Analysis Overview
SHA256
205d949385e72bfe9fd24568510cbdfa54c460fcfe4f5902df1a58b569c25bd6
Threat Level: Shows suspicious behavior
The file MalwarePremiumReset.zip was found to be: Shows suspicious behavior.
Malicious Activity Summary
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Probable phishing domain
Unsigned PE
Browser Information Discovery
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Enumerates system info in registry
Modifies data under HKEY_USERS
Opens file in notepad (likely ransom note)
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-24 22:14
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-24 22:14
Reported
2024-08-24 22:44
Platform
win7-20240705-en
Max time kernel
1441s
Max time network
1442s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe
"C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-24 22:14
Reported
2024-08-24 22:20
Platform
win10v2004-20240802-en
Max time kernel
339s
Max time network
340s
Command Line
Signatures
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://chatgpt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b86b5309d4c4134 | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "182" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\SniffedFolderType = "Generic" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\NodeSlot = "5" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 01000000020000000300000000000000ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 14002e803accbfb42cdb4c42b0297fe99a87c6410000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1194130065-3471212556-1656947724-1000\{B4EEF76A-7F47-4E38-AD23-63AB70F39235} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1194130065-3471212556-1656947724-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Windows\system32\NOTEPAD.EXE | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe
"C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\smth.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe44c246f8,0x7ffe44c24708,0x7ffe44c24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3684 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3684 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,1952428998047091894,11913243903136531116,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe44c246f8,0x7ffe44c24708,0x7ffe44c24718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5176 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,14952341618594070252,5013743376451559027,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8588 /prefetch:2
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\smth.bat" "
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa38ba855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 88.221.135.27:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 27.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| GB | 88.221.135.27:443 | www.bing.com | tcp |
| GB | 88.221.135.27:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 88.221.135.0:443 | th.bing.com | tcp |
| GB | 88.221.135.0:443 | th.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.72:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.211.222.173.in-addr.arpa | udp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | temp-mail.org | udp |
| US | 104.26.6.95:443 | temp-mail.org | tcp |
| US | 104.26.6.95:443 | temp-mail.org | tcp |
| US | 8.8.8.8:53 | 95.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 173.222.211.58:80 | apps.identrust.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.paddle.com | udp |
| US | 8.8.8.8:53 | cdn4.buysellads.net | udp |
| US | 172.66.40.60:443 | cdn.paddle.com | tcp |
| US | 8.8.8.8:53 | web2.temp-mail.org | udp |
| US | 172.67.73.98:443 | web2.temp-mail.org | tcp |
| GB | 159.65.211.77:443 | cdn4.buysellads.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 172.217.18.194:443 | googleads.g.doubleclick.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 60.40.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.211.65.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.18.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 108.156.39.35:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| GB | 18.245.143.118:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| GB | 108.138.217.61:443 | hb.yellowblue.io | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| GB | 18.244.138.116:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| FR | 142.250.178.130:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.48.218.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.22.99.167.