Malware Analysis Report

2025-03-15 04:19

Sample ID 240825-hvbb3ssgrm
Target https://www.mediaexpert.pl/gaming/konsole-przenosne/konsola-asus-rog-rc71l-nh001w
Tags
discovery evasion motw persistence phishing privilege_escalation spyware stealer trojan
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file https://www.mediaexpert.pl/gaming/konsole-przenosne/konsola-asus-rog-rc71l-nh001w was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion motw persistence phishing privilege_escalation spyware stealer trojan

Modifies system executable filetype association

Loads dropped DLL

Executes dropped EXE

Reads user/profile data of web browsers

Event Triggered Execution: Component Object Model Hijacking

Drops desktop.ini file(s)

Checks whether UAC is enabled

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Adds Run key to start application

Checks installed software on the system

Checks system information in the registry

Drops file in Windows directory

Drops file in Program Files directory

Browser Information Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Enumerates system info in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Checks processor information in registry

Modifies Control Panel

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 07:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 07:02

Reported

2024-08-25 07:48

Platform

win11-20240802-en

Max time kernel

2700s

Max time network

2602s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediaexpert.pl/gaming/konsole-przenosne/konsola-asus-rog-rc71l-nh001w

Signatures

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Modifies system executable filetype association

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx\ = "{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\Update\\OneDriveSetup.exe\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\Delete Cached Standalone Update Binary = "C:\\Windows\\system32\\cmd.exe /q /c del /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\StandaloneUpdater\\OneDriveSetup.exe\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\Uninstall 18.151.0729.0013 = "C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\18.151.0729.0013\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files\Mozilla Firefox\firefox.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\desktop.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Users\Admin\OneDrive\desktop.ini C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\mozwer.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\omni.ja C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\freebl3.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\default-browser-agent.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\wmfclearkey.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\manifest.json C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\omni.ja C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\VisualElements\PrivateBrowsing_150.png C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\install.log C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files\Mozilla Firefox\nszF83F.tmp\mozwer.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\freebl3.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\xul.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\uninstall\helper.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\private_browsing.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\installation_telemetry.json C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\tobedeleted\nsl6B8.tmp C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\removed-files C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\uninstall\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\locale.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe.moz-delete C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\nssckbi.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\crashreporter.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\application.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
File created C:\Program Files\Mozilla Firefox\nszF83F.tmp\nssckbi.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nssckbi.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files\Mozilla Firefox\updater.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\postSigningData C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\updater.ini.moz-delete C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe N/A
File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nsvEDE0.tmp C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\pingsender.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\xul.dll.sig C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\features\[email protected] C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\default-browser-agent.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\updater.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files\Mozilla Firefox\nszF83F.tmp\freebl3.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\browser\ C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\uninstall\uninstall.log C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\update-settings.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File created C:\Program Files (x86)\Mozilla Maintenance Service\logs\maintenanceservice-uninstall.log C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\nszF83F.tmp\AccessibleMarshal.dll C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\updater.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files\Mozilla Firefox\platform.ini C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
File opened for modification C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe.moz-delete C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe N/A
File created C:\Program Files\Mozilla Firefox\nszF83F.tmp\updater.exe C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files\Mozilla Firefox\uninstall\helper.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Control Panel

evasion
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Control Panel\Colors C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Control Panel\Colors C:\Program Files\Mozilla Firefox\firefox.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OneDrive.exe = "11000" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize = "1" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000\Software\Microsoft\Internet Explorer\GPU C:\Windows\system32\wwahost.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\USER\S-1-5-19 C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft C:\Windows\system32\wwahost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography C:\Windows\system32\wwahost.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\NucleusToastActivator.NucleusToastActivator\CurVer\ = "NucleusToastActivator.NucleusToastActivator.1" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\ProgID\ = "FileSyncClient.FileSyncClient.1" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{0f872661-c863-47a4-863f-c065c182858a}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\ = "SyncEngineStorageProviderHandlerProxy Class" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\ProgID C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\LocalServer32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}\1.0\0\win32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\FILESYNCCLIENT.AUTOPLAYHANDLER\SHELL\IMPORT\DROPTARGET C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\mssharepointclient C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{1196AE48-D92B-4BC7-85DE-664EC3F761F1}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{c1439245-96b4-47fc-b391-679386c5d40f}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{9D613F8A-B30E-4938-8490-CB5677701EBF}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\VersionIndependentProgID C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\21.220.1024.0005\\FileCoAuth.exe\"" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{AF60000F-661D-472A-9588-F062F6DB7A0E} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\FileSyncClient.AutoPlayHandler.1 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\ProgID\ = "OOBERequestHandler.OOBERequestHandler.1" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{390AF5A7-1390-4255-9BC9-935BFCFA5D57}\ = "IAlbumMetadataCallback" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{466F31F7-9892-477E-B189-FA5C59DE3603}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\INTERFACE\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}\PROXYSTUBCLSID32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\InitPropertyBag\TargetKnownFolder = "{a52bba46-e9e1-435f-b3d9-28daa648c0f6}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{638805C3-4BA3-4AC8-8AAC-71A0BA2BC284}\1.0\0\win32\ = "C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\21.220.1024.0005\\FileCoAuth.exe\\1" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{ACDB5DB0-C9D5-461C-BAAA-5DCE0B980E40}\ = "ILaunchUXInterface" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{390AF5A7-1390-4255-9BC9-935BFCFA5D57} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}\ = "IIsMappingValidCallback" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}\1.0\ = "FileSyncLibrary 1.0 Type Library" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{F062BA81-ADFE-4A92-886A-23FD851D6406}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\firefox.exe\shell C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\WOW6432NODE\INTERFACE\{F062BA81-ADFE-4A92-886A-23FD851D6406}\PROXYSTUBCLSID32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{d8c80ebb-099c-4208-afa3-fbc4d11f8a3c}\TypeLib\ = "{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32\ThreadingModel = "Apartment" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\WOW6432NODE\CLSID\{2E7C0A19-0438-41E9-81E3-3AD3D64F55BA}\LOCALSERVER32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{C2FE84F5-E036-4A07-950C-9BFD3EAB983A}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\TypeLib\{082D3FEC-D0D0-4DF6-A988-053FECE7B884}\1.0\HELPDIR C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{049FED7E-C3EA-4B66-9D92-10E8085D60FB} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\INTERFACE\{944903E8-B03F-43A0-8341-872200D2DA9C}\TYPELIB C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\VersionIndependentProgID\ = "NucleusToastActivator.NucleusToastActivator" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}\TypeLib C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_CLASSES\WOW6432NODE\INTERFACE\{E9DE26A1-51B2-47B4-B1BF-C87059CC02A7}\PROXYSTUBCLSID32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}\ = "IDeviceHeroShotCallback" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\ContextMenuOptIn C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}\TypeLib\ = "{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{da82e55e-fa2f-45b3-aec3-e7294106ef52}\ProxyStubClsid32 C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{466F31F7-9892-477E-B189-FA5C59DE3603} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Key deleted \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\Interface\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\WOW6432Node\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /cci /client=Personal" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{944903E8-B03F-43A0-8341-872200D2DA9C}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6} C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}\ = "IFileSyncClient3" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-131918955-2378418313-883382443-1000_Classes\Interface\{31508CC7-9BC7-494B-9D0F-7B1C7F144182}\TypeLib\Version = "1.0" C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Windows\system32\control.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\system32\control.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\wwahost.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\wwahost.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\wwahost.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2840 wrote to memory of 4528 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 4528 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1440 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 4672 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2840 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediaexpert.pl/gaming/konsole-przenosne/konsola-asus-rog-rc71l-nh001w

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff965bf3cb8,0x7ff965bf3cc8,0x7ff965bf3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6504 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5988 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=9676 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11008 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004F0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10196 /prefetch:1

C:\Windows\system32\control.exe

"C:\Windows\system32\control.exe" /name Microsoft.AdministrativeTools

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"

C:\Windows\system32\WSReset.exe

"C:\Windows\system32\WSReset.exe"

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"

C:\Windows\system32\WSReset.exe

"C:\Windows\system32\WSReset.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7752 /prefetch:1

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\System32\DataExchangeHost.exe

C:\Windows\System32\DataExchangeHost.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11428 /prefetch:1

C:\Program Files\Mozilla Firefox\uninstall\helper.exe

"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"

C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe

"C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe"

C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe

"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe" _?=C:\Program Files\Mozilla Firefox\uninstall\

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask uninstall

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask uninstall

C:\Program Files\Mozilla Firefox\default-browser-agent.exe

"C:\Program Files\Mozilla Firefox\default-browser-agent.exe" uninstall 308046B0AF4A39CB

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask defaultagent uninstall 308046B0AF4A39CB

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" --backgroundtask defaultagent uninstall 308046B0AF4A39CB

C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe

"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" /S

C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe

"C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_B.exe" /S _?=C:\Program Files (x86)\Mozilla Maintenance Service\

C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

"C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" uninstall

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13456 /prefetch:1

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,Control_RunDLL C:\Windows\System32\srchadmin.dll ,

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,8021525707387308355,7611395630729385855,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13536 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe"

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" /update /restart

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe /update /restart /peruser /childprocess /extractFilesWithLessThreadCount /renameReplaceOneDriveExe /renameReplaceODSUExe /removeNonCurrentVersions /enableODSUReportingMode

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe"

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe

/updateInstalled /background

C:\Windows\SysWOW64\DllHost.exe

"C:\Windows\SysWOW64\DllHost.exe" /Processid:{5250E46F-BB09-D602-5891-F476DC89B700}

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xdc,0x104,0x108,0x100,0x10c,0x7ff965bf3cb8,0x7ff965bf3cc8,0x7ff965bf3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2056 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2604 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4892 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 /prefetch:8

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe

"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" -Embedding

C:\Windows\system32\wwahost.exe

"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://www.bing.com/search?q=how%20to%20create%20users%20in%20windows%2011%20site:microsoft.com&form=B00032&ocid=SettingsHAQ-BingIA&mkt=en-US

