae78964f625
SHA256 18eaeff48f24edc79f4b81a3d5d74644ba8e57653c3ce0a30bc15df917964452
SHA512 cddd4bf4c19dfaf39e97b65ffb20094210e53aee9d48a6785e104d8d71de39ee8d9faac247100f5c867edc65294df546082de692ae7fb00a89c711e63cd36d5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 37e4dbc7ba3c55cbc8c8a220529076ee
SHA1 fe5d233455e6f1e40470e9333bc225e359997739
SHA256 e838c66d743ae58fff167dec8ae3f212186b166138ee95396457fbf350a549ac
SHA512 844d69fabb5684e22954581882ecd384b9c1410cb0d58f50fe4e1223a63d2c3494291475ae2e38529ef767f610ba0a137c17d09404ae614e9e8569db2843c41b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ab5f848311a46e3ade64cbcbbb66808
SHA1 ee327efb118255816bc4033cac720a3244bb4051
SHA256 28c01aec3b9f6f6642247e183b1c61a928e1c8ef66859543f497d98790f593c6
SHA512 eaefa0d5b0de511021d9488a0c79dc93ecdedd2243356af2fba124f1a817b9036c9f738bc6713c5dbbbe5ada0ec2cc41c06ccf56cff26a709490e4a78686cdd8

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\5b6171c8dbb01d6bff4fbe433ef7134e

MD5 5b6171c8dbb01d6bff4fbe433ef7134e
SHA1 402261ab9ede4118da88e15a977e48b06138f9f8
SHA256 b693b5678a7ea4620b1a3959ecf9c4864fad30ce9e2b195433fef28c296aff72
SHA512 ab108c6890bc4ce5956bb019f339c07d0bca7a998ffe09015a177bc3575ff847f36fd2e1123c713d99131d60a4b27323db911a2bc9fba8b7339f98a2c340ee30

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 0c8f4a62c4ebc4ef25452570ce118c33
SHA1 15a9c064847d086b0c5b1c61a8a12fb5f185dddc
SHA256 87670f6514e3b7b4c84697fd09fc7859bcca9a2bdc9221eaa26c574865764b77
SHA512 30a563e17c359d4d5ee4af391e67df2c0ec8b1db21a9afc477585abffca389fa6541ed9b6de4564c3669218ac481d5d99cced8170b7cc8e060971cab7adcefde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ca2da34c0ec57558de0f223592f07a5
SHA1 748b001e0223164d7761675b13cc1680f7d7f13b
SHA256 ebdce214b130c31320608822943a656bd7f886b53bdd3834da537f5da49fdbd8
SHA512 2d0bddd0bea84c2a7f9741954b0dbaaae9c8463f3d9cc7a4813bb54a45c1672e94c6566771f0782105dba37f32add1bb7b98067c95e74076125e05d057f5f82a

memory/5676-4366-0x0000000000160000-0x0000000000195000-memory.dmp

memory/5676-4367-0x0000000073D00000-0x0000000073F10000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d43df43541939bf68a19e2ed4abe88d3
SHA1 d9fc65ecab0fdc4e54ebe454a38635209124291e
SHA256 c33f4a9bf597556486b7528c791df285d59dca7d3c8f1f4865da8b01d5a8ad7f
SHA512 23414fb7fc48887a0286b3e840e4ad23e998b581a9a9d99aa9b461fc420eae50b09124b4b3310e54770370dec86b366792bc77ca61427030ab85a3fe22ba4ca9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 34e504c25698788edb4fae17c7a34999
SHA1 da15221500618b66fc8462f5c37a4636a718cc2f
SHA256 712634c561bfd6b30094c3a48cb571a9b5f1b5c4c2345c23682d68ee7bda8b50
SHA512 fda95eb34422f84700488aa799cf1e77a98f241646eb0e2b0a33cf053ea1e6896818fa97011f16c5ac735a31418c829af46575ac6dd230aee245b5d83a365203

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3703557ef2f1b6e2e9a893189bf137c6
SHA1 402b6d45d870042961c26ea4f10d4c8bedf09a2d
SHA256 e2b14d9b011fac1593adcdf102607fb10083f0cbb0af77f5aa9e7a08da4d90b2
SHA512 a87df54ffbab145ad74af0eb4070e2c45bac7b79a661407fc574cd296ced46aeeb45038905aece0da4c1d9ae08f0343dda3349a488b12b93c032900fc1a81f1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d0731f26714977eda2c580c6d56366a
SHA1 a609b0fe81e1e0c4ba12cb9b57ae37642157493e
SHA256 94f1ff98d2fc74ca8c8a1821af2dd04896bb5b0736b281507f37fb30fb0b159a
SHA512 77fd891555366615797fe5320961b670f0f2c2eacc381da90c6fec83d9c17d6e26a2182c2aa37acc08fe95bb083fbb0b9a5e3d1329b999d5738176ed807aa818

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 424121b7f9e61d2874026563ab607b39
SHA1 4952359779a79fb052024d22aa1e0dc6363a7045
SHA256 77257229c63ead286bbbf6e723f2319139b9e7fdcaefdd8779db3f21cfa3d8a8
SHA512 7c015af69d6290a39a0e1436445d315bd4d77fce36e8b46f20d94f1d0868322b0f26cfb6e3a876ba1839d9843ad0fff5ffd1424620ec7b10a62757f1356f42d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a287b0f8ad6362e4acb87bdf9e3bc1f
SHA1 484f53be27483c53a80a07d7a26b6e6677efca97
SHA256 9b64719ce82db49da6520ad11642eae81c41f9501e72fecf78583bedbf42feda
SHA512 c09b1404d78896ccb6535b29577294e9bf3160f34e1530927cd22988608c22e7bd99ab9e9275b8d3af885eb837059eac0da40facaa4024c542d507b14e275564

memory/5676-4438-0x0000000073D00000-0x0000000073F10000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 77f4e41df09a765872c3df7a06450865
SHA1 36bdfa365f399bbe500f732f03ab4e41277fc0c5
SHA256 c2ffaf7261938bef428dfb065ceb068783ce5c0ff78e167ff7b6e41e451b58c3
SHA512 b3709dec33620318d6627c0eb330e857d13e09e340d2a53112e067423b00620bc16646d670603ceb94553ba5202fbcf40358504e2ed27d70af7d5e5fd802912f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 15a23fdd14df1e35df3ad857e376acfe
SHA1 04e17110917daa69d2c6462e7cda7196825584eb
SHA256 18e9f295f583b29bc928f3a83bf55fa21dae3cf134fe334c720b7db081fcf595
SHA512 1f48ccae323aa70fdfeea020720d93f146ea0e2740ca7174be92532e826bac491afbab6ff330bd49d13894d9e1af1f2f3ed2e1a14beff9b6c89a792bd52a2ab8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 581bab9b01a5bae858ddd7c2eb2353cd
SHA1 4e0568a7432994d135d87a92c007589e0e0f688d
SHA256 ef301c9166af93c10fef9452dc81be84723341f03732ff530c1f836bcd84e20c
SHA512 0f992a58c5745949f70af5576739f83789ef3f61e8ed60763d6cc9fda0fe770fa1707b5c4112129f19fa4d105578568ee5a75a892087ad946c605c9c24fdbb3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ee

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0af2d04cbb51ea3b354d20b750d9db96
SHA1 305389f0188e7d373ab964bf1e9f584b48e42710
SHA256 6b04d1111e167764d950e3e13007dfd15816b1c2e57479c6c4043cb4ee0e7f85
SHA512 50ed957606695ec9880c58e451c59111a4d2c4d72d6a3e43045a018effbd584326d1df197e1cfa47f36b56cfb366efff25b6635cb6c3f1abd43c54164b10f58b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c22f0f55782301679fc75eae65dad3f7
SHA1 807eb3caba0c972153517e4e082e43d0e02792b5
SHA256 993c022d8dd93c81963ee673418af1039b220327c40e98eff8b43dc09c6b13f8
SHA512 3463c22e18dee095428c943c934ee0ad7f1ce74e228301b5de1827099242b0c533dde49da6eb2e96faef1ae165d98f97ed5ce46d2406be9d0f060a494b7553f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cecbbae6dcae2681d3cac31229d5f138
SHA1 3f65cff6497e88563df4d28d41e24f2430935b80
SHA256 1e6adfd22a8472ea76c98e45f1b673005c6474544ceefbb8e01142488a3f553f
SHA512 fb031c22c0b1707f43a306639e3e2e0bb38c2c5a65c081936339e450729e26c6d2eedc86a716970329147b1fb427c663dcc5bec9e7d3bd683e298724cc74dcee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d3a32dfcf9dcdbd44054502e03b0c957
SHA1 83a97cd9b912ed1da259eefef345f162ecf0ee9c
SHA256 40f90c236a04b5c6256ccdc2193928166685ec2c91232882407bc2a75091ea20
SHA512 999f9ab4152517d3876931e4ee518e04fe9224335a48c0f412fe1ef8b3b8bdc84e031ed5e3608fd52d8c9eb762fcb432eda3e61e328505f55dd008fdfb444929

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c3ad030a9e3d3c4ec0080c05724430d6
SHA1 8f50a80b9288b0188e37dc7a79ec4c41a0a73907
SHA256 51f5e601c16a9dbe3233b8e2bc7d5b5b34fab64630196b6ab8e43ab44deabca3
SHA512 aa7c2f0a19acc19e62f3b77bd5510f718f86e46ddcfa5cc8e68e255f57f7e26b21236a519428b8211380b697e6fca2766e0adf24d1a8e93ce3d3212c28ed0a93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbabbc5738846dc5b7f2e1802a53cdf2
SHA1 10766ce13db8a01e0a9a25fa80c9c17380bf4ce2
SHA256 e43d2c13b712e8168292680fb7b10be4e7783335c95f009c40504e2dffab3860
SHA512 019950e1da7f8accb71d4031a42b55c12bf80589985190def6edd1944db70f6e571525cee494c875f052b4339b755eb250306a704e3a8451c3b771dc7d29fbc7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23ffefa60f789963363dcca801ebd88a
SHA1 36e775b8331c8710212b905732704484f6d2c561
SHA256 6cf9daaf147a9bf3377a50bf8fbf64c55fc7b04fb1b99aee39bf897d4d57f491
SHA512 5a2affd4385a06d748e87550485e8ca5d4e0069532b75e8a51369e4b01b7ad38ea8ecacc092e431232e1966b4d3e08a0ffd96500dbda6e82c7a53feb7260daed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\31d1cb90-9ad8-4d8e-90a3-ec5135efdb2e.tmp

