Malware Analysis Report

2025-03-15 04:19

Sample ID 240824-1ft5rasgkj
Target http://betacraft.uk
Tags
discovery motw phishing
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://betacraft.uk was found to be: Likely malicious.

Malicious Activity Summary

discovery motw phishing

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Network Service Discovery

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Looks up external IP address via web service

Drops desktop.ini file(s)

System Location Discovery: System Language Discovery

Browser Information Discovery

Modifies registry class

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

NTFS ADS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-24 21:35

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-24 21:35

Reported

2024-08-24 22:06

Platform

win10v2004-20240802-en

Max time kernel

1748s

Max time network

1760s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://betacraft.uk

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\launcher-1.09_16.exe N/A
N/A N/A C:\Users\Admin\Downloads\launcher-1.09_16.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A checkip.amazonaws.com N/A N/A
N/A checkip.amazonaws.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Network Service Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Windows\System32\GameBarPresenceWriter.exe N/A
N/A N/A C:\Windows\System32\GameBarPresenceWriter.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\launcher-1.09_16.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\launcher-1.09_16.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1302416131-1437503476-2806442725-1000\{59C469C3-C467-40E4-9019-E838194897CF} C:\Windows\system32\svchost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\ = "URL:Run game 939918927989973052 protocol" C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\shell C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\shell\open\command\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\java.exe" C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1302416131-1437503476-2806442725-1000\{258130A5-71E2-419D-B7C3-8AE8E8130D6F} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\DefaultIcon C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\DefaultIcon\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\java.exe" C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\shell\open C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1302416131-1437503476-2806442725-1000\{BCF08401-B988-4EC5-A984-2B67E58B3507} C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052 C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\ = "URL:Run game 939918927989973052 protocol" C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\URL Protocol C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052 C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\URL Protocol C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\DefaultIcon C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\shell\open\command C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\shell\open\command\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\java.exe" C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\DefaultIcon\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\java.exe" C:\Program Files\Java\jre-1.8\bin\java.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\discord-939918927989973052\shell\open\command C:\Program Files\Java\jre-1.8\bin\java.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 143957.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 154432.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3916 wrote to memory of 3724 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 3724 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 780 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1516 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://betacraft.uk

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeda2046f8,0x7ffeda204708,0x7ffeda204718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5360 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5944 /prefetch:8

C:\Users\Admin\Downloads\launcher-1.09_16.exe

"C:\Users\Admin\Downloads\launcher-1.09_16.exe"

C:\Program Files\Java\jre-1.8\bin\javaw.exe

"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\launcher-1.09_16.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1

C:\Program Files\Java\jre-1.8\bin\java.exe

"C:\Program Files\Java\jre-1.8\bin\java.exe" -XX:HeapDumpPath=java.exe_minecraft.exe.heapdump -Djava.util.Arrays.useLegacyMergeSort=true -Dhttp.nonProxyHosts=api.betacraft.uk|files.betacraft.uk|checkip.amazonaws.com -Xmx1G -Dhttp.proxyHost=betacraft.uk -Dhttp.proxyPort=11705 -cp C:\Users\Admin\AppData\Roaming\.betacraft\launcher\betacraft_wrapper.jar;C:\Users\Admin\AppData\Roaming\.betacraft\launcher\discord_rpc.jar org.betacraft.launcher.Launcher wrap goos - - - - "default instance"

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5644 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5024 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4192 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1892 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8844 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8012 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,4082857763983679675,10943161948355540506,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6380 /prefetch:8

C:\Users\Admin\Downloads\launcher-1.09_16.exe

"C:\Users\Admin\Downloads\launcher-1.09_16.exe"

C:\Program Files\Java\jre-1.8\bin\javaw.exe

"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\launcher-1.09_16.exe"

C:\Program Files\Java\jre-1.8\bin\java.exe

"C:\Program Files\Java\jre-1.8\bin\java.exe" -XX:HeapDumpPath=java.exe_minecraft.exe.heapdump -Djava.util.Arrays.useLegacyMergeSort=true -Dhttp.nonProxyHosts=api.betacraft.uk|files.betacraft.uk|checkip.amazonaws.com -Xmx1G -Dhttp.proxyHost=betacraft.uk -Dhttp.proxyPort=11705 -cp C:\Users\Admin\AppData\Roaming\.betacraft\launcher\betacraft_wrapper.jar;C:\Users\Admin\AppData\Roaming\.betacraft\launcher\discord_rpc.jar org.betacraft.launcher.Launcher wrap goos - - - - "default instance"