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff965bf3cb8,0x7ff965bf3cc8,0x7ff965bf3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5144 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5552 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1404,9645486087323354948,13818906658480334203,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4068 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.mediaexpert.pl udp
US 172.66.40.47:443 app.mediaexpert.pl tcp
GB 2.17.209.154:80 repository.certum.pl tcp
US 8.8.8.8:53 assets.mediaexpert.pl udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
DE 157.240.27.27:443 connect.facebook.net tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 172.66.43.209:443 assets.mediaexpert.pl tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
FR 142.250.74.226:443 ade.googlesyndication.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
FR 142.250.74.226:443 ade.googlesyndication.com udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 152.199.21.175:443 upload.snrcdn.net tcp
US 152.199.21.175:443 upload.snrcdn.net tcp
US 152.199.21.175:443 upload.snrcdn.net tcp
NL 51.145.180.18:443 ai-api.synerise.com tcp
N/A 224.0.0.251:5353 udp
US 216.239.32.36:443 region1.google-analytics.com udp
FR 142.250.201.166:443 8877512.fls.doubleclick.net tcp
FR 142.250.201.166:443 8877512.fls.doubleclick.net tcp
DE 157.240.27.27:443 connect.facebook.net tcp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 cdngazeta.pl udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 104.18.32.137:443 privacyportal-eu.onetrust.com tcp
GB 18.165.242.98:443 ec.monplat-cdn.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
NL 178.250.1.13:443 dynamic.criteo.com tcp
US 172.67.145.161:443 cdngazeta.pl tcp
GB 84.17.50.9:443 tags.creativecdn.com tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
US 150.171.27.10:443 bat.bing.com tcp
FR 142.250.201.166:443 8877512.fls.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk tcp
GB 143.204.176.83:443 js.go2sdk.com tcp
FR 142.250.179.68:443 www.google.com tcp
PL 212.77.100.84:443 pixel.wp.pl tcp
BE 74.125.71.157:443 stats.g.doubleclick.net tcp
NL 185.184.8.90:443 ams.creativecdn.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.201.163:443 www.google.co.uk udp
FR 142.250.179.68:443 www.google.com tcp
DE 157.240.27.35:443 www.facebook.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 142.250.179.68:443 www.google.com udp
PL 80.252.6.19:443 px.leadexpert.pl tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net udp
GB 18.245.143.84:443 csr.onet.pl tcp
FR 185.235.86.130:443 gem.gbc.criteo.com tcp
FR 185.235.86.40:443 ag.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 43.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 19.6.252.80.in-addr.arpa udp
US 8.8.8.8:53 84.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 130.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 40.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 172.64.151.101:443 r.casalemedia.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 34.117.157.22:443 matching.ivitrack.com tcp
NL 141.226.228.48:443 sync-t1.taboola.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
DE 162.19.138.120:443 id5-sync.com tcp
IE 52.18.139.160:443 ad.360yield.com tcp
IE 34.253.116.68:443 dpm.demdex.net tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
GB 92.123.143.201:80 apps.identrust.com tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
DE 3.121.168.212:443 exchange.mediavine.com tcp
IE 34.253.170.144:443 jadserve.postrelease.com tcp
US 50.31.142.95:443 sync.outbrain.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
GB 2.18.109.35:443 criteo-sync.teads.tv tcp
US 52.205.245.26:443 criteo-partners.tremorhub.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
GB 2.18.109.192:443 ad.yieldlab.net tcp
IE 52.17.104.16:443 sync-criteo.ads.yieldmo.com tcp
DE 52.28.106.95:443 e1.emxdgt.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 52.28.106.95:443 e1.emxdgt.com tcp
US 8.8.8.8:53 72.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 201.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 212.168.121.3.in-addr.arpa udp
US 8.8.8.8:53 144.170.253.34.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 25.234.195.18.in-addr.arpa udp
US 8.8.8.8:53 95.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 35.109.18.2.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 192.109.18.2.in-addr.arpa udp
US 8.8.8.8:53 26.245.205.52.in-addr.arpa udp
US 8.8.8.8:53 16.104.17.52.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 92.123.142.114:443 www.bing.com tcp
GB 92.123.142.114:443 www.bing.com tcp
GB 92.123.142.154:443 r.bing.com tcp
GB 92.123.142.154:443 r.bing.com tcp
GB 92.123.142.104:443 th.bing.com tcp
GB 92.123.142.104:443 th.bing.com tcp
GB 92.123.142.154:443 r.bing.com tcp
GB 92.123.142.154:443 r.bing.com tcp
US 204.79.197.200:443 bing.com tcp
US 204.79.197.200:443 bing.com tcp
IE 20.190.159.23:443 login.microsoftonline.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
GB 173.222.211.41:443 aefd.nelreports.net tcp
GB 173.222.211.41:443 aefd.nelreports.net udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 151.101.193.91:443 images.sftcdn.net tcp
US 151.101.193.91:443 images.sftcdn.net tcp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 softonic.com udp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
GB 13.224.222.87:443 sdk.privacy-center.org tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net tcp
FR 142.250.179.68:443 www.google.com udp
US 151.101.1.91:443 di-images.sftcdn.net udp
US 151.101.1.91:443 di-images.sftcdn.net tcp
US 13.107.246.64:443 www.clarity.ms tcp
GB 13.224.222.87:443 sdk.privacy-center.org tcp
US 151.101.1.91:443 di-images.sftcdn.net udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
US 172.67.41.60:443 btloader.com tcp
FR 142.250.201.187:443 storage.googleapis.com tcp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 87.222.224.13.in-addr.arpa udp
US 8.8.8.8:53 233.148.172.18.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 187.201.250.142.in-addr.arpa udp
GB 108.156.39.35:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
FR 216.58.214.174:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 104.26.6.141:443 api.btmessage.com tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 151.101.65.91:443 di-images.sftcdn.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.227:443 notix.io tcp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.227:443 notix.io tcp
US 204.79.197.237:443 c.bing.com tcp
GB 108.138.233.67:443 api.privacy-center.org tcp
FR 216.58.214.174:443 syndicatedsearch.goog udp
FR 142.250.179.65:443 2b36f25c70d20e92d46cc6fce2108049.safeframe.googlesyndication.com tcp
DE 162.19.138.120:443 id5-sync.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
FR 142.250.75.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 34.120.63.153:443 prebid.media.net tcp
IE 54.74.68.84:443 ap.lijit.com tcp
DE 157.90.0.38:443 shb.richaudience.com tcp
DE 157.90.0.38:443 shb.richaudience.com tcp
DE 157.90.0.38:443 shb.richaudience.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
FR 142.250.201.162:443 partner.googleadservices.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
IE 54.220.6.201:443 id.crwdcntrl.net tcp
FR 216.58.213.66:443 ep1.adtrafficquality.google tcp
GB 18.245.143.118:443 tags.crwdcntrl.net tcp
US 104.18.35.167:443 cdn-ima.33across.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
FR 142.250.201.163:443 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com udp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
US 35.244.193.51:443 lexicon.33across.com tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
FR 216.58.213.78:443 ampcid.google.com tcp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
US 8.8.8.8:53 167.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 66.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.68.74.54.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 38.0.90.157.in-addr.arpa udp
US 8.8.8.8:53 201.6.220.54.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.213.58.216.in-addr.arpa udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 172.64.149.180:443 cdn.indexww.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
GB 92.123.143.216:443 player.aniview.com tcp
US 52.207.51.223:443 cs-server-s2s.yellowblue.io tcp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
FR 178.32.197.52:443 ssbsync.smartadserver.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
IE 34.253.170.144:443 jadserve.postrelease.com tcp
US 35.71.131.137:443 match.adsrvr.org tcp
US 172.111.38.54:443 tracker.open-adsyield.com tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
US 18.213.195.227:443 api-2-0.spot.im tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 192.132.33.68:443 bttrack.com tcp
US 151.101.1.108:443 acdn.adnxs.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.254.135.1:443 ce.lijit.com tcp
GB 108.156.39.126:443 s.ad.smaato.net tcp
US 8.8.8.8:53 54.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 202.147.205.54.in-addr.arpa udp
US 8.8.8.8:53 227.195.213.18.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
GB 23.214.129.249:443 secure-assets.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
DE 51.89.9.251:443 onetag-sys.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
DE 51.89.9.251:443 onetag-sys.com udp
FR 142.250.74.226:443 cm.g.doubleclick.net udp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 104.22.50.98:443 spl.zeotap.com tcp
US 52.46.151.131:443 s.amazon-adsystem.com tcp
US 199.232.209.91:443 softonic.com udp
US 104.26.6.141:443 api.btmessage.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
DE 157.240.27.27:443 connect.facebook.net tcp
US 34.120.63.153:443 prebid.media.net udp
US 130.211.23.194:443 api.btloader.com udp
GB 163.70.151.35:443 www.facebook.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
IE 52.95.126.160:443 aax-eu.amazon-adsystem.com tcp
FR 216.58.213.66:443 ep1.adtrafficquality.google udp
DE 216.58.206.35:443 csi.gstatic.com tcp
DE 216.58.206.35:443 csi.gstatic.com tcp
DE 216.58.206.35:443 csi.gstatic.com tcp
DE 216.58.206.35:443 csi.gstatic.com tcp
DE 216.58.206.35:443 csi.gstatic.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
US 13.107.246.64:443 apps.microsoft.com tcp
GB 2.18.108.7:443 images-eds-ssl.xboxlive.com tcp
US 152.199.19.161:443 sparkcdneus2.azureedge.net tcp
GB 2.18.108.7:443 images-eds-ssl.xboxlive.com tcp
GB 2.18.109.103:443 store-images.microsoft.com tcp
IE 20.190.159.23:443 login.microsoftonline.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
GB 18.245.143.7:443 js.adscale.de tcp
GB 18.245.143.7:443 js.adscale.de tcp
US 52.182.143.208:443 browser.events.data.microsoft.com tcp
US 52.182.143.208:443 browser.events.data.microsoft.com tcp
US 13.107.246.64:443 apps.microsoft.com tcp
US 52.182.143.208:443 browser.events.data.microsoft.com tcp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 ih.adscale.de udp
DE 3.126.235.164:443 ih.adscale.de tcp
DE 3.126.235.164:443 ih.adscale.de tcp
US 13.107.246.64:443 apps.microsoft.com tcp
US 52.240.245.67:443 northcentralus-0.in.applicationinsights.azure.com tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
DE 23.88.8.123:443 uidsync.net tcp
DE 157.90.33.122:443 uidsync.net tcp
FR 178.32.197.52:443 ssbsync-global.smartadserver.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
DE 157.90.33.122:443 uidsync.net tcp
US 54.205.147.202:443 sync.srv.stackadapt.com tcp
IE 52.208.228.214:443 match.prod.bidr.io tcp
US 151.101.66.49:443 sync-tm.everesttech.net tcp
GB 173.222.211.41:443 aefd.nelreports.net udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
FR 216.58.213.66:443 ep1.adtrafficquality.google udp
NL 139.45.197.227:443 notix.io tcp
GB 92.123.142.170:443 th.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 151.101.65.91:443 snip-sketch.en.softonic.com tcp
US 151.101.65.91:443 snip-sketch.en.softonic.com tcp
DE 157.240.27.27:443 connect.facebook.net tcp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 104.18.11.248:443 adengine.snigelweb.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
FR 216.58.214.162:443 www.googletagservices.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 104.18.21.111:443 js.getlasso.co tcp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
GB 143.244.38.136:443 cdnx.snigelweb.com tcp
US 199.232.196.134:443 helpdeskgeek.disqus.com tcp
US 172.67.25.151:443 cdn.pbstck.com tcp
US 104.18.21.111:443 js.getlasso.co tcp
US 130.211.23.194:443 api.btloader.com udp
US 104.18.11.248:443 adengine.snigelweb.com tcp
US 151.101.192.134:443 disqus.com tcp
GB 18.244.140.59:443 c.disquscdn.com tcp
GB 18.168.121.224:443 floor.pbxai.com tcp
GB 23.53.174.156:443 secure.cdn.fastclick.net tcp
US 104.22.0.93:443 cdn.pbstck.com tcp
US 104.22.0.93:443 cdn.pbstck.com tcp
US 104.18.21.111:443 js.getlasso.co tcp
US 104.18.21.111:443 js.getlasso.co tcp
US 104.18.21.111:443 js.getlasso.co tcp
US 104.18.21.111:443 js.getlasso.co tcp
US 8.8.8.8:53 111.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 134.196.232.199.in-addr.arpa udp
US 8.8.8.8:53 151.25.67.172.in-addr.arpa udp
US 8.8.8.8:53 134.192.101.151.in-addr.arpa udp
US 8.8.8.8:53 156.174.53.23.in-addr.arpa udp
US 8.8.8.8:53 224.121.168.18.in-addr.arpa udp
US 8.8.8.8:53 93.0.22.104.in-addr.arpa udp
FR 172.217.20.206:443 fundingchoicesmessages.google.com tcp
US 192.0.73.2:443 secure.gravatar.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
GB 18.245.255.11:443 cdn.prod.uidapi.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 104.22.31.209:443 static.smilewanted.com tcp
US 172.64.153.78:443 mp.4dex.io tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
NL 147.75.80.51:443 sync.a-mo.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 104.26.9.169:443 script.4dex.io tcp
IE 34.251.115.174:443 hb.minutemedia-prebid.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
IE 54.72.42.145:443 bcp.crwdcntrl.net tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google udp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 104.26.9.169:443 script.4dex.io tcp
FR 142.250.179.68:443 www.google.com udp
US 104.18.22.145:443 cadmus.script.ac tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
US 104.17.44.93:443 gum.aidemsrv.com tcp
GB 13.224.222.60:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 34.120.135.53:443 oajs.openx.net tcp
US 8.8.8.8:53 51.80.75.147.in-addr.arpa udp
US 8.8.8.8:53 72.57.245.77.in-addr.arpa udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 174.115.251.34.in-addr.arpa udp
US 8.8.8.8:53 145.42.72.54.in-addr.arpa udp
US 8.8.8.8:53 108.60.197.18.in-addr.arpa udp
US 8.8.8.8:53 106.34.241.35.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 145.22.18.104.in-addr.arpa udp
US 34.120.135.53:443 oajs.openx.net udp
US 35.244.159.8:443 u.openx.net tcp
US 172.67.178.44:443 lasso.link tcp
GB 92.123.140.19:443 player.aniview.com udp
NL 77.245.57.72:443 cpm.aserve1.net tcp
FR 178.32.197.52:443 ssbsync-global.smartadserver.com tcp
DK 37.157.2.228:443 cm.adform.net tcp
US 64.227.16.92:443 exchange.kueezrtb.com tcp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 172.111.38.54:443 tracker.open-adsyield.com tcp
IE 34.247.108.243:443 match.prod.bidr.io tcp
US 52.7.6.179:443 sync.srv.stackadapt.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 192.132.33.68:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 142.250.74.226:443 cm.g.doubleclick.net udp
US 35.244.159.8:443 u.openx.net udp
US 35.241.34.106:443 c.4dex.io udp
US 8.8.8.8:53 228.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 92.16.227.64.in-addr.arpa udp
US 8.8.8.8:53 243.108.247.34.in-addr.arpa udp
US 8.8.8.8:53 179.6.7.52.in-addr.arpa udp
US 8.8.8.8:53 255.236.74.64.in-addr.arpa udp
US 34.149.40.38:443 u.4dex.io tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 45.137.176.88:443 sync.adotmob.com tcp
US 54.88.142.103:443 pxl.iqm.com tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
FR 185.235.86.40:443 ag.gbc.criteo.com tcp
FR 185.235.86.130:443 gem.gbc.criteo.com tcp
US 34.149.40.38:443 u.4dex.io tcp
FR 216.58.214.161:443 cdn.ampproject.org udp
GB 95.100.245.168:80 x2.i.lencr.org tcp
GB 23.214.142.107:443 tg1.aniview.com tcp
US 34.149.40.38:443 u.4dex.io udp
US 54.85.55.108:443 api.pbxai.com tcp
US 172.240.45.75:443 track1.aniview.com tcp
DE 57.129.18.121:443 wt.rqtrk.eu tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
US 172.240.45.81:80 go1.aniview.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
NL 35.214.222.169:443 csync.loopme.me tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
IE 34.243.49.39:443 pbs-cs.yellowblue.io tcp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
IE 52.212.55.120:443 ms-cookie-sync.presage.io tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
DE 91.228.74.166:443 cms.quantserve.com tcp
NL 63.215.202.137:443 equativ-match.dotomi.com tcp
US 165.227.81.133:443 sync.kueezrtb.com tcp
NL 145.40.97.77:443 sync.a-mo.net tcp
US 104.19.158.19:443 assets.a-mo.net tcp
FR 217.182.178.233:443 sync.smartadserver.com tcp
US 159.223.126.40:443 sync.illumin.com tcp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 137.202.215.63.in-addr.arpa udp
US 8.8.8.8:53 77.97.40.145.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 233.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 133.81.227.165.in-addr.arpa udp
IE 108.128.33.72:443 ice.360yield.com tcp
US 8.2.110.33:443 us.shb-sync.com tcp
IE 18.200.89.214:443 ads.yieldmo.com tcp
NL 185.89.210.244:443 secure.adnxs.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
US 172.240.45.81:443 go1.aniview.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
US 8.8.8.8:53 ads.yieldmo.com udp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
FR 178.32.197.52:443 ssbsync-global.smartadserver.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
US 52.207.124.73:443 ssp.disqus.com tcp
US 52.207.124.73:443 ssp.disqus.com tcp
US 8.2.110.134:443 cs.krushmedia.com tcp
DE 116.202.167.155:443 inv-nets.admixer.net tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
IE 34.247.108.243:443 match.prod.bidr.io tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 172.240.45.70:443 s2s.aniview.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
GB 95.100.245.39:443 a.teads.tv tcp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 39.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 167.99.22.253:443 exchange.cootlogix.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
FR 142.250.178.138:443 imasdk.googleapis.com tcp
US 208.68.37.219:443 sync.cootlogix.com tcp
FR 142.250.178.138:443 imasdk.googleapis.com udp
US 208.68.37.219:443 sync.cootlogix.com tcp
DE 162.55.233.28:443 sync.richaudience.com tcp
FR 142.250.178.134:443 s0.2mdn.net tcp
GB 18.172.153.58:443 cs-rtb.minutemedia-prebid.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
DE 216.58.206.35:443 csi.gstatic.com udp
US 35.186.253.211:443 rtb.openx.net udp
FR 142.250.178.134:443 s0.2mdn.net udp
FR 172.217.20.202:443 ajax.googleapis.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 104.22.0.93:443 cdn.pbstck.com tcp
GB 54.192.139.162:443 c.amazon-adsystem.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
FR 172.217.20.206:443 fundingchoicesmessages.google.com udp
US 130.211.23.194:443 api.btloader.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
FR 185.235.86.40:443 ag.gbc.criteo.com tcp
FR 185.235.86.130:443 gem.gbc.criteo.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
US 216.239.32.36:443 region1.analytics.google.com udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
FR 164.132.25.185:443 sync.smartadserver.com tcp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
US 34.224.250.73:443 i.liadm.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
FR 178.32.197.52:443 ssbsync-global.smartadserver.com tcp
US 67.202.105.22:443 ssc-cms.33across.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.247.108.243:443 match.prod.bidr.io tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
US 52.7.6.179:443 sync.srv.stackadapt.com tcp
US 172.111.38.54:443 tracker.open-adsyield.com tcp
US 192.132.33.68:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
FR 217.182.178.233:443 sync.smartadserver.com tcp
US 34.96.71.22:443 s.company-target.com tcp
US 64.74.236.255:443 b1sync.zemanta.com tcp
NL 35.214.222.169:443 csync.loopme.me tcp
DE 3.75.62.37:443 ups.analytics.yahoo.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 216.58.214.161:443 cdn.ampproject.org udp
GB 74.125.175.233:443 rr4---sn-aigzrnze.googlevideo.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 34.98.64.218:443 snigel-d.openx.net udp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
GB 2.18.66.177:443 tcp
US 20.189.173.7:443 browser.pipe.aria.microsoft.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
GB 2.18.66.177:443 tcp
GB 2.18.66.177:443 tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
FR 217.182.178.225:443 prg.smartadserver.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 35.241.34.106:443 c.4dex.io udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
NL 185.89.210.244:443 ib.adnxs.com tcp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 172.240.45.73:443 gov.aniview.com tcp
DE 18.199.162.64:443 btlr.sharethrough.com tcp
BE 142.250.110.155:443 bid.g.doubleclick.net tcp
FR 142.250.178.138:443 imasdk.googleapis.com udp
IE 34.241.137.76:443 unified.adsafeprotected.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
US 8.8.8.8:53 cpm.aserve1.net udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 164.132.25.176:443 prg.smartadserver.com tcp
FR 164.132.25.176:443 prg.smartadserver.com tcp
DE 35.158.160.246:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
US 35.241.34.106:443 c.4dex.io udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
FR 216.58.215.34:443 securepubads.g.doubleclick.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
DE 35.158.160.246:443 btlr.sharethrough.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 8.8.8.8:53 20.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 static.adsafeprotected.com udp
GB 18.245.253.100:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 gcdn.2mdn.net udp
IE 108.128.38.203:443 pixel.adsafeprotected.com tcp
IE 108.128.38.203:443 pixel.adsafeprotected.com tcp
FR 216.58.214.174:443 gcdn.2mdn.net tcp
GB 74.125.175.38:443 r1---sn-aigzrnsr.c.2mdn.net tcp
FR 216.58.214.174:443 gcdn.2mdn.net udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 52.20.98.173:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 203.38.128.108.in-addr.arpa udp
US 8.8.8.8:53 38.175.125.74.in-addr.arpa udp
GB 74.125.175.38:443 r1---sn-aigzrnsr.c.2mdn.net udp
US 8.8.8.8:53 173.98.20.52.in-addr.arpa udp
IE 34.241.137.76:443 unified.adsafeprotected.com tcp
FR 142.250.74.226:443 cm.g.doubleclick.net udp
FR 142.250.178.134:443 s0.2mdn.net udp
DE 18.157.230.4:443 tlx.3lift.com tcp
DE 18.157.230.4:443 tlx.3lift.com tcp
IE 52.94.222.140:443 aax-eu.amazon-adsystem.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
DE 216.58.206.35:443 csi.gstatic.com udp
DE 35.158.160.246:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 51.89.9.251:443 onetag-sys.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 164.132.25.176:443 prg.smartadserver.com tcp
FR 164.132.25.176:443 prg.smartadserver.com tcp
US 35.241.34.106:443 c.4dex.io udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 172.240.45.81:443 go1.aniview.com tcp
US 64.227.16.92:443 exchange.kueezrtb.com tcp
DE 35.158.160.246:443 btlr.sharethrough.com tcp
US 35.186.253.211:443 rtb.openx.net udp
NL 185.89.210.20:443 ib.adnxs.com tcp
GB 2.18.109.123:443 z.moatads.com tcp
BE 142.250.110.155:443 bid.g.doubleclick.net udp
US 167.99.22.253:443 exchange.cootlogix.com tcp
IE 52.94.222.140:443 aax-eu.amazon-adsystem.com tcp
FR 142.250.178.138:443 imasdk.googleapis.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
DE 35.158.160.246:443 btlr.sharethrough.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
GB 2.18.66.177:443 tcp
US 152.199.19.161:443 fp-vs.azureedge.net tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 152.199.21.118:443 static-ecst.licdn.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 20.111.38.59:443 3b3b4c6f664b9304bfdf6551c352a8ae.azr.footprintdns.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 adrta.com udp
US 35.241.34.106:443 c.4dex.io udp
US 8.8.8.8:53 ox-rtb-europe-west4.openx.net udp
US 34.98.84.165:443 ox-rtb-europe-west4.openx.net tcp
US 44.216.22.136:443 adrta.com tcp
US 35.241.34.106:443 c.4dex.io tcp
FR 142.250.178.134:443 s0.2mdn.net udp
GB 95.100.245.12:443 stags.bluekai.com tcp
US 8.8.8.8:53 ipds.adrta.com udp
US 3.82.79.213:443 ipds.adrta.com tcp
GB 141.147.81.223:443 mb.moatads.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
GB 88.221.135.33:443 www.bing.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 195.195.62.23.in-addr.arpa udp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 3.218.78.156:443 api.pbxai.com tcp
US 54.70.103.160:443 prod.tahoe-analytics.publishers.advertising.a2z.com tcp
US 54.70.103.160:443 prod.tahoe-analytics.publishers.advertising.a2z.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
DE 51.89.9.251:443 onetag-sys.com udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 35.241.34.106:443 c.4dex.io udp
US 35.241.34.106:443 c.4dex.io udp
US 34.98.84.165:443 ox-rtb-europe-west4.openx.net udp
FR 142.250.178.134:443 s0.2mdn.net udp
NL 185.89.210.20:443 ib.adnxs.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 127.0.0.1:54919 tcp
N/A 127.0.0.1:54925 tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
FR 91.134.110.129:443 prg.smartadserver.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
GB 88.221.135.33:443 www.bing.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 89.149.192.193:443 prg.smartadserver.com tcp
NL 89.149.192.193:443 prg.smartadserver.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 23.53.175.107:443 servedby.flashtalking.com tcp
GB 18.245.143.113:443 ajs-assets.ftstatic.com tcp
IT 18.65.82.42:443 agen-assets.ftstatic.com tcp
IT 18.65.82.42:443 agen-assets.ftstatic.com tcp
IE 54.194.50.108:443 d9.flashtalking.com tcp
IT 108.139.229.102:443 js.ad-score.com tcp
GB 18.165.227.105:443 cdn.flashtalking.com tcp
GB 18.165.227.105:443 cdn.flashtalking.com tcp
GB 18.165.227.105:443 cdn.flashtalking.com tcp
US 8.8.8.8:53 108.50.194.54.in-addr.arpa udp
US 8.8.8.8:53 105.227.165.18.in-addr.arpa udp
US 8.8.8.8:53 102.229.139.108.in-addr.arpa udp
GB 13.43.169.70:443 ad-events.flashtalking.com tcp
GB 95.100.244.38:443 stat.flashtalking.com tcp
GB 95.100.244.38:443 stat.flashtalking.com tcp
US 130.211.115.4:443 data.ad-score.com tcp
GB 95.100.244.38:443 stat.flashtalking.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 35.186.253.211:443 rtb.openx.net udp
US 142.93.118.230:443 exchange.kueezrtb.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.179.68:443 www.google.com udp
NL 77.245.57.72:443 cpm.aserve1.net tcp
NL 89.149.192.193:443 prg.smartadserver.com tcp
NL 89.149.192.193:443 prg.smartadserver.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
GB 2.18.66.177:443 tcp
US 20.140.48.70:443 fp-afd.azureedge.us tcp
AU 20.190.97.11:443 788dad8feb3fbad97a24e71dd42cff20.azr.footprintdns.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 152.199.21.118:443 static-ecst.licdn.com tcp
US 20.189.173.7:443 browser.pipe.aria.microsoft.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 142.93.118.230:443 exchange.kueezrtb.com tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
DE 18.197.60.108:443 btlr.sharethrough.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 89.149.192.193:443 prg.smartadserver.com tcp
NL 89.149.192.193:443 prg.smartadserver.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 3.218.78.156:443 api.pbxai.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
IE 54.239.38.253:443 aax-eu.amazon-adsystem.com tcp
IT 13.35.243.127:443 c.amazon-adsystem.com tcp
US 104.18.43.90:443 cdn.confiant-integrations.net tcp
US 8.8.8.8:53 90.43.18.104.in-addr.arpa udp
CA 185.170.62.74:443 a5052.casalemedia.com tcp
GB 18.245.218.86:443 ts.amazon-adsystem.com tcp
IE 108.128.95.74:443 protected-by.clarium.io tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.178.134:443 s0.2mdn.net udp
IE 54.247.62.190:443 fw.adsafeprotected.com tcp
US 34.205.126.68:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 190.62.247.54.in-addr.arpa udp
IE 3.254.236.147:443 sq-tungsten-ts-eu.amazon-adsystem.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 77.245.57.72:443 cpm.aserve1.net tcp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 95.101.143.219:443 www.bing.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
GB 23.62.195.195:443 cxcs.microsoft.net tcp
GB 88.221.135.33:443 www.bing.com tcp
US 13.107.42.22:443 account.live.com tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp
US 20.42.65.90:443 browser.events.data.microsoft.com tcp
US 52.167.30.171:443 fpt.live.com tcp
GB 95.101.143.219:443 r.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
GB 88.221.135.27:443 th.bing.com tcp
GB 95.101.143.201:443 th.bing.com tcp
GB 95.101.143.201:443 th.bing.com tcp
GB 88.221.135.27:443 th.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9f081a02d8bbd5d800828ed8c769f5d9
SHA1 978d807096b7e7a4962a001b7bba6b2e77ce419a
SHA256 a7645e1b16115e9afec86efa139d35d5fecc6c5c7c59174c9901b4213b1fae0e
SHA512 7f3045f276f5bd8d3c65a23592419c3b98f1311c214c8e54a4dfe09122a08afb08ab7967b49bd413bc748ce6363658640bc87958d5e0a78974680a8f9beadf44