MD5 2eb8301497755042050e77ee1eaf5491
SHA1 43619e84a0f1b7fd8ed1fe862b6853ba39db6332
SHA256 aa1f3d0613e7996e41c59c978d40dc5d95f241a6cd8899c8021642790e42ff3c
SHA512 8ed069fe2973ed09050bf9fbaebe6941ba0a5427affa4bfbfd622b234717fcc8bee41c3ef64f03403f088bec8886c0aab5d43858fb9334f274f96335145d6863

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 195731bdba5f3fed21aa1ed1901b4c1e
SHA1 a25093411140f66bfcf042a831ee1053b19fc98c
SHA256 40b11f2f7ce08424aca05ce4155a350c926b2bfbe1de5428af3c239132da33fc
SHA512 826bb29d97d81f3532b5f21037819aee073896264bab899f3733da17190606de59f6aa9975339141a5386166193cf1cbc3ce86d928d9aff5be85676ce8dd6f4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1459a271ddfcd902ef4dc557ca888d79
SHA1 1c1c1262f79b8403d41863e70048e13418205615
SHA256 803bdfc46f2647e2bd102bd227b9358503113aa352f39e0133f42fd48eb7af87
SHA512 18541a7c4dbfe0efe6ccedc6fc7ce61caebdb4dac34bcf0279fa68e1dffdcce33debafd815babfe170f7628393e9bf1da267e4c29061a90123d0ad04bf0195de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a2d3d2e2b9a1c2eb01f306decc7db46
SHA1 7c409ebbe4cd1e8d64d3f1f12804bdd1d0f52ba2
SHA256 06e76db77a2f7a44ca1ba47b535ad9fbcbb212dcf5b2d30a72ed3516bd8c5a8e
SHA512 b69f8c458087d23c098dc0a8a5cdce5a1500617b0515d8bb10ad4e52a729caeb74c5535a414793b4d1d08ad26aa12c160a9fb46424ed8ac742a543dbfccce3e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e7470efd8049a0826878fddaff2851f9
SHA1 b0ca8655b13dd747d6540bf6aa70b620df6fcb6f
SHA256 8d652f69fc63e8afe5be6bc8c4e0ff6c2ca5c3991d0fbf3a1ba12ff3daf9498c
SHA512 e14578040c030dfdb1b271d59b0dd10e072212771c8f3edc2034d39ffddcc3efc1caec499a718678a0611be8a9d86895cce260f1cc9e4baa7713aac49fb6b336

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be988a641c5596dec118bc04e5602535
SHA1 dd48044a3f4210090191987f21f4bba89581a544
SHA256 e4e6ec79792d5ab530a725ffd1b7104cc0ddcba77a762a539bec08efe58f6787
SHA512 37fbaa26e14ad104b3bad123130a02cc1e22e512ddd746e3e8be4107e8db510e1d413d18cefc3666400bc50e85e11f71833be278ddef901c19d24d3b7d7e4952

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d7e2272265322d374228380d2f399988
SHA1 37af61ecd5fe6a6761bcca8f86267043a4afb89a
SHA256 5ee0f813ff10636329b8ba9e577d203ffb5aa9924c8736f3794f2831206069de
SHA512 116217f6760a7e81ea3eb795b2c53a1bfa9ce30799bf905c10f2b396cad012cca40ba715d312e8596a96523fcf7bddb2b6eec81d79bc413f0b62035949ee5d86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\5424cbcb-7be6-4143-aac5-f1a43733fe34.tmp

MD5 d5134cd82b5fc47f5c2c8a88be76e91b
SHA1 4e49204a0adb10b0c981e6cc7f0e94381b735f6b
SHA256 52214f84afcf8966c1f478b346be60712e3b7bce09171b4929a2668b9e9804d0
SHA512 ef3a543ba693fe2c3a0633460e51e8345d82ae1e4f22fa6ff171f0ff5548444432ba6b9aabfbeb06333796e0869e4c3848114da72925bd5e321e67e94929d13d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aac1bbc5f26afbdf6b0fcccb4bc116e7
SHA1 7c9cd5979d33ea599951b40d334dabf601f738e3
SHA256 b0d0e2f9f9c1cabfc18b0fc8b9cbd8c83f54eae82ecb5104adf59d0705b0ba00
SHA512 d15e0be322e77fa77c72447bd9a4e10ac67ea3cbc3b0202d2e8fb9819f78937e0f0dc74c3f5b27982de2eb5c58e41a7b1a2c15618687b21607eb1baa60f6cb89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 57b45836f06adac221ea22a66117dd14
SHA1 50646b4a4b923d818a18dab9f2f45779a65c9e66
SHA256 48d7bf53f79f558950cebcd616a47089ed64bc3ae7f0831db6e4ad511745cac4
SHA512 69359a89c157bba2007a24c32c5fcad211ccee3acc1a341c19880441e32fa39e2d81bb7d3c07872b806a175ae09193f0c1c17ef9a6c1940def74f69e18ca043b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6fcce301bd31f05dbc05a0e4392eb6c9
SHA1 1caf85c936992f103fd0977fcac1945b841e462d
SHA256 4ec47522cda923f5f82bd9472975088246f457d5527ea387493915def1ec8fc3
SHA512 7e8fd70b7c0e8ec5bd27e911ed61c46f028090b6e7d862a604e19da4503a18559ad9290bbbc8e7fc3f51ff01109407cc39bfa7d492013a0921101a97637492c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d23463205070e856d00556dc62af7d0c
SHA1 40952a0722bbbcb6b5ff78f5d2ce57bea6e20cc6
SHA256 22f809b443ae63664f77277bcb30e3312304c7a97627b7513903f10e44b87119
SHA512 8e18b373d85f9340f68aa2a6b8e39dd4fcc60d47cf07d75d179d4008ad743cf18590d5494801a4e5d2786f479fa9512fd2cf3de495405e0a98e5667c95f1634a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 683bc6d0ce7bfe201673cbf18dc3b2ee
SHA1 4b9bba02d2b483118dc206b302a98e429c53adb3
SHA256 53584feec44dc615e5408de183fd6b34e92dbede23925543405f1029daafb930
SHA512 3f324eac02c9411951da53fc3eafe09014d5e4984a866391face0655d5548ed2f8cfacffba4703967fe599156a1be20e9a1af1aa083071c77e65f163f04f0b92

memory/5676-4836-0x0000000073D00000-0x0000000073F10000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 892c81ce3cc904967599fc7ea5fad25f
SHA1 02a490474e4b64a0f25f658f9447b59b5d35ac0a
SHA256 c2e19a8ae1c4a196a3d156115be90ea2f168351ca6463eeec200f27613108da5
SHA512 f01d3959a881844e2b736499b595ca3c8c9e7dd332db78073e5bedb0b705163995910c674ea1735e23008f4ca8cacd0da539ac78e986d38fb63651b18a550d26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64682537d3edf582dd795ce3cf8dd339
SHA1 9cdf3f8e23ba05ce22418ab33ad739e51fa741ea
SHA256 244241faf17071155c02a8e30c26ffc84e8bcc4af8d3a7c31d8afeae74754f4b
SHA512 23d227f178e6ed8a844962811185934ba35c9086e1ed72f78b3a867453cc10c7229d14c6d19d061eb89cc212833cb9c3e840de9992f6b5275f821c927a701a5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07e464d5857086fb1e2a384d3a3d1c20
SHA1 0db55c437e313e2f43df415ce020a6b1c71946f7
SHA256 47931061f22af8508e9f7b38fa2f34591ee45b7b80bf42a621cf664550ba78e6
SHA512 752e009f5f7ba4b89070dee41115285523887def667dd98c03de8596bddbfff195fbedefca78c45dbde357845cbaa5a1d8a87844c6cfd163a052aad9ac389d71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7dd55badf3ebfaaf43ff6825ebf43648
SHA1 91755b72db65b68a9c9e936b2431d9f8a74441e5
SHA256 3184f9b7ca8dc39256abca0274289e0112775338fe24d428dcc816c548604b4f
SHA512 964dcb60cb72c756ace7da9972c273e2a9608c1db0ba64fb2dfdbd1274b35e94ff504fbb985f084d46b2e6bb28ffc3e29bd71fdd0f72c46f13481176ff1ae638