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

Network

Country Destination Domain Proto
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 betacraft.uk udp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:443 betacraft.uk tcp
DE 49.12.205.146:443 betacraft.uk tcp
DE 49.12.205.146:443 betacraft.uk tcp
DE 49.12.205.146:443 betacraft.uk tcp
DE 49.12.205.146:443 betacraft.uk tcp
DE 49.12.205.146:443 betacraft.uk tcp
US 8.8.8.8:53 25.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 146.205.12.49.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.110.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 files.betacraft.uk udp
DE 49.12.205.146:80 files.betacraft.uk tcp
DE 49.12.205.146:80 files.betacraft.uk tcp
DE 49.12.205.146:80 files.betacraft.uk tcp
US 8.8.8.8:53 assets.betacraft.uk udp
DE 49.12.205.146:80 assets.betacraft.uk tcp
US 8.8.8.8:53 api.betacraft.uk udp
DE 49.12.205.146:80 api.betacraft.uk tcp
DE 49.12.205.146:80 api.betacraft.uk tcp
DE 49.12.205.146:80 api.betacraft.uk tcp
DE 49.12.205.146:80 api.betacraft.uk tcp
US 8.8.8.8:53 authserver.mojang.com udp
US 8.8.8.8:53 240.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 52.111.227.13:443 tcp
DE 49.12.205.146:80 api.betacraft.uk tcp
US 8.8.8.8:53 launcher.mojang.com udp
US 13.107.246.64:443 launcher.mojang.com tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 checkip.amazonaws.com udp
IE 54.154.250.158:80 checkip.amazonaws.com tcp
US 8.8.8.8:53 158.250.154.54.in-addr.arpa udp
US 8.8.8.8:53 auth1.evolutions.johnymuffin.com udp
CA 192.99.177.220:443 auth1.evolutions.johnymuffin.com tcp
US 8.8.8.8:53 betacraft.uk udp
DE 49.12.205.146:11705 betacraft.uk tcp
US 8.8.8.8:53 220.177.99.192.in-addr.arpa udp
US 8.8.8.8:53 auth3.evolutions.johnymuffin.com udp
US 8.8.8.8:53 auth2.evolutions.johnymuffin.com udp
FI 37.27.27.97:443 auth2.evolutions.johnymuffin.com tcp
US 8.8.8.8:53 97.27.27.37.in-addr.arpa udp
GB 95.101.143.193:443 www.bing.com tcp
GB 95.101.143.193:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 88.221.135.27:443 th.bing.com tcp
GB 88.221.135.27:443 th.bing.com tcp
GB 88.221.135.35:443 th.bing.com tcp
GB 88.221.135.35:443 th.bing.com tcp
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
US 8.8.8.8:53 193.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 27.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 35.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.69:443 login.microsoftonline.com tcp
US 8.8.8.8:53 200.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 www.opengl.org udp
US 172.67.175.126:443 www.opengl.org tcp
US 172.67.175.126:443 www.opengl.org tcp
US 8.8.8.8:53 126.175.67.172.in-addr.arpa udp
US 172.67.175.126:443 www.opengl.org tcp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.khronos.org udp
US 159.65.181.57:443 www.khronos.org tcp
US 159.65.181.57:443 www.khronos.org tcp
US 8.8.8.8:53 57.181.65.159.in-addr.arpa udp
US 104.131.160.65:443 alt.khronos.org tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 65.160.131.104.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 opengl.en.softonic.com udp
US 151.101.65.91:443 opengl.en.softonic.com tcp
US 151.101.65.91:443 opengl.en.softonic.com tcp
US 151.101.65.91:443 opengl.en.softonic.com udp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 bat.bing.com udp
GB 13.224.222.64:443 sdk.privacy-center.org tcp
US 150.171.27.10:443 bat.bing.com tcp
FR 142.250.179.68:443 www.google.com tcp
US 151.101.129.91:443 images.sftcdn.net tcp
US 151.101.129.91:443 images.sftcdn.net tcp
US 151.101.129.91:443 images.sftcdn.net tcp
US 151.101.129.91:443 images.sftcdn.net tcp
US 151.101.129.91:443 images.sftcdn.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 13.224.222.64:443 sdk.privacy-center.org tcp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 91.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 64.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 61.39.156.108.in-addr.arpa udp
US 13.107.246.64:443 www.clarity.ms tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
GB 54.192.139.162:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
FR 216.58.214.174:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
US 151.101.1.91:443 images.sftcdn.net tcp
US 13.107.246.64:443 www.clarity.ms tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.201.163:443 www.google.co.uk tcp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
GB 54.192.139.162:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 162.139.192.54.in-addr.arpa udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.209.232.199.in-addr.arpa udp
US 104.22.74.216:443 btloader.com tcp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
FR 172.217.20.219:443 storage.googleapis.com tcp
FR 142.250.201.163:443 www.google.co.uk tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 108.156.39.27:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 cdn.btmessage.com udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 h.clarity.ms udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 172.67.74.232:443 cdn.btmessage.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btmessage.com udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 notix.io udp
US 151.101.1.91:443 di-images.sftcdn.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 233.148.172.18.in-addr.arpa udp
US 8.8.8.8:53 219.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 27.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 166.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 232.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 c.bing.com udp
US 13.107.21.237:443 c.bing.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 api.privacy-center.org udp
GB 108.138.233.27:443 api.privacy-center.org tcp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 253.197.45.139.in-addr.arpa udp
FR 216.58.214.174:443 syndicatedsearch.goog udp
US 8.8.8.8:53 608b708a5ee9e792c26f4111970e7b6d.safeframe.googlesyndication.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 ap.lijit.com udp
FR 142.250.179.65:443 608b708a5ee9e792c26f4111970e7b6d.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
IE 34.240.120.53:443 ad.360yield.com tcp
IE 52.211.219.216:443 ap.lijit.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 34.120.63.153:443 prebid.media.net tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
DE 46.4.139.58:443 shb.richaudience.com tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
FR 142.250.75.226:443 ep1.adtrafficquality.google tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
IE 54.72.42.145:443 id.crwdcntrl.net tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
GB 18.154.87.148:443 aax.amazon-adsystem.com tcp
GB 18.245.143.118:443 tags.crwdcntrl.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
IE 52.211.219.216:443 ap.lijit.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
IE 34.240.120.53:443 ad.360yield.com tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
GB 18.154.87.148:443 aax.amazon-adsystem.com tcp
GB 18.245.143.118:443 tags.crwdcntrl.net tcp
FR 142.250.201.163:443 www.google.co.uk udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 ampcid.google.com udp
US 8.8.8.8:53 gum.criteo.com udp
FR 216.58.213.78:443 ampcid.google.com tcp
US 8.8.8.8:53 lexicon.33across.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net tcp
FR 142.250.179.68:443 www.google.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
US 8.8.8.8:53 apps.identrust.com udp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
GB 88.221.135.104:80 apps.identrust.com tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
NL 185.235.87.43:443 ag.gbc.criteo.com tcp
NL 185.235.87.228:443 gem.gbc.criteo.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
US 8.8.8.8:53 27.233.138.108.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 58.139.4.46.in-addr.arpa udp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 145.42.72.54.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 180.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 216.219.211.52.in-addr.arpa udp
US 8.8.8.8:53 53.120.240.34.in-addr.arpa udp
US 8.8.8.8:53 148.87.154.18.in-addr.arpa udp
US 8.8.8.8:53 118.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 78.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 157.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 228.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 43.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 151.101.129.108:443 acdn.adnxs.com tcp
DE 168.119.72.236:443 sync.richaudience.com tcp
GB 88.221.164.202:443 ads.pubmatic.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
DE 168.119.72.236:443 sync.richaudience.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
DE 51.75.86.98:443 onetag-sys.com tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
GB 92.123.143.216:443 player.aniview.com tcp
US 3.209.126.202:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 secure.adnxs.com udp
FR 164.132.25.180:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 cdn.indexww.com udp
US 23.22.234.152:443 api-2-0.spot.im tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 52.223.40.198:443 match.adsrvr.org tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
US 8.8.8.8:53 108.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 202.164.221.88.in-addr.arpa udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 216.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 202.126.209.3.in-addr.arpa udp
US 8.8.8.8:53 180.25.132.164.in-addr.arpa udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 bttrack.com udp
US 172.111.38.111:443 tracker.open-adsyield.com tcp
US 192.132.33.68:443 bttrack.com tcp
IE 54.216.57.173:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 t.adx.opera.com udp
DE 51.75.86.98:443 onetag-sys.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 216.200.232.249:443 sync.mathtag.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 172.67.40.173:443 spl.zeotap.com tcp
FR 142.250.74.226:443 cm.g.doubleclick.net tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 5.135.209.105:443 rtb-csync.smartadserver.com tcp
FR 5.135.209.105:443 rtb-csync.smartadserver.com tcp
US 216.200.232.249:443 sync.mathtag.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 sync.aniview.com udp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
FR 142.250.74.226:443 cm.g.doubleclick.net udp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 214.228.208.52.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 152.234.22.23.in-addr.arpa udp
US 8.8.8.8:53 202.147.205.54.in-addr.arpa udp
US 8.8.8.8:53 173.57.216.54.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 115.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 173.40.67.172.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 105.209.135.5.in-addr.arpa udp
US 8.8.8.8:53 226.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 161.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 131.151.46.52.in-addr.arpa udp
US 8.8.8.8:53 190.239.215.23.in-addr.arpa udp
US 8.8.8.8:53 eus.rubiconproject.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 249.232.200.216.in-addr.arpa udp
US 199.232.209.91:443 softonic.com udp
US 172.67.74.232:443 api.btmessage.com tcp
US 151.101.129.91:443 en.softonic.com udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 connect.facebook.net udp
DE 157.240.27.27:443 connect.facebook.net tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 dde27879369e46584a5768ab04f3a5d5.safeframe.googlesyndication.com udp
FR 142.250.201.162:443 googleads.g.doubleclick.net udp
US 34.120.63.153:443 prebid.media.net udp
US 130.211.23.194:443 api.btloader.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.224.144:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
US 8.8.8.8:53 27.27.240.157.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 144.224.220.67.in-addr.arpa udp
FR 142.250.75.226:443 ep1.adtrafficquality.google udp
NL 139.45.197.253:443 notix.io tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
DE 168.119.72.236:443 sync.richaudience.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 8.8.8.8:53 equativ-match.dotomi.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
NL 35.214.237.73:443 csync.loopme.me tcp
US 151.101.66.49:443 sync-tm.everesttech.net tcp
NL 64.158.223.137:443 equativ-match.dotomi.com tcp
US 8.8.8.8:53 137.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 73.237.214.35.in-addr.arpa udp
US 8.8.8.8:53 6fde02d09dc2449acfa96c9b0372182a.safeframe.googlesyndication.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 js.adscale.de udp
GB 18.245.143.7:443 js.adscale.de tcp
NL 185.235.87.43:443 ag.gbc.criteo.com tcp
NL 185.235.87.228:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 articles-img.sftcdn.net udp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 push-sdk.com udp
DE 178.63.248.57:443 push-sdk.com tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
DE 3.66.23.182:443 ih.adscale.de tcp
US 8.8.8.8:53 7.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 182.23.66.3.in-addr.arpa udp
US 8.8.8.8:53 57.248.63.178.in-addr.arpa udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.121:443 uidsync.net tcp
NL 139.45.197.253:443 notix.io tcp
DE 157.90.33.121:443 uidsync.net tcp
US 8.8.8.8:53 121.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 gsf-fl.softonic.com udp
US 199.232.198.133:443 gsf-fl.softonic.com tcp
DE 168.119.72.236:443 sync.richaudience.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 54.75.158.40:443 ce.lijit.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
FR 164.132.25.180:443 ssbsync-global.smartadserver.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 133.198.232.199.in-addr.arpa udp
US 8.8.8.8:53 40.158.75.54.in-addr.arpa udp
FR 164.132.25.180:443 ssbsync-global.smartadserver.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 c1.adform.net udp
DK 37.157.4.29:443 c1.adform.net tcp
FR 5.135.209.105:443 rtb-csync.smartadserver.com tcp
FR 5.135.209.105:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 29.4.157.37.in-addr.arpa udp
US 8.8.8.8:53 cacerts.rapidssl.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 236.72.119.168.in-addr.arpa udp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
DE 49.12.205.146:80 betacraft.uk tcp
US 8.8.8.8:53 api.betacraft.uk udp
DE 49.12.205.146:80 api.betacraft.uk tcp
DE 49.12.205.146:80 api.betacraft.uk tcp
US 8.8.8.8:53 checkip.amazonaws.com udp
IE 18.203.73.18:80 checkip.amazonaws.com tcp
CA 192.99.177.220:443 auth1.evolutions.johnymuffin.com tcp
US 8.8.8.8:53 18.73.203.18.in-addr.arpa udp
DE 49.12.205.146:11705 api.betacraft.uk tcp
US 8.8.8.8:53 auth3.evolutions.johnymuffin.com udp
FI 37.27.27.97:443 auth2.evolutions.johnymuffin.com tcp
US 8.8.8.8:53 ad.360yield.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
NL 185.89.210.180:443 secure.adnxs.com tcp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 34.120.63.153:443 prebid.media.net udp
IE 34.249.40.128:443 ad.360yield.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 128.40.249.34.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 98.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 s.richaudience.com udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
DE 46.4.139.58:443 s.richaudience.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 142.250.201.163:443 www.google.co.uk udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 136.71.105.51.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 847d47008dbea51cb1732d54861ba9c9
SHA1 f2099242027dccb88d6f05760b57f7c89d926c0d
SHA256 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512 bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