\??\pipe\LOCAL\crashpad_2840_NOJZYWSWPUBYJDPI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3e681bda746d695b173a54033103efa8
SHA1 ae07be487e65914bb068174b99660fb8deb11a1d
SHA256 fee5f7377e5ca213c1d8d7827b788723d0dd2538e7ce3f35581fc613fde834c2
SHA512 0f4381c769d4ae18ff3ac93fd97e8d879043b8ec825611db27f08bd44c08babc1710672c3f93435a61e40db1ccbf5b74c6363aaaf5f4a7fc95a6a7786d1aced8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fc3a96d6fcb4a73d7ddbdf1c0c84643a
SHA1 e67fa482a5f0c26c53152a13a613a47e3e4c5f08
SHA256 7dad1ef17a723cb22a16ff125bfbda2842c7097070d89c0fefc411ad50a807f3
SHA512 dae26f8c21b54be5324a0b94061e9d1a4e2a0c9b1d2e9e5d0f952b5196c024061e9328130ea07fff8060bdaa8999d3251d0bb2aad1f291a6cf44032d126ff2e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 31e1e53e44da23ba0ecfef6a65771bf4
SHA1 e8aac68572a156f533d441aad45a1b6e07a7466f
SHA256 b5de328547863150bf498bd62525965bbb9b97e43a32e7b4c1468248331524f5
SHA512 211405535231f013b36a62f7e550128957dee1a81228629a832f97e6a738679e6fbcaf422b2e38f20792ec015b1c76b4e2a30d77b7b63ef7ecf28fa54941fbb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ebc8f3d2e11431ad7c1cbb4074fcc7e4
SHA1 67460a0d9e6efec071d009592bd15e42296c3e54
SHA256 de829b67d75c0efa51dfcd8d8f2575ef1c11f4f10abc7ace814f6f9ab80dfc07
SHA512 d4099d4f8db89d55ed0e57b506f763cee91588ac4d2a52c9f8356d4226e4c8fd7daa9ab0e0262cb08af88d19b6617f11ac3cb16bc01e02e240b092acde06e8fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2d6cd65002f0097a31d7799339734184
SHA1 974504199464cf1be11d7434023aeff15bfc8cad
SHA256 e715f5e2640fbab91cf7e80ae4ad3a82c8ac173b76281f2a22997bd1ec8d9ce7
SHA512 cb57b859dde57d3b6624fd80d412f9b808c61b5d4f26ff34da8a4709baf61e75d8e62736aa1231b8a54125f88ffb259624ee24f8597f93e4686f760fa91ffd24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 399b87b65a444b1f23fe6f90b75a0cc6
SHA1 ec438907f3cf8323aa4b8bb35f001b0f0ac7aa29
SHA256 8533581e926814b700ccaf4711382a7242136dbdf91f38e4e467cd046f2a74dc
SHA512 3ddff9ecc8cdf578ebb4ca039ff29da888b6e32754abe7d4130d818258ae445f3526273ca1139306a819033cfb775865b0f31ee8b130eb99ce723224fbaff9e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e7b0.TMP

MD5 0a8d96adfe9a2bdbf1bec3048e67c0d5
SHA1 3829f438fdb2436d28342439e8b6a80e72bdf745
SHA256 db40642c7b09111f3007dd3f2267a6801e3d7afb9ee2121a8bf033f8581eab24
SHA512 e285168d04c648b12e94a4cd633c63599b5fd2838b34e1cf2d70cd5a7ef45af6812ff8dc25fddf244e0e21df9dee8dc00603aa5b73d732bc5286d7c253fd79a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 16205a407f53321f19de15c3730aca39
SHA1 b15c8f6b01b3a4b708ee40a277ac3685d3e444f3
SHA256 7a55b583a4bf75bb088beb2e54b6e34df2ed9e2b2e70b18f19c4237876b152db
SHA512 74039e50a86d01367104674d0b8e040decfaad8be588d69407e7f48a6cd0580f68a5970ccb4c6e8bb00ca8b0cb11cf43405502fdb0b0685b3830ed26b3c759cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f6b4.TMP

MD5 e0808e56402fd69d2f9d4296327d9c2c
SHA1 420404122c0cf4729c438dd82ecfd39ea11be61c
SHA256 e03f0d91350a39bdc951087db8100ca2a4b77001a69e616e5be4e6e567e2127d
SHA512 34ec16291e05bb5713d0a8458e179780f83dd642040ba06c7b427c3fc1088455d1da020274f583c13167cb7a90a3f9dfccc7610506da307d4fe7bbf0fb176985

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\de506464-32ff-4f6b-ae09-af1a947543f8\index-dir\the-real-index~RFe57f750.TMP

MD5 98fab20e4b6a77381f299a5bb89dc7a4
SHA1 85ce77a084f92e7034a174c087b7e23db7df0854
SHA256 8b317f04d5020d45cb196290ef8ed7f1f7ab16b5e6b52aefdefad03e499b4343
SHA512 f32ae5b322b9937e69449f5d9015a1755aa8dac4920ee14dbfd025c1f0003b004ab7b3644931f583db4bc121ed890e10a8fdabd1816ed4e58553f54493ebd868

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\de506464-32ff-4f6b-ae09-af1a947543f8\index-dir\the-real-index

MD5 9bf1b7904c77126b752e624d30e707eb
SHA1 71cfa152a8763b59a8d0489248da30fbc5b28ca0
SHA256 9291001c02026e1bd7d7cd1052b711131bb3e82ce0d476a77361bc27899186b4
SHA512 1bcda77d4b4c12cd6c43962628a14a67e9bbc9d6dcbd0b6130fa445bab5597975709dc7121aa27d919eace5a4f63a11a562f19f22c3c419f5dc420541187ad75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\index.txt

MD5 c6cb5055e47f84818c576df2623c038e
SHA1 49aa31c95fa66e40ced82959446a4d58220b0f57
SHA256 0f0fbcb390cf25995cf6d26f9f1ecc073ff8ffc4e57e71e3dffe4d0410d805f8
SHA512 0c9ea8f3735cd927643cc6cd698e57df1264f530b69b6a1d7d1f78686eebed06a422ded75b35123546cb8cf5366e21aee23f125bff881842f3ba3230c8e7844b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\b804b824f2995402ea420d177bb217bb7ec9eb3b\index.txt~RFe57f78f.TMP

MD5 8f54e2974a15a677ea87185e018f9a34
SHA1 9ab6708b6cfe203dcd4c3007af76fa71ad6f44af
SHA256 a8439504beab6681d314adbd5d026cd5351a796f336175897778dd9aef18062e
SHA512 10b2083231d175fa534ef07bf058c68a8c7b64b4863663109a14c9091030d325635b17c26e459106ae263942994167a62b8ac7e05552e9075f91e9e577728dcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 188405cba56d58b202cfec5b05e0dcb9
SHA1 74eb4b007a8b381ba8497b3bf7ca3af8e7d957c8
SHA256 c06859a8c24226134ead9477a3e4181b8004fc398e61746ae49dfbb2c684afec
SHA512 38314cb76e5cf1c00c604f1353dbe5f84d1a803417ca74f49feafdaf7931018ab75da0a2d6748e2e5fb38727c6958b8cbbb83fb543bba07b57cde34af518a619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fba125e638bf32d101de3d4c56426e59
SHA1 063e4e3b8c5c95bdf3f4ddbffac4cac3dd2b1c71
SHA256 3e02f39d85a17f3fd108728a286c30be4eecb017904913e14075e41286ae461a
SHA512 782408ab198298b9a91a4593a6443998737a0c8090034f74d1614f29e30af694451604dbc3922ab0275a7b4492f97c6a052986702c871752abf275ff4aeeda12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2a5a5f21a9b20e4caeed5b8d6ef0c9b1
SHA1 e7a41c95843150edab2ed3279bece0a2d9af3243
SHA256 152d4ff8c19cd89cfe557557ae9475b20f4ebbed7132e1dd728e54f85cba4ba3
SHA512 bfc5bcb5ae98c77e7ed06ac36e1a86ec07f3acc4d74712516fdffbb927b4e7d86ec72e5d1f05aacdfebbef1838829faa710716cddbd165719becea42f399e366

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 ed124bdf39bbd5902bd2529a0a4114ea
SHA1 b7dd9d364099ccd4e09fd45f4180d38df6590524
SHA256 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44
SHA512 c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 60f8cd04587a51e31b51d1570d6f889a
SHA1 88574c41d0ab81721b275252464da5c7927a4835
SHA256 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb
SHA512 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 74e33b4b54f4d1f3da06ab47c5936a13
SHA1 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c
SHA256 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287
SHA512 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 038c1f469deb6932520d09a340856ebc
SHA1 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e
SHA256 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451
SHA512 fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a159512f55eafbd3de61f7eb04f29f13
SHA1 9dc9669a3de705c114e7b8fbe9dac150bff4c54f
SHA256 9e6fffdf342d4651d83161299a19fdb9ce4495e5940a91838c057197ba095b57
SHA512 b38db8fe9da2765919a6840ca1f96245e9e9847e0681addf84040e824e4b860de2f7cd05f9f6bbc25e21c0ec3b154da896c695f7b47e9d184ba9d8ef4b34fddc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a3697642a3446382c39991ebc0ef0dfd
SHA1 0a558b4ef1f1046741cfd6d52e467686330d4e87
SHA256 d229e424988785324dce86ac5187fd900478d03542bdd3afc1a218549627e5bc
SHA512 e13e47a1d7277d9f8900d37a2351755d20c8f09119bea276cdc4d98187bcb1ada2c45ba24259468696fce32a2313bb970c8a973ea3257e6529cdb4ee53da7816

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a5afed178642ccbab03470f434b5be10
SHA1 ee9549f7b79bc05c3422436d09fbb8687cbe2cc8
SHA256 20e9c39405c968a5421735122c30b35cb50ceb6f712cfa8f8e37cf6551f24c20
SHA512 9897bf7d4dd02945629553c268e027f1f4a6088aa788b2d9d51f99fbd15a27194e35aae9a3e56e4ae46265e49ceb99fe2523213b223fd084af1e3b273d4529d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 993635ade85a4fd5bd0ee9e86070c542
SHA1 e32a41067ea5039cd24985de4ceab5cbc2ee109f
SHA256 66e4db62d3205504d855cd66b68253006a8c6055205cf43177ec6c6e68606171
SHA512 f32b48a5492f0a025a9e5734418d53f032e9613b07a94fba8b3fceebb54ab5b545ffc901692a9ff5da04acd3b64366ff7885946526cfebcf656c45c2aebd7469

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7c2d3dcc88dd874aba97ef9f4850e4ff
SHA1 3f1824f1a98613831e95585eae309c4d94786aa0
SHA256 5758294aaf95dec9142dc7ad089651f9581bda25ed23b28b6967c6f5943eef28
SHA512 e40202487ab6e34000bf2c68af201fef343e51c0d2eb2634a1cfca7c2072b5c23a15f06fc8401afde472694d73e84fb2ebab2ddc147f2310877faacc900b2ef1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

MD5 a1afe33ce7442502a96deee597945384
SHA1 fe34cd78635f5617cf238de6dc746058d6f88899
SHA256 f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa
SHA512 f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a8127293de595a972be0b29b794c27f2
SHA1 e2151e1c6de3fc3dfd2131b4f2e4aa623eb8b1e8
SHA256 949e5a2eef13d3e28e391dde727b170234863a6781f74acbc1ee49187282f1de
SHA512 823c8a6cee04b1454f287a8d40f8de4d7f003a7e7621f6c4a4f6f6de7632ce4f252e25ad6293731aa2ca6d6e3ddaf7206ff87831720fc0b726942c1956d18f97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8f4b5cd2ce37ecb9e15481a495ac6aa2
SHA1 a63b005adb7f63ea8a53e992a84b1959b12ed6f7
SHA256 b4dfa84c9f5d8e4e46d1506aeb1a080dd320112c1524f0e3d95b0910cdb1c495
SHA512 45f175531ab1e704685925c2af357791789774c7e0aefe3f293bc42ea6b0785654287362d513a8d45739118c22164ef6fa664702502daa526ea5dba8ab06d3d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

MD5 e4cc1ece2f2425b10ae2ccc212c1dafc
SHA1 92609e6d0093693110baa23758382889bcb30da6
SHA256 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809
SHA512 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

MD5 17ddc750dd57883d3faf7b75cd41c157
SHA1 b0c89f4dec8eb75256ca7168fe102c55b0c0f67a
SHA256 a0afa8178767a4e9906103cd6d9843853ab1654599c840fe8fffcd459d0e52ac
SHA512 94548fc52f8b932a8e2e6b814122a3f4b9081042aadfc534a13afd3090aa9cf5eb1689296c2c3b1d24047d42d205cb8272919681b5c0f00fbea14a58a30f9a9c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 b44ae10069bcc3f69241236bf77cf12a
SHA1 84460f394a5de239b92735cfa2295fa91317c071
SHA256 13a04a3904e9c14f5e191f247ebc229d2af511e3a036b79ce3ea5ba0bac3c84d
SHA512 61588590e2a1022bb8eb4830f8785ecdf9d2a3ae17007f2cf0460f1f46fc08ec579c682c08ff19c45d0caf0099ad520a110e2e1fd783fac4715b1af3b8ebffe0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

MD5 78280e0728c2021056c93954af683365
SHA1 f422d6f6682d904f7905b1cd7308f9f59062db44
SHA256 d5424e6657f959e1c026b7c119249cffedeff2e272912dfd6d0e0f7e04bcbd81
SHA512 aa64da37e187cac342d5c5cdd33d76d2bdf1bfd8cc49257ce1a4c0877a527aedab28ecfa0eaefc5c7f803bf3f51d94544bf8662430be50d2101c32c5d11f4b93

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 4ba86a857f7f8f6cdbba7ec4142795e0
SHA1 d0aa9ec6fab3987d917bf506c2680880f8d195f0
SHA256 f51b70163eda0b588c9c21ab3339cc81ad8d07917b69dfd0e3b5769d4c726026
SHA512 6c6daa54055f147f735aa100ca99df97d63087fe87e53eaca17ff37b404307b5810626914c37a8e643a4f9574d50d8fcfd308b4dea96162d0badc8803ef03d66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 447d1cb54315f8c7a8f8bc5f4a70ed9b
SHA1 854048abb64ebf1deaf7e3886fb1505c4b8e109b
SHA256 4be1d9a5f7ce8035b742bcfd364a554bda2c3b8dfbccafd354819603ab9172e4
SHA512 1b1b623e943bb7f71dc431640f8bb182bf629b9db942e37306ca1d47781c15fc161c805817082bb8810f29b6a8e3bca8675945d4df1695dc619c356edd1a1736