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79a3ca365a5e43f344e922a19794299d
SHA1 26e2d5eb054bc1c09d6cf725cf121b92e8f7eb94
SHA256 686ce5f318894c262fda70b092ae0e0a2f8c64a0e9297a1f6104aa4691328c12
SHA512 217773f52b0df00fab57be7f023dbb6d2212aa747edf59c917feddafa239341fa7cdbf83971fa4d1149ca011d9e86ffb5cec362eb2166f02d2ea3ea3cb06550c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a7df1ed4c9ac9b932792d2bc630fc38e
SHA1 7593018365840582e0f0c9f39c4ef09bbb35c69a
SHA256 119ff48afbca9b3bc91f75fd22dfd78569e42cd48ffd1047eea6f2d57e25ac75
SHA512 4f000ad9cdb3e1744a0aa8529c357d09c236d97e1b4935cc73aac1d9aa25f6c9bdea68fe91d93ddbc4948d1751987ae727524f1ca972ff9958ab7c9bddd6e389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b87b85541d1b4efb381900d20f00307
SHA1 6640717086bfc1f561a76907141f2a2cf590c3bc
SHA256 24611ead33305ac3e5191a95ef439281f2aa65897fdcdd1822750ad67861d591
SHA512 7ad89b2e4ca7801d5e5145a62edf22f771fac47065829a496fd6c7a90ef7e3cb1a706b344276a9f0c1a60ec9d15dc340716bb32d7f5f96703fdd5bd3767b716e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bddfaab4dcc05b855e08ee52c4e2a8a0
SHA1 00cb46f9825da82142cac919f884d4eeeb11c80b
SHA256 3d65361a2e196a20ca1bc65661e38dbb1e86cfbe0e95d182f7becfe422ec925b
SHA512 90b36bbc16033ef2b76f6beb48911de189882a9893bcd8c3d33b7336276a6ab1882f1be660abf2c1504a0a238778c4d657010a0db6d1de3b1cbb5686c30fd7f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0b818c55c6825eaec84437c6f54ac4e3
SHA1 b40963603075cc3ef6f977966527522ea0e45615
SHA256 9e2505d67e721a12b24b4a9b0eadb61e6b3f9ac1d6f6390627fd1f23aa6d9874
SHA512 b5da56c6ad87d26e4e50c1b923b34d34f954b0d43278322025e81022e68d49ec1c00c0e45b595b88a33b3693836ff5bd4d122f4fb7c3374791f9d747da6110b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9acfd1b808eae8f84eaec3e64be695d4
SHA1 4ecd7278e21d4711719bcd20d51986051aa331b9
SHA256 51194f91a50aadc7ca50df8518b3f94cb1610896ae996a6819ec527d1a336912
SHA512 f3221e67cfc6f2ba76d6b89adf78221bc24981e181c94299b57ebff86c9506e97fc47531628413070535acbd151c1f3ce9c02781094544dce77e27b2a5ca91a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 957d7b6b792e3d6cc5c68a5f815fb5f7
SHA1 de4d47d1e93c0f2fd317fcd30ab4eb15bca02ab6
SHA256 c352333a70afa2fbd30d14117c338cf1a02ece7cf09ef6080c8ed57a928c291c
SHA512 faf26a61c26da812521b4a62a9bc37ef10fea4a01650260cf41f677f6e1f0778ecd7a601fc324cb5220604d6bb20cb924003da5805f4b874ce22bb5233dc6393

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 044d59df56dda5060f633e6d9f794a54
SHA1 b55b24e7651ad418253559ac42b1f6b5d22f0cb3
SHA256 2801c3ac3413d93cd2bcb2a9b53a37855b01156f36b86f5e88f07a4533f417b6
SHA512 cce4832657bc235afcde3ba0987e1576c4d0d3457f0926a6083fe4bd3679ead38c1bc364558057622f498b5729db8fc85f147c9dadb24e5d0dfdfa3deaa09d31

memory/5676-4985-0x0000000073D00000-0x0000000073F10000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 523243a8bef8e5d2755d27f697c1c96c
SHA1 6d72f6029f6ab8dc4afc9933a1b319391f95d4a0
SHA256 31d9368d5dd9c41ca5fe2b5a86e28023f9aeb2d1e533cc1c688bca719b0650c7
SHA512 549e60cf5869032749e4599ec567f0223e2f536c6ca0e825b353d9b8a2a2dd74e1e0c60d72304d903b8fcc238311d73d6d2b5ddda9cbff08d8b755a6047c7db4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b72d0422717fea3f79f718c71d41f8a4
SHA1 e45645fd8586200a25ccb92ff52130f0038a4fc6
SHA256 fb28973a6b6854306f12bc70426cba48c51996bd592467aa657012c78d521dc7
SHA512 01b56f36a3ffd382cc0604e31a7ace9eb25752ebacfdcdfea4bc2455cf9a9881599931d4c16856d81929c18d62b1e211bd312258f8d60bed2e65aec8faf4dfe2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78f8def2e8a00d65e6a6ea92b1c18e8a
SHA1 18981db996f9ed108bea0c6b66cb26e9a9d73b1c
SHA256 b3b38927b3396e47dce13853f91e7e263b46210966aff7c934fea2a528a52411
SHA512 dec9ac871615e183753d14058dd0ded225ae4b80fde50d12a4e22eea455be4c3a4d08d021047a27eb67d3437a87302a1ab1dbe34bd0439b6b9467df0ebb7e430

memory/5676-5025-0x0000000073D00000-0x0000000073F10000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 16f406139bb99e151e511c9cfbda1480
SHA1 415ade70bf5be0eab5144f6235451490a657188c
SHA256 4b21468cdbe7caec62d09b1d75bf0127523af1d2ed0beed85f9794d0a06c30e3
SHA512 f7d395385e1d49bf19823f5de77dd02fe23810aa32bd5c9521a86f65522e34782dd2299a969fab1c9519a14e064d743b7450b19948906d6b7b7057d3f20a665d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b38b100003a440f334fd4fcc94c19d9
SHA1 c0bf68b368862dadb1cf1cd11166f4732563597b
SHA256 7a8d8a713885d529695f33cc2409774c3ae99986f258a106a69a090909a2c0ec
SHA512 66cb391a18dd0af3bda0eb82fbfc7798690b28be0f408ef671fdc6afd826b0dfd0708b8fb471c1782ab1c99a484bc8b2d8155abacad3be1fd2ba25f693b7a7ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 68ea76dab4f8b114b9a7cf53af87399b
SHA1 f13374b553ebf983ac7dc3665c6a03619f7b6b32
SHA256 e25e7d2fefa8eb8041de44d4549c9df715a5b1b3f53a3c21cbccbfe8d9a69c29
SHA512 5b93e44590a22e844654b18340c470fab72a6bf83b1b6c8a115be710a94cd98c71c4be9083b77adf86647719019c464944d2db39af45a4c4d961111d16930e97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 707b4ffcb4d57f07430e0d57c2a6e285
SHA1 2c7072af0dbba5069fdde067f9fda3a4be973b1e
SHA256 61bf6d76c290c3360c919b2397144e6e7166093e82ee5a6589f15659085d2be6
SHA512 d94c35e084d3d6b77d2ebea4ac397c20da318701ad5dff122b6885b7cf9b0eeb8b0aac12fe3593b2f03ffed0f66dab7a4d0cc5ac34e7a47a69db0e2935306337

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7bb57cfa75895a02023e7bb8b6636d45
SHA1 1f78b951e7434bbc2c9816a3ac264374dee15dde
SHA256 7d70abceb233e45eafc132fa0ad7a29837131830394e9c67d8507afb0c29baba
SHA512 e5043baae8918a863bd21f2cf246b0cc059aa8ab5f1bda96bfd165d3413285df55bafd9e5b982d66870fe7450b7e7fc81b49bf91e9b622f52d636167409bab8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f579ddff73d73503ef197753a149e695
SHA1 2a3c54bdf2212d2692343253cfe684b8746753e3
SHA256 c21c5b3e76ff94f3a430e367c30c8965065021521389a144da12da0d1dc31c5c
SHA512 37ff36cc05defc7513d914ddbe2e99dfc34c36c1cf38f91c5c6c2867e7537f5c01bdfb5d1cf5a4948802aa1ecab2de6db890cc6ca4434a2e9c8f5f53bf91cf5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16c13444e0985d3112e9a0881847c72d
SHA1 d73b900b6bc95d37dea14fe5a6fae92a47801c93
SHA256 846b571b039695fdc4923991fb2f9fbd54f2db841abae9969520922b909f9bca
SHA512 13920c675368c5f91347079a09ea4eed427c78033a83fe3b97e455b576e6c8166b6e97b16afde231364790368232585d3ddf8270167a8fb6682541457b2f37f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e1e33b62e4ecc02712d87a86a52bb5a3
SHA1 fa65d660c5b8073717da006cc708ae4b2146d916
SHA256 5c053cacacc5a5b6924396207710070ab1c1ff9763293d0ae65167a39b509f40
SHA512 5f1dbcae75ae5b886a255d464b8385b566cf656061998d20fa550decd9edbe0e23c4a6d348dd6483c696c0a2a3329c6ca49b1774640bbc44102ec51f58715b04

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.15\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe

MD5 90decc230b529e4fd7e5fa709e575e76
SHA1 aa48b58cf2293dad5854431448385e583b53652c
SHA256 91f0deec7d7319e57477b74a7a5f4d17c15eb2924b53e05a5998d67ecc8201f2
SHA512 15c0c5ef077d5aca08c067afbc8865ad267abd7b82049655276724bce7f09c16f52d13d69d1449888d8075e13125ff8f880a0d92adc9b65a5171740a7c72df03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f891e6439d55cf178b300307d54e946f
SHA1 5c4aced185748778d60bc40838ffc7f7de5a8b2d
SHA256 23983c45b27209d07bdfd74cf55334d8f55e7973797219125017c3d2068ec853
SHA512 83c40cd92b045fa223b8cf2a4d9bf432f21772a15e13218c97cc539cbf0889237b0018df6e56c672d793673bd0e10a39adfc9912e849ced434b862edf702a9ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7bd3c293c8b14c6a60d5def6dc381b00
SHA1 0f94e561bbdad6626635eae8e09958686f38cfe9
SHA256 f1ba02eb97a9bc8248d8875d6c8e4875c923b2543f5c6bc99e7ff29d839ad826
SHA512 9adb953941f8bdbb6637dbbff360ddcdd93126b4dab404c692a06d5aca9e3fa3db0f88cc4c2b3434d4d8a7d26277fc61345990d18e0b7b283b5cf896ebc30414