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.178.250.142.in-addr.arpa | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | e413e206d25867e7235f7916f61f2fee.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| FR | 142.250.179.65:443 | e413e206d25867e7235f7916f61f2fee.safeframe.googlesyndication.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| FR | 185.235.86.193:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.177:443 | gem.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hb.trustedstack.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| GB | 2.18.190.147:443 | hb.trustedstack.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| GB | 95.100.245.251:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | 147.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 2.18.108.192:443 | ads.pubmatic.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 104.248.229.159:443 | sync.cootlogix.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| GB | 13.224.222.60:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 44.212.156.148:443 | cs-server-s2s.yellowblue.io | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.108.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.229.248.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.239.215.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.212.44.in-addr.arpa | udp |
| GB | 88.221.135.0:443 | th.bing.com | udp |
| GB | 88.221.135.0:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| GB | 92.123.143.216:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| FR | 217.182.178.228:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | openai.com | udp |
| US | 104.18.33.45:443 | openai.com | tcp |
| US | 104.18.33.45:443 | openai.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 104.18.33.45:443 | openai.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 3.222.152.35:443 | api-2-0.spot.im | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| DE | 168.119.146.39:443 | sync.richaudience.com | tcp |
| IE | 54.194.124.85:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | 45.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.152.222.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.124.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.146.119.168.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| IE | 34.250.109.179:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 64.202.112.191:443 | b1sync.zemanta.com | tcp |
| US | 64.202.112.191:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 172.111.38.86:443 | tracker.open-adsyield.com | tcp |
| US | 8.8.8.8:53 | 179.109.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.207.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| IE | 52.49.168.145:443 | jadserve.postrelease.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.168.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | cdn.openai.com | udp |
| US | 13.107.246.64:443 | cdn.openai.com | tcp |
| US | 13.107.246.64:443 | cdn.openai.com | tcp |
| US | 13.107.246.64:443 | cdn.openai.com | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | chatgpt.com | udp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| US | 104.18.32.47:443 | chatgpt.com | tcp |
| GB | 18.245.218.51:443 | js.stripe.com | tcp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 51.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 104.18.32.47:443 | chatgpt.com | tcp |
| GB | 18.245.218.51:443 | js.stripe.com | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 151.101.64.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 34.208.163.20:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 176.64.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.163.208.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.oaistatic.com | udp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | tcp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | udp |
| US | 8.8.8.8:53 | 158.41.18.104.in-addr.arpa | udp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | udp |
| US | 8.8.8.8:53 | ab.chatgpt.com | udp |
| US | 8.8.8.8:53 | auth.openai.com | udp |
| US | 172.64.146.15:443 | auth.openai.com | tcp |
| US | 172.64.146.15:443 | auth.openai.com | tcp |
| US | 172.64.146.15:443 | auth.openai.com | udp |
| US | 8.8.8.8:53 | 15.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser-intake-datadoghq.com | udp |
| US | 3.233.158.24:443 | browser-intake-datadoghq.com | tcp |
| US | 3.233.158.24:443 | browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | featureassets.org | udp |