\??\pipe\LOCAL\crashpad_3916_QFVGEBMFNZNNFZSB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f9664c896e19205022c094d725f820b6
SHA1 f8f1baf648df755ba64b412d512446baf88c0184
SHA256 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA512 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b43476d9637de1d45da7e7735b2c92ca
SHA1 61601200e83dcf9e5749abe5a3f6b0bbc34bbc7b
SHA256 0d2b04d7c440152cf96a3b5a3339eb5a807bf3c5d2b065d8bbe839fa37d4bdab
SHA512 e95d7409863ddeb9e9a8d7fcd1adc6d8e072637707a25563dc2101620aadee391aa11f18e39122056327e21983524e45045a6a115910564b9c95e59c6c428aa4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6659556627b918a9363788b705e01dfc
SHA1 36e67367c27192777772473c12853b0d07066c9f
SHA256 cdd3f9cf08deef8884390533140ab32c1f83367a6da7eca3fdb5f03cb43451a9
SHA512 2e36a8662400aad8604f9890cd4c7057239ad4e6a01eb83f6a5f241021ec5f8698beeb376086b83b7ae0cfde6798ab1bb42846a1ea373171cf90d1a3fe7043d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2b82129d1189948ca23cf1cb836c158a
SHA1 6df98ab202b0e4234f64d5859a5f10fd359fa62e
SHA256 8b892fd3d2929e421cf0c49d6db153f14eab7e778be50dc4efaab3efd0022512
SHA512 64f9476eb15a80034c2edace5e6bb7325fd1be0d12e1abf2502d93890fc3ec783987b8c2739583c6cb6688e691018a281d5daad8b95f1b9f20d8c12fbab8dcf0