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d81240ce439e734d9419ae1004c484a
SHA1 1d5810457d6f37a167faa3528474f996e8955fe2
SHA256 a8cf6e0685fe6e0ce9b7fa88e75dbd9f9e0af52edf91cbe7379f90ad8d71d112
SHA512 339e189ad01eb18dbb42eee9be50115c580e7ee6054d99cfe07077a66dfa3960d874d71afb7fada515be6136ad019e6ad2ae7bf3dfa81b0084d83d262af05083

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 de652878b42a4854b4caeb66954f09a4
SHA1 fa2b17f32d0a7d7dccff7b8498234ff2b673504c
SHA256 28d0757f3c84f6aeb399435fbaed441c4335832c22a8956bf1f3e9152a444a06
SHA512 a518bfaed9cfc7172df1b72ee0144c0e655a316e4e4bff46e9e3a9aa00d8ebbf188eefed3cc412a58beec70c433c833376a36312c8761f45bfd7688fddbad214

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5174f2a526c719f01653d10eda1ae4c
SHA1 057c62fffe7d620f50f43e96bd956880db3bf7b1
SHA256 4b53548be264839a1ed87436f762531ea3db0d1bbe17d6d6c5206873ab50b333
SHA512 9f9dc448a9a62f60f9b5ddf4cecaf211819b9f518a2299e5ded3f27f46e7b68dc89cf632fe3409e60e8e5255202d6b4502d5b5bd0bd4016e25fdaab16a03c751

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 915e621b1917231cf3c1d8f3cbb85acb
SHA1 92868b351e7b8c49a081ce70dadcd0ee86089d71
SHA256 4029d0bbe653aae96b6a379b61d7ddbe4ca5b8114e432b7080861bdd0189b7ae
SHA512 280aea78a45733a90d7ed50884edc123a5444d4756363a1addc5eab99fcce165d42e128c28c349d0d709f12a629414dd87677a177b73743d7b31b09c0c140e78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dec743295d364ad899dc5c6f2c9e3c79
SHA1 6e6e7d4b2e24ae9ad7c49d9cf25f163c9b2be614
SHA256 9ce2c28f825fa8f82157e24258c53a2d4fd53192c0b4446655b23942b1ff9482
SHA512 5c64847c23cada9478497d92099638b15b78e6ea1cfaf642d34c3ea3bfe5937726da024b7cda9bf0e7c2f7493b1ae4e6b35858fe162b49da2f4dd445e4018482

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8270343fd575693625940481c0fc651c
SHA1 0440b80438f940ec30c222b5dfa8b4f494012a1e
SHA256 62182cba17bee20e52f4f858ca9e35788001b1d1a4538a212d78586935e2a7bf
SHA512 6b1fbd90b2140c8d47c4517d0adb8195a68dff74c03824dfb36afff6f33278a4319ca25ad065ff6f4afc209eb5e5c4998102519eb7beb551304d59fe8a49438d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d80558d7342a86833913b6ee5abcce65
SHA1 849ce72b5c24a8c190e667e34f2a9606b17f506c
SHA256 5c50b448c8b8292376a1ef39d8308f6106e9bfd2ce53f291ba4eba64b82c4222
SHA512 11eaf5bae6ee7c9d84dd25ac63b9a707ca1ee9daa700dd3af1e6bbaf66ad07739d3e43c72e6a4562dfff76a7bf426079d77a845e65f35b68762b297218b5b713

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dc754a4f001fb791a8a322418f74876
SHA1 caed565142df8eb15b97aee961cb3d48be865a34
SHA256 6a55aeb96b7bbe4173e76192a23cb0a2065eddbe8dcd67378b81fbc8d11cc27e
SHA512 c565254a84a96b5a8bdf056cdbcaff88416cc02de2b6fadba5a614ee64c278507d70ba4970a266e274d4ed240b8f4a4aea82321e59ef7e3fc7a493a436a64d2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 12d130509f24fb94e29bde0af96910a5
SHA1 e7e6bcd275daf7de378fc6ecb7d7d843bba4010a
SHA256 d524109c3074a949927109b443bd2f4e2652a1eb5e37214372de3f16f4908ddc
SHA512 eef265df6211775d62b0471b3e06d1f58d1e5aed00eee8dd35447af0b4a777474a6fd95b53c63d23286c5ed841897e179f24a87451aea1a656815ca6f8c4ea31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dbdc48448d9e74ebe4f5a3b49eda0a0
SHA1 d76e6597ea0fa8d6e9e9da101646ece709c6f8a9
SHA256 baa93c7d5719c351a6ceb88f6d949e7d58300adbf8999937c70529177e6ce68b
SHA512 339dde55a7bb0baec0bc679e49676dcc2c76669110effee8d5aee78620cf6efba60cbea6c13f92193bef403a25c3c3ae58d3289ddc3f78c8c8990fc17a4bcb78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 308833c8663f40a86a6b7b751d873b14
SHA1 4f395590de51eaaac7e8f8c947fa6903f0e10877
SHA256 b1443a5645db2d2ee5ea3f7eeea4d68f302f1b10e6a73c61af3fa4aaea13c8c0
SHA512 76c898b755879d23b38216d7e8d4d5c0d87dc9fbae5eed1b20df2ed8c2d5e61e40408896e0a75d03c07aff86581a32509a4e2c6de673e36eedae9fd89429ecf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 585770dff32cd27900299b907e803ea2
SHA1 cc5aab786239668ab273c303b8a7bfefe87c4b85
SHA256 792e4dd8f83041bdf7cae33c50b081748d66d47260964d627092e8a725fa2ee0
SHA512 19ea2d5dc14b13bd8f01236e1168a9e5b92ae5ace2de2d3fe5ed6c326ab0e28300e0833fd13e857ca27d2734e4d117dbd05ab159d069f92c518fe5de4523af11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69e9407f04662f4fb38ba3b13c80e9da
SHA1 af36c3b2243db1495d2b1d1a29971c98ade4bee4
SHA256 5547b42fadb2413d476ae4ab238d82bcfa009d08e63b335fa8fb036b4dab8c13
SHA512 4d1c7848cbf5d718a76cafa6d41d5e0bb2ba799e30e042b1d4110c86dd7f025b955c958c798ca7f4409ed88d59a315385607a2b58cad1be9a403dc9e63c416b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4512ad000674418119ebf347d9c44c9a
SHA1 4c0f14f39f26be530a8a69643c040ee77148d09f
SHA256 87bda03e84655ee470461f9d605144d5d43745ebb1984ab8b555b0508d778028
SHA512 a401f3b539fdd697d51fec8c700522b84641964d88c1cd6b8bb814ba52d0da8a2243f1784333b3959ec43dcee7bcb918664b3ea191a9a47b1d72db0a6920aac1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\548f72d9-bd68-43d6-8519-fad745c8310d.tmp

MD5 e46ad767f2b6f8f7182e877103fbdd1f
SHA1 15fc24edc7eba60f646d3b9c926d800619bd8353
SHA256 f6c65024bd20739498750e9bde4d8590092c24c3606fed16686abbf67076f2f7
SHA512 3db0b61a95aee570a29396d30dbf0d71d6ab875ac5f3f2df16cdb308eef2bdb512289d397db5a336e07e52344bca0ad9df5b046c64aed750414eb46f832f911a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3468b84db7a421499281dfa2c31c10ba
SHA1 190f7b638edc2043de3772496b4304ec4567c498
SHA256 b2fbd1ac3a10b11172277a1e49b5f30148755e4d6d2acb0c5d15baef08047213
SHA512 7b1400a3942e600b07ec08393005893738196b3a1bffd1b02e417a28f91c383364524ea9d90c1496b26d5821ba0bb7c08be6ec3caba68719d50b701367e84339

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73ff16e3f6d0068fb6289fdfc2a0068f
SHA1 b3033a65636f14a08992310c83f0d5224ceaafe0
SHA256 abab248293bf7bd909458b73747253372b2027815c7422dec2759c0f75463ace
SHA512 c5c2096fc24635a770453cfd43087efeaa311b201cbd3ae7c55f234823b1b284fbbdd1909a57f5756f61025287f11831526f97011dee6a5a14e70fa0632cc2c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83b32ca0023a88166e4f8b4731de05f0
SHA1 8a44addc44eeb8b4a038b66653e30efe3ed581e7
SHA256 7924d4bab8d0ed367a3ecc83e650954807ce293c600fc04659606f938d3530bd
SHA512 6ecc54f652d895478aebfca14e3b538c11911d364bae339a6d46973816bb9a936cdd7a1aa11381d656f6659c9fd9b6aff0593ea9d50c03d00560ca50e5a5bec3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9926110b59d43ffc291502e3d225ad4d
SHA1 9b5191dedbc9d90d798ae02e4411a49f925436a9
SHA256 1f5f290c08c3989c1effa6fce48c754777aa2d2bf2bf585b967b1ada0ec3beb3
SHA512 f97385cff0e140497913197ae1be78dd59222e37a0c4d922ed1cf9326250f173d0cb6ac2d4928cc4ac810b128c5a5ec581e1e6440f08913b3081a62f3b5c7031

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6d4242fa-e260-476b-80c0-d5bd7a450605.tmp

MD5 a794b6648270204d9a39693d48428539
SHA1 04782a4184c3ae30088c8c5a7849902da06d4b2c
SHA256 1b8f8f14d19ae5002973f54bd451184cefdc76621c9c74076ba153c111a61b45
SHA512 8209f95c6478dfbf03af5405b5542e61983e9312579cb4a038aa15a1da96cc1cb5f170b28cdc1929819e1c74faa27aa5e8b8a3954d540391e8e0cbc25cbea938

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d1cd85bd7799905af53d95e16781d3c
SHA1 db541dca00bc9a62bf9048b1746de17622d0644e
SHA256 a9ac72761972076d4a14a123f2b6c1831d3397116fad0fa986ba101eb1f2d5c0
SHA512 57348db0982d4b8d0cb1ef759a593a12709a8a3fdd5a9768e2a31187ee7ddec3cc92b3c0b6225f409c14e04f9154346b2ca254f5f09e50bce43af45fa0549ece