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 960cb6ab2a2bb6312446349a02a9710b
SHA1 173358c73a9eefaf08cb704d65de9e2724376ffb
SHA256 e50eb14a9b5d6d2e114be116b113ff4d83f65e91ee0369d8eec201a013202e53
SHA512 e80a6d36e77fe4d71f73eaa220f3c44a0667202d12bf4f95448ec189fbe63e55d0a49ad156c350a240b7a71b3e7b8e670688284917a8f363c8bcba770c999008

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 c7499ca185afb8a4b149196d729b7d1a
SHA1 515a63fde84030ddad31b84390f9ab655637705a
SHA256 517f12733d8c3f36f4acf51221bba37f77af472a283b7e65e9c6fa6ec8615ead
SHA512 4737416dae70e637999ec218c38d176ce2571cfe892b704bcb3a68cfe4c0a8a2deea50f9e1cfc2f70da05126d748df73747e19d72f983eb335ddd350068e23e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 26de01c292b9e6fd61dc6d172562b773
SHA1 29f6191e8c908c5dea0522f850de37f3429af7d6
SHA256 9e43c2c303496c4a33a90e3c271b58c405b79f11fee2c4d40b80f7f128c4ccc9
SHA512 c9c8b7304f0054289574830b6308452b5cdfabc0ad4205d232e4b9000ac237b422c7489ebb918b5921fa99ab158ae06c9535d84db090f18be5aac0192d0096a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 77ab25c056c0260dce5b931b61b781ee
SHA1 2263c37806629de0cb54f033e3cdffaae50bab4d
SHA256 181417dc5c87fc38b887ef2f3e716da06a7c915c17d6cae8772cc85c4d4b0318
SHA512 0cafd9b63b39888ab7d718480b5c2eec584f56192024100837833a452f44bebbbdf3d51901e12d751e828a144a0f601fd389001891d77e21295ca55376ec861b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 3859fdcc9dfc8ee238149b68a1cb2f98
SHA1 4c78ac8554c35cdd4ec8a0318bde9bba8b670b67
SHA256 9a2ec9b64eee6bfdf104fe6b873c26c8ae22b90c9ef77ce61217030f16d81d31
SHA512 dc15c3e84175327f6e99ac1130927b0cd1f194e4759553151bb54b6f7b3256f35a690f8650a3d0806a34f3b4855b6936c3373180b9f9c838dac8c7fbfe6e681f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 e196281b26bf6eb7b5bb26915f25f74c
SHA1 bae2e3928f507991ab06b2d7c79b7763a3ac4bf8
SHA256 64e3118073fdf08b7c39660d586bae109c6d19e7a4214bd8c9cb6d1080d43230
SHA512 38bfc11d7e488917d4e8ad06a8694369ce33ac2cb078ddd0174b08d04a4fade51c0276dfa2794c0767cf640885944040b331da0a6bfbcfcda0b4cdff9148f15f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 b787bd69348e38aad5a2c0f0c899e1d7
SHA1 bb99c84d3929a939f79ca1caa9a4922ea9367b8b
SHA256 e3957b9ca5ebaa433f3516423ceb881b6828c757a613ff8889f01836adfc33c6
SHA512 d5e26f83e0778a086109794defc26a3f23bcd86427c37e26d7de565d061649d5a7a8cf22c0b7e9120210b78f87fe003bc45a352a2914537776e2a5f2e7f46c8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 d92d00f1c7b41441862fbca0b14bd475
SHA1 179157c5e152a8d3493f825ee92b2a476ccb79fa
SHA256 c695767ac4317044b37bd3b983fd362571589986ed88bb5bf813b143c43708e1
SHA512 c8522f3607feaaed621fe5157fd3f060a98594fdf1739ed367745397c1d0173a72a2ec21b8907eaa24c9c11e1104de6f3cdc50e30586212ff6ba8bbef3c64ed9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 97a3bed6457d042c94c28ed74ec2d887
SHA1 02ce7a6171fb1261fde13a8c7cbb58992e9d5299
SHA256 ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67
SHA512 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 d44b00eaf066eb7050989509fd4e36c7
SHA1 f9c5a6144aefdc63afdadfdfba432a7f2921aa72
SHA256 81d81f58eace71c343daf95f8a2756fa914556bcad33ca241c127c4ae68c215f
SHA512 99f9f4b102f6eb4c6ff8868fc598c536397d247de9764a67548739662ae302ea79cc2f730d63b8ff40c8c285b2c9783bba96e37c72d9922623fae83219d6694d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 afac8e1637ab602a801c85789cf0ad24
SHA1 6924151c1b368d9ad1acf5da0da31a760022dd15
SHA256 db32db9030a0facc7526142d2235640480b349ca6efcf9ffc7da8b6444d6cfbc
SHA512 88fff0287e47ecc520d567cc0e9833af9136d729c8bf587971dacdfedbca92e047ca0c9b10b9258670966c2996b266db8cc779ba4037bf04d3c276577ee7944e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 79cf44db94eb465700d65a45a527b379
SHA1 a9ea6a3d2b3a3a61bf80caa643b077dc7fc10787
SHA256 78996e6ffff1656b85b4b50393b4a9f1133550694f87e66f9c2b937bc7dd2c4e
SHA512 7a2edf730c401e21b69b86528489adf587f4b830ceba0af2834bc7c69937e754c0a3e18ee9a174910391846a94394fc87bf927fb101fe899275bf072c804a519

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 08b717a1f454c847ff7202cd594d7cdc
SHA1 b225b755063859473cf98bc8c9f7f34ce2d815c4
SHA256 a2d2e6f31ac66411cd2a7eb453e7647f8e58866053943e811a54de41f3c32917
SHA512 815a91a012666acbaed35a048f319b972351ea585181bcf568682da06f6d02d5065eb7e26796d144b16df1ea83a20e177ec67f3e8159ed5aaa0088c23dffedd7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt

MD5 fb5cddbe143e3a64d965d2cdffe4786b
SHA1 f2ca924f258b232f8d76e815e01bc0bd4f6ecf9d
SHA256 c110fb8c08ead1ea6831bfb514d43a7386f24b37608a4b787f97300da423235e
SHA512 69eb69afc3d1fec34112324d6cdb6ea2423a7c290145bdc92e4a1afeafd6f36471afb7fcb34a92161ffaac419e56c22b7ea2e740007304c79c399175ab4a9665

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt~RFe5900f0.TMP

MD5 04481898326f43e446251e78a9dcf5ce
SHA1 1e97c4fafe677b0f2528c38ad4d600527b4b0165
SHA256 08db6045f01407a244176761c5a9d344ec3a49a0d50dfea31ca3f00670f2a6b8
SHA512 14c610c444d39eaf5ffae3ed456417728590505b02ac3c7de0be0c3294e22809a9d508b56d9c3af1459659bfb7a798b75ca8c8af8a70b53578612e5555ed4ceb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 16d354546d6658f2029a370d26690267
SHA1 973eae7990d3e90ca1553b5bcd3f080ff2b08c54
SHA256 636a05d161369f8dc421247421209ba05ecb64d157663bdd546553fd10688bbf
SHA512 8f2f6379c19bac75e09af912d001a748941ecc447d6ec1e400a99c65b52c42c4bb8a07a52c83848c3b1b81da7a877e2a77da8188882ac36a2c28c4dedb606592

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6ebfd5832dbd1230ac06d2a21797b374
SHA1 fc321115fc1bab94685fe5bb08d8cd88a884b6c2
SHA256 0e8bd792d30bb7fdcb606d771238cf6383350d23066dbecd8fbafc133203aca1
SHA512 0f12b83f7372df3ff6f62ffa8680f205cbcc4dc0716b2dd34e8a3420b2ef2031ae59c52614fc0bd27ccac441befcc372068b445e527a2ad63f6d90a6d9aea0d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d22742071da52e1689f52b75ace8131c
SHA1 fa64906d3229817729bcf16589f251edb283b4c4
SHA256 90eb3a4a5cdc0da284297c00518f5076d42308647f20058a6b0c280b9bedbe18
SHA512 dcf84237f979de4a54c69cda6db00397722b3b86e2472ffdd6af735ecba2c4eedcc027dc16e776474c012692dbec4e14ce73deee02dff50b9859793b53ce406d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 30a32cc156b709b2d66484758f24bb47
SHA1 f1b46795ca417e9846549c391df5d56c60d0ada4
SHA256 dd689e1aa188129b08b6b766b68a2b5820b972f10d14624d55146457a9ecd070
SHA512 a2add4a11c30dc5df4ce2549a5b4e2fb4920da246780833df358169fbf171694d79f019b37c2c7755a961eaa56e3a503dc0b6ab9cfbf48494bdb886727203c9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\e4692297-6f0f-40c5-9b95-44beebc8d1e1\index-dir\the-real-index

MD5 320550d87ed1cd2720b938cffc25eff2
SHA1 5aa43d27e6b47a0cf2396ddea1689cf35ef929d2
SHA256 28a7e215f3eb954dac03a9e27025a15efa6f9a5c05ea97c6a1b4e9a9d8ea777c
SHA512 fa9ba666e376c35bbdb0b6542aa4b8567872b9bfd8acf9630c27199cb759c6874d1f363eb3a7375a7a4ac91154984294861e2445eccc5d1b22efe5156d4df9af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\e4692297-6f0f-40c5-9b95-44beebc8d1e1\index-dir\the-real-index~RFe594f20.TMP

MD5 c6ebb07cc9721fb7efd73b7576f6ccee
SHA1 d0d4ab5f7685ddc0b7f317b44fc86332efc5a4ca
SHA256 a52bbd2d357be088cc26fb2ed73b91cf31849df646ab78bc0a118316c934d363
SHA512 72f330b177352642e7284b1644a1a2a920faeb2dd2c056afd4758ce4387d9a59a8e00fddf6763e68989cb26d60e60e1ed24d390619f4bf7926d8c908f617d013

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 109e35e9a60ede2a401a142e79cfa602
SHA1 7910aa40e46fdb06e8a1849a77430d8fde49fc79
SHA256 45214e87273846ab2444ee1e1a1ff0a00b5f2964f4de48598ffcdeb91ce0c186
SHA512 76621f15b14df6d5251d80d1521d9c4a79123c56beba65b625cec5234e799970818fc858350e96254427eadfeb227d2c245eab6c635a6a39f8d04aa2722f03ff

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 0b2c71afb16fa032d9e49fb46e630027
SHA1 862dd238aaf501a644f4b636c28f109447a0b128
SHA256 4ed7b3579c475e01e6206e1495bf47778f4a2c538b8c220e9308d52bcad3e7ca
SHA512 9de547db2888ec5ef9e4845c036afde20d1202e8ea61928aca105cc8cbd10fb903f1ac9ac08236634c9ae52cd1f8f42fbbbba8f5690a052b2a4b74e5590aa8a6

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 72b4f0d5f3ade430bb94a348a8be4d31
SHA1 764364077f2fc7af3688ea94a3a99b0851a1c0fb
SHA256 1b5186eb83dc85bce9c24f9646f925905dab9d428a96733404a580754fb7a0bc
SHA512 388c84f6425a2d0dc9a1bb69a0c1ca1e5c2d0d1cdae2f58673344ff84051fc654bfdeed3e0e54522a9c4608464a3dfaa91615b60aa0921c7f7a92cd3f5b2dd88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\4b204668-7d75-423f-ab33-d06cbc40d905\index-dir\the-real-index~RFe596cd9.TMP

MD5 b33fb981de62a661422e797ad4b86ca7
SHA1 59b6691e10ca9a90f7c3ce254be82b2f931b4a6b
SHA256 f56c9f7bf7b2222666832f375f4a8249ef9caaca5d6256dcd3558aeb2c8b544d
SHA512 edfc5174e6eb0a9b8bb674ddef64af13e21384f3120276244f0d6fbda9153d565221fa4c43ec83b5f3a79d40caced5cf5e762c26dbf7290317138bdf3148bf48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\4b204668-7d75-423f-ab33-d06cbc40d905\index-dir\the-real-index

MD5 8785aae340e7192db36c091a37998032
SHA1 50b5ab0cdbea1f5c73ef49b2425c06d6c17d1d65
SHA256 effb67bb7aadf3b480b667caf9ee909eb522fcfc7af53588abf665a016c276c1
SHA512 6e8683190476e16dcbb4b8a79dd3b438b8383351280f969bc1969ef651836eeb2705ba966890b9164139bf992a0ed9ecec731460489fde1acb3c81e1fd7fd533

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\a0a74304db73132d4bc12ef9404aa74f9fdeda56\index.txt

MD5 e47677569cdad43b8a0802cac40774bb
SHA1 ece208c6fe59035bc138298e0fd6525448e5c083
SHA256 d5407c81df9122c54db1601502a5b76da7dfe090f6a0364b70b387e5fba43797
SHA512 8ff6983482c78173bcedbe085a5b2f08e017e14918b70cb7a075cdea31b272899d0d343819768ff72a77b6f29b5232276a9e6b5219decf6a8027688139a3e68e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 0d2283b0df70bc0217118f5c6d1fd836
SHA1 0aaa2e0daa0f0671fbf7817e222fcd777be523d0
SHA256 fb02c03e84b9a15ea357644f15643bc90eb9c6ef6532e1c82ecd052df34c2abb
SHA512 16071fce7468cc47fd7a57dc6913cbf41e142fd16b3f145dc30b13fb4a84a05fa3211d3b435ace7378c76682a1afc49e45d180eb88f6d32b0deaa2266196b2f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087

MD5 1247620ae04ed8ed079747ef67573169
SHA1 948187573e89a7dc288a89c80051082592868b50
SHA256 78fe5f98387be39c3a985add082c97f1b2fbe600ab81a689a59dc64341aa1829
SHA512 f0a02137cbdbf7b9da9b8d35aba56376c034dca3e2ae73faa12cd9b8706b8210cd75e86f4f2684b99a4cd47cc0a111cfb44c3498b6709e0887f727671db983fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d6ebbb1b0ed9768421581444b6b61ca8
SHA1 d15e5c5960b33f356f91253e2f1f8695a9a9e409
SHA256 7264c3ad97972282fae58dccf65ff9dd263a0745bbc7d2f01fda5996c07fafe4
SHA512 eac57634750dcb6152adb34202daefd53b4561b8fdc3f96a6fb26d89e234014d065a85dcd1ba5d5d1591205702165659c9ef8a88ca2055ff794d95a72655d387

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 3bd3b1d78a572438ad3ab6f613b4ef59
SHA1 7feeb46a8ee268943169e98fc35be9b8d3f1cefa
SHA256 27d0164cfdc283c94c9d0e3c8dee3ce99f58058a391fdd4f5d33184b5eb5be20
SHA512 0b1bf451b1cef6852a03658e4e2220ce0249818d0aa40b1b6e2b8d012ac93d5ad48d4e57a3bba016589aee0e4d9734366a14f798b26b128e37631d6fbb2577c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 79ef5a9d3a74a8de855e7c3baba7da13
SHA1 6545b2e4843dfdefd5d3ba57b7318bf427a93a86
SHA256 1896cde1c1034dea296064b0e435fb4e3c9490ca64352145c6cd1f90c37c545b
SHA512 21513d4da263b4d7ec8df975651eae88f8fc70ba4a27aa857e40aef9ab80769551e1e69c9bdc459900cf9d3f65973a6ff756617e24af942fdf8aa99b96838187

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0

MD5 ee6b108927b9f12e8f566407e86ae0b2
SHA1 531439e0f62bedf6ab40180622b85068b8a83ddb
SHA256 3ee6121c6efad902cbfa470aa62d1ceb21c008dcd27a4b4ca9efabdf9f7fc593
SHA512 06fcdbcb1d956a1bad813bc827fc1cce99402163d0625466e61768c6fa731233c38a5bdee4cba3ff6f168c9f3ba6a3a79a6920fcccbbf859ab77bb30d33aa4d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d0c71056e9e3544f_0

MD5 bba01420abafaa40a7ea4bf6bb58dcbf
SHA1 f7858d1c8f9ceb3959e8e5665e776d6ab2dd0b89
SHA256 16524e1d6883bbb071e888a2930abe228ebca59d7cef6662a462bf8160a2f0bb
SHA512 5188b64dd93bcfd4ef1c24f32a74a33f95c24b66a1e736bd31e527356a48733282dddbfcac532d351f0f50aa1ac2767b49cb2adccfd413c5afd94fd5dd46913b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5

MD5 9708e5224c10eb91f435950128a72070
SHA1 cc66f87dad487f1db80dc78942a7016d26725ae9
SHA256 834c60d1648bb2b2c84ab278eb0690ffdbd6f9dfa393d561eb38aa026dbdef8d
SHA512 8a7a126e028f6def7f03d4fc69831c2bccabebc48b7d97b816eb263a817934b8db1beb9baf1763ec7421640ef594e0a7fb65ef21cbfdadd90c3c88332f4022c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f99788edd93f3c7db3deba96d79967f7
SHA1 988ebac9e6453a67b2077cd21d7e7708a200a01a
SHA256 9d68364981aed123c255d938f277aed8b7d25ad0026a2e9da2beda8861da7c55
SHA512 908a67ef43e87e3e7585e35e7d3478acc44847875090c2a8a88de7d92fa321d3eb67347b9235f81c29a903de3fa7305cd97fd54d135129aa85c5f3fa0860ce84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 52523de0b6a2d43ec0b851021e4172da
SHA1 09b5feb3a2fc3ff6d3bb7d963583031618989dd4
SHA256 a7c076ff68b48bbf69f7bf2c725d0d2f936df9ebe06dfb60ab39f30270b74b09
SHA512 6f38bb9679e79e48c801df4a958726536b684b1623c194c27d9400c297e7b66d51bc2db07108a0d9ab4d51422197eefaca60b3fddf928d5efaa255fa0a6f72e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ae

MD5 a4da976dde535a4f11ff4c9d57a8a56c
SHA1 fc4c29049db6d81135507dc3736cb638340f55aa
SHA256 6b85680498d0061e6b748f0fd9c904c74eb9f265f7d6ff6b33a37a0656164bf9
SHA512 e3db7eb080a2c927ec3a223d16d818cc76f9da51525a91b8eb3cc9e15106e2939ef6d550121b8cdf76d38c001971662d833d70a269ccf35d36278d25cf42aa18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ac