| US | 34.128.128.0:443 | featureassets.org | tcp |
| US | 3.233.158.24:443 | browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | prodregistryv2.org | udp |
| US | 34.128.128.0:443 | prodregistryv2.org | tcp |
| US | 34.128.128.0:443 | prodregistryv2.org | udp |
| US | 34.128.128.0:443 | prodregistryv2.org | udp |
| US | 8.8.8.8:53 | 0.128.128.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.158.233.3.in-addr.arpa | udp |
| US | 3.233.158.24:443 | browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | udp |
| US | 104.18.41.158:443 | cdn.oaistatic.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| US | 167.99.22.253:443 | exchange.cootlogix.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| NL | 81.17.55.160:443 | prg.smartadserver.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| NL | 193.3.178.4:443 | pbjs.e-planning.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| GB | 159.65.211.77:443 | srv.buysellads.com | tcp |
| NL | 185.89.211.84:443 | ams3-ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| FR | 185.235.86.193:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.177:443 | gem.gbc.criteo.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 88.16.208.104.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4dd2754d1bea40445984d65abee82b21 |
| SHA1 | 4b6a5658bae9a784a370a115fbb4a12e92bd3390 |
| SHA256 | 183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d |
| SHA512 | 92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1 |
\??\pipe\LOCAL\crashpad_3876_CIGQUZCMLPEUJNEA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ecf7ca53c80b5245e35839009d12f866 |
| SHA1 | a7af77cf31d410708ebd35a232a80bddfb0615bb |
| SHA256 | 882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687 |
| SHA512 | 706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0a6fd5e99b0f34c23030c1da8a3b5f17 |
| SHA1 | cafc0e3bb659c1f705c2e99b80c3397aba510103 |
| SHA256 | 1144359f3d2c3b6eab447392ca768f93b477d3237cfdac219454647a838d27d5 |
| SHA512 | 848bfe71d6032eaff9511165b14e5e04a3404b3e826ae659e4fe774da2d020798d24bc989f8b51768959b39dd6e6473afc61cc4bad279afb2a95cf24a6220efb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dbebeac6787cc904a4917c6b209736ca |
| SHA1 | c83b32d91d76efadf817d79478353d3d5229fcb0 |
| SHA256 | c106525e81f5d1c44f0e58156f8ff67adc422691d5562569fd8db88e9e5e38e4 |
| SHA512 | 2d73ee40f2d937927ce0ba776394e34565f663c0f2ece26c4ceda01d08f14c36a9990188443609211b2c79adda43ffe7a2dc2fce44a66d34eb453c4ade6a51e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 02bbc957061aba3919bec33f8abc3c4a |
| SHA1 | 44d38a7d8106b07527231cf095cc11a64996a613 |
| SHA256 | 795cb2bf2639d551391de2f27aed90dbac35bd25b0ded95dbe7f8502a9f90794 |
| SHA512 | cd33ad68e3e74f685ba13d2658ae30c59285e398a24147878811e3de9c0191fc430fadab89c08b6ed1f742e25b5b7f2dcf1a58c5319d0d1addebeeaac328254f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 057b1eae2a8f16fb6bbec7016044cddf |
| SHA1 | 92ca75d47757f2cc9e65aa988666bf33cb26b905 |
| SHA256 | 024b4cd41b0326b81285f4f164caf121035388a7acbf1f77b0cd450de4275ed8 |
| SHA512 | abbe8516f527cdd7319a43dfbf907562735e4210f32c6fabee348ab374178c6d047dc0d500c9e5099eb72cab5467ecaf6863accd2dbea3b2818960eeae83a590 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a0c845f4dd20aa4d385d071340022561 |
| SHA1 | cdae51b74bc1071d48703bb832a2516da315dfeb |
| SHA256 | 0c7e25b787bc5323279612d3bfbd247b2f7e6ca045fb30444f2d255cd53f054e |
| SHA512 | 2371b214a9d22228c2703852aea9523a673b5ce1d9e403d4e75ff4d6db3362f7aa0108f97b8388e9046e1558fa4ffde8af72e5bad86b9c369fa58ad848597fa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 00a455d9d155394bfb4b52258c97c5e5 |
| SHA1 | 2761d0c955353e1982a588a3df78f2744cfaa9df |
| SHA256 | 45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed |
| SHA512 | 9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 96f0304d8de79212eb07f8c8d6473b84 |
| SHA1 | e25701902a7f2cf3abe98845a103cdc2d607d292 |
| SHA256 | 6011453464106ab3884f60a333da2399e55d27a653b035f63ccb644fcac9273f |
| SHA512 | 2f4e0c3492561a30a2b69c94dc1df1b6170ad09c335f86ac31edec763d32cbbd79dd59e3c9ed483b14d53191ff15d371709fd4e41334fe78b3488a1897554cc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | b5c628c31d9a02bda54c71e8ec898ab8 |
| SHA1 | 0e86e6536be344737edb584aaefb4bbcfb5ce563 |
| SHA256 | eea5f87b4dc7c384c58a9602d29dfde2ac91110935762be3d1fd14a4603f33a4 |
| SHA512 | bb1da78df4661ce22c8c69e0a8f37da69f6e2e5ac7295fba6d80175216c743a40f21fc48f5d237f26015e60eeff4c026bb32992cdd0755bdcce3911eb8c94f0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | a9851aa4c3c8af2d1bd8834201b2ba51 |