C:\Users\Admin\Downloads\Unconfirmed 143957.crdownload

MD5 7604d8a9b4c4b9ca9e25216f9b4ab99f
SHA1 309e1722bfb7812e4d19d4e06db97a6ecd8cb30c
SHA256 d1843a3d0326fd5e516bab8171e756ef417e6f740faf3003db8178516bc60b89
SHA512 7e9d7fdab97ffe0f7fde949ea5d8355d0efc89b8769102e55425958491978a438c82cf944255be6f70103c7a2b0d4c115bb9b9e5f0dec95c0b4c84dcf4fbdc93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e25dfd1f958a9dc356ca4d9c82a508f1
SHA1 b5f59796e5041cc04a6df966d5333c982882957c
SHA256 4e47e48325311f80979bcdfb7aea88ddb240bf84a07f60a375eac4cd4bc13316
SHA512 5f6e64afac53005b3cabe3c24ad84b587806f0b8315d9d65cfea9b11723ef22ab3dc0acba3c69b8f89322a26acb76bbce9e79b80bce6732932d9f29dc7df7829

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d6e1ad6a489f504269e1de23a675c52f
SHA1 84fb7d003ef857cb6114afc12deeab17200e3661
SHA256 f186dace3ebf20e7637d2a61ca6ce7b9c81d2b8b8528994fa4e2aea1a8cc6a91
SHA512 04ec68a4babbbc7fa53a99ee6b02f54662833b9c674eec4b6cff8f16a80fcf36d05a059455bc1b075024a05e865c9139b44604b34461e447025fbe02e057c68d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580981.TMP

MD5 25c6c8b990ec3b3f93e0a79ee0d0e524
SHA1 e7801a56ad5c76ec209b2765922310c464f5001f
SHA256 0880cc887d2553e85c121977d689a7386de2909dc15c3c3700fe7671be19ed93
SHA512 84c993b5b6de94d2d62b78b533756458276db4d1826558ea49ac6ec3fe44d31b0c594aedcd9f29e83d311d703c479bddbc508f80ffddc17e3e16c53007cefac2

memory/5236-124-0x0000000000400000-0x000000000042D000-memory.dmp

memory/5324-145-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

memory/5324-159-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

memory/5324-192-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

memory/5324-200-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

memory/5324-203-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

memory/5324-218-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

memory/5324-241-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 60f87abb9653f20b44962f5526691125
SHA1 993fce043d15f6350a02bb48bcd33adff5d6e29c
SHA256 c21f61c89b9e98652742eefb037ea9b42f82a10022a20f93204da1844995e63d
SHA512 ed0f18982595fbada51c32c901d96a8d7d36c8e2c96723110c85e97a56235fafb2fc5a75c9dc36b001d874f32a1b31fd8a8a3f9cd1e6ff7e9e393e90489228c2

memory/5324-272-0x00000240F4CF0000-0x00000240F4CF1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f5cd008cf465804d0e6f39a8d81f9a2d
SHA1 6b2907356472ed4a719e5675cc08969f30adc855
SHA256 fcea95cc39dc6c2a925f5aed739dbedaa405ee4ce127f535fcf1c751b2b8fb5d
SHA512 dc97034546a4c94bdaa6f644b5cfd1e477209de9a03a5b02a360c254a406c1d647d6f90860f385e27387b35631c41f0886cb543ede9116436941b9af6cd3285d

C:\Users\Admin\AppData\Roaming\.betacraft\launcher\launcher.settings

MD5 5fc53c8310c2e71e3604f32b8a26c374
SHA1 8edb78c0c2561beb36b26c89617e18de9bee2f19
SHA256 b1f6b4866ac79ef0c91af1e3e29288ac30bef8eee175f322ecb9e7f2ecebe767
SHA512 d11c498fa1a1211edfc6eb61c216dd4fbae20f163115a9f4ccd16676f0c05fcbe95d95a6b8589cee331e1abab07a7e73a57e181f638c75ee39115341431f2e88

C:\Users\Admin\AppData\Roaming\.betacraft\versions\jsons\b1.6.3.info

MD5 0da4b957e1051e196a88121e0a193240
SHA1 25a181432a28ec7cb46d8bdedf97c8f26c5a825e
SHA256 0443da35f33768b964053ad298420487a22ea6867e5fb3583c3444da6bb834fd
SHA512 92ea18be8ad9c532635da4875ca00f17dec286d5a02b08be9007f4901ed3f67b97ca5ab6e30f31f9e3180c2de284d15e43acdfc68ee92d4f75df1ee0ffdc5b39

C:\Users\Admin\AppData\Roaming\.betacraft\launcher\instances\default instance.txt