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f7f31419f433d25b060f918eff15a6f
SHA1 26a871c78600a18c6eee5b80a521494cbfaca7ef
SHA256 95aeb0818ab3e42f59f38f49a2e6da7eea1801fa3a0e4037da4938329f156f69
SHA512 8d108d300ceb847dc8040084cd2b139deb381983e49e9c0970afdae3f94534815ff2ae814ddbd3a8a5fb9fa459e72fbc94ba2fa286adcae0e076cfdfece099d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2510da1cf8c71863f6dd354844b9758b
SHA1 8b80e0779dbc170668b3584740d08196552773a3
SHA256 2b472d65eae369b09960448a408fad80dd76861c1b75fb2d5c9aecce3b1cd7ff
SHA512 104c3d969abbf30d8c00a6b635c5260d037ac69796d48533ed598615db5faf14b856587b9ecb14a469e4cac4dc21821d30a542633b1d375989f7c7e739f6d46d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf12a6cbea5256c4890324ee1051c1d9
SHA1 d3f960308ae860c57f13b556723593e2530e9cd3
SHA256 4e49eda5c3f92e64d8e8911311efb41b14fc07bba18fcfe0b36cac18100f39b6
SHA512 f0c05962c74792059e66c3edbb685a5931d81f9c9ebad2a651f9b0e9becc2f0267644c1a98c38df93f16c89cbc6174eaae4dbb470d72300b88b1aa4cf6d8fa79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e957457fe3eac66af25b50806b88822e
SHA1 1058f09a748df14bd949ac5dbbab48c81e28aff4
SHA256 e80a3c00d436c3cd3209a470d2372a611d0125305c8e114ee7392194d0edff5f
SHA512 af262603659da407b4dffc3bac32080e3bc400ad3b142eae6dfdd9221d9c4dbd13af2129e6196aef919dab1414a3b460ce8421415f85b3611f19bcd2294ae4e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f77da73bc7d28b709465ce38bc8f19f1
SHA1 83b20c3e8049d7f8e4da8e2a355bb9c03c7badc3
SHA256 e6d1d2f5c59a3a0ae9fdaa7194190d3c285420fa843e3d5b39b9c2cbbff5443b
SHA512 fec346de89714b566f795746a677e9e9bcfa6f4ff71579621db1180189943d5389514fa5a6b77f739de6a5f618eb5be830f342740ab87bc7cefab7b1516899dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e293f96d22e068cd86973b409191b96c
SHA1 840bdd4e2d61e845f50777f6fa9ca30ac7e76c81
SHA256 3338da63f61abe3632993b0667df746dd079076cf92f1a5ace756bf1bc646f8e
SHA512 b8b7811182256d260a52d5a201ba0d4047b4f3a89e9186304ab0993442716e6cdd0a27281a69672b37055cdf5841e490f108c5559672b6ec9e66b8dda24b43ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7864c21b4c0e9947aa799c52c972a1d7
SHA1 394267ecab7fdaa3d79a8dd8c0cb2b242c8abeb9
SHA256 240e1ee774e67d21ebc9ddfe2085d633230f1951c38ef812cdb785da95e1f305
SHA512 150265c0e0eac60f1774bd986e7b6c1bf1cd62b6a3e6ceb28bf51af77fc04b81b518a58e07f17beb8d5258a9ee9130d87b9eea1dad6a64257352c9f80221b42c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d64b5904df326017459e8fd6746d7fb0
SHA1 978b324d96f4d18d09c9593802746aa8a3b10d6b
SHA256 5c2abb395ece92bc0c222e4b03312321a2a9e45c9143e05a85d686936e85efd4
SHA512 fe189619df252a2d43ee0120aa12de996853e57e78d0bf9f2ddc9db9deb15ec617a2aa92085847d4f00e910231c210f2ebc054226c7b519099dabcfe96f0639d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f71ab7983f74d3e83d29b2f4a359e454
SHA1 1704d73fb17c867118cf842599e5a0ab87e56f28
SHA256 b80c0584dacad0b20ed866113a86dc5dafa50a674b647e15134a52d5e133c29d
SHA512 8e0ab80fccb0c56a7745789fc265906b2e1fd45008948c91e4b933bcfa65f743510fb12bfffcb9dad61dde142596adcdb47ad13402926b0178baf9a59a460d1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 329a07019bd95f0c9c25fb71f3899901
SHA1 6085ae26832f712aed092f434c073b2a6f5e1dc3
SHA256 5cc740445bffe189f24f89622b98fd9b83afdd4da0853d983df4a5dda65ae3c2
SHA512 6ca69e05897269ebdd5a2e6fed6d7b53efdc762f95200ba465e6676b8a4139c1d64a1c345e8b4cae139892a8d85a4c481327cf77a1ae5a417a87537d87d58067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 85545411d99dd8800a731bc79ec4f72a
SHA1 6dd66d653f90bdb8a2078497d2724539edb08bd1
SHA256 ac82a80bfbd3fbe357bac795c538678c4d1f8b8b999450f0b512bdb2e0f1cb36
SHA512 324cb08ada47228fd3848471ac2952bb1e02da660399a8f67d27dd34cf7b737b53f9e95baf72baea05ba508027d0e54891a9606c955016ebcc4ebdf25ad08d21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4bb0c6f99a40efb10c09bb47d3d43c99
SHA1 5131ac6b8b2e0e8498def99fba78e754a5f8afdf
SHA256 67d8198450e24f475363433788caa6886e5ca9394d5b4bc768c8b79d34e5b975
SHA512 2cd2a8f6cdf28ee0c4eeed3c7d5c8e50ce98dce7b45ffb5949b43b11b9641adc50d5de9c384e2907914c611defc49292a38befc14a0acce3fb309e2e2636ccff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a4ee2367350abc42f3d726ff97edd151
SHA1 e5ae61e3f4e03c867a8e3b5806c8a33a161c2549
SHA256 d51eef3291bfa476b5af1d45143c7b3f05cb5cadb6d79cc79e2f5b9e53e6e584
SHA512 95fd363625830ce6e15cfc183403c510c35b9028400cc11584820a8293b610b3b58d601190c796e83ea0948fa0322e8b982fc0a31c3d410e54a9d0cdf806d043

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ea60b946ddc1916b39d46748aca4cbb
SHA1 093a03c2822f0c0c172a3862956c8bec431a14e2
SHA256 b5cb2b4d52cfedc008f7cfb670dd7bb6bba475ef4ec62540ac6cc5cb48401d86
SHA512 4a8f3eec6e119a532eca8244b71615196de69dc82cd09a3dc5762ed6d399a5dd94dfb435e43483ec644897130b1c3d42c20af96f2b9eea80785d887a7e1e68ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e78cb06056b9b94d55bfce1a1af28bdd
SHA1 3d5d0a90be078d80b737427d7e3a5509bd989176
SHA256 fae40f16e961cb140c2c244edd6150ade335fa2a24145bc1202d251aa635fe90
SHA512 0bb899840631e0fd6584780a35515ebc898e4c98fbf0016b5a9a1050e4a25643ff2e246e4c1bedfae71e2439d29b68345b1be00334aa0ed2c07e83e54bbd380d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dac251e780f257313188a33b64b5bd47
SHA1 d27ee4a6eb594bf2cbd1f3f63a506d1249dcf481
SHA256 f990e2c1dca5928c10b75fe2366522fea8c3029ce87785eae0f29c837b33b3a4
SHA512 46665d12c6dba56b5f4e398992b2e419cd2f4c319cfb799a24f22c867c6a2d09daabfa48dbd1bdfa2b6c359ee0322aca91fd6014534c0cb4523f69ed855b6725

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dece1dc12af2a7c49fa3cb201a26f652
SHA1 8820e9a2866d178a85855cb571219fd72e46c711
SHA256 80149f144bcfde9426fed4ec006f5c2287b382b4e5c9abb939e4ea84fd9f0423
SHA512 9126de8686318e04a8ec7fa5eaa67d566ce2acf14c6c952a1d29c9d22a9954f49c2a60057a9d6c2e9677dcec2804f69ba85a5947ab48db05a7a9f31673f23055