MD5 c0b6bb8bf06770448a0226486a3fa5c5
SHA1 11324fc181adb507aae8bd8f06018dd0980f4cf2
SHA256 51b8e76e663104d57b8772579bdd2803c2f0d92e9420f576729e0147d383530b
SHA512 4e47255d0cc444f87e367f61a245d83aacb82a911ca0045a25e3aa4ce9bd9c000a4e0d80092b57662cd3c054c3677c0848b5c23afb466ca9b70357ed27b7a097

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0

MD5 59780de1d6e52e643800bda1bcde8712
SHA1 650a3d9c00306d8cd7a857b1404d5f446e68fbe6
SHA256 5f7fb647c535a9c4052079691c03c1d0455823fe939453939f90a5a50e801110
SHA512 11b28dea0282b5cd28b318bde9166f6222bd2f1b2908218a7dc9ce9d52aaac8f29e1f3d771f285bded9e1d052ce42b2de0ef07f30104c434192f0377a317560f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b48f3c240c7b8844_0

MD5 1c7abaffc2abecbe0804eb3472d1c16c
SHA1 4f5c46954b48ea584d9287d806a1b0193e9c3109
SHA256 ce0443ed202a84de28dc6f16f99c8cb3a4f200f681c0165ad0e652a4325ffc59
SHA512 0392f1c42d75899f9892d28874afe6e59e14558fb85984cb6ad5fa5f6a9f5414f009aaf55d418a29922e979241046445231fb66b03c8c0da015ecfbca00e18d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e98c4c1271cf5686_0

MD5 225f187ab6cab14b1f4557bf4bbbca76
SHA1 397bf3db6438bbcda4b80e3785dc46b2179fbd14
SHA256 43dd533ec66d12a208a75f8a6d9440bd8ffe03656fc2629a0731a2b9326cb9e8
SHA512 6f5275b47ec733b130d053e460856b5b3b13fe30767948638b646b1fe20e68c097312e0f8d953aeb363e7e15bcfa8a5d5254b6d0b4a6df93381eb272fb6d2ac5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e98c4c1271cf5686_0

MD5 ee3f50b11ee451cd54dad87218dc8be0
SHA1 e1e85b9ad22f97922f0d9f03d0aa923e51dda261
SHA256 f1a75f00e3764270305eb4ff6416ea5880a6926e83179156445fe290267ebe2d
SHA512 ebdd6ed214fc05ff7825a088395095b9be37cf0c1568a4ae8660b7507455a32d5811bfb9dca6260f9823b75fc5204eb7919b86bedf6e6abbf0f401cda034ab8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c2880427b60e5e7134abb914ab4bc88c
SHA1 e7429a549fa88fbe96f254d96c56b04a2a3358d3
SHA256 4b8d1658a95e12187de0187527953d6cdb354513f48aea9de0cc63d4a4caa65c
SHA512 aa31ea72bb565bca7d0ee1961894cb46e6ce7e8029f364119365f59159af08c1b04c6f5305a9b911d41aea4acad95084acd392bff65c0544e144e3d25510cc6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e

MD5 89a574ff00e6b0ec61d995d059ce6e65
SHA1 aea09e96808ab77165ffa712eaa58b8f056d0bb6
SHA256 e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44
SHA512 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a1

MD5 c55dbb2a5e2048f8ac7b88cafbe13ab6
SHA1 6629572a0fd059184b4e5c57687fa414fa7283d3
SHA256 a82abfaf7dd683f673153324de1295a2a952e5b40fbbc581b5fc39603883f5cb
SHA512 61336d53f5f14636ad0552e92bafec6ab262faea08d28143dbe6f631bd6be86ed1b6b2dd5a2127cde53a1405ee4bc8384c3327521571917dc22c7fd553f108aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a8

MD5 ce6feb6f6085205b7369a1c1e3c9e2a1
SHA1 5e6120b24f2666a6d5e5314fc37af671670f9a7d
SHA256 e12cf9c81f908205383a0c0b733470a2b72cf6c67bf9ecf8eaafc28cea72f26d
SHA512 ccefb248bcd778504a6e02a4adbc5caeb995b0eb2d5b5502110db5f2ef765c2065805f7b01d303bb7d30ee5ceae915c8b4dbfe943af018fcdf501b9ad8876d71

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29d6898ea9d03b46_0

MD5 af50c57fde61397803922c4cb60000c7
SHA1 f183b1b75c530ff67300cb3205baa5c43f3908e5
SHA256 3eb1eaac35752d86e464ec6c512ee9e363ae853bc124530742c7393e02b77964
SHA512 9c5d1755e67436123a656ef40dc718c69fe95f3b5ae8be97ce1474de0a5e6a5caf96cbd2c21038f57b989f779a962ac51b8531ef5da89cd07848e840335f5015

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\79f72482b4142266_0

MD5 b2311cf6b7f5b457e9f4fa53374b9cec
SHA1 f978ca3d3db479abd54298770886e998ef00a869
SHA256 eac278cd9dae0205f024d2d6fb7b2504e20a4fafbe808a9cbb5679902ba1755e
SHA512 728cba7391034d3fe0e7931bef84d74e84d7f63112f83eb728e4b0e5300792e8c509e0778d431276731e6f1e0977e6eb845f0c6e8d19fc6de58017f6e316db60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffb6c7a2e61c0c63_0

MD5 bf06777b9960d6cfc138f1d555869553
SHA1 26f9d0bdf8695e07dc3eb0c005df1767123f0ca1
SHA256 f0df261b7eed285e7eb1fa04412f0832b4e14f0e343a70b5181bb6dd982fa8b4
SHA512 87f87c7fa65517476463da21889d2c5c8599e3ff4d4324556f4ac83adff973b135d91e7213bb81e01b5befd8ac5ab7da536845d591fd4fb38e03e07aef8e6a94

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8f4762cac3f4ee4a_0

MD5 8b95867661af113592863b6397981a1e
SHA1 6d4b4766d1cda76c336bf35da0ecdea0c204bc2a
SHA256 ea7e35a2551ca324de0cc07f656b1cad3a2f878e18f51f54d8b2f58d86398111
SHA512 f15ee75439af965559dfc08ec594e5c001770691c3769cd36b8a7d04cf9aa68f256ec054d5c082ad908fa7ae21eee67fe92827f43d76756cec28134321a4618a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f0a349138656c356_0

MD5 b32eb235cccab91e1b795cd133af9e96
SHA1 a6a7267e4be7a0eb093a12586d4243b1d996e973
SHA256 c34a9379b8383f40dd00712fc71e08bf72771eafb85dfe5bbabdc126420f754f
SHA512 12bb9c46ce9ff7d9f945691bafb5792174d8775119b9377d2b5d2e26d4bc399b583025928ee1a501eca704e637ffc4d70ae791b3f83f8121a468704c6e117525

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a76e3b92146dbf4c_0

MD5 3088919a7d54dad8142c1b61cb80ff55
SHA1 ce6afb9c09f61723497d12a2df28baaff4ca4194
SHA256 6007ef899b6b877babde164e3dbb79f40ff5786c755cd95330d90449706b0bec
SHA512 cb3e0b46f23953441eeb9a33564e3dbf44fe8d9deaf5d18a230da4920183b23a6f32e2743415bbc6e4d1e6ad5fd72d52b6d598c699d95c5966a2a302ecd1252b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\88f205107c3af64a_0

MD5 10001e72e220fab6656435d5f89f2143
SHA1 43a7c73e202ae10f46bf5541a7407fd6b1ea938f
SHA256 76e177bcabc33ed32726351a67cf4a4266b3d9521862c19464c4b92a4239fcf6
SHA512 905bb285b5e3e71248a6eaa6446fb8c0a845d023e546460eecb5c144ddf96fc57c4c74dd49805a681f2bd99a8bd27dbceeb23cc907d7e23e798c1fec99ce78cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ad

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0165d9644855f8db8bc773d9a7103086
SHA1 67df4eb05ce6394b21e791ad4cf7144501a5fb0f
SHA256 eddb3e4a7544d900730e6919f461e1651b345e05a83534585c477543a48c006b
SHA512 b36a314223f0b18370ae800c0ef1d50035647951f0836a543df396f0d02bf5344fdb59337a6b0a9ddeebeaaa96eb2dfc9cce8638af980cc4a0996f186b22095f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8f048b74858d0bbb6011b318276ffe46
SHA1 13a97c67748d784b91431b0b3cfc9eba086ff1fe
SHA256 493c1123bca923a08555e91942c76f033be234a18728a8c8b6819c8b8e56adad
SHA512 e6a07e1623716ec9e6e0f6d0d068bc40ace7b57c10a826e09f30d6d03012bc0f4751399e37fdba6142126e357858bed81ac7f627d036b0abb1622f84e097cd84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9

MD5 deb04fe2a35d2981313f891baaa32654
SHA1 69e5aaef4a2f447878824d905832a08a9c596d83
SHA256 93dedb17602e315ba495c99be747f3d5717b4f49306c55326f4570b43c9bc1c8
SHA512 8c32d572a8f108079263b9ab5230467b454518b60932db7a2cc855a350130d93db5b8f2cc5c82a9b3011e572d80d67e23c777145fd45e6467b0b2caafe92378a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 41a8c80489065e661537f29ee3fc69ea
SHA1 fab9a64efe22256cf7c84d30e6dc6cacd3fd22cc
SHA256 023ff0c0f5cd14e2f2616c37ea5bb7d35525e8572eefdf8caa3ede8253974c41
SHA512 3dc1112bb9b68328840b19bb3c5880f718142fcf9b6ae528b2eef302a5edf004a0129ed7738697786e8abcf81160dd209c1e1c8e501bbbf10c07fa4fa3ddbc05

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 279b73a61d20f394268ab2f7bef29d0a
SHA1 341251370fe6d6b08a874912dc03946e20dddc40
SHA256 aaea4fef16bbdc8374388eafdb1abd76889330c71b5d2cbf6f2151c614e6b603
SHA512 e73685085537354bb04fab3cbeb62de334eb7b89a4e736fa85eeb2493d3000b25759897e4d8f7376d8cf978d73e7c52fb754413cc73807520c5d8ea98de0e6ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 03f9e82cae08b467360f6c864c90b890
SHA1 e9f39d7a633bc6291a87057105c543ee5688cf4a
SHA256 4c249802a91dcba3bfefe0977bd0061c1907d917980f4e3f128f14205ea83fea
SHA512 a81e1cf27174be080b1e2df40d0ed685c185fe3d08746a4d8a5a211aa055b9b0cb93bde26429a3c6a639f47073ac016599bd96eadda36d9e10d47671f85f9d4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 009fac9a770f182ca8cb8d87f8b1ceef
SHA1 820e2c292fce3fea0b98d6e5b788ad0f3ce15b06
SHA256 a7f68dbe54357766d7703c4343b407ef910be062e9d9686cb85d10ae0f1cf644
SHA512 256c70cf68fd75c07274f6221f59b4eea359f5738142ec44605d1b8e7dcf74b8b85e5b54987789ae9de7f43edd78e29af3d3206a75c2a898374dc777f1f623ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9b37f8b31c84a60d0dc25ba84945fb03
SHA1 d465d622254304709016edf4591881b6513f9d66
SHA256 15bb7d7d309806d92c7ba1a8adeae03e11af06f68259cf7044936a3e41e78c4e
SHA512 3c27630c7112359415bc0dc4748ac119b8615f113269c4984ad46116cfa94b0385d02c4b7cabbe2a12a3757fdf5f9e0991dcf9e6fcc4bd36bae60f36e6c0e6a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3ba37ecf333a81c9981940f63a3dde84
SHA1 b2edcd5f8815dc5baa983b90db154e0f2d469a5d
SHA256 883e2453b8dd91ab29c6bedcb0cb9d616ef1bd3b8bb13282eaaf53b8231eefcc
SHA512 32bb701b9c9d38fbe931acccc5af028e86dfa8bacc822359f96caf48bd3106c5ff921bd7eda3de93f36a45601e88f008d06a2019b08dd38010cbbe5f59074958

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d4f61781dc6873eddac01aef70532ae7
SHA1 f3813e5d26df703ed758bd07e4ef5117c7aa8e68
SHA256 0a440d127f26c9ee4dee6099bd87e7f82bcd648a1040d198234b50a760ceb722
SHA512 e0f823e3d857692a8f3067cb7430ae202867c69471e1a39d9c1819b97d58d11c11edc1183a87cab3cd4bfe3f82e86c800790fdb8f3a176bd006fa02dc3499492

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d19f94b69af8bb65280d9bba62b36724
SHA1 34d1dcf9d0bbc274fc62f72d9cba9374826e3bfa
SHA256 d4e11c6cfab02d263ff8d277bc8a045ba1d128efd826f6aa37abf344765ee707
SHA512 d67f57750f4d2515a1c9118c963b41b41b05e642b93f8d3c8cca42800db26e6746a33c6aca6cdb69375a4dd60ec326928d674a01a4ea30d9c1b4a739bf606b9e

memory/2340-3110-0x00000139E9680000-0x00000139E96A2000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_wuzrp5ev.chs.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/2340-3111-0x00000139E9A90000-0x00000139E9AD6000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d8e781424a372be0e72eef00d132974e
SHA1 e02b9d7453a5408c02bc9d6ef0aa95d9376adf71
SHA256 3d4ad09554b154030771dca02d3ed72680ee96da502cade6a49eb21d8f559c9a
SHA512 99b5232a0eb6d234e2f0b98732229191638b3dae5c392489a5aeecf3f603cec4ec0c53cb8da46baef65bd0b86170a222050cb818d1bb74fcfdb6f3c9acb421da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b7

MD5 4e86b949f3f0620c7ee37d3558821a23
SHA1 e65d2070bea4500329eee720e68c36eb9b6baace
SHA256 f293211312c2050f102154147d47bec093df2969fd69d3e15f2a1b3ec77379b3
SHA512 8c67ce92b918077681563898d2851853c52683919329d2d83fbece90a7783b334b4db867c117d469bff7d1436fd2fb19f376c5492e159855e1649b7dc436a10e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8

MD5 49295de6ccd23cf80b6418a2d209868f
SHA1 42a955b4560bb22cb9b5b39577f7a691ea345018
SHA256 d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
SHA512 2954ab185fd84a08933bb6e79d91e301021fce4e632b477e765c172cacf72913561e101ed2f7e66bfbdc5946b35f2b63eb2b6f878e0afc9d26ffe71ee112a1c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\13025bdf-f0fa-4582-a5a5-9ea9bb4b8163.tmp

MD5 b7d115ddb2ced37e0467568228414d77
SHA1 85ba1b066adf5e7ae52169ab46b59eddf08b38b1
SHA256 69020d4084720390bee1f4db48753192cf6d44a71f26b402f97c5a8ce624a0ff
SHA512 c239eec6936dbf00e3a0894209207b62d851fc482b14465e39ce8966c9b9f66576ae97263bfd8b31ee3114ce907d32465c69ccdc6cfe6b578257c087d568aa3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ae8350944f279382215df1226a9431e0
SHA1 8fff68532290052f951da3df3658accfa23d462a
SHA256 64dcfcdd636af4a2585a69294e075902c0b0f188980b765561517a251baa8b3a
SHA512 cce39224f51a86c664c63fe59f1cbe29fa5061cb47a02797720a45163c1c2b33900e45a729d48c5486e8a40c27fff0bb4c7d3795574cf9220230dcf51d58952a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_helpdeskgeek.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms

MD5 a8a9d41573027eb9df755078fed26e9a
SHA1 10343d11c1aaed5ddc48217aab87e436927a2152
SHA256 0a3582ea9cfd39a81a8ef8f99e0091bc5162b3cfbfca8665ac51c47d7a89270d
SHA512 cc80922c06aaf25330e65790059e29bcb35c6f9e88a34313a46804fd0b151b9c02d08eea4a5959f827f432409a63c4f7b339424f5ec91f36abda745530a6509e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7b750bb41971fb042ca9317d334d2cf5
SHA1 5f1400ef56147e55596eea632be6d5c4c7a9e713
SHA256 e5863b9b71091f57b0fe1593967c21a2f99cd8f961170bf2b5766f70b98732ce
SHA512 2882eeed798e3d00d70aa76db2d4d9bcda2079420f1770827ce4cb3064c497c94265a56cb21282a033b2f580e27e2273ee5c10fdcecef29394f2b917cc578f26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b1d4c1e06173842b93de073cbc69474a
SHA1 05ae2647e81a687b325a38a369e3d7166efae202
SHA256 ab86bf14aa2ff83e4c86c08d23c0a3731e985e8da945a5611061e963329eebf3
SHA512 2cf22ea32fb8c12592730035ea73312b667af7dcc7a038fa2c3f1d68af55c6322c33c4a566267a4d1a33a2756b502f3abba43a0871ecef9f72270b84961bb79c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\12f42c4b-6699-4fc9-98b0-dd1a57542175.tmp

MD5 c322523b8f8e67ddb0aac7c15fc45fd8
SHA1 7412bbc9aa44ddf8bd851cbb4dd436dd85752ea5
SHA256 6b08eaab041fa8ff2f8ac6737ffe1a891671a50247af2a980f40b7b20a468c69
SHA512 8f7cc868a082058a5a17bb74499122d6eea30fe1459da1385c7bad12f093eab8e3596db8b8f6a00249a11ded0136325e9c55a36ca195fbbc2d45fb63e75bf4aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9e36b6fd2a653fd6_0

MD5 fe345615596f17e533b56e7fc18750bd
SHA1 96be0314baa2360910a81979e0c9c02a7b8021f9
SHA256 171563e8d47a66da60b7cb4ce50fc63b2b5684d05f2585f9d029ef020e30b700
SHA512 2d696b1af953a6426fcd6a86e29c9dd57daf151f37bfa522b043c1749508ce5c5e89d496357fd32fc5cde6ca434b4d9e2f21bb1d2e6acbe72148d5b7831142e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e0