MD5 f8975168794077cf059d1943b03f69f4
SHA1 f351282910029cd36a428ae6bb1344370ba9be12
SHA256 e57313a652d2343f75d002de3482f2df4a43c8b41427676cbcb3e2f052be92e2
SHA512 207579d5e913867b09aa1f451d95c31cbc267808d25151b7e3b8e4fa5b3aaeaa6f058b77834cce67aefbf14c6ee9ce700af2b2fbb0ea075ba394ca6faf8e9994

C:\Users\Admin\AppData\Roaming\.betacraft\launcher\lang\English.txt

MD5 3c2c70f8b713a381907001f2774edc79
SHA1 51d675b9fd32c15357cf032f0a5a25f17ed212af
SHA256 0e7cf41dc0d4ff1723b19b3dcbd1b1d781909c23679061c3e27e0c0048f46d51
SHA512 572ae8738d3956ce0342570cd3ce2257901b477cb3a81ff38d5afbdd5be8546d0a20b705453bfb0a1d282abcef4dd0ac0eec8a4c42ab3eb5c2c77ff395ec26c3

C:\Users\Admin\AppData\Roaming\.betacraft\launcher\discord_rpc.jar

MD5 d75aa9aec06d3d536cc1229d21db46a9
SHA1 93c0f6aee918cc3a41baf36a90020d537d1eb1ba
SHA256 619500b324fcadc52b9e2319585934179b69e21589f34858cc31d7d6e2442eac
SHA512 af8b37a56c906b1850385b80e40173928e792470faec5aed5d5c18e09c9d70235863449f650cbf1c1b542fcebf9e16964ab6ba90a82bba84be7b993db525576c

C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1302416131-1437503476-2806442725-1000\83aa4cc77f591dfc2374580bbd95f6ba_acd03e19-89e2-40d7-b0f4-25b8a05635ee

MD5 c8366ae350e7019aefc9d1e6e6a498c6
SHA1 5731d8a3e6568a5f2dfbbc87e3db9637df280b61
SHA256 11e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238
SHA512 33c980d5a638bfc791de291ebf4b6d263b384247ab27f261a54025108f2f85374b579a026e545f81395736dd40fa4696f2163ca17640dd47f1c42bc9971b18cd

C:\Users\Admin\AppData\Local\Temp\jna-63116079\jna3497222507461475996.dll

MD5 1164914ca1307de98cc0d57e42285ef2
SHA1 9387f983c88c425c91e5caae2409cf4180b02096
SHA256 0525f9e2db0146f7abcc8cd86cf4fb01721fad0d5c9a1806b5805bb789eb8c98
SHA512 7fbb98c3768e22429ad39070fd2fdbf38d9585e81df592d7fb64cdc03e890d6ce57a72bafbc8815ace9076e5241cfb77d8c23ff1db66ba7564131506d487dc5e

C:\Users\Admin\AppData\Local\Temp\drpc572558809300\discord-rpc.dll

MD5 5882c37b79bae47a0d090006564edb22
SHA1 ac7bbbdb1d34eb763d8db4ef7875a50f700e9d48
SHA256 5cc2e504800cf4ed2f4781364f661ea22349658ddc391b5d54195e573109d87b
SHA512 d4a6a1a36842dd1c8b2162168807b990e0d491a908e11b52ebf11174a67f818b131607c2122dbb484f5d946418a05a1a84d42e1468bef5c98ec3fcff7d225ccd

C:\Users\Admin\AppData\Roaming\.betacraft\versions\b1.6.3.jar

MD5 efc2becca965e4f8feb5b4210c6a4fd1
SHA1 924e36dbb7c64abb30a95fe35f5affb5176f6cbc
SHA256 a88794d52654321527669ac38cb39764ab41cef804ad98eae8e7e00861bf845f
SHA512 253d4fbf40cb61de882791ba0aa04913f1a53025dc96730c939e8b43f608148ebb19b80b50e8982a4291444bb3eab5043dd1718a214a695b02104da0b5fcd0d2

C:\Users\Admin\AppData\Roaming\.betacraft\bin\jinput.jar

MD5 e41a078a1f6cae716215235fbf0b5689
SHA1 a91a5631d319c8f50851b731c435cf66eb1d1e7e
SHA256 ce27de713e36a72a89e9495861c8265b0f81069366567c1c5c69e7d2ede58c89
SHA512 6a2e6adf035eb6d99bbe69dbda7d84cbdce5ef95ad3751731a5b564928a43306deec8799af8e5abcbb9decfd8cb50c2196098787f1373bc274ddc80852a3a2f1

C:\Users\Admin\AppData\Roaming\.betacraft\bin\lwjgl.jar

MD5 6b17fe97771f58d4b783e730b5e7732d
SHA1 6750639ccafa0cd413ee17c809252d24b4326412
SHA256 2f6d9b77fbf341f1d78d67960f888666407ea44b19fcc29a90567dac863e1db9
SHA512 e444e5041e469c3e68e15f8777dc56b6b3e9d9656d3990889e44920a460777f6862e50ccf5525f692e397c3b65f6ec1dd58f7c6b1b6e82583bd1281c788eb3b6

C:\Users\Admin\AppData\Roaming\.betacraft\bin\lwjgl_util.jar

MD5 0df9866d92e0f383c4753b28a80dd7aa
SHA1 6a147878f2d2675fe103f8bd0abee580f722b8a6
SHA256 79780bf0034ce3483881728ff98c27f5006558dcb88710a564b670cf5bf045cb
SHA512 364b79a3e5d6240fe5b28c2d16c0758403e45f6e88e88ba3c5e456c5c70a97c9fa8f6abff70b6309ca852c7f794d09afe89afcca968830121afd12f144772540

C:\Users\Admin\AppData\Roaming\.betacraft\bin\natives\lwjgl64.dll

MD5 73cb2a967d771c65bc46c543f61a9898
SHA1 0ef71be40bac0a5213b1a5c38739b1610ab311e6
SHA256 094c38a9b6b9ab76e3730838d542419811e63de5d4a4ba5a22d83f6edd803943
SHA512 1fa057fe5739f1ba457e0b95f01c1a378469fcb4944453bbd5b335281dbce882e730b601fa1e6053860053fdce2a6bd7f72342b6e9d8b6bf1f75a49af59662e8