| SHA1 | fa95986f7ebfac4aab3b261d3ed0a21b142e91fc |
| SHA256 | e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191 |
| SHA512 | 41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 6f7cad28e89ecd477f8fe325c177d7c3 |
| SHA1 | f1b9857c402c6b133a4c975ec3ac2e9d360bfec3 |
| SHA256 | 2755a6960b452b0c20cdcdeb9c5de801d426877c15916ab0b3c68adf4970a2af |
| SHA512 | 7f9eb23f67fc6bf99ca5370f8d2f7a4a61d5db527553be2d89e36ae3f8d92197ff1ecb742b7e33064e1ccd33d6f55fa10ed6ccb13e48f94b92c99d5da5070cee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3e9e57e335e6d218f8c0b6adecafb597 |
| SHA1 | 3ceeaed4d7c218bc48dada5dad1d7414f4680546 |
| SHA256 | 8fd0af6e8d1e9302ee0659cf812b70607380a13a0c6ee216683f2628398cd7a1 |
| SHA512 | 6cd486a84d82af82c7473ef97673c100fb4bd84b5382fc6a1a0c9ecf3b8f14fcee1eb77a765bcfca2ee06972094a8497b3f239ae6661571741d0530d4e581776 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13369011337413519
| MD5 | 6b83ac9b5fe5f79a8a4c1fd2b80fd475 |
| SHA1 | 1f7e70664411f4faf1a84f572834b3343ff5563e |
| SHA256 | 6a0550aee7a29739e1014b4dff5a918eb7d8acd823b5b7464e3b2226badc852a |
| SHA512 | 42c6a8473e60643830bf375293899f06e975a0bd1f72336500e543b0da22c97e85f725968c775459b230e860fd99f087e0641d10d0de38d6acab0ceeb169f31c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | a3673b8195b03ed63f4950cfc25581a9 |
| SHA1 | fca3847105a95257135871692fbc04d637015bc9 |
| SHA256 | 805ddd0b01fda5eb867029643db0a54a5f94ef33340753170091a34d7a1ca549 |
| SHA512 | d9f09d1e870a2d1671e5fb5f8263d574ef1d9c56602c2f4069e8a8077418ec471221789b212ea9ace397a156eb4e0dd8341462d4084dd9c8ded338d8bb1bd9b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 7352e6c9746c2b487bca23dd01e4bb5b |
| SHA1 | abe3af1ef14a93db437cbfedaf73b424d7d4be6c |
| SHA256 | c13f793cfcccb79efa1a70a52529d7732f0dc2520d8e761ab7f03a28c387b299 |
| SHA512 | 19c94daddc11e5c2ed3e038e27aea24ff88033c98f5959e01837ae11d617d391dd1d6481232be47c9dec8d1dcce381662a4200057eb35f07ca20cb13aa973f91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | fa1af62bdaf3c63591454d2631d5dd6d |
| SHA1 | 14fc1fc51a9b7ccab8f04c45d84442ed02eb9466 |
| SHA256 | 00dd3c8077c2cca17ea9b94804490326ae6f43e6070d06b1516dfd5c4736d94d |
| SHA512 | 2c3184f563b9a9bff088114f0547f204ee1e0b864115366c86506215f42d7dbf161bc2534ccaee783e62cc01105edffc5f5dabf229da5ebd839c96af1d45de77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 639ed7f977f4a5728024d8a57bcb7727 |
| SHA1 | c7f951e5702d64d3e621c1e24b2134e1121616bb |
| SHA256 | 020886393ca0fca8f1648f1fa570276040baca6c8ebd35956ea22d8c910928b5 |
| SHA512 | db54987b7085681ef9fb905ad911073bf2bc40aba971d95b14f264674ede512c3c18399fbf6fc29d312324358175abf12fad082459b0ab19d20dcde771d3682f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | e8e140d6931986189c12514f920b00be |
| SHA1 | a5741e05386ab749bccedb104c1742dd14e25086 |
| SHA256 | 31371726c1b3083670f3d0eb5a5fb6635224445725a4734e68e7d411dac7bc2b |
| SHA512 | 4e0667be7b629c9efc9be874ad261f445077664a634860d5a808d152875b58108b08f451dbeaa5fd0a63885927563c3e7a69d2ecc82c468c22b057f8d74dab6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | ac4e50658723c48c4dbfd136adc7417c |
| SHA1 | 13208f14e2965ff567aed44435c10be4f51da8ec |
| SHA256 | b965dbb838f533c7b883cd50dcae3554b5c6047d1b821197f105a0ba6c4a7f5d |
| SHA512 | 53e3cee63a11a22b2df8d707d467151b4794fd72b5d6684b927dbd6212f59041c536fa8ae27eff3919ef98648516960520fec4b9e38ede75b84eb6ba8ff0b823 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 28d2a1392658ff6408732c11d30de757 |
| SHA1 | d2cc0f5b7d795b3061d0b3a59c50b7bd99831919 |
| SHA256 | f18ee39c72e352014737690d762803b2ae332bcb1c8d64c121bffce2568eb8f6 |
| SHA512 | d8e61714f8a8a9cf3ba8f8f192e59df650698539ab8f4499badaa1ec4345f63b5f375c60c3c4fd5a18fec255c944b9e707cd55cb267bd07d86fc131fbdcf922e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | a2c9ceb220cc733c2d922f11db6468e7 |
| SHA1 | f751479fc79fc5ecd211d0077c51102eb107c1a8 |
| SHA256 | 5e23e7ed5650c330818590f36ce964210f27acd3862a33706411c0e7b21b3397 |
| SHA512 | 4d068527a0ea201fe15bfa5e9f8a76d38f24035b6a7626c527f8e0a2e219c0cc91d12b0b8e774092917c0eb514c24d8e5d895b4a8e25dabe09eaa6c66f3da51e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | f8b3fabad96895d75200e3fe775d043f |
| SHA1 | 0e6307c4addeda575b4c3f6a4813cf581fe48865 |
| SHA256 | aafa0de4cf6faee1b3113e931326794c32661ec91e1ddf930c71580aed4d95ee |
| SHA512 | 4a20c7e157dc280547de3d579c51781d371100c0fda78458654fffe547aef2e5d32ab3db7bbbef80536e25193cf9c246a90117afa72ac828387a21853f7e85e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 217000b37fd85378a96281d2c17892a7 |