MD5 fa049f5c487f9b3f75ca3f075f6847df
SHA1 9ebde1123c1f8b77720a8ccfac8e0eba54cd86f7
SHA256 cb7fb57be0ca5afa3e1f2f1d70c8f97f11d41ce9230989014204356c588651f2
SHA512 99bbab4894047ec503ab2600ca6907bf8245a72a0981e6dcd05ef016cb40fc553a7a49effca7a42c41a9675d4c6f7aa19d1d2b8267beeb8d57cb23e7f12512b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b92fd206140c9b8b19a6561e79816ab2
SHA1 3089ecb8874eca50654e0e4249be29e65b4332c1
SHA256 a1f7f6f3773742eeefd432748f50d38d5f4fa2ef299400b8b0d48c8a3e07cb5e
SHA512 b85ed580db7e8ff0c09ddcb4c1e2f0768d7a02465266b41551cca3c78d0cd2b194953101948ead2dcb3def7d5a487a8dd992f4bf067c4ffe6d03d18746a341f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8eac0a05406cbf0ff079438ef081bd53
SHA1 fe89a9d507ebfa3e35e25518dd00258ac756fff7
SHA256 7ec0e16cd468131a19cb87080cbb92d5fa5a0d25f6c09f2a2c84ba8fa63c548b
SHA512 4996779f2d88716d2035b6cefee92ab91446ccd5dabf14040393398ae4ecb884d3e74a7a31427c9a215bed2dda2fc6bbc801b51748ea0a9206a966250c4f8926

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d0c71056e9e3544f_0

MD5 dd10e921f754e8620c812e90f542e1ae
SHA1 90dcf854518dc279c673efd1612a97bb3a87dfcb
SHA256 87f6ce352425673de51560425099f6fc620d4da67e29a58a55b915611ef1fb5f
SHA512 8b605aee6a6e7e02ecbedb2bdc3cd537462e871c5de058f3208d69a98781b48305c9ad71a42374de3dd951f5a27bbf5487f58e331168096ea1fbaefa1c47859c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7a577eae2ac64f3ad1ad914c37f256e7
SHA1 ed653d4d5c43813891f198d47a49e52d43b42143
SHA256 fb456f04440d06ac6531d32c9a5261630d3aa0544b4ffdf8055cdf81df9f959f
SHA512 97f9cd1caab789c291d53f7d85e4e0e94688950332c3fa8aa1098980eaf347692b7c4f9eed0341e5d090ff06e737042fdad53afb45be9f214a475bae201eeffe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 85d57fef2408ec0d97f01c5059a6925f
SHA1 95c54fd828d1d4ca59d0a95d2e8b403310004f8a
SHA256 7323cd6297b54d8b0fd356458759ec5ab7b25fd6df5e555651b6b9c70582cdd7
SHA512 bb8e8b5bc168fd846980d9195c6051ee5a08f803ba0a24509c1dd97732a0b22cb5f473162ec18831659e03f68459fea3120e9a565cd2373740d51b0e8beef8c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c75534063904c0eb4b76655fca73bd41
SHA1 1953f0cd6401b5172b31b0a4466d0c43d1e9bb55
SHA256 1f94e490c39c260e872abf9a581d0ba1060e424eb699934dbd30d1052ab21a97
SHA512 d1f20d163f30afc0f0fe9b03c117aa1d9d2e056a63983f92d5986d14e33c79f25431bb3cd661d70e137f726a17ed1f450e9cd32b8b65fe1137a44769e2685048

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 de8ad80bb7749ef22329940e84ab9b3b
SHA1 e14cc7d826d9900920b2c7bd50b50f3295c1a06b
SHA256 4706a62c4b77f2ac047b637d67a6d29b72913f423b524983106f4e03865c60aa
SHA512 5bc0971b76ed05b9646082c736f94f7db029500099edc665b6c386ee2a219bd7fa090e9ce4036bf33b780169d7a676a2746a47be49abba0bda45f1c97b4382d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 40ed444b243c853540a586cf1e2b5a7d
SHA1 3ccf3da95524ce84ef2f27b2ae0cd8fc0ef5c1a0
SHA256 3897663e9a7336ae9881f802bafd914e16e0e7c5776841225d91b277a53876e2
SHA512 fa9ea7a44fb6f4cb88c1480b20941e950328e603e0ae39d1e402af5f5a5a201ece797fd98a580ec59fe5b3ce481bc51fce8068ae51706484e93b229b01cd95e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 dd29f3b43500f5a712a091618f051371
SHA1 122d1d7ddec88ff04716522b579b96069df15039
SHA256 912894e27370f2728d49391eca46f8cccc7e25fe37026a66b94c1753c6ebb9e2
SHA512 413a76d1393c2bad0e3e044396b061250085c5960bc24bbe7812f9ed4930092729d59c01c661fe1d2999cc6b09e10c35c70508fd90eca2eaa24e7bc95edec4df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fa7ace2f6772fff76824794afc2f3b79
SHA1 8f0859ddb8a3bf23725404eb4e33740091a166ce
SHA256 491b11c4f8f9a892f24d0ca2b0872c36141dcec7e22f84ce9562d77a69c6abbc
SHA512 4f794953e87268a2c3b8746830312c8f9e79df38daafa1a64a9ea849f6c911996ea1ba03e2663ee918dc50ab8b4baeb750157961d96cc5b3a087b70f021efdb6

C:\Users\Admin\AppData\Local\Temp\~nsuA.tmp\Un_A.exe

MD5 28ccf15ea46074d78f6bcc5be86057c5
SHA1 26fd7745a2faeee058a1b688ff72a9211eb1125f
SHA256 e993ccd63d1eca188f9fa95760e2478f9c9ef5fb4da1548b10bd03d8734d8b95
SHA512 ca75af1f2d2bbd27e5c99782f0db76fb9ce7fb3f587c18c11d60c57c95de2b9922b5c5469aa3fd0662f362bcc9aa388c28aba50e47557d47ecc5a337d77ba462

C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\UAC.dll

MD5 d23b256e9c12fe37d984bae5017c5f8c
SHA1 fd698b58a563816b2260bbc50d7f864b33523121
SHA256 ec6a56d981892bf251df1439bea425a5f6c7e1c7312d44bedd5e2957f270338c
SHA512 13f284821324ffaeadafd3651f64d896186f47cf9a68735642cf37b37de777dba197067fbccd3a7411b5dc7976e510439253bd24c9be1d36c0a59d924c17ae8e

C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\System.dll

MD5 b361682fa5e6a1906e754cfa08aa8d90
SHA1 c6701aee0c866565de1b7c1f81fd88da56b395d3
SHA256 b711c4f17690421c9dc8ddb9ed5a9ddc539b3a28f11e19c851e25dcfc7701c04
SHA512 2778f91c9bcf83277d26c71118a1ccb0fb3ce50e89729f14f4915bc65dd48503a77b1e5118ce774dea72f5ce3cc8681eb9ca3c55cf90e9f61a177101ba192ae9

C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\ServicesHelper.dll

MD5 b9e8c2212ac8dae4b0eaf97c048529fa
SHA1 331d172323480b0518abdb0cc9e256dc7f46c357
SHA256 d6f6758adac2c073bec481e8de762af3a5574789bce3f43de02356afc9911e0f
SHA512 d93aa032e27c8268a4f6883711cf41f7ee2b5d33673a26d78db24456f2c548af39b7b98ed4b4737245c278d524fffb3e4bf708b6815dc866acd371427ff6be96

C:\Users\Admin\AppData\Local\Temp\nsqEDBF.tmp\CityHash.dll

MD5 2021acc65fa998daa98131e20c4605be
SHA1 2e8407cfe3b1a9d839ea391cfc423e8df8d8a390
SHA256 c299a0a71bf57eb241868158b4fcfe839d15d5ba607e1bdc5499fdf67b334a14
SHA512 cb96d3547bab778cbe94076be6765ed2ae07e183e4888d6c380f240b8c6708662a3b2b6b2294e38c48bc91bf2cc5fc7cfcd3afe63775151ba2fe34b06ce38948

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\BitsUtils.dll

MD5 8dd17c172a24ebf9601308b949a9ea22
SHA1 507e586c9f69ddc7e58442631efc44f3fe58089c
SHA256 ab77c0a6c79e76ab0f509d655273b2ee5c682c702217f4f884bbab3d2fdfc4c0
SHA512 7de5a35771ac8ead2e3096de29bdedd8e94696d35dc304388c1cff2a14bb264e389a576dae21aaf9cbac79de6c99606b61f1dc5f0ba35fd261b2f5553d389e59

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\InstallOptions.dll

MD5 fd249bc508706f04a18e0bc0afddec82
SHA1 b94efda9f41c89fc6120ed385867125d03f28bea
SHA256 c34f095e200db420ce9af5489c3e392be285e43c3f4c9fbe34686b1f0a1531ad
SHA512 c820c06ad5ae21101602d9e7864fed9b470b25fa9a0ee025d05e72697d88c7e03cbee7ad476f4e3d5b6e467248b8ad1fefa2710c76011e2156b85068961404ba

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ioSpecial.ini

MD5 121f9faab517f98fe7ba53a2ebb97dc5
SHA1 c409f0a3f947b526cb9e30b8e9c7ade7c90eb387
SHA256 1cbe6e0d2551a5a1d91fb92397f2950f693e432e6b882c818870c15cac0cfcde
SHA512 836cb9189e92cf76b2e052959f919be6518a0cd6b8e4b5fe49a010e295cc19b31b469607097684079eaa9ac10e81639e3c28ec11424d5af6ae5cd439fac61f4d

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\modern-wizard.bmp

MD5 49ff8ad8f51875597f3e919e8770c24c
SHA1 1e840ce0f68281e312317bcbdbc10fdfcd3959c3
SHA256 76da716588b8e51e36ee7a674cd873a8069e27fef73851d1e190face5a67fc66
SHA512 dcf29bbef46b1bd8d9f6c6221955ab06da23bc6661c603c188ce34fed80984a3b6d2006ab38b49aa9d1908d714cc0f40e63b6230244e4d4a0c9baebbbda1ddb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ceae6506-6b70-452f-b7c4-a37bac0d1a8a.tmp

MD5 78028c10c7fcd2361c60c22caab813b4
SHA1 420a8cfa4e66aff7c6adb7a4726b24f2ad238716
SHA256 4265c9948bfd3879f05832fe376076ef4a05470bc48abe924dbb5821035e88b3
SHA512 d7cf98195dfc23d147540897ed3ce07a4c1b6ba747aaf037cdcae345fdf9a55d517eb74050f426843e5e82f3a592b5f94193331a746930715afbf2488c72ebb9

C:\Program Files\Mozilla Firefox\nszF83F.tmp\crashreporter.exe

MD5 aa9c1de3041eb75aeee90b85ff66c9dd
SHA1 83cba1e082732d95f278434fd25374104e25c668
SHA256 57b8145816b5d189842e350fc030e5a4def3a8990e489aa68dafec2b34e50171
SHA512 fa75c0de232e497540cce6f27dc0b0457860255a0822a6db297942ae91159dffaf4d35367aabcf9b2e235766a204210afee13e2e00cd0016403956a8a63a78a2

C:\Program Files\Mozilla Firefox\nszF83F.tmp\minidump-analyzer.exe

MD5 27339083fea7fd6d8363f7fa88ca7b80
SHA1 6582a65dc5d306964236ce560a85b6a3826ae9ee
SHA256 f18e014b7127345cd9462e3da9299d3a57fd64dddd60e6c9f088b8b9c30161a7
SHA512 e9987041bc8a2ed5eadeee525db19e415cd96a19b2a7a4aca1372cbd072c88f64f8fe5ce4b1ebe4ba75f3f436de33173a363cf2a64f459500563cf529894a777

C:\Program Files\Mozilla Firefox\nszF83F.tmp\updater.exe

MD5 792c5ab789d8efb1631dfe12fb6e64fc
SHA1 9337c863c834c8f9e5fdbde04702ab4bdabaa7e4
SHA256 d3c76e6e1f3e34197d108404fc9c8b6179ab01afff6c6803713d320a3b480ede
SHA512 18d7a4f77ea238325795ff95b5af1e59104d96b71c98b44f0bc1c246bcf8c0a4389c9d4275ecb62f93bbe82bbd00067af41056bfd121ef441fb3154d51586059

C:\Program Files\Mozilla Firefox\nszF83F.tmp\pingsender.exe

MD5 69a30d1e4195aff22f15bbc590e9b5e3
SHA1 7547128630487c8cb3e3ae03bb58841ea848e94b
SHA256 08d8cf85c548ac664d6f39d5518bebd41e1a9e5f51153eba33ab91e3da52cea6
SHA512 c921f78620d8e8c79c82e24fa17997a6a4874b8707ad7ff42dfd22b824a9eae2e3fb43d5c136924295757b27ade4f3e625b8c77d97c91f7fa60519d67a56129b

C:\Program Files\Mozilla Firefox\nszF83F.tmp\nssckbi.dll

MD5 e96c86eba0f9fdc4582dc0e3b9b0e5b2
SHA1 65279d8939a18620751ecf4ebf3715aeee8a5331
SHA256 5fda066b1a6bab8a3d432a3e5e3d8a886a9488db8ed2b9f2afc55c7e0f38428f
SHA512 f4212fc7b64a5f5632ddb73105334a5f43f05a65603b55bc248434ac21927942b9fb5d7af3a2e03061604e95505976e268bb6583be748e067dbd4ff3b570f135

C:\Program Files\Mozilla Firefox\nszF83F.tmp\mozwer.dll

MD5 4c178b42e7ac23c2670f9062140db18b
SHA1 1866da5ff5ac76b6d48f5cbd906969e44de254aa
SHA256 b80ff8b4a8a53bb5c0b811899005923e57567823914b90c8ebf978be75db82f2
SHA512 86147e368d86f927ea203b3dd56c20d516a3598af3e27d4a51dce9b4090f0bc159f92c7182cf2f910034ccfed1c713b7b59db8c650328f79b5783ea01ad9091a

C:\Program Files\Mozilla Firefox\nszF83F.tmp\freebl3.dll

MD5 079f48ed995b415d79f99d7f5facacc2
SHA1 06eff6d1482c5a35a85a82dd37660b237e5e76b6
SHA256 f5465f6b92a425a2a8e42726976a435cc5f7ce93a2dccc670dce597db26962df
SHA512 9a1366aa0c744492bd40a8b9b225946017f3db76a7f6e75dca8006dc220f78b3db7338feffa2b8f3d55a5de42b4811250297d6158270925b4baf5b10f172aad5

C:\Program Files\Mozilla Firefox\nszF83F.tmp\firefox.exe

MD5 470443e44566ecfc7ac2ddbec240a73f
SHA1 27bb8d2fc02cd2bbc184d07357aaa9903d88b425
SHA256 006652da0745d8672ec56598368c1f8a4896cd4a0aa5b61499d574870f94b705
SHA512 22c9bc36874abb015a7e1a28e26f186f2abbd559aad53fdcf493f2178dbc6cfe5a7324d0acadcf4a641028e61787d2f4237a8c034a3a7a6d0a7162f31e05a618

C:\Program Files\Mozilla Firefox\nszF83F.tmp\default-browser-agent.exe

MD5 4c6887f8c8c66f0b2db5a8b347931b70
SHA1 1a71320873155f84de67bc16324c8ca0e503be04
SHA256 a080df509685780d81ee32d86eac7ab15b5831090678f63b5741b57fd8a9969c
SHA512 3e1cc423bcde71a24457b5f9756241c0bc0f9b1f434eafc84ec733f124bbcf6f9a1e104caf402ef2d60a96b895842a8e6b18cffc59936e6c4873a3be92cace8f

C:\Program Files\Mozilla Firefox\nszF83F.tmp\AccessibleMarshal.dll

MD5 eb0c475124ce894398ead3733efbd451
SHA1 5413979dcaaaff24b5d47d2ff6430f229c4abb6e
SHA256 46b72bd02816965cd29d9c50c6afcd6b75b7a7b278605a1700ecc0a1e1492766
SHA512 2bddafc036331a89b5e4d5fce6d1d62805f04f37bdc1dc3a95b4644955a983aefde6a371b8d18f4432882473c907f2dbe55c31f6e47a54006b73070534f3644b

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\modern-header.bmp

MD5 d74f354a7dff27324b463404f4eec99b
SHA1 c0cd9ec50ef163bb868f574db8ca97ccbaa109e4
SHA256 bc08eabb8b11b7693ac5de4db4d787ae31fdc9f29f6020536c838793bb2d4438
SHA512 09116cfc89e16c0cb104e13292976fe8cb97131f309228fd6488a13d2afff4b902ed490f12cb633be232654ceadaee00f23cbe6206677e61c0a9642c72486c4e

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\unconfirm.ini

MD5 43f3186fb707f6d3b7f1e1e18ba92efc
SHA1 e7bf6f489b59c3b43e28f2ef641a40b84aff4a08
SHA256 0635f0f643336254dbd698d55a6dee78fd08b74fef4e228397b06d9524bca9fe
SHA512 5e69f20c72db8bd8047c1bf3eecc57537016ac8b52e33697932197ce5998587caca16bb0322320273e210da45665c8c750a4b182e6a25122642f9de706eba19e

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\cxudart9.MozillaBackgroundTask-308046B0AF4A39CB-defaultagent\datareporting\glean\db\data.safe.tmp

MD5 5a72184df9a79979f67f13a261536366
SHA1 2bc22d6ddc2bf092af68b3ac46817a47d1669172
SHA256 1a5f2f87330edd9f05bb8f3ccf4849c021e74f0eb1e9dd4d1edbcf889f4cf1bd
SHA512 733873f462926afe7d614b458c4ccf092f3aea2c0d77814001c0eb91ab0f3800d08100a68b20a1ee2404db4eb0f96ea4b072613032875580e96e38bf4a41f3d3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\cxudart9.MozillaBackgroundTask-308046B0AF4A39CB-defaultagent\datareporting\glean\pending_pings\8189a82f-985f-47c4-9afd-ddbaa0caa474