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e413f40d116a67d0ede412022eec8f0e
SHA1 685a15e1f4968f92f915f075fb20bb4d83d778dd
SHA256 4e0ec232d9bd24b21aede37ca1fd95c27ccff86413c561ab18807a21f37cd919
SHA512 7ad0d26543276c499eccdbfb9dca1211d97fdab87317a3d40e8ea318750730decea216359758e2bf14bf27a036e3fccbcc9dbf03bec91d2d399da07618d8fd04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 000bcfe71f53ebab9e6e96093daa75dc
SHA1 c12113739346b15968e69bebf3365256a459c46f
SHA256 3ab3a67c9ff62f5b50d9caa099220ba0414863a98bea6d98440338274c608447
SHA512 d8be22b1e270959a44208d5e6722d3d3e32048f2eaef59c0460de99e4e6872328626eef759914c4d417c4ba4704201a757fbd621b63e8928797664f177bcee0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cae6e9a2223356fa459b11b699437892
SHA1 1eef41cfaae6178ead644649ff06c00e00077ebb
SHA256 8aa483316dc5d8185c53ed25796a9b1a92a0dd9f17ddee7f0a48241b0eb6406b
SHA512 9be97182d266cf823acfe053f0ae641a07981ff3de5f3c306d041213bf7d50e7ecc713996c522f7753ab8db55594ce736ea1a79cdc9cd308323ee0315c6e7563

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6911974039fd89a491dd47c24a9a2b97
SHA1 6fcaa4139ab88726ba7ac89781608344bac41c0b
SHA256 45b40561f9241f71d62863ae769d431c5154c61e15d29129d55eed3a6a259874
SHA512 e7651be899e71a9c4b8eebcefbf78f5509178934cacaac68a4581c373dfd9b94bb6b06720bb48987479b413cbe00a88ef9c61a85be3f36416bc8674210d01346

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a4d212ee2d29a728d773eb45e44a8d43
SHA1 ef3f39bc00fdfca9691e7cbcf44758faefe162fd
SHA256 ba1d9d349743782c76fb3df23b706da1e366691d1503a8a3385f32d7dad32d75
SHA512 b247ec8bebc6a20e580a2c32d821ce326c998b393a3ea682ba86888525e3bda9ee6c1d8534855b339cecfeb093797ef2888f0d49ce56db6b854d5713dacab22a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4a7e3e4f74fcebce01faf01948dd885e
SHA1 dea6ca860268f8512f6ad813185e81fc923044c4
SHA256 37a789b8ba76c226463208f6747d3ca08b08dff3d3c079e3335251fa7c72950c
SHA512 c96d23befaafc1c8fed09bfe7e1fbb4ca8016f60f661dd302e9e418059d1d59e4b2f9d23aefbe4fd1b6972f4d8a065c8e18fed16168173693bf81d841a089b81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 053fbd6840ecb97a00ea07b2d7695c89
SHA1 5fa58bcc8ba99f9646a1961d0cf96ca4a924f432
SHA256 086f82bee4748b7c62ca985e8936e364e09bae9e9fe27a6fe66fd2890e8f4094
SHA512 82e5e0c9a05ed42c37b45194d90ad040a0da4ab40cf460c2deca030e6b12af1b37d89ec3bd9ab2b116d99e78bac2e86d413727e756fa908867538812eb51260b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c74005ae72faea06c3289fdbf0aba21d
SHA1 a69f02c52af1d184f8bf3665dbc8ae866599e4ee
SHA256 0979fdc11be2508362477570f395e09d273ac10801d0a11808a2e75d14cccbc1
SHA512 9431e93c0eb6d5bcc428c7fc726130e8f35a7e9e7089156af35fa719b17baf7538638cec115b1df5472d13756b533d5e7c1cb9f67a71fa48a762c57d0a6d1b72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 e4cc1ece2f2425b10ae2ccc212c1dafc
SHA1 92609e6d0093693110baa23758382889bcb30da6
SHA256 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809
SHA512 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7189770e8d4273fa07ddeea02d9579cb
SHA1 f1344510c58a707d5695af31f4f49c2f8924f531
SHA256 e7b86fdf9afeb3764b4c627752687fd5cfb15f9ce0c97c8a7e899718e9e79058
SHA512 aa7bd9659d1aebc49dde17a1474cf4de6e6f39d830b36512c65e967e172ac3feb2e51eb5f4fdd40407ed03902ca03a40931701ba48528101f231b1562da90532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cc7673d03fe36a27d5fb1e6d9b742794
SHA1 1b6ea76a006ba3a65e5ae0e5b8d27c4a250dd6c2
SHA256 14c2a873cb01e31dd9e7d591c415f83f58a16e3367e7209aaeb795e84c812550
SHA512 5f0b6fd0948ba5c41fabca9e86221b140ea825def1ceb4ab8dbd9de9f3c4dfd681e001680050095a511c0884b17c344fc30973f3784be8d80d4e41563be57f0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0396fdf35d3b393e2b3a3f0a0f7b53ba
SHA1 83ff8520ef47610f13ef03dbf3fcb5bea0c41a3b
SHA256 7c2ab48c121a0562a6f2a15e31820abc74615f46643e43ba87defb4a3f1f109b
SHA512 43a9005844729bb209016a8e55004c5cbb99fa458ce6eb36c1936cb9f122539215690380ba817196677cc86f801a3db71c62fa4c6e7b3d058979847b285843c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 b44ae10069bcc3f69241236bf77cf12a
SHA1 84460f394a5de239b92735cfa2295fa91317c071
SHA256 13a04a3904e9c14f5e191f247ebc229d2af511e3a036b79ce3ea5ba0bac3c84d
SHA512 61588590e2a1022bb8eb4830f8785ecdf9d2a3ae17007f2cf0460f1f46fc08ec579c682c08ff19c45d0caf0099ad520a110e2e1fd783fac4715b1af3b8ebffe0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 4ba86a857f7f8f6cdbba7ec4142795e0
SHA1 d0aa9ec6fab3987d917bf506c2680880f8d195f0
SHA256 f51b70163eda0b588c9c21ab3339cc81ad8d07917b69dfd0e3b5769d4c726026
SHA512 6c6daa54055f147f735aa100ca99df97d63087fe87e53eaca17ff37b404307b5810626914c37a8e643a4f9574d50d8fcfd308b4dea96162d0badc8803ef03d66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