| SHA1 | c21ba196d64b598f241d480bfdd659b891d94a47 |
| SHA256 | 7c85daa27983487b0f6f87285b02d102cb407dcc6316cb86f8af54183f702f4d |
| SHA512 | 5627e6b059d2ad5d9f610294872721812106e99062421772febe45d750c06dc05cd79b622c14e5f098cd195ccef40ead49a4e81d1be9a2ef3c3dc46df506b468 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 1ea3bf2e1e2fec0dacb35f42a2de1c05 |
| SHA1 | 75eb823370d509bbcdfc3fa150af3fa5fe4b56d5 |
| SHA256 | b47cea2220ca70d28aacffa421623450ea4eec6d78f39ad4c6448d7d59a89a76 |
| SHA512 | 658a72459735f23f31e975f56cdaa8bcc81ccde5bc14e984016105d2f797ccd3b2f31b9090be4ab190611050e0c35e9336ff05f307f4248de4bfc6987a7d0871 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 9a28c0e69cfadc2e7f05860a28cc4dc1 |
| SHA1 | 305ae52f42da34c08578b06636128c03672f8208 |
| SHA256 | a708837b85c7704f35549866cbfea5a5b6f09b6ba7c93f3777ef56ea813a0401 |
| SHA512 | c32df6a51f2bab08eb409673496c7a6501c7a0ea132ae07fe0cde0cf4b75dc26df5cc9ed73c063de46c0f55241620f8a0193b377bde76b7b0ebef392df975b5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | d2b8b703326ed9078ee28f9d2736e61a |
| SHA1 | d1bbd05972de76196c6f239422766890a072d266 |
| SHA256 | 1063e16ae2e21a42e880771d3c74a5aa74efc3b6fe6e89351faa1e943c6bc4b8 |
| SHA512 | 4ca63cb5c789e66428c2dcb1cc92d22b26b4d5f49a72827a8ad87682aab3e17c7ed49149e03aad26e1b5fdfa39410033beba9fd181d682b38ea443a5987490ca |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
| MD5 | 378e02936c81301c82ccce4fa738d4da |
| SHA1 | 2a0fc0fcdc00d19300949bdfd45e5e4bc1014404 |
| SHA256 | 89dd8f8e8c82aa9128a5c521c3076cd41746cdac68b746ece04efed30f7c6903 |
| SHA512 | 42bf76e9eae146e5006a167bf9bf808ffd53955620d71c9046f27b27c741ea6fba8cfca9994547e9769ee321c31ca72c5be1df4e170ae370effaa6c986a287b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
| MD5 | 1ac9e744574f723e217fb139ef1e86a9 |
| SHA1 | 4194dce485bd10f2a030d2499da5c796dd12630f |
| SHA256 | 4564be03e04002c5f6eaeaea0aff16c5d0bbdad45359aef64f4c199cda8b195e |
| SHA512 | b8515fb4b9470a7ce678331bbd59f44da47b627f87ea5a30d92ec1c6d583f1607539cd9318a5bccf0a0c6c2bd2637992e0519bd37acdf876f7a11ed184fb5109 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
| MD5 | 6bc4851424575eaf03ebe2efee6073ab |
| SHA1 | 2d014fe2feb929d03a46322645a94556ca5c9e96 |
| SHA256 | abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e |
| SHA512 | af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003
| MD5 | fc97b88a7ce0b008366cd0260b0321dc |
| SHA1 | 4eae02aecb04fa15f0bb62036151fa016e64f7a9 |
| SHA256 | 6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e |
| SHA512 | 889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | e68622428302bea8d93b4fec34968a3c |
| SHA1 | e83c082bf40d86eca800b309d067d776aad89994 |
| SHA256 | 3ccc041ee2e76706aac0110f670b577c726076202a24b6e588fd9374b834207a |
| SHA512 | 656ec8b4f8dc535dfa60352f7610b7c33037c11a9a660aca9b5dae966df6326ec15400a75f73464b3a816c7f3f6d85829c2a57a783a98c2d5df3f3575b6c29cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 0ffb5a5e17b3a6872766e312e765b868 |
| SHA1 | 8f161de46e6da9915d224c6005e288364e5106f5 |
| SHA256 | ca940c4a6d8a566a37fec018656281eec63de8c4b25bc79f014757977709fb8b |
| SHA512 | 91f26fc522ac123e2e38a51c17b9ffdaf01375eab628c0b2ecb18591fb3d1b2d2df497d21e40f5d724675dce0fc830aa7f26f25d71c41623fec598b8d222f4e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 4eb9d405da21c7f7e9c82bfb0bcff564 |
| SHA1 | 147a1e21aaa64f1f8859376a6919fdd28ca46333 |
| SHA256 | 77fdbb8404b4e43052dabe9c10c371ccb0d5ddb81ff5c2b22ea275f705f0dcb1 |
| SHA512 | 0240a4f874f6586b1e14060f8a011736df712c391446814710ea4b74e469d92b558fc88fc615862206839b794b9e6fa358fa370c845cc3d4d1d222ac6b4503b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL
| MD5 | bf01367ed62c37afd4d8655b79143f64 |
| SHA1 | cff9a27241d1e87a47f655d1eaa9e569d2f332ea |
| SHA256 | b8ffcf0bfbc32b459996950aef953bdbdd39d160743c4a516f89c92800e1eb0b |
| SHA512 | 905c2c76d825bcd56ab6441c49b68469b46cb93dbc323b7233f9f6b9123b45b65029987bfbe2ce2b3b616189229e5734f3b8c0591da4146b9234baf36e3a2a43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13369011337117519
| MD5 | 5eafd4dc2c1d7ee27512ce7157d16377 |
| SHA1 | 70582342e879751d0c0eac0667571eddb9c46f27 |
| SHA256 | 4edea2aa65c6554c03eebf84da41b70a11b33b1cdc94abcff96cb45e981823e7 |
| SHA512 | a9eba4abdd730c3f3e56e48412fdf0f0466441155cde56c91a2cedf54a09a527dba75f79b86ef55ad1f4cb89cac7ba75b607113a95783aa2fea86f099ccf9252 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt
| MD5 | b56d54f78cc4e48a699f6ecf95e11a15 |