MD5 cdc8af46a494a780ca96e29cbfbb1de8
SHA1 3e8c284444893cd38290cfffc50bb62a3dfd17ce
SHA256 1016b6c55b84600f80cc3a69a5698440f8ac7fdab1568c90265c0f26cdebdb07
SHA512 d9bac60db96cbab6b908f948fcf00a2fa50d6b9c5a16143de86c85b9559e5fa35eba5d28a5e3c62d5bc9311ece5899657a75c39955de838f75113713314a0738

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Background Tasks Profiles\cxudart9.MozillaBackgroundTask-308046B0AF4A39CB-defaultagent\datareporting\glean\pending_pings\235b804e-efcc-4856-a3ad-ab4244e275f5

MD5 c85a0653740c1ee326b7816aabfa8009
SHA1 186479e99a83ef8c45271257eead21499b11edd3
SHA256 cb032d9af504c126004695c7783e6853e694a4451190ad690478f0f1bae31c9a
SHA512 57dc30b062b1389c3ee95207456c619fbcbf864735e47d589396481e524487979819d66d334a101ab46961b7a86a9e2fb709671056331ca0488678a93d08eefd

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ShellLink.dll

MD5 fa94d120efb029b43217c66bbc8c650c
SHA1 1fcf2d76adf69b403b7400681ac91d50ed20385f
SHA256 5f6f414b412c72b10f49eb92af1d368ede531b58fb200d539fd2b45e371612db
SHA512 07ed0771d5bbb651ea7421a5f6b08fa234f9cc041315d9360a7135ba12180064fc99a27725385a8ecd3ceb25bed5c00de169f7dabb3ccf6e987f45254dff8158

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ApplicationID.dll

MD5 fdc0338e6faeaf6f7c271982e103473b
SHA1 9a41f7932abe8be7e32c6371f085cf14de355d00
SHA256 a9dad9fdaae93d10dc2ee346b231913445e731049554b8bb1506827e46f8a44e
SHA512 a766eef11db4c94b1445d1cd70cf1d3b6141d6b3973562e9fa8d81c79195886b884dbc9b9f6952f8a6e8619534a6bf2d615d539d2cace9c8843dc19415051cc0

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ioSpecial.ini

MD5 0617368de5766e73a0292367fe52abb4
SHA1 2f3d95cff69d60fca30fb52258b8ba6e23ec3a2d
SHA256 75d606e92803767f6e56b5933578b78bf3653cc137bcd998cd4a0d5dd81ee09f
SHA512 6fef49610742ff398b4239c24c382e357b556977dd06cac944b65574e94c258df93ae57c00b93524348e55bb29b8294dd8a644dc88aa14c20e466990b442e279

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\ioSpecial.ini

MD5 f426cd5d67bde1d751dddecc4396b794
SHA1 8ec2ca48e37d9b7838b9ff5d78a44d438dd97ce4
SHA256 330c7bfad46b0faa0b8efbb8cb6c07aa0a98555429280afff18a054e2bf694f0
SHA512 c675ead211948ae2609a11087bfb67cd24b7e3c9a91311aacad68f0c900b20abcb1a5e399226001a675a16eb10e65c863b7034a814edd0dfe1d2b7211c5b15ca

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\liteFirewallW.dll

MD5 f31ba98a8d87faba153eea134968c854
SHA1 da0865cc1a86a39367f22897e1f9fbf4fb1f804f
SHA256 708fb54cffb6aea3547fc5ac745d1435ecc814df563bef59ba7a94f57d082bbb
SHA512 d991a2dd5ef537b25898afd7b7e73274a3cb8e6f5fca1621af22ee2761b82baf220aecb0c84434566742e2ab00b2f57a3740ce9831e76d4e1829bac3e044c8e9

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\unconfirm.ini

MD5 b94b690867427cd0168a19c112fbf507
SHA1 dcd877ce5c31dd3fcbe330b5221f5ceb28552026
SHA256 e6d3ab1d9034d192b644463fbffd53dedb594e8b1c934d9e33a4c65dff54afc4
SHA512 eb981201d861ccd4b5ea834aa4c5a7f371998a5c6695bf233d07e2bbec4918ebcafd7b1f057cfcf34cc58526075314a3ed87b6275b728f694fd9e9a7f00cf4ee

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\nsExec.dll

MD5 0e584c7120bd474c616013c58d51dc6b
SHA1 0bc980892341b52985d92fb3d8fbb6be77951935
SHA256 7fb626aa05bee1095633a75aeb7895ebd816a98e0aa1581a0154e4c196de5391
SHA512 aa3a471b3f33c3ffdbe1b1e3c1e5d04367bcab3c16049396a8dd12c5a8317e4b153761f74f39b756dd4fb1806aedc4f1bb38bfbc12f16480eed3fd3087a0d157

C:\Users\Admin\AppData\Local\Temp\nsgEE6B.tmp\Banner.dll

MD5 2b3f617f22f70710aaf7f27efab15c40
SHA1 66c2397748b46c0aa03f0de1d3b1ef0598512f7c
SHA256 2393ee61dff10c520fea62b5d6dc1c3a559fcad55f5cf15b22e1f408692a35f8
SHA512 69295601e8c20a97b512a99afec2609997b589d46a507b2738a6c974ee5b68bde0e56fce150ab1fc4355aa561e8125335378a9c648bbc533bc5b44de1b85b3e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 16c43c286dc66bef5dff104464bb8f43
SHA1 3a0adf444fd2fe7ceae4124ce0150cbc6b27c249
SHA256 73fd1c140c44c75fe08e446c582ecb1553ce2d54e8c543cc186e0b927da28a17
SHA512 7bc77756a0c71394e79cfbbccd08974cefe0299fae49bfceb91434d942e658a15478d43169b46b77b0a537a9a1242086e69e1ee9b4dddfcfaedfc29d69ab0283

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 16d93502f4b2e5243f987ae49d051200
SHA1 95490db310297b8a044fec27357552f7a1fd470d
SHA256 f3fa5b907c1cec8b3593626fa67c920175ae5bf8062c1c547e26996766528f74
SHA512 5f7d0609a007538499f6c71eae19ee0c2289936b0c06d022c67e4b5e4895ab0408ab8164c0547a0febf9d796a6787c6875276da98208b7c9f9b579388e17a737

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bf

MD5 e68dc41937e75b392b26998acb2d09be
SHA1 b3ffd33f790eb21b8bae1c6c8f93c85765fc4e91
SHA256 e4b53b7fdd39514df81e6bb419cb980f00cbb8c95cd421f17cb702faf18af513
SHA512 68eb5da95eca580e9d3040ea91717300e810e26cfed80f0765c2edc2e983d102671c358792c72c680f9a621304cfa542bb116cac9f6f1dc2fa28e39201210425

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9c974ebd4a66125bfa0a1d449aae8fba
SHA1 e0076b3f148e69f9c233d5a888e9e04f261d5dbc
SHA256 0d9d2a71f76d63f1d48ae68a6177880c26832de6197373c8006540fbb13657b2
SHA512 0ba4650fb7638133bed6713048d5571a14e8334c5d2f1915e0c9b8c090a1932bad8dc4899f760616af664f1e5ed6a3bc1687294b355bdccf1e35cb98f2b86908

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 677ff2d3439da61d836f3e09951467b2
SHA1 031433dfe1686fccd030ef3e58e39e66c0469dbe
SHA256 98a268464b3f0dfe2d5a12ba02b8116a1a352f14af8e8bceecaccb6cc0790ca7
SHA512 b54e08e2e27395924720380f5f79d96b7ac72752fab9b8820930c58c23523ac76810838a59594692cefbe9fb4018e5afd73f4c292a1c67fb90f6ad3cbc63fdf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5adb122eee4bb10b8410091d664bf847
SHA1 74f61785edd60275fbbe35bfb49e94005c9ac943
SHA256 ab602b460d77325fb0f0d6ab46c97c1deb147b0c0deb4b1030ac1640d65120e4
SHA512 1c0694ecb7e2e1d686aa5875d0ea02279ec49f04b95d9de63168ba4310ad7cfa084ec3e4b475a319c4130ec034837f170107d10492ec40ff53e7e57e65bf3c9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 876d29bab8e20254d8274acb665419a4
SHA1 b7b78f2dd49f4645ff779a7dea5dea21d94496cb
SHA256 2e46ebf2040bee486aace7baaa25191d2070d960efc142eff75a4a9b38caac2d
SHA512 a20a6e7da8f6a4e4dc0bcc1c7c0afa0ff9a303ee6aea75c5c41fcbda228ac2f19450b2a9264f43569211f3ec79b5b3fbe42b7df2aeff922bdbca8e0f2fa1d0e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 97d9ae982a0a1fa790bf3b1db0391f1b
SHA1 98604c5a9225419a7202f51b0cde3af8238ec559
SHA256 b98481dbbe06e8742a0118f19ea7f03664fea3e9b84858d2182429ad4295297a
SHA512 85010d296cb0a6bfe39bd405c74c4186ae6dc9b19e3c2dd159a2c012051e1f28051d6e0f8ed18ab859370db4cfdcb843339d2f8f6ab88c75ea1c11c321c719c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fd

MD5 ca261859ecbe65a1179e4357f1178f2d
SHA1 e90ec7d9cda1fbcfeeba505caa26a931d803bead
SHA256 79af6556f47b1d878d3781041d50715046c3d5dd27d50fab76c1b4a103995fd3
SHA512 81578ad6934a4d8917ad48295e01ff671da9e704b24897a9c9f2eb4e7a4519ebbd64d849ba7ebb964249cb6659361ea8f0f2d8f9f4998c1dd526be4c93aff0cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 97a59235834c0c26d629f7e9309a06e7
SHA1 f715cf024495dd10638c38163347751f2412e3b6
SHA256 43623a6dbf2c48e98e17c59d9a9a347cad337964410d36e8292230aeb2bf3ea8
SHA512 04429c07d3f51787b568ebbf48abef927cde2ee346447a744bb66e6681759b343b33d8b0220a73b6d97e232e2101f5d51ff8c648427fc4d83d8b12ae4dda8bd3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f3998942a29d0b7fcc4037d815d62b2e
SHA1 23f9d2fe276319638f8d697acf683b9e7cdcc943
SHA256 c29ba127708b43e2b8b8069bcd4db434d202bde0991858a25abdf17a6cbd9c43
SHA512 453ced9bbb39622d83da9d1adc22729ea2a0cebb47d28da1894bf53a6cbb273e0ac3a159ca2f077ed04c457ef54bafa26aee4cc5ee7549a30b69a82884ee6555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 809f397490b299e76a3129f83fef6f4a
SHA1 3b39dc632ae4b9aaeaf26247ecd28accfe58159f
SHA256 be409b0a812a0a11b5c8364d0b63dc725fb4ecf5c8c896eb8b5b8b52c731259e
SHA512 1551e231217db3d0e9f85ee9ab9537872e905488f9c9f21ed88ce8e144920494becf600aa516980f2e1e9a2ba602025c052e202ee73ffbd33a2cd5235fda27e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cdbd0c245d68c209f42333b33f8ace76
SHA1 d7d08a8938df3318ffd585955df5eab7f6e69ccc
SHA256 ce9be29fb2b2a2c5ab8b8695aa7de580f09facfb8f1d7b829ed1c4cc504c26c5
SHA512 a7d517a9ab75e6b4efe4f4ce0a0b07d103b66c2c9a653b1b875dfbae68d86e18475f9de1208bf21c9a61948d39b9067be194f26f1c42a2ce99f82805196a47da

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\PreSignInSettingsConfig.json

MD5 e516a60bc980095e8d156b1a99ab5eee
SHA1 238e243ffc12d4e012fd020c9822703109b987f6
SHA256 543796a1b343b4ebc0285d89cb8eb70667ac7b513da37495e38003704e9d88d7
SHA512 9b51e99ba20e9da56d1acc24a1cf9f9c9dbdeb742bec034e0ff2bc179a60f4aff249f40344f9ddd43229dcdefa1041940f65afb336d46c175ffeff725c638d58

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\T8J0KUQ8\update100[1].xml

MD5 53244e542ddf6d280a2b03e28f0646b7
SHA1 d9925f810a95880c92974549deead18d56f19c37
SHA256 36a6bd38a8a6f5a75b73caffae5ae66dfabcaefd83da65b493fa881ea8a64e7d
SHA512 4aa71d92ea2c46df86565d97aac75395371d3e17877ab252a297b84dca2ab251d50aaffc62eab9961f0df48de6f12be04a1f4a2cbde75b9ae7bcce6eb5450c62

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

MD5 fb4aa59c92c9b3263eb07e07b91568b5
SHA1 6071a3e3c4338b90d892a8416b6a92fbfe25bb67
SHA256 e70e80dbbc9baba7ddcee70eda1bb8d0e6612dfb1d93827fe7b594a59f3b48b9
SHA512 60aabbe2fd24c04c33e7892eab64f24f8c335a0dd9822eb01adc5459e850769fc200078c5ccee96c1f2013173bc41f5a2023def3f5fe36e380963db034924ace

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\setup\logs\DeviceHealthSummaryConfiguration.ini

MD5 77de2ae2528ab228391c43cf41e90e90
SHA1 ca4b17cf4df37e0f448f65f410b85b889e0cecb3
SHA256 355820173d9008a16dab77365b5036272f39b66184d375235c097ff5460be6fd
SHA512 8fdd259174e22b01946aba090cdd598b0e57c609a43bc32f9eb4efbe1ae7e3dd8f89be28136a2c7635420de6ca51feb90abf4ef3461a36c759ea5a056625b9ee

C:\Users\Admin\AppData\Local\Temp\tmp7DBB.tmp

MD5 5b16ef80abd2b4ace517c4e98f4ff551
SHA1 438806a0256e075239aa8bbec9ba3d3fb634af55
SHA256 bbc70091b3834af5413b9658b07269badd4cae8d96724bf1f7919f6aab595009
SHA512 69a22b063ab92ca7e941b826400c62be41ae0317143387c8aa8c727b5c9ee3528ddd4014de22a2a2e2cbae801cb041fe477d68d2684353cdf6c83d7ee97c43d4

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini

MD5 cc04d6015cd4395c9b980b280254156e
SHA1 87b176f1330dc08d4ffabe3f7e77da4121c8e749
SHA256 884d272d16605590e511ae50c88842a8ce203a864f56061a3c554f8f8265866e
SHA512 d3cb7853b69649c673814d5738247b5fbaaae5bb7b84e4c7b3ff5c4f1b1a85fc7261a35f0282d79076a9c862e5e1021d31a318d8b2e5a74b80500cb222642940

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.exe

MD5 c2938eb5ff932c2540a1514cc82c197c
SHA1 2d7da1c3bfa4755ba0efec5317260d239cbb51c3
SHA256 5d8273bf98397e4c5053f8f154e5f838c7e8a798b125fcad33cab16e2515b665
SHA512 5deb54462615e39cf7871418871856094031a383e9ad82d5a5993f1e67b7ade7c2217055b657c0d127189792c3bcf6c1fcfbd3c5606f6134adfafcccfa176441

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-150.png

MD5 771bc7583fe704745a763cd3f46d75d2
SHA1 e38f9d7466eefc6d3d2aaa327f1bd42c5a5c7752
SHA256 36a6aad9a9947ab3f6ac6af900192f5a55870d798bca70c46770ccf2108fd62d
SHA512 959ea603abec708895b7f4ef0639c3f2d270cfdd38d77ac9bab8289918cbd4dbac3c36c11bb52c6f01b0adae597b647bb784bba513d77875979270f4962b7884

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-125.png

MD5 b83ac69831fd735d5f3811cc214c7c43
SHA1 5b549067fdd64dcb425b88fabe1b1ca46a9a8124
SHA256 cbdcf248f8a0fcd583b475562a7cdcb58f8d01236c7d06e4cdbfe28e08b2a185
SHA512 4b2ee6b3987c048ab7cc827879b38fb3c216dab8e794239d189d1ba71122a74fdaa90336e2ea33abd06ba04f37ded967eb98fd742a02463b6eb68ab917155600

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-100.png

MD5 72747c27b2f2a08700ece584c576af89
SHA1 5301ca4813cd5ff2f8457635bc3c8944c1fb9f33
SHA256 6f028542f6faeaaf1f564eab2605bedb20a2ee72cdd9930bde1a3539344d721b
SHA512 3e7f84d3483a25a52a036bf7fd87aac74ac5af327bb8e4695e39dada60c4d6607d1c04e7769a808be260db2af6e91b789008d276ccc6b7e13c80eb97e2818aba

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-200.png

MD5 09773d7bb374aeec469367708fcfe442
SHA1 2bfb6905321c0c1fd35e1b1161d2a7663e5203d6
SHA256 67d1bb54fcb19c174de1936d08b5dbdb31b98cfdd280bcc5122fb0693675e4f2
SHA512 f500ea4a87a24437b60b0dc3ec69fcc5edbc39c2967743ddb41093b824d0845ffddd2df420a12e17e4594df39f63adad5abb69a29f8456fed03045a6b42388bc

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-black_scale-400.png

MD5 e01cdbbd97eebc41c63a280f65db28e9
SHA1 1c2657880dd1ea10caf86bd08312cd832a967be1
SHA256 5cb8fd670585de8a7fc0ceede164847522d287ef17cd48806831ea18a0ceac1f
SHA512 ffd928e289dc0e36fa406f0416fb07c2eb0f3725a9cdbb27225439d75b8582d68705ec508e3c4af1fc4982d06d70ef868cafbfc73a637724dee7f34828d14850

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-125.png

MD5 8347d6f79f819fcf91e0c9d3791d6861
SHA1 5591cf408f0adaa3b86a5a30b0112863ec3d6d28
SHA256 e8b30bfcee8041f1a70e61ca46764416fd1df2e6086ba4c280bfa2220c226750
SHA512 9f658bc77131f4ac4f730ed56a44a406e09a3ceec215b7a0b2ed42d019d8b13d89ab117affb547a5107b5a84feb330329dc15e14644f2b52122acb063f2ba550