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1830ecd903b67be2e3bd311c98be4d3
SHA1 2b07a6514dc084e6db93c3c306b99e3f41961809
SHA256 dcede25d41c8a3a5475ce00249194cbc82fc1ec194c0c9e202cceb75a0197b9b
SHA512 3ca495d7fb15307b7faa7ac6087f509ad5bea049b9c2fb7cee9d8490d740531cbe899b48416af0e42cf30b7b2684b97d12322ea8ff73fd5bbce9a29ec3a4f8a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ae1dad006d2f3d8a13925bd685aabece
SHA1 300328c9cf246816cbbe8df890bd85335d7ee273
SHA256 2fe08eac8eead8a1051b9213702dd3acd3d3a2f8202864b52eb4a9ca2eba8080
SHA512 070f598cd82c1a4c102e0cec034179ab0d52ec2dc214593317e19dae43134eb0530a9b79d7b2e2c0d341674e9b0c32b93fcf5557860d1f1d249a743a22b243fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a4737e704749378cfe2369215cec7ca3
SHA1 64ed01ade49f5c22ffeb7a3dd74b4911b58cb8cd
SHA256 b921e41f5e5ff5d5830b760b2ba2a3530c0231dd96a116272d26f3ab489d43a5
SHA512 c34ee6ed7edc5d5a86913c74f58ce29c5a6b8fc75cab66fa2b0206b503b7d46acaa563e8bab448380eca95d342c58c8197065ee5043fd8eb210cc221b97d59b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 670fe37356ba4193f8f2cac205f997f0
SHA1 dcc0021ed8f20fbeeb21447f0abd47acd29222e1
SHA256 8e024e1f24f32bca12550312ff3b13c1bc7eef9617015c70d99cdfacd2fd374b
SHA512 638edc88903beb27f9561c2dbba8cc70b6494aa974ea65ddd8bda842791e7a87ef00914c90e4fed9330b7bcf157573b2a0bfcd3fb72d7ee603fcc6e7c57b8f05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40558f7c785940f5e55c419e84184478
SHA1 ccca8db7270bec17932bf35f3c44da7c7a008337
SHA256 b6b0d3b8c147402738dc8457caa0041cc04c94b5331e618cf053a3f66821168a
SHA512 730e26e1b01fbfbc691d08e80939bf19788948dd3f894e5daf289fcbfab2044ac99b82b1eb52f3821b646a260112987ce3fccc0244c28b32d53948fa7e6f589d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 97e03bdf47d67936a56b30cc36be18e9
SHA1 f39524d4913c9fbcfc687e68dd54417d25b1f7e2
SHA256 0e5df5c6ceb0b2835216f9a7a1be75a43d0b09a989def315ca6d0ece5af2bda0
SHA512 8daa31c7a1b7a0d841e666d4cd9e378f4a6987e6f5eb2aa52969072ba69197fd0a6405d65cc75857a8b0a8e146616fb7d83095aff4cbb054c57ae1a1bb479ee0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fe69dcf9656ef1d583d21e6ebc69ae31
SHA1 740ac162f74678fca05981c7b931f3dcab1c4a82
SHA256 34f2c625786a7ca2f1024b4b17aa4bd4e0d1f711620b11a1acd4c1290a7a2794
SHA512 ddd9d92c46014692399cf2f7dce9f65752741f2cd0f34d59a584f85069797bdab402008653bbed0b5a2969a6cfaf0fd84f5020dceb18bb229b7842fbb5ff9570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3425b61fb67e2ba514143b946e1e78a6
SHA1 1c03dc2e3fb2ee4540582b97dc7f494ac2e260e1
SHA256 dae81875eab358735dd424e20fd6b0d6f1a54e9bdc690cb9661f8aec04c322cf
SHA512 5f99c549c89a7e5aca0104bd16ee039277f404af7de6313e0de79478818615fbd443f3ed7d0c50f1ea4360d8b6f3a7025fadf262e105e01df9f71009ceb32bfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10896bbfef7c0a3f64a74563201eef3b
SHA1 36a65e8afe0587c68cb3c7dd4ccb8c3223afbd27
SHA256 4d1f3498bed57f2d687592629d5e907c3bf84aba03275d691b5ae0a43be84408
SHA512 a8a2124ee5a560ee3bef46f6e72215bb4af313fcebda5c01debb39bc767c7f1e82dc24f161c9bef41a6ff62ff98ddc2cc52cce585d62998ee29786d942396c6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16b83a0a541f820c5a4e1ff7342f162c
SHA1 5bc5b812db242adcc35ae50a37b2b55484b723d7
SHA256 e133502c750e056787407d9425e6095c67a82ced50eb3b5fa268de04b0c0cbbc
SHA512 a7a94e39415e81d5afd565a9b50a8e559b0a033e48724b0b496a83b780e11c93b07794573a338ea9069363cdb6521907584f05f2a48585897f0f2abe5b6d71e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd4cd3bb1d7d2f093af9d5b42938d4a5
SHA1 547a3d07fce0e840652518fff59393d6a2204abb
SHA256 a7e1960eae435e8917bc9577fa817198744876cc82d824902c334ba7c671c318
SHA512 3e0f05180d37356e58c31fbe2e2b3f53a66ed3c8fca95d730778ee61b24e0931ead6454961edbc19e2b8f106239f162d86ceb6d02577912d7430c103bbc5666c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3511f54c90498aa5d74bb7610d10b06
SHA1 c0a944abb93a3d6ab2010ae36a39c63dc321b00f
SHA256 db1031653240705301f3238ad4715570724fe761023ff4f9a84a033afd7372f4
SHA512 967e699b9218ee4159de54b48fcca665b5f8ded99598c6badc58c2b8457db4ea3aec635aad7c809c794a3ade85e75baafba747a14f24ccef0ee3ebda827765d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4beacf3b398a9207d3428f142333500d
SHA1 af0618477a720befdc1ff2fa0c304731b6f20a01
SHA256 27c4072a98585fa66e91780fc1fceb4bc9bae5284354e3cd7a8bc773532e981f
SHA512 ce16bfa407f096b3b1d8a0e30b9d9f1ca04b1c6693102b305cdfbb2afadd77c00350f7e81aaf3edb3c0e950376b2f9709266c6d8452f8e6be8e6b87ba87a9272

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93206f83d07b8ddd53bbe7fc4a1af09c
SHA1 383428b6c0ff22725dcb9d181bb590be48eff21a
SHA256 37832159580001e21af4b84e55e3aef6cba5c9350f1da21c36515b4443177e08
SHA512 430e827aeeb3a4af8757f04374aecc4f5c5e985875fe66b3acc3d6b11ed968b07caadca6bc14c4b4bba1358622ef17864ea6fe3e136cd06707cce8d7db52a87b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8a5ce387eedf00a22c5f7539640c4ee
SHA1 60c165373ddd2f8f95d0c85366a502086e73a954
SHA256 02096cc3d39440201301f7a77d9ee68d82cc1804bf49934494bb2f1f21676a2e
SHA512 59a4273d020989782d6942346531ab82932b8ed0de40fd57ba1e0eea8719d0b15fdf4fbf7fe16f74c6f327a088393539bf221331482e2e8cdbc55d494753faf3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f295ad78a0e6804cfa4800c9ccac6a6
SHA1 632a722195d1291b5880d153a581c6cefc9be939
SHA256 45e97f2b39d0d5f409483c08c3787b9a12ee93ecb8f43e6c6404ebf17060bced
SHA512 ce330b8c3fede7b3d6a7f6c6702b989849275753a9a5829adb044e45374a24d004f79ca70cf4f3a15dedf0d4f5dd3a8781d63979024ed1e55f01db16d08dbc9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 98305101d0df57b3b16f9ae9bd94df28
SHA1 d1e8346760a3575ac5b16fb78091406e6151f8aa
SHA256 305236c144a2d9b08be2eb3aaa1a9fa3f99fe0f97668e25e7cbe0e8b08248a37
SHA512 1ee55e23b7b30d50150241001fbfdf6ba21e2eea05dfe6dc00fac18a164eca95237f170821b015c01f4d049566deea1d0fd4736e79817373597642fbaaa05a77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 786dc75ec0d40ba92667976084142326
SHA1 109b607eda3319190dec46801cfb8af553f1cc56
SHA256 25c0fd3cc086254d00fbaeb1a140296a3a3a0bfd1cfe8d24715e14ab6b00c4be
SHA512 696559740de024d7ac9890a40e028878214a38c851371de135fa94cb51d6d9554cd2b90f842c378c52848de22308cede510acedd38121ca52a074353933a4da6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7150010dd270c066ae7c701d12061b2a
SHA1 3d672336a1a6b20911e6e80e33af0183e265ba44
SHA256 9f575f1ca63bf0c956e815599500afeb85bcdd13d09d315e4c479af98b18336b
SHA512 d20967e17452b09cfbd7debf4c0264eb182c28a1204ca604ab4c1eed92f5e3fdb5e375d185271ffe8eb67724a1e9f44f1772375c12c2af13aadc12ffdbcaac5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e9296adc2a1657fa2b2f511b559e989
SHA1 a839a30ceb82d732bcedd69421a2d17c4bc3dfe0
SHA256 5c7e855af8ad2a4b0396896bc631879b086dc77e15f381ff3dc00d9e127c5680
SHA512 e4b337a337736466bc1060180a02007d5def91aa76c3c0728ad3fb58cd530b57b83e90ce26ed3dc277d827d9c3e257a076c80124e93d7b88b8c949d73577341d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c63aca0dce7f5e0516859622ebd85241
SHA1 5604108c57a55d7417873e65a1b9dee85ea8029e
SHA256 6ea0a4b88231f321b6f0b51bd64a0ae667b2a4968133b12d2110de52bf8a7d46
SHA512 267bf0434d1e484472a4ed7f73c6cd96ffb9a18e48bc794ada29bd2c7c6693f85c36fa4707ad3384c4006363ea39a33174a0bc3cb5f6414154db3aa395253934

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b4cf60c08759120780c25d56c5ee0c6
SHA1 7553c39be5f70bd8776b993e34a0c563567329d2
SHA256 2a87b212d51bee977e1e8627af2a38a78839351ea5227eec55c4c703a45a17e6
SHA512 3ffdeccc341a7d9aac64188f5e1214f1ab107830e9db452514eaa0ffa1d75bbe6e90dea07a20ce2b7bab6d512b96694985a77971e7b630140b659542159d9fde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 765053006d6df107ab2baec5fc5bda70
SHA1 eeb9cd6df0a3cabb10b58dd4c25933361754e94c
SHA256 9b305ab845bca7ea5de77721324ca3e62ce2910014d022dfff0ce06cbe14f190
SHA512 300f07b8c2fb097cf58ecd79ba0b18e09cbfe61b2991531b3d69b1868f2a98ec64d349d7741851e3fc4045e4e6c67862c07285df6746d6455f0233f86cb103e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a30708b3ae6b731f8170f5619eeff8bc
SHA1 08acf8eff2cee9532a52a99b9bebd509a93678b8
SHA256 4b035f58553807397080a4c9ed80bebb8c6f141a119413eda810e07440b37b22
SHA512 7e13353845eceb89cd3554e0e0d7e3bac8bf0f0d8c84d2fdd478eff08d93788bd3ece57e0d80c1f168aa0d0b8a97b314b55798f1c0345358fb21de092c7cd279