| SHA1 | c54a38679e0541ef6d04ad5047aff0985c136553 |
| SHA256 | 1cf50cbd5d1ad55de3284ae82820cdb5c58a0a55504be95c6584c5f34662ee01 |
| SHA512 | fd61c2a6584e87293ff48a2bcd5a077d15d38778e31db6a070838a97d20f54fd6775d0db1855e28fc52626a517358f79d245a7a54435ccc3790dde8b99e02045 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG
| MD5 | 5006afb7b94bc57dc5978c7b729720e2 |
| SHA1 | 955e73b83d53a08f555c75f81fedd312a890ece6 |
| SHA256 | dcf4fa224f7418b9e6d00b48f99d55467be16ca2a39c40b6c9a6248bbb6e6474 |
| SHA512 | 86463144bc4f5c6ce5c43d938569d8acb865be0fc97800baaeeaf0ee8db83e24596c09d8e14f3455fd172ffa92315db640ad0d80fef77639796f1540275a97c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
| MD5 | 031d6d1e28fe41a9bdcbd8a21da92df1 |
| SHA1 | 38cee81cb035a60a23d6e045e5d72116f2a58683 |
| SHA256 | b51bc53f3c43a5b800a723623c4e56a836367d6e2787c57d71184df5d24151da |
| SHA512 | e994cd3a8ee3e3cf6304c33df5b7d6cc8207e0c08d568925afa9d46d42f6f1a5bdd7261f0fd1fcdf4df1a173ef4e159ee1de8125e54efee488a1220ce85af904 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
| MD5 | 2b432fef211c69c745aca86de4f8e4ab |
| SHA1 | 4b92da8d4c0188cf2409500adcd2200444a82fcc |
| SHA256 | 42b55d126d1e640b1ed7a6bdcb9a46c81df461fa7e131f4f8c7108c2c61c14de |
| SHA512 | 948502de4dc89a7e9d2e1660451fcd0f44fd3816072924a44f145d821d0363233cc92a377dba3a0a9f849e3c17b1893070025c369c8120083a622d025fe1eacf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
| MD5 | cf4b0a74bdc68a111bd7ccbd8569daa5 |
| SHA1 | e567e83b8db5476018dfed63802d0f60690c8139 |
| SHA256 | f79fc9fca22eace1d33311f380f135b75b30baa639f2d819fa437580ef268b6d |
| SHA512 | 4ffda967282821d319e22334cc4410eb8883b436654c2ffa65a7a75fdac296a349a672c734e8fed023b9b34d5f17d1af611f81d433108f898459b5ae412dac9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
| MD5 | a397e5983d4a1619e36143b4d804b870 |
| SHA1 | aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4 |
| SHA256 | 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4 |
| SHA512 | 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL-journal
| MD5 | 592dc8dce6816616abbb364521372459 |
| SHA1 | 805bb638f8798e01ead52427bf5a9e4cd45f43fc |
| SHA256 | a95f6057b9d08d7f7f2012422cfba33b697aa736b054280da5053c3b03ddbdac |
| SHA512 | 9ab6a2cc1273250f4bbc733673b5d55439cd7273d717970899ead0ff1435cd72ab249a847b69631ac2e8bf7f4a15145a52dca86cfe17922097ffccec7f390fb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 69524950634016c485d38d76eb73ba65 |
| SHA1 | 52f66d1bd8f5c14800f95c91766748a2458b1828 |
| SHA256 | 081bfb9dba07a47ef246d493b626087f2641dfc70ff6c2efc430a1b93733a027 |
| SHA512 | c707edd5d9e2fe4f54577eaeb970aac04bd564cee76fc99c0fb4a74c5c1e6dd1938cb5ec142308fdfe3a3a8f48dee5771fc3b9df6a1da0bfc295ca9f6e06fdc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | e4cc1ece2f2425b10ae2ccc212c1dafc |
| SHA1 | 92609e6d0093693110baa23758382889bcb30da6 |
| SHA256 | 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809 |
| SHA512 | 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 60f8cd04587a51e31b51d1570d6f889a |
| SHA1 | 88574c41d0ab81721b275252464da5c7927a4835 |
| SHA256 | 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb |
| SHA512 | 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | ed124bdf39bbd5902bd2529a0a4114ea |
| SHA1 | b7dd9d364099ccd4e09fd45f4180d38df6590524 |
| SHA256 | 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44 |
| SHA512 | c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 038c1f469deb6932520d09a340856ebc |
| SHA1 | 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e |
| SHA256 | 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451 |
| SHA512 | fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a3df8deebd740e31b367d493f07c5091 |
| SHA1 | ec0844ef9ab91a756ec1c7e465efb6e23a03120a |
| SHA256 | ada992ecf28652ed572d3ab72b7433033adb31b890008e3780cfd5b5b5081f38 |
| SHA512 | 71fb96f37640b6e76162ae02225f6468a5607715226cbbf23a8d46ef1c9f841c704713e5317f518f12780a982130b438791d9941c694d07d649427f20cc6b632 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1aba27bdf9ce9a4b0334aa7b5d470a8f |
| SHA1 | b91571a404dfa56db3f80400de20df99fd4204ee |
| SHA256 | a4ab030b0096498a307f7d14361117421bb25cca9b0f50b927d320cb71fb7e38 |
| SHA512 | e4d3f54ba6ef27718e3705a51fdee6fb8ffd005d09d62f0914e804265e513a2d7229447e8bc3697c6819324dac350b9b9d2bd7b980988c531ce23f8f282c631d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe597c79.TMP
| MD5 | b291b84e70d5ee727f30680fe8a7e7a9 |
| SHA1 | 6b4bca2c732a34db98c8e79164923fb5c9a7fe93 |
| SHA256 | 17f6070609058a668a8acb7c732759e8f598158487214805b8264e412194f2ca |