MD5 d97a3052c521659d93dac195f2a38d5a
SHA1 35f7d3447cd106713e3dc772f66f26c5d62bdbb0
SHA256 e731f5443375bc0291fec505cdb56f9a964761d17e23fae19aed546fa5135080
SHA512 9e688d2093dca922edd3a23b553e18f19e80a26faf14cd1e73b8abf693801d42c2aca316ea85f730adc282e2e7f9d95b1dddc12f2124da37d513fdcbc834496d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 cee2d7271fd6983037ff3295b2961d7a
SHA1 e77725b8b9c1de813520c3f8a54c8a440534d524
SHA256 e1cfe6ef05f54e05dc832263c7f8771d91ae0b2ce2fbe7b00ff128f66135b276
SHA512 45b864445ee8229193beb378dcd3d4d381232ec4a4ae7b0d12a9b57b833a60c6983d38b6ef867918027003a29dc0cf727ec4b4160c28687224ac383140d157da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 78280e0728c2021056c93954af683365
SHA1 f422d6f6682d904f7905b1cd7308f9f59062db44
SHA256 d5424e6657f959e1c026b7c119249cffedeff2e272912dfd6d0e0f7e04bcbd81
SHA512 aa64da37e187cac342d5c5cdd33d76d2bdf1bfd8cc49257ce1a4c0877a527aedab28ecfa0eaefc5c7f803bf3f51d94544bf8662430be50d2101c32c5d11f4b93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 65d3f83d879428f73e751d9a36db6db1
SHA1 a19668aecd92ffeaec17643ae7d6140ad763351c
SHA256 8e802d53da4fd798ca61b4aefc77e20767bd4696e15312b0ac7229679292560c
SHA512 e2550db4a106da242ccfa4dd8346364d0223a6034d38232dd3b867c79e18620da631fb4ad0c90c42ba3e69c17b9256df8ed05646feccbaae2fbcdb9129884ae8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 d4300a880e3881a88ef897c353d8968b
SHA1 25df273b9b230ccaa62d202671322be5e7d98207
SHA256 62daa64fc17a916850ef084ae9fb14a0c54419333a5309cf87126b73266587ce
SHA512 d42a0de426b33f82f7f7f60ac8b88c513603acf18215c08cdb437df09b297f5ca9208b82d94e6e42ecd74cae42fbb70595d44e4268f4abdb016960e04eb195a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 b787bd69348e38aad5a2c0f0c899e1d7
SHA1 bb99c84d3929a939f79ca1caa9a4922ea9367b8b
SHA256 e3957b9ca5ebaa433f3516423ceb881b6828c757a613ff8889f01836adfc33c6
SHA512 d5e26f83e0778a086109794defc26a3f23bcd86427c37e26d7de565d061649d5a7a8cf22c0b7e9120210b78f87fe003bc45a352a2914537776e2a5f2e7f46c8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 fb151d11266070be581bbee58ab765d7
SHA1 adc9494d1e57a13946ecbcb827effd1d53b5c885
SHA256 9bf5897bb92dd7a6aab69e4beac592f37d4b192b7e49b1bde705cf234df924de
SHA512 2ff05d5411e4d2caecfd7261fdb85949d1086947c23fbe477365d21bbddfc75d3eeefd235032b2817aeb7fa8f25c285719f26373e68b1823c1881e36545028d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 97a3bed6457d042c94c28ed74ec2d887
SHA1 02ce7a6171fb1261fde13a8c7cbb58992e9d5299
SHA256 ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67
SHA512 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 d4f413c00a1ccee00c72857686eec6ee
SHA1 15740adc82f9e2840bca50b57065a1ca36eeb030
SHA256 3ee6169c7c45c11e9311e7c7893df3b907caf99d64c5d2b808313e5281501b6f
SHA512 063f476c779bfde1326dad3dde7404068253db68881b7b64dca41304fe5affb110879625c0e238d397695f29853e654ac3e9afd78c30ecf6fe6a47605f6cfea6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 3859fdcc9dfc8ee238149b68a1cb2f98
SHA1 4c78ac8554c35cdd4ec8a0318bde9bba8b670b67
SHA256 9a2ec9b64eee6bfdf104fe6b873c26c8ae22b90c9ef77ce61217030f16d81d31
SHA512 dc15c3e84175327f6e99ac1130927b0cd1f194e4759553151bb54b6f7b3256f35a690f8650a3d0806a34f3b4855b6936c3373180b9f9c838dac8c7fbfe6e681f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 2112b675af3b8ee65b18e99ca39a509a
SHA1 03b2636480895761e9d8e96fab3d671371f573b8
SHA256 cf45bd676155851a2601ccc71040545572128311829ae6bde6597f6247f25836
SHA512 91e3d1dec8a6f916fe7950725acdc12cb803b58c9872ae2294c51dc973ca35ff152a0dedf7a43623ed3eeec91d968410000084fcf2988e827dece8ab178e1cf8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 d44b00eaf066eb7050989509fd4e36c7
SHA1 f9c5a6144aefdc63afdadfdfba432a7f2921aa72
SHA256 81d81f58eace71c343daf95f8a2756fa914556bcad33ca241c127c4ae68c215f
SHA512 99f9f4b102f6eb4c6ff8868fc598c536397d247de9764a67548739662ae302ea79cc2f730d63b8ff40c8c285b2c9783bba96e37c72d9922623fae83219d6694d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 79cf44db94eb465700d65a45a527b379
SHA1 a9ea6a3d2b3a3a61bf80caa643b077dc7fc10787
SHA256 78996e6ffff1656b85b4b50393b4a9f1133550694f87e66f9c2b937bc7dd2c4e
SHA512 7a2edf730c401e21b69b86528489adf587f4b830ceba0af2834bc7c69937e754c0a3e18ee9a174910391846a94394fc87bf927fb101fe899275bf072c804a519

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 8266eb9d769b0040c61f9107b9233d0d
SHA1 7d84098b0f5a6b1fb73333838e071558086938da
SHA256 389603813af8808ae7ec8ca4f2bc326b15e4c2ad5d86eeabfb271ac4d170b923
SHA512 82854e09e38363bf682d1426cd72d2efe770a58531f8b006c80c32718229cd9699c6db6ae4afe0a5ba64504a08b16568e53ec8fdf2702b5abc41ef7711f011b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\Downloads\Unconfirmed 154432.crdownload