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f66ff4bbfea7faa8290154390822b04e
SHA1 7ef75875ecd27545674d02c58c392437754e46cf
SHA256 c900f4426bd1231d956005cbec28bd47e558c75e813920c31204b9868d601c1b
SHA512 ebe147813e98cca94be2ca85fee7b5dbcad2d6255e8a5667645f9bd544b816bd064d31d27905ed4bd64ec291e01dd164dddeb7e304ca6aaa64fe2f5b5485aeeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 168d69271284bbd3ef14ee78500bbfec
SHA1 e5e227bf1852e5e35e4201500a211500966c5b19
SHA256 fface320f4ee9a41dd187177eb8f5bddf37501e479028b99fc5bc0d13d8c13a7
SHA512 78d8c338a587e1f36b211f943410188a85161b2a5a8656240fc1a3ff53d0cee1bfb95ff89bba03d3d6c5d7283d45f9585fa3f51c560aa4916082efee15ef7696

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54b52ad19a47d81c88b81e3d61581d37
SHA1 7915c3a73b13d61c7611ad4bb445b34a636c4df6
SHA256 6c4ca24705829e36ac39e0cf52376f9b9105b3228bf7d5c424add5c6621e8e8b
SHA512 1fbb7050aa26aaab592fbe88316a8d57d9571d7d8a45efdb759e8568aaacf26e81f62876110159710619625022f3a780a8c568ce0f8a83cebe0a8bfbbf01afae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 157a565b737a6fa61e5ff41205c9b642
SHA1 7eab878d5520242d34f7f93aa1b7bb78da646e44
SHA256 049af88bdeeb0173295cecf309808e59cccc5284e82ff454bbeb865faf11878d
SHA512 59229575fadd183e5c0b438b9b5fc71f8b1d06eb258f02c13c44f964f79b916debf0f4e2d9a0e4a756d9af2f13fbfeeb5fe3dd4cb8f3889c0b63c35be81edc4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9624a047caf439514adb28e385d90170
SHA1 108eba6053cd979c09175ecea440d59f447ac250
SHA256 ab4d25415f7a94bbb180b1c38b202390e8ba915400063acbe0f6ee1b5265f0b1
SHA512 1633037d84f0db8f1658afc3cd0ebf96c970975acedc7c571e3db75a8fe3f24c35341a10bb6ecc9922d39d5291729b11db2874929dced152799dc2cecfc009b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72f104decffaebc04195d713b07a8ec4
SHA1 8753fdfc20a9a1d0823021acfb10ba3bc67cb3e0
SHA256 9a5aefed7a014940dfbb4ff0a0331079c3fa641c79a1efa006e7cf624bdd7629
SHA512 1380e0997a38f8b4713c6c5f223e0172484e9fcd5af41e7fb580475b8803ec0a4d5a48306ea70d71edd7615f936dd9c9118c7c54d01317f8fe9d8ab52c5b2769

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 599f4c04a2f3ff3c999f4ad1283223c9
SHA1 5fa46253606f8322f16e707dc54bb1fb04c36aeb
SHA256 9ec0ea84e2637a969fffab379be2d47ea9c4b21cb843b972c67b86d4f4f6e02b
SHA512 be057764e066df99d20825d081ba1ebb0c65428e080e485bbc090a9f0a64c1348f0d32105feb80846b6abc00902c0ad6e9fb88fec5328b60aff96b3e47dd9edc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1153ab54ad3e84507652b6effbb060e9
SHA1 d27d16c29f53f147cfe47671055bb49c1919491c
SHA256 a4aa057fef0afb71caf585fde7eb514cbf86460d5515a3dc7f9f3e7de868717e
SHA512 2ca383aed91a5ac61e22853d11dae07fd5eacad27d3670815dc4d57c0e3d56f15bffa03ef43fb66f78f8559da2b93d42c13675853d186584b3b8c8edd1661e70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 906fe08c62cfc148eca956e05e931cab
SHA1 1c532d5dc4098e72fda272656e830c176bf49230
SHA256 75fde9bafaa1c10568fbc3878131a0cb66cc38387b17a403a9f28d72223f1c5c
SHA512 b740c4e0d45632581242bc10a915404c3d398c6c1fd9a28fbd675749af9f87c832b229981edf0c9209d6af8111dc77c56a06b0604813013199147960143d2e13

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 bde50ca56d7205347b945b76b5327044
SHA1 896b5efaa47ce11318dc8d366aa94d42caa7b51d
SHA256 d3842d4b9c86515b02db8d220e9487f348baebf0d6f4ed6665bf80ffbedbfdf5
SHA512 6c5fb1d40c662cb50f60241d74f31a643a0136dfc5bcc1496c3210187fc2cc28021400281a2c9fb07be1934ec6987fbf8af719c3068c4ffcb748dfd558609fb7

C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.105\Installer\setup.exe

MD5 96937bb70ddb5b3a89651ad8391ce5a1
SHA1 3d5ee58c00667b4dc63da7205c20b1c335c3efce
SHA256 60ae19e62277efd9bbdc93ccc5fa8b4bc1f8f6537115d4a7e8e8df3c2014315b
SHA512 d3b1c07157817bfbcaee4bf196a3743dc177470f82880d5bfdd5fce573434a652f7da5f1dbc40a086e0cc6bb9ae4bdb4f8ce86985c8dc01923418724caab6c0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c51c74c3d89adca6bd2b7315bdd10584
SHA1 aad035644047cb52a526bc1ebd36bd7d3650c4cd
SHA256 2799cb4ead9aee2656ca306b934ab4eee8e4086567cf9eeb6340962b749e7198
SHA512 5ffdf1109de9d885c1f25cdf03223b9ed26e3058e63475142134e758772e9a80613c017a61123a5eb2e6f6a9dcf20d1ea3598fa5179694cba0c48bb1a5be0911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ef46cb2b4bf1b3899d4165b16b71e567
SHA1 dfa3e29f0ac42d7bf545fc0e9b4f19f47bc2414a
SHA256 ef9a17ce9d00dabd7504ce0c53c2a16ecf93ec9e1f6ed0fe6e0528b3c6abc5e8
SHA512 5f93010bf98865869c98bbeb852bcb63aa7ef679946efd9fd2923a19372deb5cb4022dbe92c293832ba9887936016e396105cace9b338fc76240f05b897c74b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 062405644cb49240f3a3c3f7adfb9b00
SHA1 5b7c66f03d496cba9e85f92668ffbf03151fc1cc
SHA256 e2c2dcd5ef620f7590a60dff8520aa9749d86e9dde01e7f60f5146eb7e327c23
SHA512 02559d9efb6a9072b66cfc0c007427e445f4293e7f4a64ac973ab5c9040b028cfb347be765b60cf61db785c24fd34ae33439c8758ff30daa7cefcaf9517bbd68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 273c4fb5be4e7a51f53eb4225c3d5e2b
SHA1 7cc6e83b5fa4cd38681981852146cdd33753148e
SHA256 1369e877df8f1968587fca43bfb7edccd02d4da6b18c590acaf48f5822081e53
SHA512 db7e7a8755bc24a4b2dcd10f13bd36e9d5f1603833d38334248a8c7f115c92185b55644afed45613c49e25dff1a2bf61692f1d410543029e8c3f478c9bd3e3cf

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{CAFBD5B1-148E-45E4-A0D0-8DD59986D5F5}\EDGEMITMP_B0EA5.tmp\SETUP.EX_

MD5 2a255091a179efac806b9b5b52b6d54e
SHA1 474bcf1cfa0e02e826df9adb957a8a0d6c07f552
SHA256 3b9e0929633535052ee4fbf3654b15a3e8274ab7ab7cdd5ee6e89344628cc61a
SHA512 9e9a351d1b2cbeab680477d62c45b0a11a89d33c8cb6027c0da3fb7a104fda3216c26750d03ab649d4ccc5abcd761c9d50be6f6af1872057e3de92907403c992

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 466ff524b6dfcd89904e0d88e3d0da6e
SHA1 f45d8edbaa3b4b190626e9afda68b81305cb6dbb
SHA256 e265386fbdb4b2381f828358a23ba9b2e24435d0d1293fba4a93a05dbc967db5
SHA512 a5b3b912d7e345b2bced989bcebbc8e1bc9440e4837fc2ae4fd98cb417b114c59a1106be66a91c9d488d41c63c7c3895190707416a1fe92ad5e3a4fac417b74d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 122d2b77b3aec528ae6ab0d05e7d8965
SHA1 f0fe751347a1bf515421126a1a43c6d59318ced4
SHA256 d8545422b21984225341fc3b05a40ffdfe6f924703e8aa52bf0388cce79c9ca4
SHA512 7f0b20d72092eb79c32270ee3d17d122b93890533f43070dad9308773a45ba0ad8b668fa94292fa1033f9697d8cc7cd062acbb10d4d49f75dedc1930a8155a27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 326e795be332eb55d7d5d8847692bd7d
SHA1 fc82f882d44483f50186a2090631bc1b40630311
SHA256 01c0b974c12c3731a07d8aa008391cb5c1c7f22406588db7a5e2d04e2c615aad
SHA512 bbced5be0a605604917766cb7785676e19b8917253a982c7f45f282a59001448facaa9823107badec2e0008db0e3075a826a62e76d04d0d6c24442418ecf0843

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8252a694-3b4e-4be2-93bd-24d4f68177b5.tmp