| SHA512 | 4406ab41c7d1aa42b4f5b56153e8f623c11757c779166b235bf9ea9e4a45979a76af9b02d7a3009bd6a3ab8602ffb2b2ab1819b8f7a01bbf44ec766b15c18e14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e
| MD5 | f9e91c6867183fa1e588d17a6e3f33e2 |
| SHA1 | 0fb37c377f2122a1df62bacde8c11d2a9cdea77f |
| SHA256 | 54a263a45d98ef551fd33e183c032fa70942714238ee107532de79c592434c48 |
| SHA512 | 2d965704b88659f327c6599418270479def810f1a2c4967bf04a41d9743292f9d97df994b8b1a83175306c00624ae96cad4c6a66fe912f1d0635d5da68d9a6f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4fc5dc86a02c90dbc1fa5ea8fca9f65a |
| SHA1 | dcbf2a647ea4275e3cd18c923261e26cf4657f14 |
| SHA256 | a9b37e5738207d8f48404c29761bf039590f2487a905dc2123656fe5de7d1ca4 |
| SHA512 | 7edd5f1cccc2705f18a51827c53567544967d95c5a170add8646e0959f465311aa25650fe7fa19f46c7a3b8c5ea630ba56259246a40af99841f21ec845a1c8b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 06b4ea6106a5cd7716164febe1d8fcb4 |
| SHA1 | ccb45f436e7688fd5bf1e34647bdc42bf44304e4 |
| SHA256 | 08b86511f30fc2b22a0c1b69f9d99789f534adc89d4dfe098a2459339e83567b |
| SHA512 | 179662fd49931ef11bf96aa1434ed418e3626fce90060873360ac7b0777d25acfceeb07d4b77c337fa62ac4163687fd206e22d1739e24dc8646d2b1534ea5668 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 722f9373be868cef371c4db11b418988 |
| SHA1 | 7290b0b6381c4f433f968865f48c3d863879945d |
| SHA256 | 252d4d6ab5f9ce02f1fc72ccbfbb65e948131f90cecf27d06081a467508453b3 |
| SHA512 | 0e45b662dd6b1ee0657cb4f29662b4cffcdd5ed4bb9b9e1db942c46e13463cff4747113ceefd93b300a63f94dd7a4bac077e14c24c64cfd4d65f6cf67650779b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bda74ff43b0abccfcb306c59daec5b94 |
| SHA1 | 04282a6345800a52e59238776dd436bb36e9fe27 |
| SHA256 | b7850fa2fc4ef0ef71c4f23c9af1d045570860779d9b4658a2b632fb36ec96f2 |
| SHA512 | 2f26006aaf5495aa5266017c29cb7ec47c95ffa091ee4dc94dc05b5ef9695cddd7fb0487ed1318cade9a4646b47273741f16e43605fa74ac755767ed2e9e2a65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 295bcd4bf4d3dfdaecf97da0220499c4 |
| SHA1 | 99325cc64baa009d55733885c183d3d3f5bb3aed |
| SHA256 | e67b0147d7c6cda0ff1d450dc43748a6dfce06624e4815c4313f8708b4fd521d |
| SHA512 | 0406644056cc86f3032651bb663b46e4ac990055881b906d5b2a3fc522f0b267621bb6cbe9d9f4b2308e7b38a11a9e0f10ee5cd1c82e7348c05d6a32f774276d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2d2f49ea5e8dae4115fd6fb50cdfb4d |
| SHA1 | fe9de2190602ea1f1492ab8b8b3a77b77ee2ff36 |
| SHA256 | 9eb102d280c6bd623baf817b36aa042684ec37b621483b71aee8e79a44b5966f |
| SHA512 | dfe2dddb37ef971eb5c3e74db4e526138fb80aa06c7f9a570bca411efe3679840258509a890cc5407ad7ceb28dc8feaf8d93991d203c40069a0df987f11f2347 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 25bacd5082626af69cdb0123b94ee7c8 |
| SHA1 | f39fda7ee35ea0f68ea1b10a8daded9b7c583a7c |
| SHA256 | 493e172cf23b5927137c932c584eccb126656bd9434f678b34b618ec87c92167 |
| SHA512 | 8cd8f498b54e93a88f4995382bf2daa16210aba99b42c0064b5eea8f4728101535bd43f4305cc0767af31acb9c726747f6e7072cac01d6d0749b605efb0a9028 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e660bc0f5f17bd3e54700f0f55e2fd75 |
| SHA1 | 1a5f9c71af6ba578eb1e0f9b73df1d5667220cf9 |
| SHA256 | 106e87c44ff82efa9535c4d16563d970024d7b183c3cdc55aa1413919217bcfc |
| SHA512 | 47b023c3ab90c7e4757ce6833c9a77d15311b6951351946e890a0c6ac7ed95e857e2c2d811c954439cacf20117a53bab0ad1b2188c55ddf9dfd82c497e49b792 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e4086dca78520b7fecd1bd921132b8cf |
| SHA1 | 384918b994eeabbf6fe8c3864163fff4e55a291a |
| SHA256 | c6ad9883959897c436c5380d74e674abca14f6c2a5d819b33948ce9e56a7be36 |
| SHA512 | 216813615fc2c27b5d39c191b0678b2f4606a7a9651750d42c38e551bda89defd886f1222f8833912a1e8d090ac092de8e68ec2ec7fb885d7a88c6cc73bee2c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e3b1f4965e90a9f014bbd69f80f010d4 |
| SHA1 | 90fd014b56190ad6e26adc234696a24d3b5e4ad5 |
| SHA256 | 9f6bf83a2a46eeb9d245eaddf51ea78b13ecfa5f840e4501f23f97729f8d08bc |
| SHA512 | 41434b103f53cc67fe3c01b835c5284348ed65a088bf1c4219934dd36b7659483bfd2f16aa27d592e204b8c541990114410a917a345bd63bed4ef9434a9a744f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 89e14599f6f94775c16c84f5536e7256 |
| SHA1 | 773782996f01cebddca5669e6f5d0a394c2f01ea |
| SHA256 | 2024ca05315d8fe3d725b796a6f0beeb1a7f6bceab33a8e6868231a17a57bc99 |
| SHA512 | 752602a7b140143844947171f349a1ac0eeec8b345afdc4e0c966660b481c82b7fe5fdb0daa8099555a9b43211f4726cb4a5caae1e795f5f85315233e278fe50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ec5f75a19c27da1f4e71f8a1aeff555c |