MD5 edb0a9c371be828d2b5d2e90c5c89cb3
SHA1 77bd14205694ef7901f2c19757e0b5abf51c489c
SHA256 a84f934eff0f0950b8e6f6df6f121f5107983df68ef42dd3e12671944e95c6b7
SHA512 072738012ba60faff263c5670cb6f653833abdbd5673fc1aa96fed5aee8ff7edd8995052e1c779847406232a6457083ac2ee58e6666c479e33e4cf035c9c08be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 045c3c96a2e5a06f3a16f4bedc51a688
SHA1 eabe6c1956b5941b07ddf5dd4a4cdef17d9f6185
SHA256 6f8fec7decdbe0325b5f620c5da796d129f301421569f3471c597049d83be691
SHA512 2865fc24fd884e2b15c4d3040149455a140d1eb7ccaae4c2bcd87e70d76b758c4aae4e67c5bb429a5828cbe92d0c426001e124e41368a717c7b0bf1c882281db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c14dd850-817e-4b37-ab12-5b79565821d6.tmp

MD5 aa1e9c1fdb43df2350c6c7bc0e6486a6
SHA1 ccb510f6c3acef40aef98c123dac2188e9ff099a
SHA256 4f46c6b9e3245d5f621421bf072c0409bf9bbc039b45c3214ad68ac9669fd0e2
SHA512 0c72b66937d27521684cb65273870b528cc3fbd8e6d518688676b2e71182d65357106ac56b53c62c428ceef32ae7dbbf8f53774acf523de0c6df462d4d77ed28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3ad8f38ce2814dcdcd5f490374b8e84a
SHA1 e42c55fad2c9d1e5f6ed1965dce55c99c5f3fcff
SHA256 8c6a00eb915b4cd95bf6016e0de0ed82e23a02a2ccd6a635c9be0161123e5e57
SHA512 44fa34c20a07436d027fdf9fd7d2ba644684e2b4038cb2c5c78fcffb309df843732b95c3548518751a201c1d1473c1bb7c206ec9fd49c58f5528f2d5dc310eeb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d46eb9bce690af6196c2918f5bc41d3f
SHA1 479b9cc5094f6a819a5c008b8100b28186d1aa4c
SHA256 5365802a9e558473d983732d02caba6465eb1a69aeff8fc7cde4cacb3743ccd4
SHA512 f1351dce243b1895cea0616f2390d9abc7e763c1a7ebec9875d2655862017329973b29023ef949e9e0703a3baf9714f22c16254ee4bf5187576ee85ee73e63ba

C:\Users\Admin\AppData\Roaming\.betacraft\launcher\accounts.json

MD5 9ba8443aea7383571996dce21a30dd59
SHA1 117d26a56c7f621ee1d115614bcbadd5c9db9b00
SHA256 58058888fda68d6e1760d3ff343affc2ab41ea2b9fa4b9a0c67fb3c5c86a0250
SHA512 63c1fb92d272d299985747ca4b1430acc91f1544504b3bbe890e2db34817a915208053bfe91bc6762ce1edb1b154dacf12e880853166950638de8787ffa6fede

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f669bee74545cc96c6ae03b90e77b6d6
SHA1 23eea33c056c151d710680b6d578718895fe6af7
SHA256 99ca36849eac404a15b020d1e42fc605130fa5773bfa6e2c0013e9d3a2402823
SHA512 c0f391b3e6bb033893a7137619564bea8a89bd266fac7d6de6d165d00060a088ae55292619c2e36f504a51c14dd5b5ea4a8b62f42f5e1ed2cccd05b11dda35cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cf192564a35cc4e5_0

MD5 dc25b13812f699a7005b1aa7160bcfe3
SHA1 98929f0ee29302560454d842189e95b9f3960a59
SHA256 fc99aeb28dead085fadfb8408fc65b441c36e854191a0ea1add60a8e87fd3151
SHA512 52f827c2d4f036e4cd13060061af4b0f8a9c313c307de1ceb13884ba3a74940f4061ebc8e727404b0a96665bb447ee6c6dbf27b03f5728504cd25f06d3e3d52d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c373437dde464af4c5d04d28452dbd68
SHA1 936a325310829e6d574ec4de20214c4f7be524eb
SHA256 38a5e74446ca5ee325314da42bed62c79c4043a685823b76a088e09a1b339c40
SHA512 450908da4e8410658d533180eb483c579591453a2aa530e87ae8146c9fad9a9522a1ec442a19ffb4151219e7029f986e9ff93f0aa4b4d62e8e42b2f0d4fbf398

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5d3402672e34ca92f7ad152fdc99c10e
SHA1 9ee9bc73be51035415344036e6a6159f83737a52
SHA256 1b71f40df1a67eff3f04baaf17ba222c02439ac755e238ac0676b548987ad78f
SHA512 d1fe04c2a5ebeaca35fbdf9902c41366d2c8379a1f9bd4366866818631c0008b0bc018c3eabd5ca990c0fa695c1316ba9e71fe24fa9505a40eaed23ad502631b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 2a0a800f31489b0cf1c0c4d1ad144084
SHA1 fd542a999f4504df631f5756556605e46e946a28
SHA256 2c506784039bcebbb4e4279eaf6ecb873d630750df8b7ddfc5fce21f38f5da31
SHA512 9a69548fb248fe97a66862ea29722a6543a151b02360cb07728ebec0c36034cc9d75c48e3f5d6753b60e11b222afc9ebfaebafee09d958dbf41958c7fd97716e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6dceaa43fd859e506faa8466f582afdb
SHA1 0d9c6c43af76df5e985003cadadd6ed30d3b4d0b
SHA256 39245140d558c1856c3ab14d4c75fc7406e559121b4f0639600e39bf8abe530d
SHA512 d41cfaaf958a4db16385a7deae7d78f757043fd3c8c7a8f8f29c40678cb7fe2ba51290aec93bbd20007608152b1def18e184adb784bfcd01c23d2905e60c90b2