MD5 516abde69c651001269239714a262eb4
SHA1 77e7dcf358b244c3f354e5e3477abb13be18dbab
SHA256 365e8d1257970fb5b554c6a7bee1c3fc347de6e233d96057645875c86677edab
SHA512 634a4b821195d86132c9bb2fb430fded13a7b1af312ce3ca003a345cc797895a89f4f5c40b6ed622fa00af5e03d386c91ef0b65153ac57c7df65d33a633cae7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e853f65fa23e7ef195c97df68816af56
SHA1 b157746359267b7bc35b19b070b59ffbfddaa9cf
SHA256 a64e26229ed8f854b46a1d8f7f66cdabb3db61043b6625410f0d1178e27ba84b
SHA512 75b5f221b902cb474e128a61c0397ed69fec91c032a7efd2b89542250a322ad0a5ce75ae517d74ea88e267d918176478376d9bc0c2646da4b52cf7fc9ed1eda6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a4566dc96c51b7e8332f1f288fc75ec1
SHA1 e88192059c87d24d75459e2767fcbab97b6d253e
SHA256 88da53ddf32cde310ceeea279d860f99a0c93e8f4c8d8b9f23782f4abf0ecf83
SHA512 7427a044069dc0c215462b147fef23225d2a7774223a67bbfe8d7df8f98b499282028e78f304033fe8e0622ca9b15938fc1786a5880849d54d1795574ca6f4c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61baad95513914b815e1a087072d9576
SHA1 b963a78d3c4d9e0b92d43c8f016298a6bbacad7d
SHA256 8801c3654e5a7f9e66ef34262f3bfcd967cf77fc41e057dc7be0987684b75d82
SHA512 638fefa9f31e88decc6f810e8c717cf2e48af4729b20eec7a94b5fe464f05f6228bdc5f61e8e219006572aa2148f70f370bd433998b38ecd0545868a44a04e40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47dd4fe588c4562839f8cd66ecf2ed01
SHA1 685edccc0ea5d46aa34efc9f1b60c530edcfb05c
SHA256 1250ed56000ddd5e8d5c17568cec16376c52305781da32563c979f223aee9081
SHA512 8b1c171f5f8e16370bcd30ddf9a10b04a21960908eee671c9b35f49414fe3537391a9d5493e3983babb0a688f44178de7500eba991cf66945c98f77f2002d2c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 675e01bd3f8007949d692f1ff41f7f0e
SHA1 2ae926035dc18cd038e86a858ca6414676f628a2
SHA256 a11b9ef16b7a80af52e979aa0d3ede683e44f8e2a5c257613e149c54ad629121
SHA512 87699ef7989229ec1e0a09aafb30bc661defff009291d0ab732ea92c428f3b32945e94a437d42d5bb4d8a3f2f27855e63946f8abe1da3d46170b84d021f8eb4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcaebe3729bbcd6ca00c1148bc308dea
SHA1 cb543fd3f145025cd5349e412af6f80c91516fd8
SHA256 8cd5a112fa6f2134b56d4d81cf3b594950568226394e1b6cc1853a1baf0f4c18
SHA512 082e2158c7d01572f02f60e733c0abe78a022af85985c7c17e83b0cf409af7a783d78b6be0a409bf2ca96955d3701480d3cca52ec759701e2b0f5078f7434d63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c60923aa69b455e21f05b76a3d9499c5
SHA1 d05e47b013d27ae4a91859df7291c97d0403be02
SHA256 6c53666c400d1da21093f8421c926fb68f04d95efd0884fa073ea0ff05a6c374
SHA512 4b029af89f797a01736971851448e9ed5b72885470c91eadfe591284fab9c06af81218cce71ca77b63d10563322762fd25d13dd1602001844048e868a58d8b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 16358a32091f0c0439239e4f8b0edf6c
SHA1 2ca2e3a9565f12c4707d89c20825b89180434b04
SHA256 e30fd5b5767590e48ddedb464f2f2442660cb2c30ccb916511fc209e027f9319
SHA512 0d7ba0868d307a2094aa281852a681f9d2470f2aa34784c6bc2081f0525e4f44780f2b2d87ec41b46a3f6849c907e4f7335db40c75d374a65a453d57870cf4c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 188e1cfb9daa84ddf67a9c8cc2f183d9
SHA1 56be36aa303164f8d5fa43615eb089fb60448f4a
SHA256 c10bd411444e922aad63ca624e4fec2e325fb96d074cd3df358942fb8cf929b4
SHA512 9dde4d3e82b45fda219dd201cc1886b7064de44fb9bf2249052764692996fa509d5889363809132c5d5f8673349d02b6545214447d0cc6f5d645f374c5dc1352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f05c27b3ec55d2015e36b22261a6cde
SHA1 b86660a82a8754f394683864528eeb85c144119b
SHA256 bf25ed1f868024cd249deabd100b58267c373e6ab3ebd533bf4313bf60373b88
SHA512 ac265668a9d801bcc2f8a06ed05dfcb0709c6de2a0e0ab7ab60c2087690aa8f053d0a7ccfac8fb5984df352ff2fa4023619058d56ecd3f76b0d5955062e4db03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 42e584676ba63f53787eeb3bfee2679b
SHA1 9edad03503c25fb7caa6dfd0dfef8a2522700e8e
SHA256 c8cf3759ab1e7988edb7989378cdd9320f780142691b5547b2856a34789f20f4
SHA512 b33ace5a0a46d3719e698b9a936cabca1d03483376c5928fa854a045a381dd732bd8099d55a6bc7e5cef9e78418c172c77b9169e5f99f287abb1ed99dc581d03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f818e374ebf45b1de7dac4b903b26423
SHA1 8628fbcbbd80539e9d4910fe493400aa778836f5
SHA256 3347c8dec949a55cde09e0ae61a1f8361ee784870813c5383e69799a07716e71
SHA512 1a6620011c96fe716f11a118b73f83759b8c074d89e3c3366d2aa6c4c62bd20c016d18c9a4c26073987f80fe5902019cfb7b44b3790be6c70ef7ea2909ae4822

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ecd4b4e6057e73e1a2b8d9104fb3cfe
SHA1 481dd00aece8303670f0f9653370999a5c4a6c83
SHA256 2a72cdf5c1ff7747392b48122bfe79e6f87cb41b988ae53a31a3824cdff8e4ac
SHA512 afd86c9b11d003920c825e4f274a9b1c76f78d0f3489a13bb3a78df7ba7ba5ffab595ccade37e1abfbdcabd1b4e470951936698a0fb32a71d3877ccd74d1339b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8c91282e-6df0-4ae9-a8b4-c6089c6d87ad.tmp

MD5 c982ccc16d9b25511307b4a9311e819c
SHA1 f0089efcdedc2218e21d63e4ca2488ec9c129127
SHA256 dfd5194d65f8b132edf1faa36383d581443a9c9d9cc5d7b5ec58e4993784cdd6
SHA512 62d318e356ba726327faf32c9199c6c3b0c3bcbf99b7cbfee81b8d33ac70b392c2a0adda96a48bbe2ff8aac0ca47f538726a6ab1a522c0bda5b2cf9beab6f59e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5deb6a02141316a82447c7f2a1547c1b
SHA1 22972753f05d682c5c01c941993eb52cf849c12a
SHA256 ae8164041d98a193dcdc15f3384a47ffea176e75ac3fea18288f14b977cb6e07
SHA512 3642497126f9d927263085147c12fbe5773898c91da850a24ea82b80e73c6bfecf170f5186352174ead555fe221fd240f455015846180876c0a2bfdd64c1bf62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 be2fde88387262d8584e4de7092b0f6b
SHA1 91ae037e6f5e9150cdc426443a4f02c411bf4f31
SHA256 2562f70fe1712d40fd72c341987323c4b8109d222caf0f27837ec717f110be0f
SHA512 0081b590316bfd5504213a4e24a9d39063d4caef5ee9d6620b37381d33ac8ac967a6b25b53e0c6d9bd52d2f8fca2351b08f542a18366b3952511a29899c17c66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb7e24e5f79e6dc5cabc79c58961ef6c
SHA1 f4a1543f4892b29eedff6345ba533550c40418f8
SHA256 6453b72afc34782721592435b7bd85f5fca6825cba5426a7d6fe65fa7f188e73
SHA512 63e6bb8109100763c67207a0c4afce25f8132bc7af1b9528f801f2491ef732728df2b36e234e7b5079dd9543d1bec3c77fc34840e0c4b07a19fd5ac17e385ce1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 158ab4b5d8531cc0ef9dda3e74f43011
SHA1 521d692e344021daebb0ada402a15d66c4b4e42d
SHA256 c6bdead4e6a38aebfeb4234334491f96eb4369f162f2e0082730c97d083662a2
SHA512 82512d5199965a55e6dfdaf906ae4272b515a8afb1bacb9e4e39f2609b7781759b0f6c7284c58aa19a1136d780d19652b36e2027ec05bc5e5c239207183ed1bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ae98c04f-4fd4-49e7-afaf-d2c44d174ed1.tmp

MD5 3b5a346929da9140732d2ad1bffcc3e3
SHA1 e2eb390b978faa9eaa454ebd5027eea1c6f01826
SHA256 c9e5c1a0c3829672fc1062e9ec208f396edecc1a603f7ead499614b3437f85b5
SHA512 39a7fe82a69020ef74ceba443303ed7e2504a2f938220cf56a73ad4cbb705ae93b308f25e9870c37b79c920681105df6592bb480ce1033b93a3c5c413ea665fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 51c1c069a89132caf1b81c036527dc4d
SHA1 8d894e5c8f6fa31d9c9782bca8c3660bacd1239d
SHA256 b6e288ff9001e2029aabfa664d4f5353d1313f242252d682527de8d100ce60bd
SHA512 71632b7bc5d4f72c07eabe13401bdb775d4fcee3ab2410175080f102773ba769c1c3900bef917fa1aa861ddf5aa871cc5b58ec4c04e2869c1bdb6e77d8b9e587

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55e511f3fe845db4952cf3734ae2d65c
SHA1 d62f4f4de5daf2ec76f80a941fc477d77e9103aa
SHA256 0ea18e70aceae70c149019ef275b83e29bba2d680a2ccc9207bed293a78113cf
SHA512 4f0eb7662453968deb35d058a0004a63cdc71638118370962cfd32f9cf907696497a14d7812bfc626fadc88fa34d2a0504dc80bd0200edc9f6524a52aedbd4bf