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-100.png

MD5 19876b66df75a2c358c37be528f76991
SHA1 181cab3db89f416f343bae9699bf868920240c8b
SHA256 a024fc5dbe0973fd9267229da4ebfd8fc41d73ca27a2055715aafe0efb4f3425
SHA512 78610a040bbbb026a165a5a50dfbaf4208ebef7407660eea1a20e95c30d0d42ef1d13f647802a2f0638443ae2253c49945ebe018c3499ddbf00cfdb1db42ced1

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-150.png

MD5 de5ba8348a73164c66750f70f4b59663
SHA1 1d7a04b74bd36ecac2f5dae6921465fc27812fec
SHA256 a0bbe33b798c3adac36396e877908874cffaadb240244095c68dff840dcbbf73
SHA512 85197e0b13a1ae48f51660525557cceaeed7d893dd081939f62e6e8921bb036c6501d3bb41250649048a286ff6bac6c9c1a426d2f58f3e3b41521db26ef6a17c

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png

MD5 f4e9f958ed6436aef6d16ee6868fa657
SHA1 b14bc7aaca388f29570825010ebc17ca577b292f
SHA256 292cac291af7b45f12404f968759afc7145b2189e778b14d681449132b14f06b
SHA512 cd5d78317e82127e9a62366fd33d5420a6f25d0a6e55552335e64dc39932238abd707fe75d4f62472bc28a388d32b70ff08b6aa366c092a7ace3367896a2bd98

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png

MD5 552b0304f2e25a1283709ad56c4b1a85
SHA1 92a9d0d795852ec45beae1d08f8327d02de8994e
SHA256 262b9a30bb8db4fc59b5bc348aa3813c75e113066a087135d0946ad916f72535
SHA512 9559895b66ef533486f43274f7346ad3059c15f735c9ce5351adf1403c95c2b787372153d4827b03b6eb530f75efcf9ae89db1e9c69189e86d6383138ab9c839

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png

MD5 3c29933ab3beda6803c4b704fba48c53
SHA1 056fe7770a2ba171a54bd60b3c29c4fbb6d42f0c
SHA256 3a7ef7c0bda402fdaff19a479d6c18577c436a5f4e188da4c058a42ef09a7633
SHA512 09408a000a6fa8046649c61ccef36afa1046869506f019f739f67f5c1c05d2e313b95a60bd43d9be882688df1610ad7979dd9d1f16a2170959b526ebd89b8ef7

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png

MD5 22e17842b11cd1cb17b24aa743a74e67
SHA1 f230cb9e5a6cb027e6561fabf11a909aa3ba0207
SHA256 9833b80def72b73fca150af17d4b98c8cd484401f0e2d44320ecd75b5bb57c42
SHA512 8332fc72cd411f9d9fd65950d58bf6440563dc4bd5ce3622775306575802e20c967f0ee6bab2092769a11e2a4ea228dab91a02534beeb8afde8239dd2b90f23a

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png

MD5 2c7a9e323a69409f4b13b1c3244074c4
SHA1 3c77c1b013691fa3bdff5677c3a31b355d3e2205
SHA256 8efeacefb92d64dfb1c4df2568165df6436777f176accfd24f4f7970605d16c2
SHA512 087c12e225c1d791d7ad0bf7d3544b4bed8c4fb0daaa02aee0e379badae8954fe6120d61fdf1a11007cbcdb238b5a02c54f429b6cc692a145aa8fbd220c0cb2d

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\LogoImages\OneDriveMedTile.contrast-white_scale-200.png

MD5 f1c75409c9a1b823e846cc746903e12c
SHA1 f0e1f0cf35369544d88d8a2785570f55f6024779
SHA256 fba9104432cbb8ebbd45c18ef1ba46a45dd374773e5aa37d411bb023ded8efd6
SHA512 ed72eb547e0c03776f32e07191ce7022d08d4bcc66e7abca4772cdd8c22d8e7a423577805a4925c5e804ed6c15395f3df8aac7af62f1129e4982685d7e46bd85

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-400.png

MD5 e593676ee86a6183082112df974a4706
SHA1 c4e91440312dea1f89777c2856cb11e45d95fe55
SHA256 deb0ec0ee8f1c4f7ea4de2c28ff85087ee5ff8c7e3036c3b0a66d84bae32b6bb
SHA512 11d7ed45f461f44fa566449bb50bcfce35f73fc775744c2d45ea80aeb364fe40a68a731a2152f10edc059dea16b8bab9c9a47da0c9ffe3d954f57da0ff714681

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-200.png

MD5 13e6baac125114e87f50c21017b9e010
SHA1 561c84f767537d71c901a23a061213cf03b27a58
SHA256 3384357b6110f418b175e2f0910cffe588c847c8e55f2fe3572d82999a62c18e
SHA512 673c3bec7c2cd99c07ebfca0f4ab14cd6341086c8702fe9e8b5028aed0174398d7c8a94583da40c32cd0934d784062ad6db71f49391f64122459f8bb00222e08

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-150.png

MD5 a23c55ae34e1b8d81aa34514ea792540
SHA1 3b539dfb299d00b93525144fd2afd7dd9ba4ccbf
SHA256 3df4590386671e0d6fee7108e457eb805370a189f5fdfeaf2f2c32d5adc76abd
SHA512 1423a2534ae71174f34ee527fe3a0db38480a869cac50b08b60a2140b5587b3944967a95016f0b00e3ca9ced1f1452c613bb76c34d7ebd386290667084bce77d

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-125.png

MD5 d03b7edafe4cb7889418f28af439c9c1
SHA1 16822a2ab6a15dda520f28472f6eeddb27f81178
SHA256 a5294e3c7cd855815f8d916849d87bd2357f5165eb4372f248fdf8b988601665
SHA512 59d99f0b9a7813b28bae3ea1ae5bdbbf0d87d32ff621ff20cbe1b900c52bb480c722dd428578dea5d5351cc36f1fa56b2c1712f2724344f026fe534232812962

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.scale-100.png

MD5 57a6876000151c4303f99e9a05ab4265
SHA1 1a63d3dd2b8bdc0061660d4add5a5b9af0ff0794
SHA256 8acbdd41252595b7410ca2ed438d6d8ede10bd17fe3a18705eedc65f46e4c1c4
SHA512 c6a2a9124bc6bcf70d2977aaca7e3060380a4d9428a624cc6e5624c75ebb6d6993c6186651d4e54edf32f3491d413714ef97a4cdc42bae94045cd804f0ad7cba

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveMedTile.contrast-white_scale-400.png

MD5 adbbeb01272c8d8b14977481108400d6
SHA1 1cc6868eec36764b249de193f0ce44787ba9dd45
SHA256 9250ef25efc2a9765cf1126524256fdfc963c8687edfdc4a2ecde50d748ada85
SHA512 c15951cf2dc076ed508665cd7dac2251c8966c1550b78549b926e98c01899ad825535001bd65eeb2f8680cd6753cd47e95606ecf453919f5827ed12bca062887

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-100.png

MD5 1f156044d43913efd88cad6aa6474d73
SHA1 1f6bd3e15a4bdb052746cf9840bdc13e7e8eda26
SHA256 4e11167708801727891e8dd9257152b7391fc483d46688d61f44b96360f76816
SHA512 df791d7c1e7a580e589613b5a56ba529005162d3564fffd4c8514e6afaa5eccea9cea9e1ac43bd9d74ee3971b2e94d985b103176db592e3c775d5feec7aac6d1

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-125.png

MD5 09f3f8485e79f57f0a34abd5a67898ca
SHA1 e68ae5685d5442c1b7acc567dc0b1939cad5f41a
SHA256 69e432d1eec44bed4aad35f72a912e1f0036a4b501a50aec401c9fa260a523e3
SHA512 0eafeaf735cedc322719049db6325ccbf5e92de229cace927b78a08317e842261b7adbda03ec192f71ee36e35eb9bf9624589de01beaec2c5597a605fc224130

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-150.png

MD5 ed306d8b1c42995188866a80d6b761de
SHA1 eadc119bec9fad65019909e8229584cd6b7e0a2b
SHA256 7e3f35d5eb05435be8d104a2eacf5bace8301853104a4ea4768601c607ddf301
SHA512 972a42f7677d57fcb8c8cb0720b21a6ffe9303ea58dde276cfe2f26ee68fe4cc8ae6d29f3a21a400253de7c0a212edf29981e9e2bca49750b79dd439461c8335

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-200.png

MD5 d9d00ecb4bb933cdbb0cd1b5d511dcf5
SHA1 4e41b1eda56c4ebe5534eb49e826289ebff99dd9
SHA256 85823f7a5a4ebf8274f790a88b981e92ede57bde0ba804f00b03416ee4feda89
SHA512 8b53dec59bba8b4033e5c6b2ff77f9ba6b929c412000184928978f13b475cd691a854fee7d55026e48eab8ac84cf34fc7cb38e3766bbf743cf07c4d59afb98f4

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Resources.pri

MD5 7473be9c7899f2a2da99d09c596b2d6d
SHA1 0f76063651fe45bbc0b5c0532ad87d7dc7dc53ac
SHA256 e1252527bc066da6838344d49660e4c6ff2d1ddfda036c5ec19b07fdfb90c8c3
SHA512 a4a5c97856e314eedbad38411f250d139a668c2256d917788697c8a009d5408d559772e0836713853704e6a3755601ae7ee433e07a34bd0e7f130a3e28729c45

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\LogoImages\OneDriveSmallTile.scale-400.png

MD5 096d0e769212718b8de5237b3427aacc
SHA1 4b912a0f2192f44824057832d9bb08c1a2c76e72
SHA256 9a0b901e97abe02036c782eb6a2471e18160b89fd5141a5a9909f0baab67b1ef
SHA512 99eb3d67e1a05ffa440e70b7e053b7d32e84326671b0b9d2fcfcea2633b8566155477b2a226521bf860b471c5926f8e1f8e3a52676cacb41b40e2b97cb3c1173

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDrive.VisualElementsManifest.xml

MD5 5ae2d05d894d1a55d9a1e4f593c68969
SHA1 a983584f58d68552e639601538af960a34fa1da7
SHA256 d21077ad0c29a4c939b8c25f1186e2b542d054bb787b1d3210e9cab48ec3080c
SHA512 152949f5b661980f33608a0804dd8c43d70e056ae0336e409006e764664496fef6e60daa09fecb8d74523d3e7928c0dbd5d8272d8be1cf276852d88370954adc

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\OneDriveStandaloneUpdater.exe

MD5 9cdabfbf75fd35e615c9f85fedafce8a
SHA1 57b7fc9bf59cf09a9c19ad0ce0a159746554d682
SHA256 969fbb03015dd9f33baf45f2750e36b77003a7e18c3954fab890cddc94046673
SHA512 348923f497e615a5cd0ed428eb1e30a792dea310585645b721235d48f3f890398ad51d8955c1e483df0a712ba2c0a18ad99b977be64f5ee6768f955b12a4a236

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe

MD5 57bd9bd545af2b0f2ce14a33ca57ece9
SHA1 15b4b5afff9abba2de64cbd4f0989f1b2fbc4bf1
SHA256 a3a4b648e4dcf3a4e5f7d13cc3d21b0353e496da75f83246cc8a15fada463bdf
SHA512 d134f9881312ddbd0d61f39fd62af5443a4947d3de010fef3b0f6ebf17829bd4c2f13f6299d2a7aad35c868bb451ef6991c5093c2809e6be791f05f137324b39

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\settings\Personal\logUploaderSettings_temp.ini

MD5 b0ea4a0dcac51dc1792835aa5282d0d2
SHA1 e4f08644a3f8698b5bed935811c069b2ab415d13
SHA256 7379f715e7dabc67e74d9112863ddb0b0e42f5e2a8348452955c5dedc30ccbf3
SHA512 195231c350ceb9b16cac2167827f9feab2427eb746c1bcdb1c35ac9e2cd5fa7fb56539c5ff12c0962eb052e8346abc7f10f41c5fe46f4c7406f60d651864b513

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 48bdcb266f69c7e6e311c6f324e3eda1
SHA1 e5ecbba603db4794747321a1f2bb0399760915bc
SHA256 4186b96dcecde88db79de1cf7a8ced84b6ab6537574f56930e96c9d22309196b
SHA512 b796815d501c4c3eb3bc23dc8c93dd5b53c1b0326726c5d40a6e18b6dce9057e14b18cd22573335afea1cf78b46fecfe78432a0bd5b3070dfc4aec2aec387bec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 149156627178c3118bad440b08949fab
SHA1 3c5eec9817f1217d010c4dfa049a24a318256e09
SHA256 5dde48aeaaadb0f747afc4aa0788b2ebf7c1bd6eab0366096b7b470eb015377c
SHA512 30ccc9f03079f8880be6ba97ca2180e76b6e090342f485e7c04a46a5caca9045d131857bad0e24030829c361f848f4280489d893be06c11eb9531be746d6c4fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 37effa50a7688440bf13c2b0ab5d3c21
SHA1 6f4107d4c3991571e99e0722494db34c6e5d6164
SHA256 d60e4adc79acb912f284edfb5deb22a5f09ba500e43ce408102f0405cc9bac7a
SHA512 2fd6aab4622dd0729c536397112724415f6ec094a1033da9bf12357c77dfde777b765e76367c070d51b3e3e4ff4652c7ac285612d1a68f8789540c1a60347532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 229a70c1406b85372ad72bcade7b0add
SHA1 f3b596d140c08d0558c5ea68539c13e89d520005
SHA256 ad68eda1d167bb004a7f3becaf5bb1d937f1dee7f480a3ac36c1c3b27d74a973
SHA512 7c521a2a53f48e369693a8ee476481fffe24fc2679fde27c7ce92b73f59f5be25f491ba2b4f15610a3b5f8d20851b6823b26fbaf3a095be27dbbc743619a3031

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 55de3677d5d04aba4f700a772d12f897
SHA1 f7bb1fe9154e1df758240b109ddf5d377f42863f
SHA256 e0b76e0d4fd1ab52d3ef58b8f92a5f392450f57117bd91278ab1e5ae724793a1
SHA512 529526e16171dab2bf190f510c1a715b9df0f419997b61eb033cc7fe292b10544af252a7f0951da40203068168e6c087f9f39d728e28097247fa28bbb2275fed

memory/6664-5995-0x000001E6634B0000-0x000001E6635B0000-memory.dmp

memory/6664-5994-0x000001E6634B0000-0x000001E6635B0000-memory.dmp

memory/6664-5993-0x000001E6634B0000-0x000001E6635B0000-memory.dmp

memory/6664-6167-0x000001E678C60000-0x000001E678C80000-memory.dmp

memory/6664-6234-0x000001E678CA0000-0x000001E678DA0000-memory.dmp

memory/6664-6271-0x000001E67BBA0000-0x000001E67BCA0000-memory.dmp

memory/6664-6272-0x000001E67BBA0000-0x000001E67BCA0000-memory.dmp

memory/6664-6267-0x000001E67B3C0000-0x000001E67B3E0000-memory.dmp

memory/6664-6285-0x000001E67BDF0000-0x000001E67BEF0000-memory.dmp

memory/6664-6326-0x000001E67BF40000-0x000001E67C040000-memory.dmp

memory/6664-6493-0x000001E67D580000-0x000001E67D680000-memory.dmp

memory/6664-6496-0x000001E67D580000-0x000001E67D680000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\GFS85U36\account.live[1].xml

MD5 c1ddea3ef6bbef3e7060a1a9ad89e4c5
SHA1 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966
SHA256 b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db
SHA512 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

memory/6664-6695-0x000001E67E100000-0x000001E67E200000-memory.dmp

memory/6664-6776-0x000001E67F840000-0x000001E67F860000-memory.dmp

memory/6664-7243-0x000001E67D200000-0x000001E67D220000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 00e01639a0b901252fe6de5e3fdead87
SHA1 5f423040a3091779b309b23f5f356488e98f1d74
SHA256 d682ee3769816ff4d3677f602f8cda40ee00ef2b50148714cd8b0bb7f343f8ea
SHA512 6d2121cedd075afb6e313b5a8e421c391524b66e3a568361a204aac493c2065eb71e1a6b7959da460144ec4548c37aad630becea7e134402e7d057e4afbfbc53

memory/6664-7364-0x000001E67CFD0000-0x000001E67CFF0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d7574d392ab355e68442a89a7bfd328a
SHA1 9430fd3d0ff020a27d93ea6e349c2c34b8011727
SHA256 f53eaa3710c844f6d95f60e983c6c104c0355d69aa53be0ff83afa6266f4b320
SHA512 fc1ed00cb56c67638f39273711565df4fc18fc2f1df9f0945c2fbbf2a8e25613f984c018830c2a2949b72a9eee1a86e428c2f62401f57fa30b36c612e415098b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1b03be8073b7bf0611ca7bcd871885d0
SHA1 eb95fe1a5c50050df8b09963a5d83673a20c6e36
SHA256 17a3b7252e14b56aeae76217876089d69a8becb8a9d228d60702ae158b79f32d
SHA512 b142fa6562b6bcb9ba3ad37dc308d0785cc0195c291f7fa4f764eeb0d27d61d25f2a690fbd10b0803d734a280fa23b9008f90b0b1c6bc4a4989ffc2accd4cab8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fc54a89f02c84e9f0d862a2dc8b638aa
SHA1 a71b40f4f666b4186a20abac8d7def1460e7a920
SHA256 d1ad91eae78b164faf2a56e3a7fbc8f561cb4b7ec8934f6084af457571e062b7
SHA512 fb7416991bdf1952cd459e7979b834df989252d35b648cdf5b125b7fe6b283ae5337aa9470d4dd4cdda1ff46999c5fc6fba375d2db154ece3643cc40cd3883d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cdb8440636a757e3c6f6d138c6c2fde5
SHA1 df655b0b3b8edf585a0cfb4375b16f17d9bbf166
SHA256 4fb02aaf708bf80641931dcc032b7930a7186c0e6f9e562402ae5bf257e85304
SHA512 59db2211a34fe85b583ba39102b03808f8259d2a4f19a2456fb46be0ea1957dffd611a0cb739ef291ced60fe62e4548dd8234c63fefefd3340599db1c71ae608