| SHA1 | 61408003fd778d496ee5cecaf5c7cd7938dd0bec |
| SHA256 | c2756dc286c14937874549cc656e18ede01936569e18822873b8d1198b6b3884 |
| SHA512 | e63ace2bfbadd8bfc881036cfb469d47af7d4f28a4a06bed4ed8649574d7b695f21bbc673164d1619bb2b1db0bf4e8be9c39bd5aa5d34c25f1ce3e87992153c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cb9e94d7e68a728f5fe7c1e0abc621c9 |
| SHA1 | 0f01785c7ddc579797ae8fe5cd5d84ead2b2990d |
| SHA256 | 24d37b93f2229c986c50749d5b33767f0fec1962b53f5f0fbad2eb3b24fd584f |
| SHA512 | 37a5878569288659bce0d5e2312f386ecd8d79e7e59d219c5f24ee9d911486a085aff950734333efde3e87766f0b05a5cf42589e88c3921e972d7b45160cfd9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bf71025005e62950b873d15cd365d686 |
| SHA1 | 9047b1210afe306671914164ed1917ed879c03cd |
| SHA256 | 7b65436ccd60f64449ed047d10a1714d7eb9ab81b21217bc52d481916e0b292a |
| SHA512 | 7c850e7f397eac4a85be52771aee5503d2687f7bbe60f27af22fe9154de62554009ae25a3758233b55655591fda6554f782cf9fb050e766d262414435f4df790 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8dbd1705e36a0366e20e663b7553dfa6 |
| SHA1 | badb4ee08b5f2786248706ef60ae47cc01e73104 |
| SHA256 | 776dbbf2207a2ec2768e469135e98264b9cbe97fb1b02f67379688ca7ed2365c |
| SHA512 | b16c5429a8d56e83f17aeae0193ee587f726dd23a42919b0d26f485789560d7ffa5016142ad1d99bb939a1889ce15789492db85d239bae59c9ded3be3f93177e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 91ee3a477b8294c2d74b5b3319db8807 |
| SHA1 | 8fb2ab9cad220f3c0e1665eb7e3e0c3d05ccef54 |
| SHA256 | f88f89ec09a389c562ed129b2773309600bdd3f9ac7d27a25a4531e7415aaf67 |
| SHA512 | 4aed7bc9a6475195fe943d23dfa14ca0688719f69f6043716c936ec5dff98a841ca9ee3ac4b211df6f2c3194bf949853cd79d027540e483ab896fcb715860205 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ead83820300887603ea6336e2052a7df |
| SHA1 | 8d3e8bb122cf8b305b3caba956c844a486433b10 |
| SHA256 | bb172a6315540fe2665bac1efc5e9a7b81d9ba807760c148b964775f0597e8b5 |
| SHA512 | 3ab27c2855eb3640177ac02ff3ef7b3828039e7f0930426d77048fa1fc15b8ad9d7e9c2bcaafe1d0d0369bbb64dbe09b254223f1b724a65ed11bf2276e0e487a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 23f85b31f39d3ae43b77863bba20698a |
| SHA1 | 89b0a00c1c33071a1216f3b89364e6359391fe70 |
| SHA256 | f22c2ee1f9a47b383e0480c92cab195da8d4fc13f6a34467f1ea2abce4099e9d |
| SHA512 | 0f4d5e50b75943ab24f136ef98a0084ece9de4a6653e7bf4b1ebe7885719a80a811ab1f11761addf059515d2154ee0f8b08ca8c441982c85a68713d3656c4636 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dc9cbbfc87ce86200cb680bf63c5eca4 |
| SHA1 | 035b835d6fd6d756bf10eec2db4144d442e34647 |
| SHA256 | c3b7ffeb692345ee43073c801332a7dc202ee0c03f5a23b43a754d6c37ff9abc |
| SHA512 | b50310363908076209b7f3ea820ebaf27ee5bc05707fdcd1aedea0ba9e78ffc3478ffc503090ddaf03ef7958a5de63f11056f7fe41c75f0da6659daf2b48047d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9e8bc189e3519d8489880685a19ac900 |
| SHA1 | d8963ae08d6b5ce8b74ae4e5f9b5a17826e548d3 |
| SHA256 | 09b87a88f5f991407fd74d36b22daec566cfb0277b56b8e11ad35866671bab04 |
| SHA512 | 608229a8d227125679c247362c412dbbda56b44a0a170ec90e0ac0a5daca4c2ae550716b230dc5c31e2da0c824f26afba15f538535e0de490fd6443988d2e111 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 638d49648a0ae9b19a6ac764b201b9b8 |
| SHA1 | 725775d612a121e9be2253c6a5c57dd124cbcb77 |
| SHA256 | 0a82075b4efe39330e00478a4cd516b2d8c34e971e03a88e9bfd2e7d4354b00f |
| SHA512 | 972bb9e9bccb5ef7fe154b26853c9de685aa65727ab78431a8ac4091e87af5b6cee12be4eea9b7b0e2a85c8e99a7e1e05b89f90cacb146a7df7ba718f2c79827 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ac42e9aacd4dcac2370d490344fd6719 |
| SHA1 | 4364445a2571bfdfd56e74dd3de500ca29ab38b8 |
| SHA256 | f71bf6adc83ecbfb813a02ae06ec3bb0fe6e3eaa1bac168aa0a412880000669f |
| SHA512 | 7ed209caffaac309036d6faa4b21d52a545b45283475b96a79868ffbed2a1d3804d101b9fbb0265b2f8ae874c4645ee35d7c63b4634dfb4bdebe506bbba076f4 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-08-24 22:14
Reported
2024-08-24 22:44
Platform
win7-20240705-en
Max time kernel
1559s
Max time network
1560s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe
"C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe"
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-08-24 22:14
Reported
2024-08-24 22:44
Platform
win10v2004-20240802-en
Max time kernel
1349s
Max time network
1138s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe
"C:\Users\Admin\AppData\Local\Temp\Program\MalwarePremiumReset.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 26.73.42.20.in-addr.arpa | udp |
Files
memory/4736-0-0x00007FFE6BF9B000-0x00007FFE6BF9C000-memory.dmp